Skip to content

Automated Release

Automated Release #67

Workflow file for this run

# SPDX-FileCopyrightText: The matrix-alertmanager-receiver Authors
# SPDX-License-Identifier: GPL-3.0-or-later
name: Automated Release
on:
schedule:
- cron: 35 5 * * WED
workflow_dispatch:
jobs:
release:
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- id: checkout
name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- id: last_release
name: Fetch last release info
run: echo "tag=$(gh release view --json tagName --jq '.tagName')" >> $GITHUB_OUTPUT
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- id: commits
name: Count Commits
run: echo "count=$(git rev-list --count ${{ steps.last_release.outputs.tag }}..HEAD -- go.mod main.go internal)" >> $GITHUB_OUTPUT
- id: release
name: Create Release Version
if: steps.commits.outputs.count > 0
run: echo "version=$(date +'%Y.%-m.%-d')" >> $GITHUB_OUTPUT
- id: tag
name: Create Release Tag
if: steps.commits.outputs.count > 0
uses: EndBug/latest-tag@latest
with:
ref: ${{ steps.release.outputs.version }}
- id: setup_go
name: Set up Go
if: steps.commits.outputs.count > 0
uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: true
- id: import_gpg
name: Import GPG key
if: steps.commits.outputs.count > 0
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPG_SECRET_KEY_BASE64 }}
passphrase: ${{ secrets.GPG_SECRET_KEY_PASSWORD }}
- id: cosign-install
if: steps.commits.outputs.count > 0
name: Install Cosign
uses: sigstore/cosign-installer@v3
- id: buildx
if: steps.commits.outputs.count > 0
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- id: dockerhub_login
if: steps.commits.outputs.count > 0
name: Login to Dockerhub
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- id: goreleaser
name: Run GoReleaser
if: steps.commits.outputs.count > 0
uses: goreleaser/goreleaser-action@v5
with:
version: latest
args: release --clean
env:
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- id: timestamp
if: steps.commits.outputs.count > 0
name: Create Timestamp
run: echo "date=$(date --rfc-3339=seconds)" >> $GITHUB_OUTPUT
- id: publish
if: steps.commits.outputs.count > 0
name: Publish Image
uses: docker/build-push-action@v5
with:
builder: ${{ steps.buildx.outputs.name }}
context: .
file: ./Dockerfile
push: true
tags: |
docker.io/metio/matrix-alertmanager-receiver:latest
docker.io/metio/matrix-alertmanager-receiver:${{ steps.release.outputs.version }}
labels: |
org.opencontainers.image.title=matrix-alertmanager-receiver
org.opencontainers.image.licenses=GPLv3
org.opencontainers.image.vendor=metio
org.opencontainers.image.url=https://github.com/${{ github.repository }}
org.opencontainers.image.documentation=https://github.com/${{ github.repository }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}
org.opencontainers.image.version=${{ steps.release.outputs.version }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.created=${{ steps.timestamp.outputs.date }}
cache-from: type=registry,ref=metio/matrix-alertmanager-receiver:buildcache
cache-to: type=registry,ref=metio/matrix-alertmanager-receiver:buildcache,mode=max
sbom: true
provenance: true
- id: sign
if: steps.commits.outputs.count > 0
name: Sign Image
run: |
cosign sign \
--yes \
--annotations "repo=${{ github.repository }}" \
--annotations "workflow=${{ github.workflow }}" \
--annotations "ref=${{ github.sha }}" \
docker.io/metio/matrix-alertmanager-receiver@${{ steps.publish.outputs.digest }}
- id: documentation
name: Docker Hub Description
if: steps.commits.outputs.count > 0
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ vars.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
repository: metio/matrix-alertmanager-receiver
short-description: ${{ github.event.repository.description }}
readme-filepath: ./README.dockerhub.md
- id: mail
name: Send Mail
if: steps.commits.outputs.count > 0
uses: dawidd6/action-send-mail@v3
with:
server_address: ${{ secrets.MAIL_SERVER }}
server_port: ${{ secrets.MAIL_PORT }}
username: ${{ secrets.MAIL_USERNAME }}
password: ${{ secrets.MAIL_PASSWORD }}
subject: ${{ github.event.repository.name }} version ${{ steps.release.outputs.version }} published
body: See https://github.com/${{ github.repository }}/releases/tag/${{ steps.release.outputs.version }} for details.
to: ${{ secrets.MAIL_RECIPIENT }}
from: ${{ secrets.MAIL_SENDER }}
- id: matrix
name: Send Matrix Message
if: steps.commits.outputs.count > 0
uses: s3krit/[email protected]
with:
room_id: ${{ secrets.MATRIX_ROOM_ID }}
access_token: ${{ secrets.MATRIX_ACCESS_TOKEN }}
message: ${{ github.event.repository.name }} version [${{ steps.release.outputs.version }}](https://github.com/${{ github.repository }}/releases/tag/${{ steps.release.outputs.version }}) published
server: ${{ secrets.MATRIX_SERVER }}