Skip to content

Bump google-github-actions/get-secretmanager-secrets from 2.2.1 to 2.… #77

Bump google-github-actions/get-secretmanager-secrets from 2.2.1 to 2.…

Bump google-github-actions/get-secretmanager-secrets from 2.2.1 to 2.… #77

Workflow file for this run

name: release
on:
release:
types: [published]
push:
branches:
- main
permissions:
contents: read
env:
NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages
JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
SLACK_CHANNEL: "#apm-agent-dotnet"
RELEASE_PACKAGES: ".artifacts/package/release/*.nupkg"
RELEASE_DISTRO: ".artifacts/elastic-distribution/*"
jobs:
release:
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
outputs:
agent-version: ${{ steps.bootstrap.outputs.agent-version }}
major-version: ${{ steps.bootstrap.outputs.major-version }}
env:
DOCKER_IMAGE_NAME: "docker.elastic.co/observability/elastic-otel-dotnet"
steps:
- uses: actions/checkout@v4
- name: Bootstrap Action Workspace
id: bootstrap
uses: ./.github/workflows/bootstrap
- run: ./build.sh release
name: Release
- name: List distributions
run: ls -al ${{ env.RELEASE_DISTRO }}
- name: Generate build provenance (Distribution)
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3
with:
subject-path: "${{ github.workspace }}/${{ env.RELEASE_DISTRO }}"
- name: Generate build provenance (Packages)
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3
with:
subject-path: "${{ github.workspace }}/${{ env.RELEASE_PACKAGES }}"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
- name: Log in to the Elastic Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }}
username: ${{ secrets.ELASTIC_DOCKER_USERNAME }}
password: ${{ secrets.ELASTIC_DOCKER_PASSWORD }}
- name: Extract metadata (tags, labels)
id: docker-meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.DOCKER_IMAGE_NAME }}
flavor: |
latest=auto
tags: |
# "1.2.3" and "latest" Docker tags on push of git tag "v1.2.3"
type=semver,pattern={{version}},value=${{ steps.bootstrap.outputs.agent-version }}
# "edge" Docker tag on git push to default branch
type=edge
labels: |
org.opencontainers.image.title=elastic-otel-dotnet
org.opencontainers.image.description=Elastic Distribution of OpenTelemetry .NET
org.opencontainers.image.vendor=Elastic
- name: Build and Push Profiler Docker Image
id: docker-push
continue-on-error: true # continue for now until we see it working in action
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
cache-from: type=gha
cache-to: type=gha,mode=max
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.docker-meta.outputs.tags }}
labels: ${{ steps.docker-meta.outputs.labels }}
- name: Attest image
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3
continue-on-error: true # continue for now until we see it working in action
with:
subject-name: ${{ env.DOCKER_IMAGE_NAME }}
subject-digest: ${{ steps.docker-push.outputs.digest }}
push-to-registry: true
- name: Attach Distribution to release
if: ${{ github.event_name == 'release' }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: gh release upload ${{ github.ref_name }} ${{ env.RELEASE_DISTRO }}
- name: Release to Nuget (only for release events)
if: ${{ github.event_name == 'release' }}
run: dotnet nuget push '${{ env.RELEASE_PACKAGES }}' -k ${{ secrets.NUGET_API_KEY }} -s https://api.nuget.org/v3/index.json --skip-duplicate --no-symbols
- if: ${{ success() && github.event_name == 'release' }}
uses: elastic/oblt-actions/slack/[email protected]
with:
bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
channel-id: ${{ env.SLACK_CHANNEL }}
message: |
:large_green_circle: [${{ github.repository }}] Release *${{ github.ref_name }}* published.
Build: (<${{ env.JOB_URL }}|here>)
Release URL: (<https://github.com/${{ github.repository }}/releases/tag/${{ github.ref_name }}|${{ github.ref_name }}>)
- if: ${{ failure() && github.event_name == 'release' }}
uses: elastic/oblt-actions/slack/[email protected]
with:
bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
channel-id: ${{ env.SLACK_CHANNEL }}
message: |
:large_yellow_circle: [${{ github.repository }}] Release *${{ github.ref_name }}* could not be published.
Build: (<${{ env.JOB_URL }}|here>)
post-release:
needs: ['release']
runs-on: ubuntu-latest
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GIT_TAG: v${{ needs.release.outputs.agent-version }}
NEW_BRANCH: update/${{ needs.release.outputs.agent-version }}
TARGET_BRANCH: ${{ needs.release.outputs.major-version }}.x
permissions:
contents: write
issues: write
pull-requests: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup git config
uses: elastic/oblt-actions/git/setup@v1
- name: Create GitHub Pull Request if minor release (only for release events)
if: ${{ github.event_name == 'release' }}
run: |
echo "as long as there is a major.x branch"
existed_in_local=$(git ls-remote --heads origin ${TARGET_BRANCH})
if [ -z "${existed_in_local}" ]; then
echo -e "::warning::Target branch '${TARGET_BRANCH}' does not exist."
exit 0
fi
git checkout $TARGET_BRANCH
git checkout -b ${NEW_BRANCH}
git format-patch -k --stdout ${TARGET_BRANCH}...origin/main -- docs | git am -3 -k
git push origin ${NEW_BRANCH}
gh pr create \
--title "post-release: ${GIT_TAG}" \
--body "Generated automatically with ${JOB_URL}" \
--head "elastic:${NEW_BRANCH}" \
--base "$TARGET_BRANCH" \
--repo "${{ github.repository }}"
- name: Create branch if major release (only for release events)
if: ${{ github.event_name == 'release' }}
run: |
echo "as long as there is no a major.x branch"
existed_in_local=$(git ls-remote --heads origin ${TARGET_BRANCH})
if [ -n "${existed_in_local}" ]; then
echo -e "::warning::Target branch '${TARGET_BRANCH}' does exist."
exit 0
fi
git branch -D $TARGET_BRANCH
git push origin $TARGET_BRANCH