on: push: tags: - "v*" # Push events to matching v*, i.e. v1.0, v20.15.10 name: Create prerelease w/ binaries and docker image jobs: build-push-porter: runs-on: ubuntu-latest steps: - name: Get tag name id: tag_name run: echo "tag=${GITHUB_TAG/refs\/tags\//}" >> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Checkout uses: actions/checkout@v3 - name: Setup docker uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Write Dashboard Environment Variables run: | cat >./dashboard/.env <> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Checkout uses: actions/checkout@v3 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1-node16 with: aws-access-key-id: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }} aws-region: us-east-2 - name: Login to ECR public id: login-ecr run: | aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/o1j4x7p4 - name: Build run: | DOCKER_BUILDKIT=1 docker build . -t public.ecr.aws/o1j4x7p4/provisioner-service:${{steps.tag_name.outputs.tag}} -f ./ee/docker/provisioner.Dockerfile - name: Push to ECR public run: | docker push public.ecr.aws/o1j4x7p4/provisioner-service:${{steps.tag_name.outputs.tag}} build-push-worker-pool: runs-on: ubuntu-latest steps: - name: Get tag name id: tag_name run: echo "tag=${GITHUB_TAG/refs\/tags\//}" >> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Checkout uses: actions/checkout@v3 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1-node16 with: aws-access-key-id: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }} aws-region: us-east-2 - name: Login to ECR public id: login-ecr run: | aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/o1j4x7p4 - name: Build run: | DOCKER_BUILDKIT=1 docker build . -t public.ecr.aws/o1j4x7p4/worker-pool:${{steps.tag_name.outputs.tag}} -f ./workers/Dockerfile - name: Push to ECR public run: | docker push public.ecr.aws/o1j4x7p4/worker-pool:${{steps.tag_name.outputs.tag}} build-linux: name: Build Linux binaries runs-on: ubuntu-latest steps: - name: Get tag name id: tag_name run: echo "tag=${GITHUB_TAG/refs\/tags\//}" >> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Checkout code uses: actions/checkout@v3 - name: Set up Go uses: actions/setup-go@v3 with: go-version: 1.19 - name: Set up Node uses: actions/setup-node@v3 with: node-version: 18 - name: Write Dashboard Environment Variables run: | cat >./dashboard/.env <> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Checkout code uses: actions/checkout@v3 - name: Set up Go uses: actions/setup-go@v3 with: go-version: 1.19 - name: Write Dashboard Environment Variables run: | cat >./dashboard/.env <> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Download binaries uses: actions/download-artifact@v3 with: name: mac-binaries path: release/ - name: Unzip Darwin binaries run: | unzip ./release/UNSIGNED_porter_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip unzip ./release/UNSIGNED_portersvr_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip unzip ./release/UNSIGNED_docker-credential-porter_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip - name: Import Code-Signing Certificates uses: Apple-Actions/import-codesign-certs@v2 with: # The certificates in a PKCS12 file encoded as a base64 string p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} # The password used to import the PKCS12 file. p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }} - name: Install gon via HomeBrew for code signing and app notarization run: | brew tap porter-dev/gon brew install porter-dev/gon/gon - name: Create a porter.gon.json file run: | echo " { \"source\": [\"./porter\"], \"bundle_id\": \"cli.porter\", \"apple_id\": { \"password\": \"@env:AC_PASSWORD\" }, \"sign\": { \"application_identity\": \"${{ secrets.AC_APPLICATION_IDENTITY }}\" }, \"zip\": { \"output_path\": \"./release/porter_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip\" } } " > ./porter.gon.json - name: Create a portersvr.gon.json file run: | echo " { \"source\": [\"./portersvr\"], \"bundle_id\": \"cli.portersvr\", \"apple_id\": { \"password\": \"@env:AC_PASSWORD\" }, \"sign\": { \"application_identity\": \"${{ secrets.AC_APPLICATION_IDENTITY }}\" }, \"zip\": { \"output_path\": \"./release/portersvr_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip\" } } " > ./portersvr.gon.json - name: Create a docker-credential-porter.gon.json file run: | echo " { \"source\": [\"./docker-credential-porter\"], \"bundle_id\": \"cli.docker-credential-porter\", \"apple_id\": { \"password\": \"@env:AC_PASSWORD\" }, \"sign\": { \"application_identity\": \"${{ secrets.AC_APPLICATION_IDENTITY }}\" }, \"zip\": { \"output_path\": \"./release/docker-credential-porter_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip\" } } " > ./docker-credential-porter.gon.json - name: Sign the mac binaries with Gon env: AC_USERNAME: ${{ secrets.AC_USERNAME }} AC_PASSWORD: ${{ secrets.AC_PASSWORD }} run: | gon ./porter.gon.json & gon ./portersvr.gon.json & gon ./docker-credential-porter.gon.json & wait - name: Upload binaries uses: actions/upload-artifact@v3 with: path: ./release name: mac-binaries retention-days: 1 release: name: Zip binaries, create release and upload assets runs-on: ubuntu-latest needs: - notarize - build-linux steps: - name: Get tag name id: tag_name run: echo "tag=${GITHUB_TAG/refs\/tags\//}" >> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Download binaries uses: actions/download-artifact@v3 with: name: linux-binaries path: release/linux - name: Download binaries uses: actions/download-artifact@v3 with: name: static-binaries path: release/static - name: Download binaries uses: actions/download-artifact@v3 with: name: mac-binaries path: release/darwin - name: Create Release id: create_release uses: softprops/action-gh-release@v1 with: tag_name: ${{ github.ref }} name: Release ${{ github.ref_name }} token: ${{ secrets.GITHUB_TOKEN }} draft: false prerelease: true - name: Upload Linux CLI Release Asset id: upload-linux-cli-release-asset uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TAG: ${{ github.ref }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./release/linux/porter_${{steps.tag_name.outputs.tag}}_Linux_x86_64.zip asset_name: porter_${{steps.tag_name.outputs.tag}}_Linux_x86_64.zip asset_content_type: application/zip - name: Upload Linux Server Release Asset id: upload-linux-server-release-asset uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TAG: ${{ github.ref }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./release/linux/portersvr_${{steps.tag_name.outputs.tag}}_Linux_x86_64.zip asset_name: portersvr_${{steps.tag_name.outputs.tag}}_Linux_x86_64.zip asset_content_type: application/zip - name: Upload Linux Docker Credential Release Asset id: upload-linux-docker-cred-release-asset uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TAG: ${{ github.ref }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./release/linux/docker-credential-porter_${{steps.tag_name.outputs.tag}}_Linux_x86_64.zip asset_name: docker-credential-porter_${{steps.tag_name.outputs.tag}}_Linux_x86_64.zip asset_content_type: application/zip - name: Upload Darwin CLI Release Asset id: upload-darwin-cli-release-asset uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TAG: ${{ github.ref }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./release/darwin/porter_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip asset_name: porter_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip asset_content_type: application/zip - name: Upload Darwin Server Release Asset id: upload-darwin-server-release-asset uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TAG: ${{ github.ref }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./release/darwin/portersvr_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip asset_name: portersvr_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip asset_content_type: application/zip - name: Upload Darwin Docker Credential Release Asset id: upload-darwin-docker-cred-release-asset uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TAG: ${{ github.ref }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./release/darwin/docker-credential-porter_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip asset_name: docker-credential-porter_${{steps.tag_name.outputs.tag}}_Darwin_x86_64.zip asset_content_type: application/zip - name: Upload Static Release Asset id: upload-static-release-asset uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TAG: ${{ github.ref }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./release/static/static_${{steps.tag_name.outputs.tag}}.zip asset_name: static_${{steps.tag_name.outputs.tag}}.zip asset_content_type: application/zip build-push-docker-cli: name: Build a new porter-cli docker image runs-on: ubuntu-latest needs: release steps: - name: Get