feat: support sbom generation when releasing #11
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release - Sprint | |
on: | |
workflow_dispatch: | |
inputs: | |
defaults: | |
run: | |
shell: bash | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
release: | |
runs-on: ubuntu-latest | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_ACTION_TOKEN }} | |
permissions: | |
contents: write | |
pull-requests: write | |
strategy: | |
matrix: | |
branch_tag: ['master:v1.7.0'] | |
steps: | |
- name: Setup Git | |
run: | | |
gh auth setup-git | |
- uses: anchore/sbom-action/download-syft | |
- run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "David Ko" | |
- uses: actions/checkout@v4 | |
- uses: actions/checkout@v4 | |
with: | |
repository: innobead/renote | |
ref: main | |
path: renote | |
- run: cargo install --path ./renote | |
- id: var | |
name: Get branch, tag, milestone | |
run: | | |
IFS=':' read -ra tokens <<< "${{ matrix.branch_tag }}" | |
branch="${tokens[0]}" | |
tag="${tokens[1]}-dev-$(date '+%Y%m%d')" | |
milestone="${tokens[2]}" | |
if [ -z "${tokens[2]}" ]; then milestone="${tokens[1]}" ; fi | |
echo "branch=${branch}" >> $GITHUB_OUTPUT | |
echo "tag=${tag}" >> $GITHUB_OUTPUT | |
echo "milestone=${milestone}" >> $GITHUB_OUTPUT | |
cat <<EOF | |
branch=${branch} | |
tag=${tag} | |
milestone=${milestone} | |
EOF | |
- id: artifact | |
name: Collect artifacts | |
run: | | |
./scripts/collect-artifacts.sh longhorn charts | |
- id: tag | |
name: Create a tag for each release repo | |
run: | | |
renote tag \ | |
--owner longhorn \ | |
--branch ${{ steps.var.outputs.branch }} \ | |
--tag ${{ steps.var.outputs.tag }} \ | |
--repos longhorn-manager \ | |
--repos longhorn-engine \ | |
--repos longhorn-instance-manager \ | |
--repos longhorn-share-manager \ | |
--repos backing-image-manager \ | |
--repos longhorn-ui \ | |
--repos cli \ | |
--repos longhorn | |
- id: changelog | |
name: Create a changelog from the last release | |
run: | | |
output=$(renote changelog \ | |
--owner longhorn \ | |
--branch ${{ steps.var.outputs.branch }} \ | |
--tag ${{ steps.var.outputs.tag }} \ | |
--repos longhorn-manager \ | |
--repos longhorn-engine \ | |
--repos longhorn-instance-manager \ | |
--repos longhorn-share-manager \ | |
--repos backing-image-manager \ | |
--repos longhorn-ui \ | |
--repos cli \ | |
--repos longhorn \ | |
--markdown-folding) | |
echo "$output" | |
echo "$output" >> ./assets/release-sprint/post-note.md | |
- id: release | |
name: Create a release | |
run: | | |
renote release \ | |
--owner longhorn \ | |
--repo longhorn \ | |
--branch ${{ steps.var.outputs.branch }} \ | |
--tag ${{ steps.var.outputs.tag }} \ | |
--milestone ${{ steps.var.outputs.milestone }} \ | |
--pre-note ./assets/release-sprint/pre-note.md \ | |
--post-note ./assets/release-sprint/post-note.md \ | |
--note-contributors innobead \ | |
--since-days 14 \ | |
--exclude-labels "kind/test" \ | |
--exclude-labels "area/infra" \ | |
--exclude-labels "area/ci" \ | |
--exclude-labels "area/qa" \ | |
--exclude-labels "wontfix" \ | |
--exclude-labels "duplicated" \ | |
--exclude-labels "invalid" \ | |
--exclude-labels "release/task" \ | |
--note-section-labels "highlight" \ | |
--note-section-labels "kind/feature" \ | |
--note-section-labels "kind/improvement" \ | |
--note-section-labels "kind/bug" \ | |
--note-section-labels "area/performance" \ | |
--note-section-labels "area/resilience" \ | |
--note-section-labels "area/stability" \ | |
--note-section-labels "area/scalability" \ | |
--note-section-labels "area/benchmark" \ | |
--pre-hook ./scripts/check-images-ready.sh \ | |
--pre-hook-args "longhornio/longhorn-manager:${{ steps.var.outputs.tag }}" \ | |
--pre-hook-args "longhornio/longhorn-engine:${{ steps.var.outputs.tag }}" \ | |
--pre-hook-args "longhornio/longhorn-instance-manager:${{ steps.var.outputs.tag }}" \ | |
--pre-hook-args "longhornio/longhorn-share-manager:${{ steps.var.outputs.tag }}" \ | |
--pre-hook-args "longhornio/backing-image-manager:${{ steps.var.outputs.tag }}" \ | |
--pre-hook-args "longhornio/longhorn-ui:${{ steps.var.outputs.tag }}" \ | |
--pre-hook-args "longhornio/longhorn-cli:${{ steps.var.outputs.tag }}" \ | |
--artifacts ./longhorn.yaml \ | |
--artifacts ./longhorn-images.txt \ | |
--artifacts ./charts.tar.gz \ | |
--artifacts ./longhorn-images-sbom.tar.gz \ | |
--pre-release \ | |
--draft |