feat: use gh to release #238
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI Workflow | |
| on: [push, pull_request] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Build | |
| run: | | |
| make | |
| - name: Upload artifacts | |
| if: startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/heads/master') | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact | |
| path: ./dist/artifacts/* | |
| - name: Get code info | |
| id: info | |
| run: | | |
| source scripts/version | |
| echo "::set-output name=artifacts_dir::${PWD}/dist/artifacts" | |
| echo "::set-output name=version::$(echo $GITHUB_REF | cut -d / -f 3)" | |
| echo "::set-output name=base_version::${VERSION}" | |
| - name: Generate release info | |
| if: startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/heads/master') | |
| env: | |
| BASE_VERSION: ${{ steps.info.outputs.base_version }} | |
| run: | | |
| echo "🍻" > release.txt | |
| - name: Release | |
| if: startsWith(github.ref, 'refs/tags/') | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| gh release create ${{ github.ref_name }} --draft --notes "Draft release for ${{ github.ref_name }}" | |
| gh release upload ${{ github.ref_name }} ${{ steps.info.outputs.artifacts_dir }}/* | |
| publish-gcp: | |
| name: Publish artifacts to GCP | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/heads/master') | |
| permissions: | |
| contents: read | |
| id-token: write # for reading credential https://github.com/rancher-eio/read-vault-secrets | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact | |
| path: ./dist/artifacts/ | |
| - name: Read Secrets | |
| uses: rancher-eio/read-vault-secrets@main | |
| with: | |
| secrets: | | |
| secret/data/github/repo/${{ github.repository }}/google-auth/harvester/credentials token | GOOGLE_AUTH ; | |
| - name: Login to Google Cloud | |
| uses: 'google-github-actions/auth@v2' | |
| with: | |
| credentials_json: '${{ env.GOOGLE_AUTH }}' | |
| - name: Publish master | |
| uses: 'google-github-actions/upload-cloud-storage@v2' | |
| if: startsWith(github.ref, 'refs/heads/master') | |
| with: | |
| path: dist/artifacts | |
| parent: false | |
| destination: releases.rancher.com/harvester-node-driver/master | |
| predefinedAcl: publicRead | |
| headers: |- | |
| cache-control: public,no-cache,proxy-revalidate | |
| - name: Publish tag | |
| uses: 'google-github-actions/upload-cloud-storage@v2' | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| path: dist/artifacts | |
| parent: false | |
| destination: releases.rancher.com/harvester-node-driver/${{ github.ref_name }} | |
| predefinedAcl: publicRead | |
| headers: |- | |
| cache-control: public,no-cache,proxy-revalidate |