.github/workflows/plugin-release.yml #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| tags: | |
| - 'desktop-v*' | |
| jobs: | |
| release: | |
| if: github.repository == 'hashicorp/vagrant-vmware-desktop-builder' | |
| name: Vagrant VMware Desktop Plugin Release | |
| runs-on: ['self-hosted', 'ondemand', 'linux', 'type=t3.small'] | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - name: Authentication | |
| id: vault-auth | |
| run: vault-auth | |
| - name: Secrets | |
| id: secrets | |
| uses: hashicorp/vault-action@v2 | |
| with: | |
| url: ${{ steps.vault-auth.outputs.addr }} | |
| caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }} | |
| token: ${{ steps.vault-auth.outputs.token }} | |
| secrets: | |
| kv/data/github/hashicorp/vagrant-vmware-desktop-builder rubygems_api_key; | |
| kv/data/github/hashicorp/vagrant-vmware-desktop-builder vagrant_vmware_desktop_builder_repo_token; | |
| kv/data/github/hashicorp/vagrant-vmware-desktop-builder vagrant_vmware_desktop_repo_token; | |
| - name: Code Checkout | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| # NOTE: This is set so we can push the publish branch | |
| # for the hashigems workflow. A custom token is | |
| # used since the auto-generated token won't trigger | |
| # a workflow run | |
| token: ${{ steps.secrets.outputs.vagrant_vmware_desktop_builder_repo_token }} | |
| fetch-depth: 0 | |
| - name: Install Ruby | |
| run: | | |
| sudo DEBIAN_FRONTEND=noninteractive apt-get update | |
| sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq ruby | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| - name: Build Vagrant VMware Desktop Plugin | |
| id: build | |
| run: ./.ci/build-plugin | |
| - name: Create GitHub release | |
| run: ./.ci/release-plugin-github "${GEM_ARTIFACT}" | |
| env: | |
| GEM_ARTIFACT: ${{ steps.build.outputs.gem-path }} | |
| GITHUB_TOKEN: ${{ steps.secrets.outputs.vagrant_vmware_desktop_repo_token }} | |
| - name: Publish RubyGems.org | |
| run: ./.ci/release-rubygems "${PLUGIN_PATH}" | |
| env: | |
| PLUGIN_PATH: ${{ steps.build.outputs.gem-path }} | |
| RUBYGEMS_API_KEY: ${{ steps.secrets.outputs.rubygems_api_key }} |