Merge pull request #11 from hove-io/ahi-add-runners-tag #6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| workflow_dispatch: | |
| jobs: | |
| prepare: | |
| name: Create dist | |
| runs-on: ubuntu-latest | |
| container: node:14 | |
| strategy: | |
| matrix: | |
| lambda: ["modules/webhook/lambdas/webhook", "modules/runner-binaries-syncer/lambdas/runner-binaries-syncer", "modules/runners/lambdas/runners"] | |
| steps: | |
| - name: Extract lambda name | |
| id: lambda | |
| env: | |
| LAMBDA: ${{ matrix.lambda }} | |
| run: echo ::set-output name=name::${LAMBDA##*/} | |
| - uses: actions/checkout@v3 | |
| - name: Add zip | |
| run: apt update && apt install zip | |
| - name: Build dist | |
| working-directory: ${{ matrix.lambda }} | |
| run: yarn install && yarn run test && yarn dist | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: ${{ steps.lambda.outputs.name }} | |
| path: ${{ matrix.lambda }}/${{ steps.lambda.outputs.name }}.zip | |
| retention-days: 1 | |
| release: | |
| name: release | |
| runs-on: ubuntu-latest | |
| needs: | |
| prepare | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: webhook | |
| path: artifacts | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: runners | |
| path: artifacts | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: runner-binaries-syncer | |
| path: artifacts | |
| - name: Get installation token | |
| uses: npalm/[email protected] | |
| id: app-token | |
| with: | |
| appId: ${{ secrets.FOREST_RELEASER_APP_ID }} | |
| appPrivateKeyBase64: ${{ secrets.FOREST_RELEASER_APP_PRIVATE_KEY_BASE64 }} | |
| appInstallationType: repo | |
| appInstallationValue: ${{ github.repository }} | |
| - name: Dry run release | |
| if: github.event_name != 'pull_request' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Read only token | |
| run: | | |
| cp .release/* . | |
| yarn | |
| yarn release -d --repositoryUrl https://x-access-token:[email protected]/$GITHUB_REPOSITORY.git | |
| - name: Release | |
| if: github.event_name != 'pull_request' && contains('refs/heads/main', github.ref) | |
| env: | |
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | |
| run: | | |
| cp .release/* . | |
| yarn | |
| yarn release --repositoryUrl https://x-access-token:[email protected]/$GITHUB_REPOSITORY.git | |
| provenance: | |
| name: Generate provenance | |
| runs-on: ubuntu-20.04 | |
| needs: | |
| release | |
| if: startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - name: Generate provenance for release | |
| uses: philips-labs/[email protected] | |
| with: | |
| artifact_path: release-assets | |
| output_path: 'build.provenance' | |
| tag_name: "${{ github.ref_name }}" | |
| env: | |
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |