Skip to content

Merge branch 'main' into dependabot/github_actions/anchore/sbom-actio… #36

Merge branch 'main' into dependabot/github_actions/anchore/sbom-actio…

Merge branch 'main' into dependabot/github_actions/anchore/sbom-actio… #36

Workflow file for this run

name: release
on:
push:
tags:
- v*.*.*
permissions:
contents: write
id-token: write
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
NUGET_FEED_URL: https://api.nuget.org/v3/index.json
PROVIDER: exoscale
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
PYPI_USERNAME: "__token__"
PUBLISH_PYPI: true
PUBLISH_NPM: true
PUBLISH_NUGET: true
jobs:
publish_binary:
name: publish
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # tag=v4.1.7
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # tag=v5.0.2
with:
go-version: ${{matrix.goversion}}
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@25d5e2dd555cd74f1fab9ac1e6ea117acde2c0c4 # tag=v1.12.0
with:
repo: pulumi/pulumictl
- name: Set PreRelease Version
run: echo "GORELEASER_CURRENT_TAG=v$(pulumictl get version --language generic)" >> $GITHUB_ENV
- uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0
- uses: uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2

Check failure on line 45 in .github/workflows/release.yaml

View workflow run for this annotation

GitHub Actions / .github/workflows/release.yaml

Invalid workflow file

You have an error in your yaml syntax on line 45
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # tag=v6.0.0
with:
args: -p 3 release --rm-dist
version: latest
- name: Create tag
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # tag=v7.0.1
with:
script: |
github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: 'refs/tags/sdk/${{ github.ref_name }}',
sha: context.sha
})
strategy:
fail-fast: true
matrix:
goversion:
- 1.21.x
publish_sdk:
name: Publish SDKs
runs-on: ubuntu-latest
needs: publish_binary
steps:
- name: Checkout Repo
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # tag=v4.1.7
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # tag=v5.0.2
with:
go-version: ${{ matrix.goversion }}
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@25d5e2dd555cd74f1fab9ac1e6ea117acde2c0c4 # tag=v1.12.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/action-install-pulumi-cli@b374ceb6168550de27c6eba92e01c1a774040e11 # tag=v2.0.0
- name: Setup Node
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # tag=v4.0.4
with:
node-version: ${{matrix.nodeversion}}
registry-url: ${{env.NPM_REGISTRY_URL}}
- name: Setup DotNet
uses: actions/setup-dotnet@6bd8b7f7774af54e05809fcc5431931b3eb1ddee # tag=v2.1.0
with:
dotnet-version: ${{matrix.dotnetverson}}
- name: Setup Python
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # tag=v5.1.1
with:
python-version: ${{matrix.pythonversion}}
- name: Build SDK
run: make build_${{ matrix.language }}
- name: Check worktree clean
run: |
git update-index -q --refresh
if ! git diff-files --quiet; then
>&2 echo "error: working tree is not clean, aborting!"
git status
git diff
exit 1
fi
- if: ${{ matrix.language == 'python' && env.PUBLISH_PYPI == 'true' }}
name: Publish package to PyPI
uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # tag=v1.9.0
with:
user: ${{ env.PYPI_USERNAME }}
password: ${{ env.PYPI_PASSWORD }}
packages_dir: ${{github.workspace}}/sdk/python/bin/dist
- if: ${{ matrix.language == 'nodejs' && env.PUBLISH_NPM == 'true' }}
uses: JS-DevTools/npm-publish@19c28f1ef146469e409470805ea4279d47c3d35c # tag=v3.1.1
with:
access: "public"
token: ${{ env.NPM_TOKEN }}
package: ${{github.workspace}}/sdk/nodejs/bin/package.json
provenance: true
- if: ${{ matrix.language == 'dotnet' && env.PUBLISH_NUGET == 'true' }}
name: publish nuget package
run: |
dotnet nuget push ${{github.workspace}}/sdk/dotnet/bin/Debug/*.nupkg -s ${{ env.NUGET_FEED_URL }} -k ${{ env.NUGET_PUBLISH_KEY }}
echo "done publishing packages"
strategy:
fail-fast: true
matrix:
dotnetversion:
- 3.1.301
goversion:
- 1.21.x
language:
- nodejs
- python
- dotnet
- go
nodeversion:
- 18.x
pythonversion:
- "3.9"