Merge pull request #580 from kbind-dev/dependabot/go_modules/contrib/… #221
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Image | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| jobs: | |
| image: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 | |
| with: | |
| go-version: v1.26.2 | |
| check-latest: true | |
| # We need this to remove local tags that are not semver so goreleaser doesn't get confused. | |
| - name: Delete non-semver tags | |
| run: 'git tag -d $(git tag -l | grep -v "^v")' | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 | |
| # If you notice signing errors, you may need to update the cosign version. | |
| - uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2 | |
| - name: Install Helm | |
| uses: azure/setup-helm@9bc31f4ebc9c6b171d7bfbaa5d006ae7abdb4310 # v5.0.1 | |
| with: | |
| version: 'v3.12.0' | |
| - name: Compute build env | |
| run: | | |
| { | |
| echo "LDFLAGS=$(make ldflags)" | |
| echo "IMAGE_REPO=ghcr.io/${{ github.repository_owner }}" | |
| echo "IMAGE_TAGS=latest ${{ github.sha }} 0.0.0-${{ github.sha }} ${{ github.ref_name }}" | |
| echo "BUILDX_CACHE_FROM=type=gha" | |
| echo "BUILDX_CACHE_TO=type=gha,mode=max" | |
| echo "COSIGN_ARGS=-a sha=${{ github.sha }} -a ref=${{ github.ref }} -a run_id=${{ github.run_id }} -a run_attempt=${{ github.run_attempt }}" | |
| } >> "$GITHUB_ENV" | |
| # Common OCI labels (one per line so build-image.sh can split on newlines) | |
| { | |
| echo 'IMAGE_LABELS<<EOF' | |
| echo "org.opencontainers.image.source=https://github.com/${{ github.repository }}" | |
| echo "org.opencontainers.image.revision=${{ github.sha }}" | |
| echo "org.opencontainers.image.version=${{ github.ref_name }}" | |
| echo 'EOF' | |
| } >> "$GITHUB_ENV" | |
| # App version: full tag (e.g. v0.8.1) for releases, otherwise 0.0.0-<sha> | |
| if [[ "${{ github.ref_type }}" == "tag" ]]; then | |
| echo "APP_VERSION=${{ github.ref_name }}" >> "$GITHUB_ENV" | |
| else | |
| echo "APP_VERSION=0.0.0-${{ github.sha }}" >> "$GITHUB_ENV" | |
| fi | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Login to GHCR for Helm | |
| env: | |
| HELM_EXPERIMENTAL_OCI: '1' | |
| run: echo "${{ github.token }}" | helm registry login ghcr.io --username ${{ github.actor }} --password-stdin | |
| - name: Build, push, and sign images | |
| run: make release-images | |
| - name: Build and push Helm charts | |
| run: make release-helm | |
| - uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0 | |
| with: | |
| package-name: 'konnector' | |
| package-type: 'container' | |
| min-versions-to-keep: 10 | |
| delete-only-pre-release-versions: "true" | |
| - uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0 | |
| with: | |
| package-name: 'backend' | |
| package-type: 'container' | |
| min-versions-to-keep: 10 | |
| delete-only-pre-release-versions: "true" | |
| - uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0 | |
| with: | |
| package-name: 'charts/backend' | |
| package-type: 'container' | |
| min-versions-to-keep: 10 | |
| delete-only-pre-release-versions: "true" |