Create Release & Upload Assets #248

Workflow file for this run

.github/workflows/release.yml at c87aa50

	name: Create Release & Upload Assets

	on:
	push:
	# Sequence of patterns matched against refs/tags
	tags:
	- 'v' # Push events to matching v, i.e. v1.0, v20.15.10

	jobs:
	ci:
	permissions:
	actions: read
	contents: read
	security-events: write
	uses: smallstep/cli/.github/workflows/ci.yml@master
	secrets: inherit

	create_release:
	name: Create Release
	needs: ci
	runs-on: ubuntu-latest
	env:
	DOCKER_IMAGE: smallstep/step-cli
	DEBIAN_TAG: bookworm
	outputs:
	version: ${{ steps.extract-tag.outputs.VERSION }}
	vversion: ${{ steps.extract-tag.outputs.VVERSION }}
	is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }}
	docker_tags: ${{ env.DOCKER_TAGS }}
	docker_tags_debian: ${{ env.DOCKER_TAGS_DEBIAN }}
	steps:
	- name: Is Pre-release
	id: is_prerelease
	run: \|
	set +e
	echo ${{ github.ref }} \| grep "\-rc.*"
	OUT=$?
	if [ $OUT -eq 0 ]; then IS_PRERELEASE=true; else IS_PRERELEASE=false; fi
	echo "IS_PRERELEASE=${IS_PRERELEASE}" >> "${GITHUB_OUTPUT}"
	- name: Extract Tag Names
	id: extract-tag
	run: \|
	VVERSION=${GITHUB_REF#refs/tags/}
	VERSION=${GITHUB_REF#refs/tags/v}
	echo "VVERSION=${VVERSION}" >> "${GITHUB_OUTPUT}"
	echo "VERSION=${VERSION}" >> "${GITHUB_OUTPUT}"
	echo "DOCKER_TAGS=${{ env.DOCKER_IMAGE }}:${VERSION}" >> "${GITHUB_ENV}"
	echo "DOCKER_TAGS_DEBIAN=${{ env.DOCKER_IMAGE }}:${VERSION}-${DEBIAN_TAG}" >> "${GITHUB_ENV}"
	- name: Add Latest Tag
	if: steps.is_prerelease.outputs.IS_PRERELEASE == 'false'
	run: \|
	echo "DOCKER_TAGS=${{ env.DOCKER_TAGS }},${{ env.DOCKER_IMAGE }}:latest" >> "${GITHUB_ENV}"
	echo "DOCKER_TAGS_DEBIAN=${{ env.DOCKER_TAGS_DEBIAN }},${{ env.DOCKER_IMAGE }}:${DEBIAN_TAG}" >> "${GITHUB_ENV}"
	- name: Create Release
	id: create_release
	uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	tag_name: ${{ github.ref_name }}
	name: Release ${{ github.ref_name }}
	draft: false
	prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }}

	goreleaser:
	needs: create_release
	permissions:
	id-token: write
	contents: write
	packages: write
	uses: smallstep/workflows/.github/workflows/goreleaser.yml@jdoss/PRERELEASE_env_var
	with:
	enable-packages-upload: true
	is-prerelease: ${{ needs.create_release.outputs.is_prerelease == 'true' }}
	secrets: inherit

	build_upload_docker:
	name: Build & Upload Docker Images
	needs: create_release
	permissions:
	id-token: write
	contents: write
	uses: smallstep/workflows/.github/workflows/docker-buildx-push.yml@main
	with:
	platforms: linux/amd64,linux/386,linux/arm,linux/arm64
	tags: ${{ needs.create_release.outputs.docker_tags }}
	docker_image: smallstep/step-cli
	docker_file: docker/Dockerfile
	secrets: inherit

	build_upload_docker_debian:
	name: Build & Upload Docker Images using Debian
	needs: create_release
	permissions:
	id-token: write
	contents: write
	uses: smallstep/workflows/.github/workflows/docker-buildx-push.yml@main
	with:
	platforms: linux/amd64,linux/386,linux/arm,linux/arm64
	tags: ${{ needs.create_release.outputs.docker_tags_debian }}
	docker_image: smallstep/step-cli
	docker_file: docker/Dockerfile.debian
	secrets: inherit

	# All jobs below this are for full releases (non release candidates e.g. -rc.)

	update_reference_docs:
	name: Update Reference Docs
	runs-on: ubuntu-latest
	needs: create_release
	if: needs.create_release.outputs.is_prerelease == 'false'
	steps:
	- name: Checkout
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
	- name: Setup Go
	uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
	with:
	go-version: 'stable'
	check-latest: true
	- name: Build
	id: build
	run: V=1 make build
	- name: Checkout Docs
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
	with:
	repository: smallstep/docs
	token: ${{ secrets.DOCS_PAT }}
	path: './docs'
	- name: Setup bot SSH signing key
	uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
	env:
	HAS_SSH_PRIVATE_KEY: ${{ secrets.STEP_TRAVIS_CI_GH_PRIVATE_SIGNING_KEY != '' }}
	if: ${{ env.HAS_SSH_PRIVATE_KEY == 'true' }}
	with:
	ssh-private-key: \|
	${{ secrets.STEP_TRAVIS_CI_GH_PRIVATE_SIGNING_KEY }}
	- name: Update Reference
	id: update_reference
	run: \|
	cd ./docs

	git config user.email "[email protected]"
	git config user.name "step-travis-ci"

	# Configure GH commit signing key.
	git config --global commit.gpgsign true
	git config --global gpg.format ssh
	git config --global user.signingkey "${{ secrets.STEP_TRAVIS_CI_GH_PUBLIC_SIGNING_KEY }}"

	# Remove old docs
	git rm -rf ./step-cli/reference

	# Build fresh docs
	../bin/step help --markdown ./step-cli/reference

	# Generate new route manifest for the docs
	find step-cli/reference -mindepth 2 -type f \| jq -R -s '[
	split("\n")[:-1][]
	\| {hideFromSidebar: true,
	title: "",
	path: ("/" + .)}
	]' > "$RUNNER_TEMP/reference-routes.json"

	# Replace old route manifest with new
	jq --argfile newRoutes "$RUNNER_TEMP/reference-routes.json" 'walk(
	if type == "object" and .isStepReference == true then
	.routes = $newRoutes
	else . end
	)' < manifest.json > manifest.json.new

	mv manifest.json.new manifest.json

	git add . && git commit -a -m "step-cli ${{ needs.create_release.outputs.vversion }} reference update"
	- name: Push changes
	uses: ad-m/github-push-action@d91a481090679876dfc4178fef17f286781251df # v0.8.0
	with:
	github_token: ${{ secrets.DOCS_PAT }}
	branch: 'main'
	directory: './docs'
	repository: 'smallstep/docs'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Create Release & Upload Assets #248

Workflow file

Create Release & Upload Assets #248

Jobs

Run details

Workflow file for this run