diff --git a/.github/workflows/prepare-release.yaml b/.github/workflows/prepare-release.yaml deleted file mode 100644 index 7e2eb92..0000000 --- a/.github/workflows/prepare-release.yaml +++ /dev/null @@ -1,69 +0,0 @@ -name: Prepare Release - -on: - workflow_dispatch: - inputs: - version: - description: 'Version to release (without v prefix, e.g., 0.2.5)' - required: true - type: string - -jobs: - prepare: - runs-on: local-ubuntu-latest - permissions: - contents: write - steps: - - name: Validate version format - run: | - if ! echo "${{ inputs.version }}" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+$'; then - echo "::error::Version must be in format X.Y.Z (e.g., 0.2.5)" - exit 1 - fi - - - name: Checkout - uses: actions/checkout@v4 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Configure git - run: | - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - - - name: Update package.json version - working-directory: ./headlamp-sealed-secrets - run: | - jq --arg version "${{ inputs.version }}" '.version = $version' package.json > package.json.tmp - mv package.json.tmp package.json - - - name: Update artifacthub-pkg.yml version - run: | - VERSION="${{ inputs.version }}" - RELEASE_URL="https://github.com/${{ github.repository }}/releases/download/v${VERSION}/headlamp-sealed-secrets-${VERSION}.tar.gz" - - sed -i "s|^version:.*|version: ${VERSION}|" artifacthub-pkg.yml - sed -i "s|^appVersion:.*|appVersion: ${VERSION}|" artifacthub-pkg.yml - sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"${RELEASE_URL}\"|" artifacthub-pkg.yml - - # Set placeholder checksum - will be updated after release - sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:PLACEHOLDER_WILL_BE_UPDATED_AFTER_RELEASE|" artifacthub-pkg.yml - - - name: Commit version bump - run: | - git add headlamp-sealed-secrets/package.json artifacthub-pkg.yml - git commit -m "chore: bump version to ${{ inputs.version }}" - git push origin main - - - name: Create and push tag - run: | - git tag "v${{ inputs.version }}" - git push origin "v${{ inputs.version }}" - - - name: Summary - run: | - echo "✓ Version bumped to ${{ inputs.version }}" - echo "✓ Tag v${{ inputs.version }} created" - echo "" - echo "The release workflow will now run automatically." - echo "After it completes, the checksum will be updated on main." diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c98bccb..110d7cb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,28 +1,48 @@ name: Release on: - push: - tags: - - 'v*' + workflow_dispatch: + inputs: + version: + description: 'Version to release (without v prefix, e.g., 0.2.5)' + required: true + type: string jobs: - build-and-release: + release: runs-on: local-ubuntu-latest permissions: contents: write - outputs: - version: ${{ steps.extract_version.outputs.version }} - checksum: ${{ steps.compute_checksum.outputs.checksum }} steps: + - name: Validate version format + run: | + if ! echo "${{ inputs.version }}" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+$'; then + echo "::error::Version must be in format X.Y.Z (e.g., 0.2.5)" + exit 1 + fi + - name: Checkout uses: actions/checkout@v4 - - name: Extract version from tag - id: extract_version + - name: Configure git run: | - VERSION=${GITHUB_REF_NAME#v} - echo "version=${VERSION}" >> $GITHUB_OUTPUT - echo "Version: ${VERSION}" + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Update package.json version + working-directory: ./headlamp-sealed-secrets + run: | + jq --arg version "${{ inputs.version }}" '.version = $version' package.json > package.json.tmp + mv package.json.tmp package.json + + - name: Update artifacthub-pkg.yml version + run: | + VERSION="${{ inputs.version }}" + RELEASE_URL="https://github.com/${{ github.repository }}/releases/download/v${VERSION}/headlamp-sealed-secrets-${VERSION}.tar.gz" + + sed -i "s|^version:.*|version: ${VERSION}|" artifacthub-pkg.yml + sed -i "s|^appVersion:.