release #1705
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# `name` value will appear "as is" in the badge. | |
# See https://docs.github.com/en/actions/configuring-and-managing-workflows/configuring-a-workflow#adding-a-workflow-status-badge-to-your-repository | |
# yamllint --format github .github/workflows/release.yaml | |
--- | |
name: "release" | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: Version of the release. Ex v1.18.3 or v1.18.3_debug | |
required: true | |
defaults: | |
run: # use bash for all operating systems unless overridden | |
shell: bash | |
jobs: | |
archive: | |
name: "Archive Envoy® Release" | |
runs-on: ubuntu-20.04 # Hard-coding an LTS means maintenance, but only once each 2 years! | |
steps: | |
- name: "Checkout" | |
uses: actions/checkout@v3 | |
- name: "Install car and netlify-cli" | |
run: | | |
car_version=1.0.1 | |
car_url=https://github.com/tetratelabs/car/releases/download/v${car_version}/car_${car_version}_linux_amd64.tar.gz | |
curl -sSL ${car_url} | tar -C /usr/local/bin -xzf - | |
npm install --save-dev netlify-cli | |
- name: "Archive Envoy Release" | |
run: ./bin/archive_release_version.sh envoyproxy/envoy "${{ github.event.inputs.version }}" | |
- name: "Upload GitHub Release" | |
uses: ncipollo/release-action@v1 | |
with: # TODO: This would be easier to troubleshoot if used `gh` commands like func-e does. | |
artifacts: "${{ github.event.inputs.version }}/*" | |
allowUpdates: true | |
generateReleaseNotes: false | |
omitBody: true | |
tag: ${{ github.event.inputs.version }} | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Trigger Netlify deploy" # The above upload won't create a GHA trigger, so we make one directly | |
run: ./node_modules/.bin/netlify deploy --message="deploy ${TAG}" --trigger --auth=${NETLIFY_AUTH_TOKEN} --site=${NETLIFY_SITE_ID} | |
env: # https://github.com/tetratelabs/archive-envoy/settings/secrets | |
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} # https://app.netlify.com/user/applications/personal | |
NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} # .netlify/state.json/siteId | |
# Failures here happen after release, meaning they don't block a release. This is ok as we may be releasing Linux | |
# prior to OS/x being available, or releasing a debug version which is only available on Linux. The failures here are | |
# only to help us later identify issues, should some user concerns come up. | |
test: | |
name: "Test Envoy® Archive (${{ matrix.os }})" | |
needs: archive | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false # don't fail fast as sometimes failures are operating system specific | |
matrix: | |
# Non-deprecated from https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners | |
# Note: We don't test arm64 on release as it is unlikely to fail and too much effort. | |
# | |
# Operating systems in this matrix can run recent versions of Envoy. This needs maintenance | |
# as Envoy requires newer versions of libc. The point of these tests are only to ensure the tarball wasn't corrupted | |
# or built for the wrong platform. | |
include: | |
# - os: ubuntu-18.04 # Envoy 1.23.x is the last Envoy version that runs on ubuntu-18.04. | |
- os: ubuntu-20.04 # Envoy 1.24.x requires minimally ubuntu-20.04. | |
- os: ubuntu-22.04 | |
- os: macos-12 | |
- os: windows-2019 | |
- os: windows-2022 | |
steps: | |
- name: "Extract `envoy` binary from GitHub release assets" | |
run: | # https://docs.github.com/en/actions/learn-github-actions/environment-variables | |
os=$(echo ${RUNNER_OS} | tr '[:upper:]' '[:lower:]' | sed 's/macos/darwin/g' ) | |
gh release -R ${GITHUB_REPOSITORY} download "${{ github.event.inputs.version }}" -p "*-${os}-amd64.tar.xz" | |
tar --strip-components=2 -xpJf *.tar.xz && rm *.tar.xz | |
env: # authenticate release downloads in case it is a draft (not public) | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- run: ./envoy --version |