release 1.5.0 - test, build only

Author: pdabelf5

.github/workflows/old.yml

@@ -0,0 +1,157 @@
+name: Release 1.5.0
+
+on:
+  push:
+    branches:
+      - chore/secure-build
+
+env:
+  DOCKER_PLATFORMS: "linux/arm/v5,linux/arm/v6,linux/arm/v7,linux/arm64,linux/amd64,linux/ppc64le,linux/s390x,linux/mips64le,linux/386,linux/riscv64"
+
+concurrency:
+  group: ${{ github.ref_name }}-release
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  variables:
+    name: Setup variables
+    runs-on: ubuntu-24.04
+    outputs:
+      tag: ${{ steps.vars.outputs.tag }}
+      short_tag: ${{ steps.vars.outputs.short_tag }}
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - name: Set up Go
+        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
+        with:
+          go-version: stable
+
+      - name: Get version
+        id: vars
+        run: |
+          echo "tag=1.5.0" >> $GITHUB_OUTPUTS
+          echo "short_tag=1.5" >> $GITHUB_OUTPUTS
+
+  build-docker:
+    name: Build Docker Image
+    runs-on: ubuntu-24.04
+    needs: variables
+    permissions:
+      contents: write # for lucacome/draft-release to create/update release draft
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      id-token: write # for OIDC login to AWS ECR and goreleaser/goreleaser-action to sign artifacts
+      packages: write # for docker/build-push-action to push to GHCR
+      issues: write # for goreleaser/goreleaser-action to close milestones
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          ref: v${{ needs.variables.outputs.tag }}
+
+      - name: Setup Golang Environment
+        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
+        with:
+          go-version: stable
+
+      - name: Setup QEMU
+        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
+
+      - name: Docker Buildx
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+        with:
+          version: latest
+          driver-opts: network=host
+
+      - name: DockerHub Login
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
+        with:
+          aws-region: us-east-1
+          role-to-assume: ${{ secrets.AWS_ROLE_PUBLIC_ECR }}
+
+      - name: Login to Public ECR
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          registry: public.ecr.aws
+
+      - name: Login to Quay.io
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_ROBOT_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        with:
+          images: |
+            name=nginx/nginx-prometheus-exporter,enable=true
+            name=ghcr.io/nginx/nginx-prometheus-exporter,enable=true
+            name=public.ecr.aws/nginx/nginx-prometheus-exporter,enable=true
+            name=quay.io/nginx/nginx-prometheus-exporter,enable=true
+          tags: |
+            type=raw,value=${{ needs.variables.outputs.tag }}
+            type=raw,value=${{ needs.variables.outputs.short_tag }}
+            type=raw,value=latest
+          labels: |
+            org.opencontainers.image.vendor=NGINX Inc <[email protected]>
+        env:
+          DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
+
+      - name: Download Syft
+        uses: anchore/sbom-action/download-syft@f8bdd1d8ac5e901a77a92f111440fdb1b593736b # v0.20.6
+
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0
+
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
+        with:
+          version: v2.12.5 # renovate: datasource=github-tags depName=goreleaser/goreleaser
+          args: build --snapshot --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NGINX_GITHUB_TOKEN: ${{ secrets.NGINX_PAT }}
+          GORELEASER_CURRENT_TAG: "v${{ needs.variables.outputs.tag }}"
+
+      - name: Print NGINX Prometheus Exporter info
+        run: |
+          ./dist/nginx-prometheus-exporter_linux_amd64_v1/nginx-prometheus-exporter --version
+          find dist -type f
+        continue-on-error: false
+
+      # - name: Build and Push Docker Image
+      #   uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+      #   with:
+      #     file: build/Dockerfile
+      #     context: "."
+      #     target: goreleaser
+      #     platforms: ${{ env.DOCKER_PLATFORMS }}
+      #     tags: ${{ steps.meta.outputs.tags }}
+      #     labels: ${{ steps.meta.outputs.labels }}
+      #     annotations: ${{ steps.meta.outputs.annotations }}
+      #     push: true
+      #     cache-from: type=gha,scope=exporter
+      #     cache-to: type=gha,scope=exporter,mode=max
+      #     no-cache: true
+      #     provenance: mode=max
+      #     sbom: true