Skip to content
Publish release

Release v1.53.0 #61

Sign in to view logs

Release v1.53.0

Release v1.53.0 #61

Workflow file for this run

.github/workflows/ci-release.yml at b620f0e
name: Publish release
on:
release:
types:
- published
# allow running release workflow manually
workflow_dispatch:
# See https://github.com/jaegertracing/jaeger/issues/4017
# and https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
permissions:
deployments: write
contents: write
jobs:
publish-release:
if: github.repository == 'jaegertracing/jaeger'
runs-on: ubuntu-latest
steps:
- name: Clean up some disk space
# We had an issue where the workflow was running out of disk space,
# because it downloads so many Docker images for different platforms.
# Here we delete some stuff from the VM that we do not use.
# Inspired by https://github.com/jlumbroso/free-disk-space.
run: |
sudo rm -rf /usr/local/lib/android || true
df -h /
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
submodules: true
- name: Fetch git tags
run: |
git fetch --prune --unshallow --tags
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: 1.21.x
- name: Setup Node.js version
uses: ./.github/actions/setup-node.js
- name: Export BRANCH variable and validate it is a semver
# Many scripts depend on BRANCH variable. We do not want to
# use ./.github/actions/setup-branch here because it may set
# BRANCH=main when the workflow is triggered manually.
run: |
BRANCH=$(make echo-version)
echo "BRANCH=${BRANCH}" >> ${GITHUB_ENV}
echo Validate that the latest tag ${BRANCH} is in semver format
echo ${BRANCH} | grep -E '^v[0-9]+.[0-9]+.[0-9]+$'
- name: Install tools
run: make install-ci
- name: Configure GPG Key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
- name: Build binaries
run: make build-all-platforms
- name: Package binaries
id: package-binaries
run: bash scripts/package-deploy.sh
- name: Upload binaries
uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2.7.0
with:
file: '{deploy/*.tar.gz,deploy/*.zip,deploy/*.sha256sum.txt,deploy/*.asc}'
file_glob: true
overwrite: true
tag: ${{ env.BRANCH }}
repo_token: ${{ secrets.GITHUB_TOKEN }}
- name: Clean up some more disk space
# Delete the release artifacts after uploading them.
run: |
rm -rf deploy || true
df -h /
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
- name: Build and upload all docker images
run: bash scripts/build-upload-docker-images.sh
env:
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
- name: Build, test, and publish all-in-one image
run: bash scripts/build-all-in-one-image.sh
env:
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
- name: Build, test, and publish hotrod image
run: bash scripts/hotrod-integration-test.sh
env:
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
- name: Generate SBOM
uses: anchore/sbom-action@719133684c7d294116626d1344fe64f0d2ff3e9e # v0.15.2
with:
output-file: jaeger-SBOM.spdx.json
upload-release-assets: false
upload-artifact: false
- name: Upload SBOM
# Upload SBOM manually, because anchore/sbom-action does not do that
# when the workflow is triggered manually, only from a release.
# See https://github.com/jaegertracing/jaeger/issues/4817
uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2.7.0
with:
file: jaeger-SBOM.spdx.json
overwrite: true
tag: ${{ env.BRANCH }}
repo_token: ${{ secrets.GITHUB_TOKEN }}