From cdc9a31cc87b7db67a0b301532818801e46cf4ab Mon Sep 17 00:00:00 2001 From: Ciara Stacke Date: Wed, 22 Oct 2025 20:53:56 +0100 Subject: [PATCH 1/2] Fix production pipeline --- .github/workflows/build.yml | 4 ++-- .github/workflows/ci.yml | 3 +++ .github/workflows/conformance.yml | 4 ++-- .goreleaser.yml | 5 +++++ 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b5f02ec399..42be1c9105 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -50,7 +50,7 @@ jobs: - name: Checkout Repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: - ref: ${{ (inputs.tag != '' && !inputs.dry_run ) && format('refs/tags/{0}', inputs.tag) || github.ref }} + ref: ${{ (inputs.tag != '' && !inputs.dry_run && inputs.image != 'operator') && format('refs/tags/{0}', inputs.tag) || github.ref }} - name: Download Artifacts uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 @@ -130,7 +130,7 @@ jobs: name=ghcr.io/${{ github.repository_owner }}/nginx-gateway-fabric/operator,enable=${{ inputs.image == 'operator' && github.event_name != 'pull_request' }} name=localhost:5000/nginx-gateway-fabric/${{ inputs.image }} flavor: | - latest=${{ (inputs.tag != '' && 'true') || 'auto' }} + latest=${{ inputs.build-os != '' && 'false' || (inputs.tag != '' && 'true') || 'auto' }} tags: | type=semver,pattern={{version}},value=${{ inputs.tag }},enable=${{ inputs.tag != '' }},suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} type=edge,suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5a75463e46..2b393390ed 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -541,6 +541,9 @@ jobs: - name: Checkout Repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - name: Setup Helm + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + - name: Login to GitHub Container Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: diff --git a/.github/workflows/conformance.yml b/.github/workflows/conformance.yml index d47379a3e0..2e729df92b 100644 --- a/.github/workflows/conformance.yml +++ b/.github/workflows/conformance.yml @@ -88,7 +88,7 @@ jobs: type=schedule,suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} type=ref,event=pr,suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} type=ref,event=branch,suffix=-rc${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }},enable=${{ startsWith(github.ref, 'refs/heads/release') && !inputs.production-release }} - type=raw,value={{ inputs.release_version }},enable=${{ inputs.production-release && inputs.release_version != '' }},suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} + type=raw,value=${{ inputs.release_version }},enable=${{ inputs.production-release && inputs.release_version != '' }},suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} - name: NGINX Docker meta id: nginx-meta @@ -102,7 +102,7 @@ jobs: type=schedule,suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} type=ref,event=pr,suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} type=ref,event=branch,suffix=-rc${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }},enable=${{ startsWith(github.ref, 'refs/heads/release') && !inputs.production-release }} - type=raw,value={{ inputs.release_version }},enable=${{ inputs.production-release && inputs.release_version != '' }},suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} + type=raw,value=${{ inputs.release_version }},enable=${{ inputs.production-release && inputs.release_version != '' }},suffix=${{ inputs.build-os != '' && format('-{0}', inputs.build-os) || '' }} - name: Build binary uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0 diff --git a/.goreleaser.yml b/.goreleaser.yml index a094bdfcf4..5dc0e4ab5b 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -27,6 +27,11 @@ builds: changelog: disable: true +release: + mode: keep-existing + draft: false + prerelease: auto + archives: - id: gateway From 5b0813f6a20dd0ad2f47cdfbfa12d633d51c1cf0 Mon Sep 17 00:00:00 2001 From: Ciara Stacke Date: Wed, 22 Oct 2025 22:11:38 +0100 Subject: [PATCH 2/2] Simplify helm publish logic --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2b393390ed..4e3bd6fd7d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -531,9 +531,9 @@ jobs: publish-helm: name: Package and Publish Helm Chart - runs-on: ${{ github.repository_owner == 'nginx' && (inputs.is_production_release || ((github.event_name == 'push' || github.event_name == 'schedule') && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release-')))) && 'ubuntu-24.04-amd64' || 'ubuntu-24.04' }} + runs-on: ${{ github.repository_owner == 'nginx' && 'ubuntu-24.04-amd64' || 'ubuntu-24.04' }} needs: [vars, helm-tests] - if: ${{ (inputs.is_production_release && (inputs.dry_run == false || inputs.dry_run == null)) || (github.event_name == 'push' && ! startsWith(github.ref, 'refs/heads/release-')) }} + if: ${{ inputs.is_production_release || github.ref == 'refs/heads/main' }} permissions: contents: read packages: write # for helm to push to GHCR