tag name id: tag_name run: echo "tag=${GITHUB_TAG/refs\/tags\//}" >> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Checkout uses: actions/checkout@v3 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1-node16 with: aws-access-key-id: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }} aws-region: us-east-2 - name: Login to ECR public id: login-ecr run: | aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/o1j4x7p4 - name: Login to GHCR id: login-ghcr run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin - name: Build run: | docker build ./services/porter_cli_container \ -t public.ecr.aws/o1j4x7p4/porter-cli:${{steps.tag_name.outputs.tag}} \ -f ./services/porter_cli_container/Dockerfile \ --build-arg VERSION=${{steps.tag_name.outputs.tag}} \ --build-arg SENTRY_DSN=${{secrets.SENTRY_DSN}} - name: Push to ECR public run: docker push public.ecr.aws/o1j4x7p4/porter-cli:${{steps.tag_name.outputs.tag}} - name: Push to GHCR run: | docker tag public.ecr.aws/o1j4x7p4/porter-cli:${{steps.tag_name.outputs.tag}} ghcr.io/porter-dev/porter/porter-cli:${{steps.tag_name.outputs.tag}} docker push ghcr.io/porter-dev/porter/porter-cli:${{steps.tag_name.outputs.tag}} update-porter-update-action: name: Update porter-update-action runs-on: ubuntu-latest needs: build-push-docker-cli steps: - name: Get tag name id: tag_name run: echo "tag=${GITHUB_TAG/refs\/tags\//}" >> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Push new branch with updated CLI run: | cd $GITHUB_WORKSPACE git clone https://portersupport:${{ secrets.PORTER_DEV_GITHUB_TOKEN }}@github.com/porter-dev/porter-update-action cd porter-update-action git checkout -B "${{steps.tag_name.outputs.tag}}" cat >Dockerfile <> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Push new branch with updated CLI run: | cd $GITHUB_WORKSPACE git clone https://portersupport:${{ secrets.PORTER_DEV_GITHUB_TOKEN }}@github.com/porter-dev/porter-cli-action cd porter-cli-action git checkout -B "${{steps.tag_name.outputs.tag}}" cat >Dockerfile <> $GITHUB_OUTPUT env: GITHUB_TAG: ${{ github.ref }} - name: Update new-release-tests run: | cd $GITHUB_WORKSPACE git clone https://portersupport:${{ secrets.PORTER_DEV_GITHUB_TOKEN }}@github.com/porter-dev/new-release-tests cd new-release-tests/.github/workflows sed -i 's/uses: porter-dev\/porter-update-action.*/uses: porter-dev\/porter-update-action@${{ steps.tag_name.outputs.tag }}/g' porter_test_pack_production.yml sed -i 's/uses: porter-dev\/porter-cli-action.*/uses: porter-dev\/porter-cli-action@${{ steps.tag_name.outputs.tag }}/g' porter_test_pack_production.yml sed -i 's/uses: porter-dev\/porter-update-action.*/uses: porter-dev\/porter-update-action@${{ steps.tag_name.outputs.tag }}/g' porter_test_docker_production.yml sed -i 's/uses: porter-dev\/porter-cli-action.*/uses: porter-dev\/porter-cli-action@${{ steps.tag_name.outputs.tag }}/g' porter_test_docker_production.yml sed -i 's/uses: porter-dev\/porter-update-action.*/uses: porter-dev\/porter-update-action@${{ steps.tag_name.outputs.tag }}/g' test_porter_cli.yml sed -i 's/uses: porter-dev\/porter-cli-action.*/uses: porter-dev\/porter-cli-action@${{ steps.tag_name.outputs.tag }}/g' test_porter_cli.yml cd ../.. git config user.name "Update Bot" git config user.email "support@porter.run" git diff --quiet --exit-code || git add . && git commit -m "Update to Porter GHA version ${{steps.tag_name.outputs.tag}}" && git push -f git checkout test-preview-env git merge main -m "Merge with main" sed -i 's/TEST:v.*/TEST:${{ steps.tag_name.outputs.tag }}/g' porter.yaml git diff --quiet --exit-code || git add . && git commit -m "Update to Porter GHA version ${{steps.tag_name.outputs.tag}}" && git push -f run-new-release-tests-workflows: name: Run new-release-tests Porter workflows runs-on: ubuntu-latest needs: update-new-release-tests steps: - name: Run porter_test_pack_production.yml workflow run: gh workflow run porter_test_pack_production.yml --repo porter-dev/new-release-tests env: GITHUB_TOKEN: ${{ secrets.PORTER_DEV_GITHUB_TOKEN }} - name: Run porter_test_docker_production.yml workflow run: gh workflow run porter_test_docker_production.yml --repo porter-dev/new-release-tests env: GITHUB_TOKEN: ${{ secrets.PORTER_DEV_GITHUB_TOKEN }} - name: Run test_porter_cli.yml workflow run: gh workflow run test_porter_cli.yml --repo porter-dev/new-release-tests env: GITHUB_TOKEN: ${{ secrets.PORTER_DEV_GITHUB_TOKEN }}