Skip to content

Bump google-github-actions/get-secretmanager-secrets from 2.2.1 to 2.… #98

Bump google-github-actions/get-secretmanager-secrets from 2.2.1 to 2.…

Bump google-github-actions/get-secretmanager-secrets from 2.2.1 to 2.… #98

Workflow file for this run

name: release-main
on:
push:
branches: [ "main" ]
permissions:
contents: read
env:
NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages
RELEASE_PACKAGES: ".artifacts/package/release/*.nupkg"
RELEASE_DISTRO: ".artifacts/elastic-distribution/*"
jobs:
release:
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
packages: write
steps:
- uses: actions/checkout@v4
- name: Bootstrap Action Workspace
id: bootstrap
uses: ./.github/workflows/bootstrap
- name: Test
run: ./build.sh test --test-suite=skip-e2e
- run: ./build.sh release -c
name: Release
- name: Generate build provenance (Distribution)
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3
with:
subject-path: "${{ github.workspace }}/${{ env.RELEASE_DISTRO }}"
- name: Generate build provenance (Packages)
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3
with:
subject-path: "${{ github.workspace }}/${{ env.RELEASE_PACKAGES }}"
# Push to feedz.io
- name: publish canary packages to feedz.io
run: dotnet nuget push '${{ env.RELEASE_PACKAGES }}' -k ${{ secrets.FEEDZ_IO_API_KEY }} -s ${{ secrets.FEEDZ_IO_API_URL }} --skip-duplicate --no-symbols
# Push to GHPR for advertising purposes on the github landing page.
# Sadly this still requires authentication to use as a nuget package repository
- name: Publish canary packages github package repository
shell: bash
# this is a best effort to push to GHPR, we've observed it being unavailable intermittently
continue-on-error: true
run: dotnet nuget push '${{ env.RELEASE_PACKAGES }}' -k ${{ secrets.GITHUB_TOKEN }} --source "https://nuget.pkg.github.com/elastic/index.json" --skip-duplicate --no-symbols