release #81

Workflow file for this run

.github/workflows/release.yaml at 135eb03

	---
	# yamllint disable rule:line-length
	name: "release"

	# yamllint disable-line rule:truthy
	on:
	pull_request:
	paths:
	- '.github/workflows/release.yaml'
	- '.releaserc.js'
	- 'package.json'
	workflow_dispatch:
	inputs:
	verbosity:
	description: 'Log Verbosity'
	required: true
	default: 0
	type: choice
	options:
	- '0'
	- '1'
	- '2'
	- '3'
	- '4'

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	env:
	image_name: ${{ secrets.CONTAINER_REGISTRY }}/${{ vars.CONTAINER_REGISTRY_PATH }}/homelab-workspace
	image_cache_name: ${{ secrets.CONTAINER_REGISTRY }}/${{ vars.CONTAINER_REGISTRY_CACHE_PATH }}/coder-workspace
	image_path: images/homelab-workspace
	template_path: templates/docker/homelab-workspace
	default_branch: main
	default_verbosity: 0

	jobs:
	create-release:
	runs-on: ubuntu-latest
	timeout-minutes: 10
	# if: github.event.pull_request.merged == true
	outputs:
	released_sha: ${{ steps.release_info.outputs.sha }}
	released_version: ${{ steps.release_info.outputs.version }}
	steps:
	- name: Check out
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
	with:
	token: "${{ secrets.GH_RELEASES_TOKEN }}"
	fetch-depth: 0

	- name: Set up node
	uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4
	with:
	node-version-file: '.node-version'
	cache: 'npm'
	cache-dependency-path: 'package-lock.json'

	- name: Install node packages
	run: npm ci --no-fund --no-audit

	- name: Release - dry run
	if: github.event_name == 'pull_request'
	shell: bash
	env:
	GITHUB_TOKEN: ${{ secrets.GH_RELEASES_TOKEN }}
	run: \|
	CURRENT_BRANCH=$GITHUB_HEAD_REF
	GITHUB_REF=$CURRENT_BRANCH
	set -x
	npx semantic-release --dry-run --no-ci --branches $CURRENT_BRANCH

	- name: Release
	if: github.event_name == 'workflow_dispatch'
	env:
	GITHUB_TOKEN: ${{ secrets.GH_RELEASES_TOKEN }}
	run: \|
	set -x
	npx semantic-release

	- name: Output release info
	id: release_info
	shell: bash
	env:
	TRIGGER_EVENT: ${{ github.event_name }}
	# yamllint disable-line rule:indentation
	run: \|
	if [[ "${TRIGGER_EVENT}" == "workflow_dispatch" ]]; then
	# an actual release has been triggered.
	if [[ ! -f /tmp/released.version ]]; then
	echo "No release occurred... cannot proceed."
	exit 1
	fi
	echo "version=$(cat /tmp/released.version \| cut -d'v' -f2)" >> "$GITHUB_OUTPUT"
	else
	# release workflow is being tested
	echo "version=0.0.0" >> "$GITHUB_OUTPUT"
	fi
	echo "sha=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"

	publish-image:
	if: github.event_name == 'workflow_dispatch'
	runs-on: ubuntu-latest
	needs: [create-release]
	timeout-minutes: 90
	steps:
	- name: Checkout
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3
	with:
	driver-opts: network=host
	platforms: linux/amd64,linux/arm64

	- name: Tailscale Connect
	uses: tailscale/github-action@4e4c49acaa9818630ce0bd7a564372c17e33fb4d # v2
	with:
	oauth-client-id: ${{ secrets.TAILSCALE_OAUTH_CLIENT_ID }}
	oauth-secret: ${{ secrets.TAILSCALE_OAUTH_SECRET }}
	tags: tag:github-action-ci-runner
	# renovate: datasource=github-releases depName=tailscale/tailscale
	version: "1.68.1"

	- name: Tailscale Debug
	if: ${{ (github.event.inputs.verbosity \|\| env.default_verbosity) >= 1 }}
	shell: bash
	run: \|
	sudo -E tailscale netcheck --verbose 2>&1 \| sed -f .output-filter
	echo
	sudo -E tailscale status 2>&1 \| sed -f .output-filter
	echo
	sudo -E tailscale status --json --peers=false 2>&1 \| sed -f .output-filter
	echo

	- name: Login to container registry
	uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
	with:
	registry: ${{ secrets.CONTAINER_REGISTRY }}
	username: ${{ secrets.CONTAINER_REGISTRY_USERNAME }}
	password: ${{ secrets.CONTAINER_REGISTRY_PASSWORD }}

	- name: Docker meta
	id: meta
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5
	with:
	images: \|
	${{ env.image_name }}
	labels: \|
	org.opencontainers.image.title=Coder-Workspace
	org.opencontainers.image.description=Coder workspace image
	tags: \|
	type=semver,pattern={{version}},value=${{ needs.create-release.outputs.released_version }},enable=${{ needs.create-release.outputs.released_version != '0.0.0' }}
	type=semver,pattern={{major}}.{{minor}},value=${{ needs.create-release.outputs.released_version }},enable=${{ needs.create-release.outputs.released_version != '0.0.0' }}
	type=semver,pattern={{major}},value=${{ needs.create-release.outputs.released_version }},enable=${{ needs.create-release.outputs.released_version != '0.0.0' }}
	type=raw,value=${{ needs.create-release.outputs.released_sha }},enable=${{ needs.create-release.outputs.released_version == '0.0.0' }}

