Automated Release Workflow #32

Workflow file for this run

.github/workflows/automated-release-workflow.yml at fb134af

	name: Automated Release Workflow
	on:
	workflow_dispatch:
	inputs:
	release_version:
	description: 'Version of Splunk Operator Release'
	required: true
	operator_image_tag:
	description: 'Tag for Splunk Operator Image'
	required: true
	enterprise_version:
	description: 'Enterprise Image Version. Should match with Tag on Splunk Enterprise Docker Repo'
	required: true
	jobs:
	automated-release:
	name: Automated Release Workflow
	runs-on: ubuntu-latest
	permissions:
	contents: write
	pull-requests: write
	if: github.ref == 'refs/heads/main'
	env:
	SPLUNK_OPERATOR_RC_IMAGE_NAME: splunk/splunk-operator-rc
	steps:
	- name: Set up cosign
	uses: sigstore/cosign-installer@main

	- name: Checkout code
	uses: actions/checkout@v2

	- name: Deep Fetch
	run: \|
	git fetch --prune --unshallow

	- name: Dotenv Action
	id: dotenv
	uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1

	- name: Login to Amazon ECR
	id: login-ecr-public
	uses: aws-actions/amazon-ecr-login@v2
	with:
	registry-type: public

	- name: Setup Go
	uses: actions/setup-go@v2
	with:
	go-version: ${{ steps.dotenv.outputs.GO_VERSION }}

	- name: Set up Docker Buildx
	uses: docker/[email protected]
	- name: Configure Docker Credentials
	uses: docker/login-action@v1
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PUSH_TOKEN}}

	- name: Install Operator SDK
	run: \|
	export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac)
	export OS=$(uname \| awk '{print tolower($0)}')
	export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/${{ steps.dotenv.outputs.OPERATOR_SDK_VERSION }}
	sudo curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH}
	sudo chmod +x operator-sdk_${OS}_${ARCH}
	sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk

	- name: Generate Release Artifacts
	run: \|
	make generate-artifacts IMG=splunk/splunk-operator:${{ github.event.inputs.release_version }} VERSION=${{ github.event.inputs.release_version }} SPLUNK_ENTERPRISE_IMAGE=splunk/splunk:${{ github.event.inputs.enterprise_version }}

	- name: Upload Release Artifacts
	uses: actions/[email protected]
	with:
	name: "release-artifacts-${{ github.event.inputs.release_version }}"
	path: "release-**"

	- name: Generate Release Notes
	run: \|
	a=`cat docs/ChangeLog.md \| grep -n -m2 "^##" \| awk -F":" '{print $1}' \| tail -1`
	a=`expr $a - 1`
	sed -n "4,${a}p" docs/ChangeLog.md >> docs/ReleaseNotes.md >> docs/ReleaseNotes.md

	- name: Create Release
	uses: ncipollo/release-action@40bb172bd05f266cf9ba4ff965cb61e9ee5f6d01
	with:
	artifacts: "release-${{ github.event.inputs.release_version }}/splunk-operator-cluster.yaml,release-${{ github.event.inputs.release_version }}/splunk-operator-namespace.yaml"
	bodyFile: "docs/ReleaseNotes.md"
	tag: "${{ github.event.inputs.release_version }}"
	draft: true

	- name: Pull RC Splunk Operator Image
	run: \|
	docker pull ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_RC_IMAGE_NAME }}:${{ github.event.inputs.release_version }}-RC

	- name: Promote RC Image to Release
	run: \|
	docker tag ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_RC_IMAGE_NAME }}:${{ github.event.inputs.release_version }}-RC splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
	docker tag splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }} splunk/splunk-operator:latest

	- name: Push Release Image
	run: \|
	docker push splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
	docker push splunk/splunk-operator:latest

	- name: Sign Splunk Operator image with a key
	run: \|
	cosign sign --yes --key env://COSIGN_PRIVATE_KEY splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
	env:
	COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
	COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}

	- name: Verify Splunk Operator image with a key
	run: \|
	cosign verify --key env://COSIGN_PUBLIC_KEY splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}
	env:
	COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}

	- name: Pull Distroless RC Splunk Operator Image
	run: \|
	docker pull ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_RC_IMAGE_NAME }}:${{ github.event.inputs.release_version }}-RC-distroless

	- name: Promote Distroless RC Image to Release
	run: \|
	docker tag ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.SPLUNK_OPERATOR_RC_IMAGE_NAME }}:${{ github.event.inputs.release_version }}-RC-distroless splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}-distroless

	- name: Push Distroless Release Image
	run: \|
	docker push splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}-distroless

	- name: Sign Distroless Splunk Operator image with a key
	run: \|
	cosign sign --yes --key env://COSIGN_PRIVATE_KEY splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}-distroless
	env:
	COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
	COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}

	- name: Verify Distroless Splunk Operator image with a key
	run: \|
	cosign verify --key env://COSIGN_PUBLIC_KEY splunk/splunk-operator:${{ github.event.inputs.operator_image_tag }}-distroless
	env:
	COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Automated Release Workflow #32

Workflow file

Automated Release Workflow #32

Uh oh!

Jobs

Run details

Workflow file for this run