Merge pull request #3771 from rancher/githubaction-go-generate-2025-0… #428
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI workflow | |
on: | |
push: | |
branches: | |
- 'release/v*' | |
tags: | |
- '*' | |
paths-ignore: | |
- '**.md' | |
- 'CODEOWNERS' | |
- 'LICENSE' | |
- 'docs/**' | |
pull_request: | |
branches: | |
- 'release/v*' | |
paths-ignore: | |
- '**.md' | |
- 'CODEOWNERS' | |
- 'LICENSE' | |
- 'docs/**' | |
jobs: | |
ci: | |
permissions: | |
contents: read | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Run golangci-lint | |
uses: golangci/golangci-lint-action@v6 | |
with: | |
version: v1.58 | |
- name: Run CI | |
run: | | |
./scripts/ci | |
ls -lR build/bin | |
env: | |
CROSS: 1 | |
TAG: ${{ startsWith(github.ref, 'refs/tags/') && github.ref_name || '' }} | |
- name: Generate sha256 file for release | |
if: github.event_name == 'push' && github.ref_type == 'tag' | |
run: | | |
upload_folder="./build/bin" | |
for filename in $upload_folder/*; do | |
sum_file=$(sha256sum $filename) | |
sum=$(echo $sum_file | awk '{print $1}') | |
file_path=$(echo $sum_file | awk '{print $2}') | |
file=${file_path#"$upload_folder/"} | |
echo "$sum $file" >> ./build/bin/sha256sum.txt | |
done | |
- name: Upload rke bin artifacts | |
if: github.event_name == 'push' && github.ref_type == 'tag' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: rke-binaries-${{ github.run_number }}-${{ github.run_attempt }} | |
path: build/bin/* | |
if-no-files-found: error | |
retention-days: 1 | |
integration-ci: | |
permissions: | |
contents: read | |
runs-on: runs-on,runner=4cpu-linux-x64,run-id=${{ github.run_id }} | |
timeout-minutes: 30 | |
if: github.event_name == 'pull_request' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Run CI | |
run: | | |
./scripts/integration-ci | |
github-pre-release: | |
permissions: | |
contents: write | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
needs: ci | |
if: github.event_name == 'push' && github.ref_type == 'tag' && (contains(github.ref_name, 'rc') || contains(github.ref_name, 'alpha')) | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Download rke bin artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: rke-binaries-${{ github.run_number }}-${{ github.run_attempt }} | |
path: build/bin | |
- name: Create pre-release | |
run: | | |
gh release create ${{ github.ref_name }} -p --verify-tag --title "Pre-release ${{ github.ref_name }}" --notes-file build/bin/rke-k8sversions.txt build/bin/* | |
env: | |
GH_TOKEN: ${{ github.token }} | |
github-release: | |
permissions: | |
contents: write | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
needs: ci | |
if: github.event_name == 'push' && github.ref_type == 'tag' && !(contains(github.ref_name, 'rc') || contains(github.ref_name, 'alpha')) | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Download rke bin artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: rke-binaries-${{ github.run_number }}-${{ github.run_attempt }} | |
path: build/bin | |
- name: Create release | |
run: | | |
gh release create ${{ github.ref_name }} --verify-tag --title "Release ${{ github.ref_name }}" --notes-file build/bin/rke-k8sversions.txt build/bin/* | |
env: | |
GH_TOKEN: ${{ github.token }} | |
dispatch: | |
permissions: | |
contents: read | |
id-token: write | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
needs: ci | |
if: github.event_name == 'push' && github.ref_type == 'tag' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Retrieve token from vault | |
uses: rancher-eio/read-vault-secrets@main | |
with: | |
secrets: | | |
secret/data/github/repo/${{ github.repository }}/github-token/credentials token | PAT_TOKEN ; | |
- name: Run dispatch | |
run: | | |
case ${{ github.ref_name }} in | |
"v1.4"*) | |
ACTION_TARGET_BRANCH="release/v2.7" | |
;; | |
"v1.5"*) | |
ACTION_TARGET_BRANCH="release/v2.8" | |
;; | |
"v1.6"*) | |
ACTION_TARGET_BRANCH="release/v2.9" | |
;; | |
"v1.7"*) | |
ACTION_TARGET_BRANCH="release/v2.10" | |
;; | |
"v1.8"*) | |
ACTION_TARGET_BRANCH="main" | |
;; | |
*) | |
echo "Not a valid tag, not dispatching event" | |
exit 0 | |
esac | |
echo "Running on $ACTION_TARGET_BRANCH" | |
gh workflow run "Go get" --repo rancher/rancher --ref $ACTION_TARGET_BRANCH -F goget_module=github.com/rancher/rke -F goget_version=${{ github.ref_name }} -F source_author=${{ github.actor }} | |
env: | |
GH_TOKEN: ${{ env.PAT_TOKEN }} |