docs: Provides command to view logs (#3076) #683

Workflow file for this run

.github/workflows/release.yml at 6b44292

	name: release

	on:
	push:
	tags:
	- 'v*'
	branches:
	- master
	- dev-*

	defaults:
	run:
	shell: bash

	permissions:
	contents: read

	jobs:
	build-binaries:
	runs-on: ubuntu-20.04
	if: github.repository == 'argoproj/argo-events'
	name: Build binaries
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Go
	uses: actions/setup-go@v4.1.0
	with:
	go-version: "1.20"

	- name: Build binaries
	run: \|
	make build
	chmod -R +x dist
	- name: Make checksums
	run: make checksums
	- name: store artifacts
	uses: actions/upload-artifact@v3
	with:
	name: binaries
	path: dist

	build-push-linux-multi:
	name: Build & push linux/amd64 and linux/arm64
	needs: [ build-binaries ]
	runs-on: ubuntu-20.04
	if: github.repository == 'argoproj/argo-events'
	strategy:
	matrix:
	target: [ argo-events ]
	steps:
	- uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Download binaries
	uses: actions/download-artifact@v3
	with:
	name: binaries
	path: dist/

	- name: Registry Login
	uses: docker/login-action@v2
	with:
	registry: quay.io
	username: ${{ secrets.QUAYIO_USERNAME }}
	password: ${{ secrets.QUAYIO_PASSWORD }}

	- name: set Version
	id: version
	run: \|
	tag=$(basename $GITHUB_REF)
	if [ $tag = "master" ]; then
	tag="latest"
	fi
	echo "VERSION=$tag" >> $GITHUB_OUTPUT

	- name: Container build and push with arm64/amd64
	run: \|
	IMAGE_NAMESPACE=${{ secrets.QUAYIO_ORG }} VERSION=${{ steps.version.outputs.VERSION }} DOCKER_PUSH=true make image-multi

	bom:
	runs-on: ubuntu-latest
	if: github.repository == 'argoproj/argo-events'
	needs: [ build-push-linux-multi ]
	steps:
	# https://stackoverflow.com/questions/58033366/how-to-get-current-branch-within-github-actions
	- run: \|
	if [ ${GITHUB_REF##*/} = master ]; then
	echo "VERSION=latest" >> $GITHUB_ENV
	else
	echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
	fi
	- uses: actions/setup-go@v4.1.0
	with:
	go-version: "1.20"
	- uses: actions/checkout@v4
	- run: go install sigs.k8s.io/bom/cmd/bom@v0.2.0
	- run: go install github.com/spdx/spdx-sbom-generator/cmd/generator@v0.0.13
	- run: mkdir -p dist
	- run: generator -o /tmp -p .
	- run: bom generate --image quay.io/argoproj/argo-events:$VERSION -o /tmp/argo-events.spdx
	# pack the boms into one file to make it easy to download
	- run: cd /tmp && tar -zcf sbom.tar.gz *.spdx
	- uses: actions/upload-artifact@v3
	with:
	name: sbom.tar.gz
	path: /tmp/sbom.tar.gz

	release:
	permissions:
	contents: write # for softprops/action-gh-release to create GitHub release
	runs-on: ubuntu-latest
	if: github.repository == 'argoproj/argo-events'
	needs: [ build-push-linux-multi, bom ]
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set Version
	run: \|
	if [ ${GITHUB_REF##*/} = master ]; then
	echo "VERSION=latest" >> $GITHUB_ENV
	else
	echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
	fi

	- name: Download binaries
	uses: actions/download-artifact@v3
	with:
	name: binaries
	path: dist/

	- uses: actions/download-artifact@v3
	with:
	name: sbom.tar.gz
	path: /tmp

	- name: Registry Login
	uses: docker/login-action@v2
	with:
	registry: quay.io
	username: ${{ secrets.QUAYIO_USERNAME }}
	password: ${{ secrets.QUAYIO_PASSWORD }}

	- name: Install cosign
	uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
	with:
	cosign-release: 'v1.13.1'

	- name: Install crane to get digest of image
	uses: imjasonh/setup-crane@e82f1b9a8007d399333baba4d75915558e9fb6a4 # v0.2

	- name: Get digests of container images
	run: \|
	echo "IMAGE_DIGEST=$(crane digest quay.io/argoproj/argo-events:$VERSION)" >> $GITHUB_ENV

	- name: Sign Argo Events container images and assets
	run: \|
	cosign sign --key env://COSIGN_PRIVATE_KEY quay.io/argoproj/argo-events@${{ env.IMAGE_DIGEST }}
	cosign sign-blob --key env://COSIGN_PRIVATE_KEY ./dist/argo-events-checksums.txt > ./dist/argo-events-checksums.sig
	cosign sign-blob --key env://COSIGN_PRIVATE_KEY /tmp/sbom.tar.gz > /tmp/sbom.tar.gz.sig
	# Retrieves the public key to release as an asset
	cosign public-key --key env://COSIGN_PRIVATE_KEY > ./dist/argo-events-cosign.pub
	env:
	COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
	COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}

	- name: Release binaries
	uses: softprops/action-gh-release@v2
	if: startsWith(github.ref, 'refs/tags/')
	with:
	files: \|
	dist/*.gz
	dist/argo-events-checksums.txt
	dist/argo-events-checksums.sig
	dist/argo-events-cosign.pub
	manifests/*.yaml
	/tmp/sbom.tar.gz
	/tmp/sbom.tar.gz.sig
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

docs: Provides command to view logs (#3076) #683

Workflow file

docs: Provides command to view logs (#3076) #683

Jobs

Run details

Workflow file for this run