Skip to content

Release

Release #1754

Workflow file for this run

name: Release
on:
workflow_dispatch:
push:
tags:
- 'v*'
permissions:
contents: read
id-token: write
jobs:
release:
name: Release
runs-on:
- self-hosted
- medium
steps:
- name: Checkout code
uses: actions/checkout@v4
- uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.PRIVATE_SSH_KEY }}
- name: Install NIX
uses: cachix/install-nix-action@v30
- name: Install devbox
uses: jetify-com/[email protected]
with:
enable-cache: true
skip-nix-installation: true
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/kommander-applications
aws-region: us-west-2
- name: Extract tag name
shell: bash
run: echo "GIT_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Release
env:
DOCKER_USERNAME: ${{ secrets.NEXUS_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
GIT_TAG: ${{ env.GIT_TAG }}
run: devbox run -- just release
- name: Release OCI artifact
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
GIT_TAG: ${{ env.GIT_TAG }}
run: devbox run -- just release-oci
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Release kommander applications server
env:
GIT_TAG: ${{ env.GIT_TAG }}
run: |
git config --global user.name "${GITHUB_ACTOR}"
git config --global user.email "${GITHUB_ACTOR}@users.noreply.github.com"
devbox run -- just release-server
send_message:
runs-on:
- self-hosted
- small
needs:
- "release"
if: ${{ always() }}
steps:
- name: Send slack message if any of the release jobs failed
if: ${{contains(needs.*.result, 'failure') }}
uses: slackapi/[email protected]
env:
SLACK_WEBHOOK_URL: ${{ endsWith(github.ref_name, '-dev') && secrets.DKP_TESTING_ALERTMANAGER_SLACK_URL || secrets.SLACK_WEBHOOK_NTNX_NCNDKPSHIPIT }}
with:
payload: |
{
"blocks": [
{
"type": "header",
"text": {
"type": "plain_text",
"text": ":github: :x: ${{github.repository}} release ${{ github.ref_name }} failed",
"emoji": true
}
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "Rerun the failed job(s) at ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
}
]
}
- name: Send slack message when all release jobs completed successfully
if: ${{ !contains(needs.*.result, 'failure') && !endsWith(github.ref_name, '-dev') }} # No need to send a message on daily releases.
uses: slackapi/[email protected]
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_NTNX_NCNDKPSHIPIT }}
with:
payload: |
{
"blocks": [
{
"type": "header",
"text": {
"type": "plain_text",
"text": ":github: :heavy_check_mark: ${{github.repository}} - Release ${{ github.ref_name }} successful :rocket:",
"emoji": true
}
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
}
]
}