-
Notifications
You must be signed in to change notification settings - Fork 880
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revamp release automation #1250
Commits on Aug 14, 2023
-
release: outline release logic using GoReleaser
This adds the base for releasing using GoReleaser going forward in a backwards compatible manner, which means: - Publishing of artifacts in the same formats as previous releases - Publishing of RPM and deb artifacts in the same formats as previous releases (although the metadata may need a bit of tweaking) In addition, it includes: - SBOM inclusion per binary artifact It still needs work around: - Artifact signing - SLSA compliance - Docker images - GitHub release - Changelog generation - GitHub Action workflow Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 02de4a8 - Browse repository at this point
Copy the full SHA 02de4a8View commit details -
release: configure build of Docker images
GoReleaser requires specifically crafted Dockerfiles as the build context is dynamically constructed. For more information, refer to https://goreleaser.com/errors/docker-build/#do and other documentation around Docker image templates and manifests. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for b5b3760 - Browse repository at this point
Copy the full SHA b5b3760View commit details -
release: sign checksum file and images with cosign
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 138d9fe - Browse repository at this point
Copy the full SHA 138d9feView commit details -
release: enable GitHub native note generation
This appears to be the best option at present to e.g. celebrate new contributors while also allowing things to be grouped by pull request label. For more information, see xrefs in patch. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 947979b - Browse repository at this point
Copy the full SHA 947979bView commit details -
release: add release configuration
This still needs further configuration of at least the `.header` field. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 2186d1e - Browse repository at this point
Copy the full SHA 2186d1eView commit details -
release: publish container images to GHCR and Quay
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 9907309 - Browse repository at this point
Copy the full SHA 9907309View commit details -
release: download modules and check dirty state
Plus a tiny nit to not have to pass `--yes` to Cosign everywhere, and enabling of size reporting. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 22fb5f0 - Browse repository at this point
Copy the full SHA 22fb5f0View commit details -
build: outline new release workflow
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 10c827d - Browse repository at this point
Copy the full SHA 10c827dView commit details -
release: remove stale Make target utilities
These are no longer required, as they are now handled by GoReleaser or no longer under our control (`make_download_page.sh`). Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 986a4c2 - Browse repository at this point
Copy the full SHA 986a4c2View commit details -
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 12c6e3f - Browse repository at this point
Copy the full SHA 12c6e3fView commit details -
release: refactor backwards compatible artifacts
Which in turn solves the generation of the checksum file. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for cf05f48 - Browse repository at this point
Copy the full SHA cf05f48View commit details -
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 0411c7d - Browse repository at this point
Copy the full SHA 0411c7dView commit details -
release: further improve build flags
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 31823b0 - Browse repository at this point
Copy the full SHA 31823b0View commit details -
release: pin GoReleaser version
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 30abe25 - Browse repository at this point
Copy the full SHA 30abe25View commit details -
release: artifact, SBOM and container provenance
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 0e585a1 - Browse repository at this point
Copy the full SHA 0e585a1View commit details -
release: backwards compatible tag fmt, changelog
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for feb34a0 - Browse repository at this point
Copy the full SHA feb34a0View commit details -
release: further solve backwards compatible names
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for fe45a84 - Browse repository at this point
Copy the full SHA fe45a84View commit details -
build: remove obsolete Dockerfiles
These were only part of the release process, and now continue to exist in `.release/*`. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for feb7d43 - Browse repository at this point
Copy the full SHA feb7d43View commit details -
release: tweak signature and certificate filenames
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 3deb00e - Browse repository at this point
Copy the full SHA 3deb00eView commit details -
release: disable Go cache for workflow
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 5276fcf - Browse repository at this point
Copy the full SHA 5276fcfView commit details -
release: improve release notes
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for cd23b73 - Browse repository at this point
Copy the full SHA cd23b73View commit details -
release: remove DockerHub release util script
As it has been replaced with GoReleaser. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for bf884fa - Browse repository at this point
Copy the full SHA bf884faView commit details -
build: add
release-snapshot
Make targetThis allows you to run the release locally, without publishing or signing, against the current state of the repository. There are some more improvements I would like to make to the `Makefile` e.g., the deprecation of `golint` and the introduction of a `help` target. But they are out of scope for the current things I am working on. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 13794d7 - Browse repository at this point
Copy the full SHA 13794d7View commit details -
docs: briefly outline release procedure
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 8f2333c - Browse repository at this point
Copy the full SHA 8f2333cView commit details -
release: update GoReleaser to 1.20.0
Which now allows us to set the `mod_timestamp` on universal binaries. Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for cbcd73d - Browse repository at this point
Copy the full SHA cbcd73dView commit details -
release: further improvements based on feedback
- Describe difference between Debian (slim) and Alpine image - Add `-o text` flag to `cosign verify` example to print readable text instead of JSON blob - Fix typo in one of the `ghcr.io` domains - Use correct OCI annotation for image "title" Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Configuration menu - View commit details
-
Copy full SHA for 79bbb22 - Browse repository at this point
Copy the full SHA 79bbb22View commit details