fix: mismatched image tags causing ImagePullBackOff (#108) #42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Semantic Release Workflow | |
| # | |
| # Automatically creates releases based on conventional commits | |
| # - feat: minor version bump | |
| # - fix: patch version bump | |
| # - feat!: or BREAKING CHANGE: major version bump | |
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - '*.md' | |
| - 'docs/**' | |
| - '.github/workflows/**' | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ssh-key: ${{ secrets.DEPLOY_KEY }} | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| - name: Install semantic-release | |
| run: npm install -g semantic-release @semantic-release/git @semantic-release/changelog @semantic-release/exec | |
| - name: Create semantic-release config | |
| run: | | |
| cat > .releaserc.json << 'RELEASERC' | |
| { | |
| "branches": ["main"], | |
| "plugins": [ | |
| "@semantic-release/commit-analyzer", | |
| "@semantic-release/release-notes-generator", | |
| ["@semantic-release/changelog", { | |
| "changelogFile": "CHANGELOG.md" | |
| }], | |
| ["@semantic-release/exec", { | |
| "prepareCmd": "sed -i 's/version: .*/version: v${nextRelease.version}/' dist/chart/Chart.yaml && sed -i 's/appVersion: .*/appVersion: \"v${nextRelease.version}\"/' dist/chart/Chart.yaml" | |
| }], | |
| ["@semantic-release/git", { | |
| "assets": ["CHANGELOG.md", "dist/chart/Chart.yaml"], | |
| "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}" | |
| }], | |
| "@semantic-release/github" | |
| ] | |
| } | |
| RELEASERC | |
| - name: Run semantic-release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: npx semantic-release | |
| tag-docker-release: | |
| needs: release | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.release.result == 'success' }} | |
| env: | |
| DOCKER_HUB_ORG: posit | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: main | |
| - name: Get latest tag | |
| id: get-tag | |
| run: | | |
| git fetch --tags | |
| TAG=$(git tag --sort=-version:refname | head -1 || echo "") | |
| echo "tag=$TAG" >> $GITHUB_OUTPUT | |
| - name: Login to Docker Hub | |
| if: steps.get-tag.outputs.tag != '' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
| - name: Tag and push release version to Docker Hub | |
| if: steps.get-tag.outputs.tag != '' | |
| run: | | |
| VERSION="${{ steps.get-tag.outputs.tag }}" | |
| IMAGE="docker.io/${{ env.DOCKER_HUB_ORG }}/ptd-team-operator" | |
| # Pull the latest image | |
| docker pull "${IMAGE}:latest" | |
| # Tag with the release version (e.g., v1.15.0) to match appVersion | |
| docker tag "${IMAGE}:latest" "${IMAGE}:${VERSION}" | |
| # Push the release tag | |
| docker push "${IMAGE}:${VERSION}" | |
| - name: Display Docker Hub release tag | |
| if: steps.get-tag.outputs.tag != '' | |
| run: | | |
| echo "### Docker Hub Release Tag" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "Tagged and pushed: \`docker.io/${{ env.DOCKER_HUB_ORG }}/ptd-team-operator:${{ steps.get-tag.outputs.tag }}\`" >> $GITHUB_STEP_SUMMARY | |
| package-helm: | |
| needs: release | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.release.result == 'success' }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| # Checkout the latest commit (including the release commit created by semantic-release) | |
| ref: main | |
| - name: Get latest tag | |
| id: get-tag | |
| run: | | |
| git fetch --tags | |
| # Use git tag instead of git describe because the tag may be on a newer | |
| # commit than the one that triggered the workflow (semantic-release creates | |
| # a new commit for the release) | |
| TAG=$(git tag --sort=-version:refname | head -1 || echo "") | |
| echo "tag=$TAG" >> $GITHUB_OUTPUT | |
| - name: Package Helm chart | |
| if: steps.get-tag.outputs.tag != '' | |
| run: | | |
| helm package dist/chart --version ${{ steps.get-tag.outputs.tag }} | |
| - name: Login to GHCR | |
| if: steps.get-tag.outputs.tag != '' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push Helm chart to OCI | |
| if: steps.get-tag.outputs.tag != '' | |
| run: | | |
| helm push team-operator-${{ steps.get-tag.outputs.tag }}.tgz oci://ghcr.io/posit-dev/charts | |
| - name: Upload Helm chart to release | |
| if: steps.get-tag.outputs.tag != '' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh release upload ${{ steps.get-tag.outputs.tag }} team-operator-${{ steps.get-tag.outputs.tag }}.tgz --clobber | |
| notify-ptd: | |
| needs: package-helm | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.package-helm.result == 'success' }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: main | |
| - name: Get latest tag | |
| id: get-tag | |
| run: | | |
| git fetch --tags | |
| TAG=$(git tag --sort=-version:refname | head -1 || echo "") | |
| echo "tag=$TAG" >> $GITHUB_OUTPUT | |
| - name: Dispatch version update to PTD | |
| if: steps.get-tag.outputs.tag != '' | |
| env: | |
| GH_TOKEN: ${{ secrets.PTD_REPO_TOKEN }} | |
| run: | | |
| gh workflow run update-team-operator-version.yml \ | |
| --repo posit-dev/ptd \ | |
| --field version=${{ steps.get-tag.outputs.tag }} |