release: prepare v0.21.1 (#2094) #124
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# This workflow is triggered whenever we release a new version of trivy-operator | |
# by creating an annotated Git tag and pushing it to the upstream Git repository. | |
# | |
# git tag -a v0.0.1 -m 'Release v0.0.1' | |
# git push upstream v0.0.1 | |
name: Release | |
on: | |
push: | |
tags: | |
- "v*" | |
env: | |
KIND_VERSION: v0.17.0 | |
KIND_IMAGE: kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6 | |
GO_VERSION: '1.22' | |
jobs: | |
tests: | |
name: Run tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Install tools | |
uses: aquaproj/[email protected] | |
with: | |
aqua_version: v1.25.0 | |
- name: Run unit tests | |
run: mage test:unit | |
itest-trivy-operator: | |
name: Run integration tests / Trivy Operator | |
needs: | |
- tests | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Install tools | |
uses: aquaproj/[email protected] | |
with: | |
aqua_version: v1.25.0 | |
- name: Setup Kubernetes cluster (KIND) | |
uses: engineerd/[email protected] | |
with: | |
version: ${{ env.KIND_VERSION }} | |
image: ${{ env.KIND_IMAGE }} | |
- name: Test connection to Kubernetes cluster | |
run: | | |
kubectl cluster-info | |
kubectl wait --for=condition=Ready nodes --all --timeout=300s | |
kubectl describe node | |
- name: Run integration tests | |
run: | | |
kubectl create -k deploy/static | |
mage test:integration | |
env: | |
KUBECONFIG: /home/runner/.kube/config | |
OPERATOR_NAMESPACE: trivy-system | |
OPERATOR_TARGET_NAMESPACES: default | |
release: | |
name: Release | |
needs: | |
- itest-trivy-operator | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_CLI_EXPERIMENTAL: "enabled" | |
permissions: | |
contents: write | |
id-token: write | |
packages: write | |
steps: | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Available platforms | |
run: echo ${{ steps.buildx.outputs.platforms }} | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Install cosign | |
uses: sigstore/[email protected] | |
- name: Login to docker.io registry | |
uses: docker/[email protected] | |
with: | |
username: ${{ secrets.DOCKERHUB_USER }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to ECR | |
uses: docker/[email protected] | |
with: | |
registry: public.ecr.aws | |
username: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
password: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
- name: Login to ghcr.io | |
uses: docker/[email protected] | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Release | |
uses: goreleaser/goreleaser-action@v5 | |
with: | |
version: v1.7.0 | |
args: release --rm-dist | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
COSIGN_EXPERIMENTAL: 1 | |
- name: Repository Dispatch Publish Helm Chart | |
if: ${{ steps.latest_tag.outputs.tag == steps.chart_version.outputs.app_version }} | |
uses: peter-evans/repository-dispatch@v3 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
event-type: publish-chart | |
client-payload: '{"action": "chart-and-app-release"}' |