From 42fb550f9c0e8f40a6fa1aa02700265332af1479 Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 11:44:11 -0300 Subject: [PATCH 01/10] fix: use goreleaser pro on nightly builds Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3c7d41e98..3db4bbf1e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -65,10 +65,12 @@ jobs: with: distribution: goreleaser version: latest + distribution: goreleaser-pro args: release --snapshot --rm-dist --skip-sign env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} + GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} - name: Push docker images run: | From 913b11233e9aaac15a3f673e16c61ac1c8938d77 Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 11:51:23 -0300 Subject: [PATCH 02/10] fix: dist Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3db4bbf1e..30f378e0e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -63,9 +63,8 @@ jobs: - name: Run GoReleaser uses: goreleaser/goreleaser-action@v2 with: - distribution: goreleaser - version: latest distribution: goreleaser-pro + version: latest args: release --snapshot --rm-dist --skip-sign env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 79d4cee9ea2fa534b164434c981ea077a7a1a735 Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 12:10:56 -0300 Subject: [PATCH 03/10] fix: skip sbom Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 30f378e0e..8b3de30ad 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -65,7 +65,7 @@ jobs: with: distribution: goreleaser-pro version: latest - args: release --snapshot --rm-dist --skip-sign + args: release --snapshot --rm-dist --skip-sign --skip-sbom env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} From 4dd41c85e9a7b1b2b2c9d7476bccb4b6c1101090 Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 18:27:36 -0300 Subject: [PATCH 04/10] fix: reuse Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 122 ++----------------------------- .github/workflows/pr-comment.yml | 63 ++-------------- 2 files changed, 10 insertions(+), 175 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8b3de30ad..3eb18d325 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -33,120 +33,8 @@ jobs: run: go test ./... nightly: - env: - GO111MODULE: "on" - DOCKER_CLI_EXPERIMENTAL: enabled - runs-on: ubuntu-latest - steps: - - name: Install Go - uses: actions/setup-go@v2 - with: - go-version: "~1.17" - - - name: Checkout code - uses: actions/checkout@v2 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v1 - - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v2 - with: - distribution: goreleaser-pro - version: latest - args: release --snapshot --rm-dist --skip-sign --skip-sbom - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} - - - name: Push docker images - run: | - GIT_HASH=$(git rev-parse --short "$GITHUB_SHA") - - docker tag ghcr.io/$GITHUB_REPOSITORY:latest-amd64 ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-amd64 - docker tag ghcr.io/$GITHUB_REPOSITORY:latest-arm64 ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-arm64 - docker tag ghcr.io/$GITHUB_REPOSITORY:latest-armv7 ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-armv7 - docker tag ghcr.io/$GITHUB_REPOSITORY:latest-i386 ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-i386 - - docker push ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-amd64 - docker push ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-arm64 - docker push ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-armv7 - docker push ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-i386 - - docker manifest create ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH \ - ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-amd64 \ - ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-arm64 \ - ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-armv7 \ - ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH-i386 - docker manifest push ghcr.io/$GITHUB_REPOSITORY:devel-$GIT_HASH - - if [[ $GITHUB_REF = 'refs/heads/main' && $GITHUB_EVENT_NAME = 'push' ]]; then - docker tag ghcr.io/$GITHUB_REPOSITORY:latest-amd64 ghcr.io/$GITHUB_REPOSITORY:devel-amd64 - docker tag ghcr.io/$GITHUB_REPOSITORY:latest-arm64 ghcr.io/$GITHUB_REPOSITORY:devel-arm64 - docker tag ghcr.io/$GITHUB_REPOSITORY:latest-armv7 ghcr.io/$GITHUB_REPOSITORY:devel-armv7 - docker tag ghcr.io/$GITHUB_REPOSITORY:latest-i386 ghcr.io/$GITHUB_REPOSITORY:devel-i386 - - docker push ghcr.io/$GITHUB_REPOSITORY:devel-amd64 - docker push ghcr.io/$GITHUB_REPOSITORY:devel-arm64 - docker push ghcr.io/$GITHUB_REPOSITORY:devel-armv7 - docker push ghcr.io/$GITHUB_REPOSITORY:devel-i386 - - docker manifest create ghcr.io/$GITHUB_REPOSITORY:devel \ - ghcr.io/$GITHUB_REPOSITORY:devel-amd64 \ - ghcr.io/$GITHUB_REPOSITORY:devel-arm64 \ - ghcr.io/$GITHUB_REPOSITORY:devel-armv7 \ - ghcr.io/$GITHUB_REPOSITORY:devel-i386 - docker manifest push ghcr.io/$GITHUB_REPOSITORY:devel - fi - - - uses: actions/upload-artifact@v2 - with: - name: Linux (x86_64) - path: | - dist/soft-serve_linux_amd64/* - LICENSE - README.md - - - uses: actions/upload-artifact@v2 - with: - name: Linux (arm64) - path: | - dist/soft-serve_linux_arm64/* - LICENSE - README.md - - - uses: actions/upload-artifact@v2 - with: - name: MacOS (x86_64) - path: | - dist/soft-serve_darwin_amd64/* - LICENSE - README.md - - - uses: actions/upload-artifact@v2 - with: - name: MacOS (arm64) - path: | - dist/soft-serve_darwin_arm64/* - LICENSE - README.md - - - uses: actions/upload-artifact@v2 - with: - name: Windows (x86_64) - path: | - dist/soft-serve_windows_amd64/* - LICENSE - README.md + uses: charmbracelet/meta/.github/workflows/nightly.yml@main + secrets: + docker_username: caarlos0 + docker_token: ${{ secrets.DOCKER_PASSWORD }} + goreleaser_key: ${{ secrets.GORELEASER_KEY }} diff --git a/.github/workflows/pr-comment.yml b/.github/workflows/pr-comment.yml index dd30e6c78..e9356a5af 100644 --- a/.github/workflows/pr-comment.yml +++ b/.github/workflows/pr-comment.yml @@ -1,63 +1,10 @@ -name: Comment on pull request +name: pr-comment + on: workflow_run: workflows: [build] types: [completed] -jobs: - pr_comment: - if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' - runs-on: ubuntu-latest - steps: - - uses: actions/github-script@v5 - with: - # This snippet is public-domain, taken from - # https://github.com/oprypin/nightly.link/blob/master/.github/workflows/pr-comment.yml - script: | - async function upsertComment(owner, repo, issue_number, purpose, body) { - const {data: comments} = await github.rest.issues.listComments( - {owner, repo, issue_number}); - - const marker = ``; - body = marker + "\n" + body; - - const existing = comments.filter((c) => c.body.includes(marker)); - if (existing.length > 0) { - const last = existing[existing.length - 1]; - core.info(`Updating comment ${last.id}`); - await github.rest.issues.updateComment({ - owner, repo, - body, - comment_id: last.id, - }); - } else { - core.info(`Creating a comment in issue / PR #${issue_number}`); - await github.rest.issues.createComment({issue_number, body, owner, repo}); - } - } - - const {owner, repo} = context.repo; - const run_id = ${{github.event.workflow_run.id}}; - const pull_requests = ${{ toJSON(github.event.workflow_run.pull_requests) }}; - if (!pull_requests.length) { - return core.error("This workflow doesn't match any pull requests!"); - } - - const artifacts = await github.paginate( - github.rest.actions.listWorkflowRunArtifacts, {owner, repo, run_id}); - if (!artifacts.length) { - return core.error(`No artifacts found`); - } - const sha = "${{github.event.workflow_run.head_sha}}"; - let body = `Download the artifacts for this pull request:\n`; - for (const art of artifacts) { - body += `\n* [${art.name}.zip](https://nightly.link/${owner}/${repo}/actions/artifacts/${art.id}.zip)`; - } - body += `\n\nOr use the following Docker image \`ghcr.io/${owner}/${repo}:devel-${sha.substr(0,7)}\``; - - core.info("Review thread message body:", body); - - for (const pr of pull_requests) { - await upsertComment(owner, repo, pr.number, - "nightly-link", body); - } \ No newline at end of file +jobs: + pr-comment: + uses: charmbracelet/meta/.github/workflows/pr-comment.yml@main From 6e7c5c9dc3159775df60aaa0da0f10448b8172ca Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 18:37:43 -0300 Subject: [PATCH 05/10] fix: workflows Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 1 + .github/workflows/goreleaser.