Skip to content

🔖 bump version 3.0.3 #309

🔖 bump version 3.0.3

🔖 bump version 3.0.3 #309

Workflow file for this run

name: Release
on:
push:
branches:
- "master"
tags:
- "v*"
pull_request:
branches:
- "master"
workflow_dispatch:
jobs:
check-version:
runs-on: ubuntu-latest
permissions:
contents: read
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install poetry
run: pipx install poetry
- name: Get Version
id: version
run: |
echo "VERSION=$(poetry version -s)" >> $GITHUB_OUTPUT
echo "TAG=${GITHUB_REF#refs/tags/v}" >> $GITHUB_OUTPUT
- name: Check Version
if: ${{ steps.version.outputs.VERSION != steps.version.outputs.TAG }}
run: exit 1
build:
runs-on: ubuntu-latest
needs: check-version
permissions:
contents: read
packages: write
if: |-
${{
always() &&
(needs.check-version.result == 'success' || needs.check-version.result == 'skipped')
}}
strategy:
fail-fast: true
matrix:
platform:
- linux/amd64
- linux/arm64
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
if: ${{ github.event_name != 'pull_request' }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Generate Image Name and Scope
id: image
run: |
echo "IMAGE=${GITHUB_REPOSITORY@L}" >> $GITHUB_OUTPUT
echo "SCOPE=${{ hashFiles('**/poetry.lock') }}-${{ matrix.platform }}" >> $GITHUB_OUTPUT
platform="${{ matrix.platform }}"
echo "ARTIFACT=${platform/\//-}-digests" >> $GITHUB_OUTPUT
- name: Generate Labels
uses: docker/metadata-action@v5
id: metadata
with:
images: ${{ steps.image.outputs.IMAGE }}
- name: Build and Publish
uses: docker/build-push-action@v6
id: build
with:
context: .
platforms: ${{ matrix.platform }}
labels: ${{ steps.metadata.outputs.labels }}
cache-from: type=gha,scope=${{ steps.image.outputs.SCOPE }}
cache-to: type=gha,scope=${{ steps.image.outputs.SCOPE }},mode=max
outputs: type=image,name=${{ steps.image.outputs.IMAGE }},push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }}
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: ${{ steps.image.outputs.ARTIFACT }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
push:
runs-on: ubuntu-latest
needs: build
if: |-
${{
always() &&
github.event_name != 'pull_request' &&
needs.build.result == 'success'
}}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/artifacts
pattern: '*-digests'
- name: Copy digests
run: |
mkdir -p /tmp/digests
cp /tmp/artifacts/*-digests/* /tmp/digests
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Login to Github Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate Image Name
id: image
run: |
echo "IMAGE=${GITHUB_REPOSITORY@L}" >> $GITHUB_OUTPUT
- name: Generate Tags
uses: docker/metadata-action@v5
id: metadata
with:
images: |
${{ github.repository }}
ghcr.io/${{ github.repository }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
docker buildx imagetools create --dry-run $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ steps.image.outputs.IMAGE }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ steps.image.outputs.IMAGE }}@sha256:%s ' *)
- name: Docker Hub Description
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
short-description: ${{ github.event.repository.description }}
release:
runs-on: ubuntu-latest
needs: push
permissions:
contents: read
if: |-
${{
always() &&
startsWith(github.ref, 'refs/tags/v') &&
needs.push.result == 'success'
}}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Create Sentry Release
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
with:
environment: prod
version: ${{ github.ref }}
deploy:
runs-on: ubuntu-latest
environment: official-bot
needs: push
permissions:
deployments: write
if: |-
${{
always() &&
startsWith(github.ref, 'refs/tags/v') &&
needs.push.result == 'success'
}}
steps:
- name: Start Deployment
uses: bobheadxi/deployments@v1
id: deployment
with:
step: start
token: ${{ secrets.GITHUB_TOKEN }}
env: official-bot
- name: Get Version
id: version
run: |
echo "VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_OUTPUT
- name: Run Remote SSH Command
uses: appleboy/ssh-action@master
env:
DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }}
VERSION: ${{ steps.version.outputs.VERSION }}
with:
host: ${{ secrets.DEPLOY_HOST }}
username: ${{ secrets.DEPLOY_USER }}
key: ${{ secrets.DEPLOY_KEY }}
envs: DEPLOY_PATH,VERSION
command_timeout: 15m
script: |
cd $DEPLOY_PATH
git pull
helm upgrade -n caibot -f values.yaml --set-string bot.image.tag=$VERSION --timeout 15m --atomic cai k8s/bot/
- name: update deployment status
uses: bobheadxi/deployments@v1
if: always()
with:
step: finish
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status }}
env: ${{ steps.deployment.outputs.env }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}