Skip to content
Release

github release perms - need contents:write #102

Sign in to view logs

github release perms - need contents:write

github release perms - need contents:write #102

Workflow file for this run

.github/workflows/release.yml at 7d1070e
name: Release
on:
push:
tags:
- 'v*'
jobs:
goreleaser:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: write
steps:
- name: Check Out Repo
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ vars.RP_AWS_CRED_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }}
- name: Get secrets from AWS Secrets Manager
uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
secret-ids: |
,sdlc/prod/github/cloudsmith_api_key
parse-json-secrets: true
- name: Free up some disk space on ubuntu
if: ${{ runner.os == 'Linux' }}
run: |
# Workaround to provide additional free space for testing.
# https://github.com/actions/virtual-environments/issues/2840
sudo rm -rf /usr/share/dotnet
sudo rm -rf /opt/ghc
sudo rm -rf "/usr/local/share/boost"
sudo rm -rf "$AGENT_TOOLSDIRECTORY"
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x
check-latest: true
- name: Release Notes
run: ./resources/scripts/release_notes.sh > ./release_notes.md
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install cloudsmith CLI (for publishing Linux packages)
run: pip install cloudsmith-cli
- name: GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
version: latest
args: release --release-notes=./release_notes.md --timeout 120m
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CLOUDSMITH_API_KEY: ${{ env.CLOUDSMITH_API_KEY }}
docker:
runs-on: ubuntu-latest
strategy:
matrix:
include:
- flavor: default
latest: auto
suffix: ""
platform: linux/amd64,linux/arm64
file: ./resources/docker/Dockerfile
- flavor: cgo
latest: false
suffix: -cgo
platform: linux/amd64
file: ./resources/docker/Dockerfile.cgo
- flavor: cloud
latest: false
suffix: -cloud
platform: linux/amd64,linux/arm64
file: ./resources/docker/Dockerfile.cloud
- flavor: ai
latest: false
suffix: -ai
platform: linux/amd64,linux/arm64
file: ./resources/docker/Dockerfile.ai
permissions:
id-token: write
packages: write
contents: read
steps:
- name: Check Out Repo
uses: actions/checkout@v4
- name: Free up some disk space on ubuntu
if: ${{ runner.os == 'Linux' }}
run: |
# Workaround to provide additional free space for testing.
# https://github.com/actions/virtual-environments/issues/2840
sudo rm -rf /usr/share/dotnet
sudo rm -rf /opt/ghc
sudo rm -rf "/usr/local/share/boost"
sudo rm -rf "$AGENT_TOOLSDIRECTORY"
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ vars.RP_AWS_CRED_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.RP_AWS_CRED_ACCOUNT_ID }}:role/${{ vars.RP_AWS_CRED_BASE_ROLE_NAME }}${{ github.event.repository.name }}
- name: Get secrets from AWS Secrets Manager
uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
secret-ids: |
,sdlc/prod/github/dockerhub_token
parse-json-secrets: true
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: vectorizedbot
password: ${{ env.DOCKERHUB_TOKEN }}
- name: Install Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
with:
images: |
redpandadata/connect
flavor: |
latest=${{ matrix.latest }}
suffix=${{ matrix.suffix }}
tags: |
type=semver,suffix=${{ matrix.suffix }},pattern={{version}}
type=semver,suffix=${{ matrix.suffix }},pattern={{major}}.{{minor}}
type=semver,suffix=${{ matrix.suffix }},pattern={{major}}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: ./
file: ${{ matrix.file }}
platforms: ${{ matrix.platform }}
push: true
tags: ${{ steps.docker_meta.outputs.tags }}