use private-key as a input parameter #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish | ||
| on: | ||
| workflow_call: | ||
| <<<<<<< Updated upstream | ||
| ======= | ||
| inputs: | ||
| private-key: | ||
| description: 'Private key for creating the GitHub App token' | ||
| required: true | ||
| type: string | ||
| >>>>>>> Stashed changes | ||
| permissions: | ||
| packages: write | ||
| env: | ||
| OCI_URL: ghcr.io/openmcp-project | ||
| jobs: | ||
| release_tag: | ||
| name: Release version | ||
| runs-on: ubuntu-24.04 | ||
| steps: | ||
| - name: Create GitHub App token | ||
| uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2 | ||
| id: app-token | ||
| with: | ||
| # required | ||
| app-id: 1312871 | ||
| private-key: ${{ inputs.private-key }} | ||
| - name: Checkout code | ||
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | ||
| with: | ||
| token: ${{ steps.app-token.outputs.token }} | ||
| fetch-tags: true | ||
| fetch-depth: 0 | ||
| submodules: recursive | ||
| - name: Install Task | ||
| uses: arduino/setup-task@v2 | ||
| with: | ||
| version: 3.x | ||
| - name: Read and validate VERSION | ||
| id: version | ||
| run: | | ||
| VERSION=$(task version) | ||
| if [[ ! "$VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-dev(-[0-9a-f]*)?)?$ ]]; then | ||
| echo "Invalid version format: $VERSION" | ||
| exit 1 | ||
| fi | ||
| echo "New version: $VERSION" | ||
| echo "version=$VERSION" >> $GITHUB_ENV | ||
| - name: Skip release if version is a dev version | ||
| if: contains(env.version, '-dev') | ||
| run: | | ||
| echo "Skipping development version release: ${{ env.version }}" | ||
| echo "SKIP=true" >> $GITHUB_ENV | ||
| exit 0 | ||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 | ||
| - name: Set up Docker Context for Buildx | ||
| id: buildx-context | ||
| run: | | ||
| docker context create builders | ||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Set up Docker Buildx | ||
| timeout-minutes: 5 | ||
| uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3 | ||
| with: | ||
| version: latest | ||
| - name: Set up Go | ||
| uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5 | ||
| with: | ||
| go-version-file: go.mod | ||
| - name: Build and Push Images | ||
| run: | | ||
| task build:img:all --verbose | ||
| - name: Package and Push Helm Charts | ||
| run: | | ||
| task build:helm:all --verbose | ||
| - name: Build and Push OCM Component | ||
| run: | | ||
| task build:ocm:all --verbose | ||
