Chris Farhood
cdc1ce0303
Replace complex draft/publish release workflow with clean two-workflow approach: 1. prepare-release.yaml (manual workflow_dispatch) - Validates version format - Updates package.json and artifacthub-pkg.yml - Commits to main - Creates and pushes tag - Triggers release workflow automatically 2. release.yaml (automatic on tag push) - Single build-and-release job - Creates GitHub release with tarball in one step (no draft/publish) - Separate update-metadata job runs after release - Updates checksum on main branch Benefits: - No manual tarball upload required - No tag force-push anti-pattern - No draft/publish asset attachment failures - Clear separation of concerns - Self-documenting workflow Eliminates: - Guard logic for infinite loop prevention - Post-release tag manipulation - Manual intervention after workflow "succeeds" - Checksum chicken-and-egg problem Generated with [Claude Code](https://claude.ai/code) via [Happy](https://happy.engineering) Co-Authored-By: Claude <noreply@anthropic.com> Co-Authored-By: Happy <yesreply@happy.engineering>
103 lines
3.0 KiB
YAML
103 lines
3.0 KiB
YAML
name: Release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- 'v*'
|
|
|
|
jobs:
|
|
build-and-release:
|
|
runs-on: local-ubuntu-latest
|
|
permissions:
|
|
contents: write
|
|
outputs:
|
|
version: ${{ steps.extract_version.outputs.version }}
|
|
checksum: ${{ steps.compute_checksum.outputs.checksum }}
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Extract version from tag
|
|
id: extract_version
|
|
run: |
|
|
VERSION=${GITHUB_REF_NAME#v}
|
|
echo "version=${VERSION}" >> $GITHUB_OUTPUT
|
|
echo "Version: ${VERSION}"
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
cache: 'npm'
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Build plugin
|
|
run: npx @kinvolk/headlamp-plugin build
|
|
|
|
- name: Package plugin
|
|
run: npx @kinvolk/headlamp-plugin package
|
|
|
|
- name: Validate tarball name
|
|
run: |
|
|
EXPECTED="polaris-${{ steps.extract_version.outputs.version }}.tar.gz"
|
|
ACTUAL=$(ls *.tar.gz)
|
|
if [ "$EXPECTED" != "$ACTUAL" ]; then
|
|
echo "::error::Tarball name mismatch! Expected: $EXPECTED, Got: $ACTUAL"
|
|
exit 1
|
|
fi
|
|
echo "✓ Tarball name validated: $ACTUAL"
|
|
|
|
- name: Compute checksum
|
|
id: compute_checksum
|
|
run: |
|
|
TARBALL="polaris-${{ steps.extract_version.outputs.version }}.tar.gz"
|
|
CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}')
|
|
echo "checksum=${CHECKSUM}" >> $GITHUB_OUTPUT
|
|
echo "Checksum: sha256:${CHECKSUM}"
|
|
|
|
- name: Create GitHub Release
|
|
uses: softprops/action-gh-release@v2
|
|
with:
|
|
files: polaris-${{ steps.extract_version.outputs.version }}.tar.gz
|
|
fail_on_unmatched_files: true
|
|
draft: false
|
|
prerelease: false
|
|
generate_release_notes: true
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
update-metadata:
|
|
needs: build-and-release
|
|
runs-on: local-ubuntu-latest
|
|
permissions:
|
|
contents: write
|
|
steps:
|
|
- name: Checkout main branch
|
|
uses: actions/checkout@v4
|
|
with:
|
|
ref: main
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Configure git
|
|
run: |
|
|
git config user.name "github-actions[bot]"
|
|
git config user.email "github-actions[bot]@users.noreply.github.com"
|
|
|
|
- name: Update checksum in metadata
|
|
run: |
|
|
VERSION="${{ needs.build-and-release.outputs.version }}"
|
|
CHECKSUM="${{ needs.build-and-release.outputs.checksum }}"
|
|
|
|
sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml
|
|
|
|
git add artifacthub-pkg.yml
|
|
if ! git diff --cached --quiet; then
|
|
git commit -m "ci: update checksum for v${VERSION}"
|
|
git push origin main
|
|
echo "✓ Checksum updated on main branch"
|
|
else
|
|
echo "✓ Checksum already up to date"
|
|
fi
|