Release Kpow #94
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Kpow | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Version of Kpow' | |
| required: true | |
| manifest: | |
| description: 'URL of Manifest' | |
| required: true | |
| release_number_bump: | |
| description: 'I have updated system.clj release number!' | |
| required: true | |
| default: 'false' | |
| # These permissions are needed to interact with GitHub's OIDC Token endpoint. | |
| permissions: | |
| id-token: write | |
| contents: write | |
| packages: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check that we have bumped release number | |
| run: | | |
| ./scripts/release_number_check.sh ${{github.event.inputs.release_number_bump}} | |
| - name: Configure AWS Credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| aws-region: us-east-1 | |
| - name: Log into DockerHub registry | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Download and verify JAR(s) | |
| run: | | |
| ./scripts/jar.sh "${{github.event.inputs.manifest}}" | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USER }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Log into GitHub packages | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Release Kpow JDK11 JAR | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| VERSION="${VERSION//./-}" | |
| aws s3 cp target/kpow-java11-standalone.jar s3://${{ secrets.RELEASES_BUCKET }}/kpow-$VERSION-java11.jar | |
| - name: Release Kpow JDK8 JAR | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| VERSION="${VERSION//./-}" | |
| aws s3 cp target/kpow-java8-standalone.jar s3://${{ secrets.RELEASES_BUCKET }}/kpow-$VERSION-java8.jar | |
| - name: Release Kpow JDK17 JAR | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| VERSION="${VERSION//./-}" | |
| aws s3 cp target/kpow-java17-standalone.jar s3://${{ secrets.RELEASES_BUCKET }}/kpow-$VERSION-java17.jar | |
| - name: Release Kpow JDK8 Community JAR | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| VERSION="${VERSION//./-}" | |
| aws s3 cp target/kpow-ce-java8-standalone.jar s3://${{ secrets.RELEASES_BUCKET }}/kpow-ce-$VERSION-java8.jar | |
| - name: Release Dependency Check Report | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| VERSION="${VERSION//./-}" | |
| tar xzf kpow-enterprise-nvd-report.tar.gz | |
| cd kpow-enterprise-nvd-report | |
| mv *.html index.html | |
| aws s3 cp index.html s3://${{ secrets.RELEASES_BUCKET }}/kpow-dependency-check-report-$VERSION.html | |
| - | |
| # Add support for more platforms with QEMU (optional) | |
| # https://github.com/docker/setup-qemu-action | |
| name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build Kpow AWS Marketplace Annual | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| IMAGE_ID=ghcr.io/factorhouse/kpow/kpow | |
| IMAGE_TAG=$VERSION-aws-mkt-lm | |
| ./scripts/build_all.sh $VERSION $IMAGE_ID $IMAGE_TAG dockerfile/aws-mkt-lm/Dockerfile | |
| - name: Build Kpow AWS Marketplace Hourly | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| IMAGE_ID=ghcr.io/factorhouse/kpow/kpow | |
| IMAGE_TAG=$VERSION-aws-mkt-pro | |
| ./scripts/build_all.sh $VERSION $IMAGE_ID $IMAGE_TAG dockerfile/aws-mkt-pro/Dockerfile | |
| - name: Build Kpow | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| IMAGE_ID=factorhouse/kpow | |
| IMAGE_TAG=$VERSION | |
| ./scripts/build_all.sh $VERSION $IMAGE_ID $IMAGE_TAG dockerfile/kpow/Dockerfile | |
| - name: Build Kpow (latest) | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| IMAGE_ID=factorhouse/kpow | |
| IMAGE_TAG=latest | |
| ./scripts/build_all.sh $VERSION $IMAGE_ID $IMAGE_TAG dockerfile/kpow/Dockerfile | |
| - name: Build Kpow Red Hat UBI | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| IMAGE_ID=factorhouse/kpow | |
| IMAGE_TAG=$VERSION-rh-ubi | |
| ./scripts/build_amd64.sh $VERSION $IMAGE_ID $IMAGE_TAG dockerfile/rh-ubi/Dockerfile | |
| - name: Build Kpow Temurin UBI | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| IMAGE_ID=factorhouse/kpow | |
| IMAGE_TAG=$VERSION-temurin-ubi | |
| ./scripts/build_all.sh $VERSION $IMAGE_ID $IMAGE_TAG dockerfile/temurin-ubi/Dockerfile | |
| - name: Build Kpow (Compat) | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| IMAGE_ID=factorhouse/kpow | |
| IMAGE_TAG=$VERSION-compat | |
| ./scripts/build_all.sh $VERSION $IMAGE_ID $IMAGE_TAG dockerfile/compat/Dockerfile | |
| - name: Build Kpow Community | |
| run: | | |
| NEXT_RELEASE=${{github.event.inputs.version}} | |
| docker buildx build -f ./dockerfile/kpow-ce/Dockerfile --platform=linux/amd64,linux/arm64 --sbom=true --provenance=true -t factorhouse/kpow-ce:latest --push . | |
| docker buildx build -f ./dockerfile/kpow-ce/Dockerfile --platform=linux/amd64,linux/arm64 --sbom=true --provenance=true -t factorhouse/kpow-ce:$NEXT_RELEASE --push . | |
| - name: Deploy OpenAPI spec | |
| run: | | |
| VERSION=${{github.event.inputs.version}} | |
| VERSION="${VERSION//./-}" | |
| aws s3 cp target/kpow-enterprise-openapi.json s3://${{ secrets.RELEASES_BUCKET }}/kpow-enterprise-openapi-$VERSION.json \ | |
| --cache-control no-cache --content-type application/json | |
| - name: Install babashka | |
| run: sudo bash < <(curl -s https://raw.githubusercontent.com/babashka/babashka/master/install) | |
| - name: Update releases-ee.edn | |
| run: ./scripts/release.clj ${{github.event.inputs.version}} releases-ee.edn | |
| - name: Update releases-v2.edn | |
| run: ./scripts/release.clj ${{github.event.inputs.version}} releases-v2.edn | |
| - name: Update dockerhub/kpow/README.md | |
| run: echo ${{github.event.inputs.version}} | ./scripts/dockerhub_readme_kpow.clj | |
| - name: Deploy Manifest to s3 | |
| run: | | |
| aws s3 cp docs/releases-ee.edn s3://${{ secrets.RELEASES_BUCKET }}/releases-kpow-ee.edn \ | |
| --cache-control no-cache --content-type application/edn | |
| - name: Update releases-ce.edn | |
| run: ./scripts/release.clj ${{github.event.inputs.version}} releases-ce.edn | |
| - name: Update dockerhub/kpow-ce/README.md | |
| run: echo ${{github.event.inputs.version}} | ./scripts/dockerhub_readme_kpow_ce.clj | |
| - name: Deploy Manifest to s3 (community) | |
| run: | | |
| aws s3 cp docs/releases-ce.edn s3://${{ secrets.RELEASES_BUCKET }}/releases-kpow-ce.edn \ | |
| --cache-control no-cache --content-type application/edn | |
| - name: Commit and push | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git commit -am "Release ${{github.event.inputs.version}}" | |
| git push origin main | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: ${{github.event.inputs.version}} | |
| name: ${{github.event.inputs.version}} | |
| body: "Visit https://factorhouse.io/blog/releases for release details" | |
| draft: false | |
| prerelease: false |