Skip to content
name: Promote Downstream Releases
on:
# may be triggered manually on a release tag that represents a prerelease to promote it to a release in the downstream package repositories and Docker Hub
workflow_dispatch:
# automatically trigger if an existing GitHub release is marked "latest"
release:
types: [released] # this release event activity type excludes prereleases
# cancel older, redundant runs of same workflow on same branch
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }}
cancel-in-progress: true
env:
RELEASE_REF: ${{ github.ref}}
jobs:
wait_for_release:
name: Wait for Release Builds to Succeed
runs-on: ubuntu-latest
steps:
- name: Debug action
uses: hmarr/debug-action@v3
- name: Wait for all checks on this ref
uses: lewagon/[email protected]
with:
ref: ${{ env.RELEASE_REF }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
# seconds between polling the checks api for job statuses
wait-interval: 20
# confusingly, this means "pause this step until all jobs from all workflows in same run have completed"
running-workflow-name: Wait for Release Builds to Succeed
parse_version:
needs: wait_for_release
name: Parse Release Version
runs-on: ubuntu-latest
outputs:
version: ${{ steps.parse.outputs.version }}
steps:
- name: Parse Release Version
id: parse
shell: bash
run: |
if [[ "${RELEASE_REF}" =~ ^refs\/tags\/v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "RELEASE_REF=${RELEASE_REF} is a semver release ref"
echo "version=${RELEASE_REF#refs/tags/v}" | tee -a $GITHUB_OUTPUT
else
echo "RELEASE_REF=${RELEASE_REF} is not a semver release ref" >&2
exit 1
fi
promote_docker:
name: Tag Container Image ${{ matrix.image.repo }}:latest
needs: parse_version
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
image:
- repo: ${{ vars.ZITI_CLI_IMAGE || 'docker.io/openziti/ziti-cli' }}
- repo: ${{ vars.ZITI_CONTROLLER_IMAGE || 'docker.io/openziti/ziti-controller' }}
- repo: ${{ vars.ZITI_ROUTER_IMAGE || 'docker.io/openziti/ziti-router' }}
- repo: ${{ vars.ZITI_TUNNEL_IMAGE || 'docker.io/openziti/ziti-tunnel' }}
steps:
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKER_HUB_API_USER || secrets.DOCKER_HUB_API_USER }}
password: ${{ secrets.DOCKER_HUB_API_TOKEN }}
- name: Tag Latest
shell: bash
run: >
docker buildx imagetools create --tag
${{ matrix.image.repo }}:latest
${{ matrix.image.repo }}:${{ needs.parse_version.outputs.version }}
promote_artifactory:
name: Promote ${{ matrix.package_name }}-${{ matrix.arch.rpm }}.${{ matrix.nfpm_packager }}
needs: parse_version
strategy:
fail-fast: true
matrix:
package_name:
- openziti
- openziti-controller
- openziti-router
arch:
- deb: amd64
rpm: x86_64
- deb: arm64
rpm: aarch64
- deb: armv7
rpm: armv7
nfpm_packager:
- rpm
- deb
runs-on: ubuntu-latest
env:
ZITI_DEB_TEST_REPO: ${{ vars.ZITI_DEB_TEST_REPO || 'zitipax-openziti-deb-test' }}
ZITI_RPM_TEST_REPO: ${{ vars.ZITI_RPM_TEST_REPO || 'zitipax-openziti-rpm-test' }}
ZITI_DEB_PROD_REPO: ${{ vars.ZITI_DEB_PROD_REPO || 'zitipax-openziti-deb-stable' }}
ZITI_RPM_PROD_REPO: ${{ vars.ZITI_RPM_PROD_REPO || 'zitipax-openziti-rpm-stable' }}
steps:
- name: Configure jFrog CLI
uses: jfrog/setup-jfrog-cli@v4
env:
JF_ENV_1: ${{ secrets.ZITI_ARTIFACTORY_CLI_CONFIG_PACKAGE_UPLOAD }}
- name: Copy RPM from test repo to stable repo with jFrog CLI
if: matrix.nfpm_packager == 'rpm'
shell: bash
run: >
jf rt copy
--recursive=false
--flat=true
${{ env.ZITI_RPM_TEST_REPO }}/redhat/${{ matrix.arch.rpm }}/${{ matrix.package_name }}-${{ needs.parse_version.outputs.version }}.${{ matrix.arch.rpm }}.rpm
${{ env.ZITI_RPM_PROD_REPO }}/redhat/${{ matrix.arch.rpm }}/
- name: Copy DEB from test repo to stable repo with jFrog CLI
if: matrix.nfpm_packager == 'deb'
shell: bash
run: >
jf rt copy
--recursive=false
--flat=true
${{ env.ZITI_DEB_TEST_REPO }}/pool/${{ matrix.package_name }}/${{ matrix.arch.deb }}/${{ matrix.package_name }}_${{ needs.parse_version.outputs.version }}_*.deb
${{ env.ZITI_DEB_PROD_REPO }}/pool/${{ matrix.package_name }}/${{ matrix.arch.deb }}/