forked from jaegertracing/jaeger
-
Notifications
You must be signed in to change notification settings - Fork 0
95 lines (74 loc) · 2.83 KB
/
ci-release-testing.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: Publish release
on:
# allow running release workflow manually
workflow_dispatch:
# See https://github.com/jaegertracing/jaeger/issues/4017
permissions:
contents: read
jobs:
publish-release:
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- name: Disk size
run: df -g /
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
submodules: true
- name: Fetch git tags
run: |
git fetch --prune --unshallow --tags
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: 1.22.x
- name: Setup Node.js version
uses: ./.github/actions/setup-node.js
- name: Export BRANCH variable and validate it is a semver
# Many scripts depend on BRANCH variable. We do not want to
# use ./.github/actions/setup-branch here because it may set
# BRANCH=main when the workflow is triggered manually.
run: |
BRANCH=$(make echo-version)
echo "BRANCH=${BRANCH}" >> ${GITHUB_ENV}
echo Validate that the latest tag ${BRANCH} is in semver format
echo ${BRANCH} | grep -E '^v[0-9]+.[0-9]+.[0-9]+$'
- name: Install tools
run: make install-ci
- name: Configure GPG Key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
- name: Build binaries
run: make build-all-platforms
- name: Package binaries
id: package-binaries
run: bash scripts/package-deploy.sh
- uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3.1.0
- name: Build all container images (do not push)
run: bash scripts/build-upload-docker-images.sh -l
env:
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
- name: Build and test all-in-one image (do not push)
run: bash scripts/build-all-in-one-image.sh -l
env:
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
- name: Build, test, and publish hotrod image
run: bash scripts/hotrod-integration-test.sh
env:
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
- name: Generate SBOM
uses: anchore/sbom-action@d94f46e13c6c62f59525ac9a1e147a99dc0b9bf5 # v0.17.0
with:
output-file: jaeger-SBOM.spdx.json
upload-release-assets: false
upload-artifact: false