mirror of https://github.com/pulumi/pulumi.git
111 lines
3.5 KiB
YAML
111 lines
3.5 KiB
YAML
name: Releases prebuilt CLI binaries
|
|
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
goreleaser-config:
|
|
description: 'Config file for goreleaser; must match the goreleaser-config build.yml was called with'
|
|
required: true
|
|
type: string
|
|
goreleaser-flags:
|
|
description: 'Command-line flags to pass to goreleaser'
|
|
required: true
|
|
type: string
|
|
secrets:
|
|
AWS_ACCESS_KEY_ID:
|
|
description: "AWS key ID for publishing binaries to S3"
|
|
required: true
|
|
AWS_SECRET_ACCESS_KEY:
|
|
description: "AWS secret access key for publishing binaries to S3"
|
|
required: true
|
|
AWS_UPLOAD_ROLE_ARN:
|
|
description: "AWS role for publishing binaries to S3"
|
|
required: true
|
|
INPUT_GITHUB_TOKEN:
|
|
description: "Input GITHUB_TOKEN environment variable"
|
|
required: true
|
|
GORELEASER_KEY:
|
|
description: "Key for GoReleaser PRO"
|
|
required: true
|
|
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.INPUT_GITHUB_TOKEN }}
|
|
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
|
|
|
|
jobs:
|
|
publish-binaries:
|
|
name: Publish Binaries
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
|
|
# Section 0: checkout repo and install dependencies
|
|
- name: Checkout Repo
|
|
uses: actions/checkout@v2
|
|
- name: Fetch Tags
|
|
run: git fetch --quiet --prune --unshallow --tags
|
|
- name: Install pulumictl
|
|
uses: jaxxstorm/action-install-gh-release@v1.7.1
|
|
with:
|
|
repo: pulumi/pulumictl
|
|
tag: v0.0.31
|
|
cache: enable
|
|
# Section 1: configure
|
|
- name: Configure AWS Credentials
|
|
uses: aws-actions/configure-aws-credentials@v1
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-region: us-east-2
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
role-duration-seconds: 3600
|
|
role-external-id: upload-pulumi-release
|
|
role-session-name: pulumi@githubActions
|
|
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
|
|
- name: Download versions.txt
|
|
uses: actions/download-artifact@v2
|
|
with:
|
|
name: versions.txt
|
|
path: versions
|
|
- name: Setup versioning env vars
|
|
run: |
|
|
cat versions/versions.txt | tee $GITHUB_ENV
|
|
rm -rf versions
|
|
|
|
# Section 2: download prebuilt binaries
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: pulumi-Linux-X64
|
|
path: goreleaser-linux
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: pulumi-Linux-ARM64
|
|
path: goreleaser-linux
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: pulumi-macOS-X64
|
|
path: goreleaser-darwin
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: pulumi-macOS-ARM64
|
|
path: goreleaser-darwin
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: pulumi-Windows-X64
|
|
path: goreleaser-windows
|
|
- name: Download pulumi-language-*
|
|
run: |
|
|
./scripts/get-language-providers.sh
|
|
|
|
# Section 3: release with goreleaser
|
|
- name: Run GoReleaser to actually release
|
|
uses: goreleaser/goreleaser-action@v2
|
|
with:
|
|
version: latest
|
|
distribution: goreleaser-pro
|
|
args: -f ${{ inputs.goreleaser-config }} ${{ inputs.goreleaser-flags }}
|
|
- uses: actions/upload-artifact@v3
|
|
with:
|
|
name: goreleaser-artifacts
|
|
path: |
|
|
goreleaser/pulumi-*.zip
|
|
goreleaser/pulumi-*.tar.gz
|