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 103debe95..2b8f1c82d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,6 +36,7 @@ jobs: uses: charmbracelet/meta/.github/workflows/nightly.yml@main with: docker_username: charmcli + secrets: docker_token: ${{ secrets.DOCKERHUB_TOKEN }} gh_pat: ${{ secrets.PERSONAL_ACCESS_TOKEN }} goreleaser_key: ${{ secrets.GORELEASER_KEY }} diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index ac0a1ce4b..1be7005a1 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -14,6 +14,7 @@ jobs: uses: charmbracelet/meta/.github/workflows/goreleaser.yml@main with: docker_username: charmcli + secrets: docker_token: ${{ secrets.DOCKERHUB_TOKEN }} gh_pat: ${{ secrets.PERSONAL_ACCESS_TOKEN }} goreleaser_key: ${{ secrets.GORELEASER_KEY }} From fa1e6b8d11d9a1885780a7365dfa03775f5ea0e6 Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 18:39:26 -0300 Subject: [PATCH 06/10] fix: workflows Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2b8f1c82d..79eb51768 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,7 +36,7 @@ jobs: uses: charmbracelet/meta/.github/workflows/nightly.yml@main with: docker_username: charmcli - secrets: - docker_token: ${{ secrets.DOCKERHUB_TOKEN }} - gh_pat: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - goreleaser_key: ${{ secrets.GORELEASER_KEY }} + secrets: + docker_token: ${{ secrets.DOCKERHUB_TOKEN }} + gh_pat: ${{ secrets.PERSONAL_ACCESS_TOKEN }} + goreleaser_key: ${{ secrets.GORELEASER_KEY }} From 1320909135b5260e2c3e1e3e0d92d86b868d17f9 Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 18:40:52 -0300 Subject: [PATCH 07/10] fix: workflows Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 79eb51768..2b8f1c82d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,7 +36,7 @@ jobs: uses: charmbracelet/meta/.github/workflows/nightly.yml@main with: docker_username: charmcli - secrets: - docker_token: ${{ secrets.DOCKERHUB_TOKEN }} - gh_pat: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - goreleaser_key: ${{ secrets.GORELEASER_KEY }} + secrets: + docker_token: ${{ secrets.DOCKERHUB_TOKEN }} + gh_pat: ${{ secrets.PERSONAL_ACCESS_TOKEN }} + goreleaser_key: ${{ secrets.GORELEASER_KEY }} From 650a2855a4f00475477ce301075905db62fe3965 Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 18:41:29 -0300 Subject: [PATCH 08/10] fix: workflows Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2b8f1c82d..43e6b1be7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -38,5 +38,4 @@ jobs: docker_username: charmcli secrets: docker_token: ${{ secrets.DOCKERHUB_TOKEN }} - gh_pat: ${{ secrets.PERSONAL_ACCESS_TOKEN }} goreleaser_key: ${{ secrets.GORELEASER_KEY }} From 59c05d9e5588f807ce7e087580438bd145285132 Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 18:42:24 -0300 Subject: [PATCH 09/10] fix: perms Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 43e6b1be7..aeb147442 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,9 +2,6 @@ name: build on: [push, pull_request] -permissions: - packages: write - jobs: build: strategy: From 1999dfe1703cc3af93fdc2d8d01c4b45571fd85f Mon Sep 17 00:00:00 2001 From: Carlos A Becker Date: Fri, 14 Jan 2022 18:51:35 -0300 Subject: [PATCH 10/10] fix: workflows Signed-off-by: Carlos A Becker --- .github/workflows/build.yml | 3 +-- .github/workflows/goreleaser.yml | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index aeb147442..ca61004fd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -31,8 +31,7 @@ jobs: nightly: uses: charmbracelet/meta/.github/workflows/nightly.yml@main - with: - docker_username: charmcli secrets: + docker_username: ${{ secrets.DOCKERHUB_USERNAME }} docker_token: ${{ secrets.DOCKERHUB_TOKEN }} goreleaser_key: ${{ secrets.GORELEASER_KEY }} diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index 1be7005a1..55b36628f 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -12,9 +12,8 @@ concurrency: jobs: goreleaser: uses: charmbracelet/meta/.github/workflows/goreleaser.yml@main - with: - docker_username: charmcli secrets: + docker_username: ${{ secrets.DOCKERHUB_USERNAME }} docker_token: ${{ secrets.DOCKERHUB_TOKEN }} gh_pat: ${{ secrets.PERSONAL_ACCESS_TOKEN }} goreleaser_key: ${{ secrets.GORELEASER_KEY }}