	- name: Build and publish image
	uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6
	with:
	context: ./${{ env.image_path }}
	platforms: \|
	linux/arm64
	linux/amd64
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	annotations: ${{ steps.meta.outputs.annotations }}
	cache-from: \|
	type=registry,ref=${{ env.image_cache_name }}:${{ env.default_branch }}
	cache-to: \|
	type=registry,ref=${{ env.image_cache_name }}:${{ env.default_branch }},image-manifest=true,oci-mediatypes=true,mode=max,compression=zstd
	secrets: \|
	FETCH_GH_TOKEN=${{ secrets.GITHUB_TOKEN }}
	allow: network.host
	network: host

	- name: Tailscale Disconnect
	if: success() \|\| failure()
	run: sudo -E tailscale logout

	publish-template:
	if: github.event_name == 'workflow_dispatch'
	runs-on: ubuntu-latest
	needs: [create-release, publish-image]
	timeout-minutes: 15
	steps:
	- name: Checkout
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

	- name: Tailscale Connect
	uses: tailscale/github-action@4e4c49acaa9818630ce0bd7a564372c17e33fb4d # v2
	with:
	oauth-client-id: ${{ secrets.TAILSCALE_OAUTH_CLIENT_ID }}
	oauth-secret: ${{ secrets.TAILSCALE_OAUTH_SECRET }}
	tags: tag:github-action-ci-runner
	# renovate: datasource=github-releases depName=tailscale/tailscale
	version: "1.68.1"

	- name: Tailscale Debug
	if: ${{ (github.event.inputs.verbosity \|\| env.default_verbosity) >= 1 }}
	shell: bash
	run: \|
	sudo -E tailscale netcheck --verbose 2>&1 \| sed -f .output-filter
	echo
	sudo -E tailscale status 2>&1 \| sed -f .output-filter
	echo
	sudo -E tailscale status --json --peers=false 2>&1 \| sed -f .output-filter
	echo

	- name: Login to Coder
	id: login
	env:
	CODER_URL: "${{ secrets.CODER_URL }}"
	shell: bash
	# yamllint disable-line rule:indentation
	run: \|
	while ! curl -fsSL ${CODER_URL} > /dev/null; do
	echo "Waiting for coder service to be ready... sleep 5s!"
	sleep 5
	done
	echo "Coder service is accepting connections..."
	echo

	echo "Generating authentication token..."
	export CODER_SESSION_TOKEN=$(curl -X POST ${CODER_URL}/api/v2/users/login \
	-H 'Content-Type: application/json' \
	-H 'Accept: application/json' \
	--data '{"email": "'${{ secrets.CODER_EMAIL }}'", "password": "'${{ secrets.CODER_PASSWORD }}'"}' \
	\| jq -r .session_token)
	echo "::add-mask::${CODER_SESSION_TOKEN}"
	if [[ -z "${CODER_SESSION_TOKEN}" \|\| "${CODER_SESSION_TOKEN}" = "null" ]]; then
	echo "Error generating coder authentication token."
	exit 1
	fi
	echo "Authentication token generated."
	echo
	echo "Determining coder version..."
	export CODER_VERSION=$(curl -fsSL ${CODER_URL}/api/v2/buildinfo \| jq -r .version \| cut -d'+' -f1 \| cut -d'v' -f2)
	echo "Installing coder CLI..."
	curl -fsSL https://coder.com/install.sh \| sh -s -- --method standalone --version "${CODER_VERSION}"
	echo
	echo "Logging into Coder..."
	coder login ${CODER_URL}

	- name: Publish template
	id: publish-template
	env:
	TEMPLATE_DIR: ${{ env.template_path }}
	TEMPLATE_VERSION: "${{ needs.create-release.outputs.released_version != '0.0.0' && needs.create-release.outputs.released_version \|\| needs.create-release.outputs.released_sha }}"
	WORKSPACE_IMAGE: "${{ env.image_name }}:${{ needs.create-release.outputs.released_version != '0.0.0' && needs.create-release.outputs.released_version \|\| needs.create-release.outputs.released_sha }}"
	shell: bash
	# yamllint disable-line rule:indentation
	run: \|
	if echo $TEMPLATE_VERSION \| grep -E '[0-9]+\.[0-9]+\.[0-9]+'; then
	export TEMPLATE_NAME="$(echo ${TEMPLATE_DIR} \| cut -d/ -f3)"
	export RELEASE_MSG="[Release Notes](https://github.com/${{ github.repository }}/releases/tag/v${TEMPLATE_VERSION})"
	else
	export TEMPLATE_NAME="$(echo ${TEMPLATE_DIR} \| cut -d/ -f3)-test"
	export RELEASE_MSG="[Changes](https://github.com/${{ github.repository }}/commit/${TEMPLATE_VERSION})"
	fi
	echo "Publishing template ${TEMPLATE_DIR} as ${TEMPLATE_NAME}..."
	set -x
	coder template push \
	--directory ${TEMPLATE_DIR} \
	--var workspace_image=${WORKSPACE_IMAGE} \
	--name ${TEMPLATE_VERSION} \
	--message "${RELEASE_MSG}" \
	--yes \
	${TEMPLATE_NAME}
	set +x
	echo
	echo "Confirming template has been published..."
	coder templates list --output json > /tmp/templates.json
	export SELECTED_TEMPLATE=$(cat /tmp/templates.json \| jq -r '.[] \| select(.Template.name == "'${TEMPLATE_NAME}'")')
	if [[ -z $SELECTED_TEMPLATE ]]; then
	echo "Could not find any template published as $TEMPLATE_NAME."
	exit 1
	fi
	echo "Template has been published successfully."

	- name: Tailscale Disconnect
	if: success() \|\| failure()
	run: sudo -E tailscale logout

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

release #81

Workflow file

release #81

Jobs

Run details

Workflow file for this run