Release Branch #106

Workflow file for this run

.github/workflows/release-branch.yml at 3dc98f3

	name: Release Branch

	on:
	workflow_dispatch:
	inputs:
	publishPackages:
	description: 'Publish packages to up-ap.nginx.com'
	required: true
	type: boolean
	default: false
	createPullRequest:
	description: 'Create pull request back into main'
	required: true
	type: boolean
	default: false
	uploadJWT:
	description: 'Temporary JWT to publish packages to up-ap.nginx.com'
	required: true
	type: string
	default: ''
	workflow_call:

	permissions:
	contents: read

	jobs:
	update-draft:
	permissions:
	contents: write
	pull-requests: write
	name: Update Release
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
	with:
	fetch-depth: 0
	- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
	with:
	go-version-file: 'go.mod'
	- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
	- run: npm install [email protected]
	- name: Create Draft Release
	uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
	id: release
	with:
	script: \|
	const semver = require('semver');
	const ref = context.ref.split("/")[2]
	const version_number = ref.split("-")[1]
	const version = "v"+version_number
	console.log(`The release version is ${version}`)

	const releases = (await github.rest.repos.listReleases({
	owner: context.payload.repository.owner.login,
	repo: context.payload.repository.name,
	per_page: 100,
	})).data

	const latest_release = (await github.rest.repos.getLatestRelease({
	owner: context.payload.repository.owner.login,
	repo: context.payload.repository.name,
	})).data.tag_name

	console.log(`The latest release was ${latest_release}`)

	if (latest_release === version) {
	core.setFailed(`A published release already exists for ${latest_release}`)
	} else {
	const draft = releases.find((r) => r.draft && r.tag_name === version)
	const draft_found = !(draft === undefined)

	let release
	if (draft_found){
	console.log("Draft release already exists. Deleting current draft release and recreating it")
	release = (await github.rest.repos.deleteRelease({
	owner: context.payload.repository.owner.login,
	repo: context.payload.repository.name,
	release_id: draft.id,
	}))
	}

	const release_notes = (await github.rest.repos.generateReleaseNotes({
	owner: context.payload.repository.owner.login,
	repo: context.payload.repository.name,
	tag_name: version,
	previous_tag_name: latest_release,
	target_commitish: ref,
	}))

	const footer = `
	## Resources
	- Documentation -- https://github.com/nginx/agent#readme
	`

	release = (await github.rest.repos.createRelease({
	owner: context.payload.repository.owner.login,
	repo: context.payload.repository.name,
	tag_name: version,
	target_commitish: ref,
	name: version,
	body: release_notes.data.body + footer,
	draft: true,
	}))

	console.log(`Release created: ${release.data.html_url}`)
	console.log(`Release ID: ${release.data.id}`)
	console.log(`Release notes: ${release_notes.data.body}`)
	console.log(`Release Upload URL: ${release.data.upload_url}`)

	return {
	version: version_number,
	release_id: release.data.id,
	release_upload_url: release.data.upload_url,
	}
	}
	- name: Set Environment Variables
	run: \|
	echo "${{steps.release.outputs.result}}"
	echo "VERSION=$(echo '${{steps.release.outputs.result}}' \| jq -r '.version')" >> $GITHUB_ENV
	echo "RELEASE_ID=$(echo '${{steps.release.outputs.result}}' \| jq -r '.release_id')" >> $GITHUB_ENV
	echo "RELEASE_UPLOAD_URL=$(echo '${{steps.release.outputs.result}}' \| jq -r '.release_upload_url')" >> $GITHUB_ENV
	- name: Setup build environment
	run: \|
	sudo apt-get update
	sudo apt-get install -y gpgv1 monkeysphere
	go install github.com/goreleaser/nfpm/v2/cmd/[email protected]
	- name: Tag release
	run: \|
	git config --global user.name 'github-actions'
	git config --global user.email '41898282+github-actions[bot]@users.noreply.github.com'

	git tag -a "v${{env.VERSION}}" -m "CI Autogenerated"
	git tag -a "sdk/v${{env.VERSION}}" -m "CI Autogenerated"
	- name: Push Tags
	if: ${{ inputs.publishPackages == true }}
	run: \|
	git push origin "v${{env.VERSION}}"
	git push origin "sdk/v${{env.VERSION}}"
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
	- name: Build Docker Image
	uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
	with:
	file: scripts/packages/packager/Dockerfile
	tags: build-signed-packager:1.0.0
	context: '.'
	push: false
	load: true
	no-cache: true
	build-args: \|
	package_type=signed-package
	- name: Build Packages
	env:
	INDIGO_GPG_AGENT: ${{ secrets.INDIGO_GPG_AGENT }}
	NFPM_SIGNING_KEY_FILE: .key.asc
	run: \|
	echo "$INDIGO_GPG_AGENT" \| base64 --decode > .key.asc
	make clean package
	- name: Azure Login
	uses: azure/login@6b2456866fc08b011acb422a92a4aa20e2c4de32 # v2.1.0
	with:
	creds: ${{ secrets.AZURE_CREDENTIALS }}
	- name: Azure Upload Release Packages
	uses: azure/CLI@965c8d7571d2231a54e321ddd07f7b10317f34d9 # v2.0.0
	with:
	inlineScript: \|
	for i in ./build/azure/packages/nginx-agent*; do
	az storage blob upload --auth-mode=login -f "$i" -c ${{ secrets.AZURE_CONTAINER_NAME }} \
	--account-name ${{ secrets.AZURE_ACCOUNT_NAME }} --overwrite -n nginx-agent/${GITHUB_REF##/}/${i##/}
	done
	- name: Azure Logout
	run: \|
	az logout
	if: always()
	- name: Upload Release Assets
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	# clobber overwrites existing assets of the same name
	run: \|
	gh release upload --clobber v${{env.VERSION}} \
	$(find ./build/github/packages -type f $ -name ".deb" -o -name ".rpm" -o -name ".pkg" -o -name ".apk" $)
	- name: Publish Release Packages
	if: ${{ inputs.publishPackages == true }}
	env:
	TOKEN: ${{ inputs.uploadJWT }}
	UPLOAD_URL: ${{ secrets.UPLOAD_URL }}
	run: \|
	make release
	- name: Publish Github Release
	if: ${{ inputs.publishPackages == true }}
	uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
	with:
	script: \|
	const {RELEASE_ID} = process.env
	const release = (await github.rest.repos.updateRelease({
	owner: context.payload.repository.owner.login,
	repo: context.payload.repository.name,
	release_id: `${RELEASE_ID}`,
	draft: false,
	}))
	console.log(`Release published: ${release.data.html_url}`)
	- name: Create Pull Request
	if: ${{ inputs.publishPackages == true && inputs.createPullRequest == true }}
	uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
	with:
	script: \|
	const { repo, owner } = context.repo;
	const result = await github.rest.pulls.create({
	title: 'Merge ${{ github.ref_name }} back into main',
	owner,
	repo,
	head: '${{ github.ref_name }}',
	base: 'main',
	body: [
	'This PR is auto-generated by the release branch workflow.'
	].join('\n')
	});

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Release Branch #106

Workflow file

Release Branch #106

Jobs

Run details

Workflow file for this run