*|appVersion: ${VERSION}|" artifacthub-pkg.yml + sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"${RELEASE_URL}\"|" artifacthub-pkg.yml - name: Setup Node.js uses: actions/setup-node@v4 @@ -54,8 +74,7 @@ jobs: - name: Move tarball to root working-directory: ./headlamp-sealed-secrets run: | - # Get the specific tarball created by package command - TARBALL="headlamp-sealed-secrets-${{ steps.extract_version.outputs.version }}.tar.gz" + TARBALL="headlamp-sealed-secrets-${{ inputs.version }}.tar.gz" if [ ! -f "${TARBALL}" ]; then echo "::error::Expected tarball ${TARBALL} not found" ls -la *.tar.gz @@ -66,7 +85,7 @@ jobs: - name: Validate tarball name run: | - EXPECTED="headlamp-sealed-secrets-${{ steps.extract_version.outputs.version }}.tar.gz" + EXPECTED="headlamp-sealed-secrets-${{ inputs.version }}.tar.gz" ACTUAL=$(ls *.tar.gz) if [ "$EXPECTED" != "$ACTUAL" ]; then echo "::error::Tarball name mismatch! Expected: $EXPECTED, Got: $ACTUAL" @@ -77,14 +96,14 @@ jobs: - name: Compute checksum id: compute_checksum run: | - TARBALL="headlamp-sealed-secrets-${{ steps.extract_version.outputs.version }}.tar.gz" + TARBALL="headlamp-sealed-secrets-${{ inputs.version }}.tar.gz" CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}') echo "checksum=${CHECKSUM}" >> $GITHUB_OUTPUT echo "Checksum: sha256:${CHECKSUM}" - name: Verify tarball contents run: | - TARBALL="headlamp-sealed-secrets-${{ steps.extract_version.outputs.version }}.tar.gz" + TARBALL="headlamp-sealed-secrets-${{ inputs.version }}.tar.gz" echo "Tarball contents:" tar -tzf "${TARBALL}" | head -20 @@ -95,10 +114,27 @@ jobs: fi echo "✓ Tarball contents validated" + - name: Update checksum in metadata + run: | + CHECKSUM="${{ steps.compute_checksum.outputs.checksum }}" + sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml + + - name: Commit version bump and metadata + run: | + git add headlamp-sealed-secrets/package.json artifacthub-pkg.yml + git commit -m "chore: release v${{ inputs.version }}" + git push origin main + + - name: Create and push tag + run: | + git tag "v${{ inputs.version }}" + git push origin "v${{ inputs.version }}" + - name: Create GitHub Release uses: softprops/action-gh-release@v2 with: - files: headlamp-sealed-secrets-${{ steps.extract_version.outputs.version }}.tar.gz + tag_name: "v${{ inputs.version }}" + files: headlamp-sealed-secrets-${{ inputs.version }}.tar.gz fail_on_unmatched_files: true draft: false prerelease: false @@ -106,47 +142,18 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - update-metadata: - needs: build-and-release - runs-on: local-ubuntu-latest - permissions: - contents: write - steps: - - name: Checkout main branch - uses: actions/checkout@v4 - with: - ref: main - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Configure git - run: | - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - - - name: Update checksum in metadata - run: | - VERSION="${{ needs.build-and-release.outputs.version }}" - CHECKSUM="${{ needs.build-and-release.outputs.checksum }}" - - sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml - - git add artifacthub-pkg.yml - if ! git diff --cached --quiet; then - git commit -m "ci: update checksum for v${VERSION}" - git push origin main - echo "✓ Checksum updated on main branch" - else - echo "✓ Checksum already up to date" - fi - - - name: Release Summary + - name: Summary run: | echo "Release Summary:" echo "==================" - echo "Version: v${{ needs.build-and-release.outputs.version }}" - echo "Tarball: headlamp-sealed-secrets-${{ needs.build-and-release.outputs.version }}.tar.gz" - echo "Checksum: sha256:${{ needs.build-and-release.outputs.checksum }}" - echo "Archive URL: https://github.com/${{ github.repository }}/releases/download/v${{ needs.build-and-release.outputs.version }}/headlamp-sealed-secrets-${{ needs.build-and-release.outputs.version }}.tar.gz" + echo "Version: v${{ inputs.version }}" + echo "Tarball: headlamp-sealed-secrets-${{ inputs.version }}.tar.gz" + echo "Checksum: sha256:${{ steps.compute_checksum.outputs.checksum }}" + echo "Archive URL: https://github.com/${{ github.repository }}/releases/download/v${{ inputs.version }}/headlamp-sealed-secrets-${{ inputs.version }}.tar.gz" + echo "" + echo "✓ Version bumped to ${{ inputs.version }}" + echo "✓ Metadata updated with checksum" + echo "✓ Tag v${{ inputs.version }} created" + echo "✓ GitHub release published with tarball" echo "" - echo "Metadata updated on main branch." echo "Artifact Hub will sync within 5-10 minutes."