Skip to content

Improve Release Workflow #1173

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Oct 14, 2025
Merged

Improve Release Workflow #1173

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
5d47cc6
Change dry-run logic on release flow
AlexFenlon Oct 14, 2025
6dbc2f4
User running release flow pushes release tag
AlexFenlon Oct 14, 2025
06821cb
build-docker depends on tag
AlexFenlon Oct 14, 2025
f3a3559
add tag on checkout
AlexFenlon Oct 14, 2025
441e7ae
add branch input
AlexFenlon Oct 14, 2025
c691eda
add different run name for version or dry-run
AlexFenlon Oct 14, 2025
001e05a
Allow selection of branch
AlexFenlon Oct 14, 2025
5abbee0
remove white space
AlexFenlon Oct 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 20 additions & 10 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
name: Release NGINX Prometheus Exporter
run-name: ${{ inputs.dry_run && '[DRY RUN] ' || '' }}Release NGINX Prometheus Exporter ${{ inputs.version }} from ${{ inputs.branch }} by @${{ github.actor }}

on:
workflow_dispatch:
Expand All @@ -11,6 +12,11 @@
required: false
default: false
type: boolean
branch:
description: 'Branch to release from (not normally needed)'
required: false
default: 'main'
type: string
goreleaser_args:
description: 'Additional GoReleaser args'
required: false
Expand Down Expand Up @@ -41,6 +47,8 @@
steps:
- name: Checkout Repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
ref: ${{ inputs.branch }}

- name: Set up Go
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
Expand All @@ -49,7 +57,7 @@

- name: Get version
id: vars
run: echo "tag=${{ github.event.inputs.version }}" >> $GITHUB_OUTPUT
run: echo "tag=${{ inputs.version }}" >> $GITHUB_OUTPUT

tag:
if: ${{ !contains(inputs.skip_jobs, 'tag') }}
Expand All @@ -62,18 +70,19 @@
- name: Checkout Repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
ref: ${{ inputs.branch }}
fetch-depth: 0

- name: Create new release Tag
run: |
git config --global user.email "kubernetes@nginx.com"
git config --global user.name "NGINX Kubernetes Team"
git config --global user.email "${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com"
git config --global user.name "${{ github.actor }}"
tag="v${{ needs.variables.outputs.tag }}"
if ! git rev-parse --verify refs/tags/${tag} 2>/dev/null; then
echo "Adding tag ${tag}."
git tag -a ${tag} -m "Version ${tag#v*}"
echo "Pushing tag ${tag} to main branch"
if ! ${{ inputs.dry_run }}; then
if ${{ !inputs.dry_run }}; then
git push origin "${tag}"
else
echo "DRY RUN not making any changes"
Expand All @@ -88,7 +97,7 @@
build-docker:
if: ${{ !contains(inputs.skip_jobs, 'build-docker') }}
name: Build Docker Image
runs-on: ubuntu-24.04-amd64

Check failure on line 100 in .github/workflows/release.yml

View workflow job for this annotation

GitHub Actions / Actionlint 

[actionlint] reported by reviewdog 🐶
label "ubuntu-24.04-amd64" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file [runner-label]

Raw Output:
e:.github/workflows/release.yml:100:14: label "ubuntu-24.04-amd64" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file [runner-label]
permissions:
contents: write # for lucacome/draft-release to create/update release draft
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
Expand All @@ -99,7 +108,7 @@
GOPROXY: ${{ secrets.ARTIFACTORY_ENDPOINT }}
outputs:
binaries: ${{ steps.prom_binaries.outputs.json }}
needs: [variables]
needs: [variables, tag]
services:
registry:
image: registry:3
Expand All @@ -109,6 +118,7 @@
- name: Checkout Repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
ref: ${{ inputs.branch }}
fetch-depth: 0

- name: Setup Golang Environment
Expand Down Expand Up @@ -187,7 +197,7 @@
with:
minor-label: "enhancement"
major-label: "change"
publish: ${{ !github.event.inputs.dry_run }}
publish: ${{ !inputs.dry_run }}
collapse-after: 30
notes-footer: |
## Upgrade
Expand Down Expand Up @@ -216,7 +226,7 @@
uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
with:
version: v2.12.5 # renovate: datasource=github-tags depName=goreleaser/goreleaser
args: ${{ github.event.inputs.dry_run && 'build --snapshot' || 'release' }} --clean ${{ github.event.inputs.goreleaser_args }}
args: ${{ inputs.dry_run && 'build --snapshot' || 'release' }} --clean ${{ inputs.goreleaser_args }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NGINX_GITHUB_TOKEN: ${{ secrets.NGINX_PAT }}
Expand Down Expand Up @@ -248,7 +258,7 @@
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
push: ${{ !github.event.inputs.dry_run }}
push: ${{ !inputs.dry_run }}
cache-from: type=gha,scope=exporter
cache-to: type=gha,scope=exporter,mode=max
no-cache: true
Expand All @@ -263,14 +273,14 @@
image: localhost:5000/nginx/nginx-prometheus-exporter:${{ steps.meta.outputs.version }}
only-fixed: true
add-cpes-if-none: true
if: ${{ !github.event.inputs.dry_run }}
if: ${{ !inputs.dry_run }}

- name: Upload scan result to GitHub Security tab
uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6
continue-on-error: true
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
if: ${{ !github.event.inputs.dry_run }}
if: ${{ !inputs.dry_run }}

- name: Clean up NETRC
run: |
Expand Down