forked from G-Research/fasttrackml
-
Notifications
You must be signed in to change notification settings - Fork 0
117 lines (106 loc) · 3.54 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: Release
on:
workflow_run:
types: [completed]
workflows: [CI]
branches:
- main
- v*
permissions:
contents: read
jobs:
validate:
name: Validate ref
if: github.event.workflow_run.event == 'push' && github.event.workflow_run.conclusion == 'success' && !github.event.repository.fork
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
# The given ref should belong to the main branch.
# If it's main, it shouldn't be more than 2 commits away (in case another push happened in the meantime).
# If it starts with 'v', it should be a tag and belong to the main branch.
# Anything else is invalid.
- name: Validate ref
run: |
ref='${{ github.event.workflow_run.head_branch }}'
sha='${{ github.event.workflow_run.head_sha }}'
case $ref in
main)
[ $(git branch --contains=$sha main | wc -l) -eq 1 ] &&
[ $(git rev-list --count $sha..main) -le 2 ]
;;
v?*)
[[ $ref =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] &&
[ $(git tag --points-at $sha | grep -E "^$ref\$" | wc -l) -eq 1 ] &&
[ $(git branch --contains=$sha main | wc -l) -eq 1 ]
;;
*)
false
;;
esac
if [ $? -ne 0 ]; then
echo "::error ::Invalid ref $ref $sha"
exit 1
fi
github-release:
name: Publish GitHub release
needs: validate
if: github.event.workflow_run.head_branch != 'main'
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Download artifact
run: gh run download ${{ github.event.workflow_run.id }} --repo ${{ github.event.workflow_run.repository.full_name }} --name fasttrackml-archives --dir dist
env:
GH_TOKEN: ${{ github.token }}
- name: Create release
uses: softprops/action-gh-release@v1
with:
generate_release_notes: true
files: dist/*
tag_name: ${{ github.event.workflow_run.head_branch }}
docker-release:
name: Publish container image to DockerHub
needs: validate
runs-on: ubuntu-latest
environment: release
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Compute tags
id: tags
run: |
ref='${{ github.event.workflow_run.head_branch }}'
case $ref in
main)
tags=("main" "edge")
;;
v*)
tags=("${ref#v}")
if [ $(git describe --tags --abbrev=0) == $ref ]; then
tags+=("latest")
fi
esac
echo "tags=${tags[@]}" >> $GITHUB_OUTPUT
- name: Download artifact
run: gh run download ${{ github.event.workflow_run.id }} --name fasttrackml-oci-image
env:
GH_TOKEN: ${{ github.token }}
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Push to Docker Hub
run: |
for tag in ${{ steps.tags.outputs.tags }}
do
echo "::group::Pushing image to ${{ vars.DOCKER_REPO }}:$tag"
skopeo copy --all oci-archive:fasttrackml-oci.tar:${{ github.event.workflow_run.head_branch }} docker://${{ vars.DOCKER_REPO }}:$tag
echo "::endgroup::"
done