Refactor release workflow to use Docker and remove GoReleaser #31
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, Push Docker Image, and Create Release | |
| on: | |
| push: | |
| tags: | |
| - 'v[0-9]+.[0-9]+.[0-9]+' | |
| workflow_dispatch: | |
| env: | |
| DOCKERFILE_PATH: docker/release.dockerfile | |
| IMAGE_NAME: ghcr.io/${{ github.repository }} | |
| PLATFORM: linux/amd64,linux/arm64 | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Generate Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=raw,value=latest | |
| type=raw,value=${{ github.ref_name }} | |
| labels: | | |
| maintainer=${{ github.actor }} | |
| org.opencontainers.image.title=GoDash | |
| org.opencontainers.image.licenses=MIT | |
| org.opencontainers.image.description=GoDash: A customizable dashboard built with Go | |
| org.opencontainers.image.vendor=${{ github.repository_owner }} | |
| org.opencontainers.image.version=${{ github.ref_name }} | |
| org.opencontainers.image.revision=${{ github.sha }} | |
| org.opencontainers.image.source=https://github.com/${{ github.repository }} | |
| org.opencontainers.image.authors=${{ github.actor }} | |
| org.opencontainers.image.url=https://github.com/${{ github.repository }} | |
| org.opencontainers.image.documentation=https://github.com/${{ github.repository }}#readme | |
| org.opencontainers.image.created=${{ steps.build-vars.outputs.BUILD_TIME }} | |
| org.opencontainers.image.ref.name=${{ github.ref_name }} | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set build variables | |
| id: build-vars | |
| run: | | |
| # Validate tag format | |
| if [[ ! "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| echo "Invalid tag format: ${{ github.ref_name }}" | |
| exit 1 | |
| fi | |
| APP_VERSION="${{ github.ref_name }}" | |
| BUILD_TIME=$(date -u +'%Y-%m-%dT%H:%M:%SZ') | |
| REPO_URL="https://github.com/${{ github.repository }}" | |
| INITIAL_COMMIT=$(git rev-list --max-parents=0 HEAD) | |
| echo "APP_VERSION=${APP_VERSION}" | |
| echo "BUILD_TIME=${BUILD_TIME}" | |
| echo "REPO_URL=${REPO_URL}" | |
| echo "APP_VERSION=${APP_VERSION}" >> $GITHUB_OUTPUT | |
| echo "BUILD_TIME=${BUILD_TIME}" >> $GITHUB_OUTPUT | |
| echo "REPO_URL=${REPO_URL}" >> $GITHUB_OUTPUT | |
| echo "INITIAL_COMMIT=${INITIAL_COMMIT}" >> $GITHUB_OUTPUT | |
| - name: Build and push Docker image | |
| id: docker | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ${{ env.DOCKERFILE_PATH }} | |
| platforms: ${{ env.PLATFORM }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| provenance: true | |
| sbom: true | |
| build-args: | | |
| APP_VERSION=${{ steps.build-vars.outputs.APP_VERSION }} | |
| BUILD_TIME=${{ steps.build-vars.outputs.BUILD_TIME }} | |
| REPO=${{ steps.build-vars.outputs.REPO_URL }} | |
| secrets: | | |
| GIT_AUTH_TOKEN=${{ secrets.GITHUB_TOKEN }} | |
| - name: Capture Docker digest | |
| run: echo "IMAGE_DIGEST=${{ steps.docker.outputs.digest }}" >> $GITHUB_ENV | |
| - name: Gather commits since last tag | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -e | |
| LAST_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "") | |
| echo "Last tag: ${LAST_TAG:-'None (first release)'}" | |
| ENDPOINT="/repos/${{ github.repository }}/compare/${LAST_TAG:-$(git rev-list --max-parents=0 HEAD)}...HEAD" | |
| gh api "$ENDPOINT" --jq '.commits[]? | "- \(.commit.message | split("\n")[0]) ([\(.sha[0:7])](https://github.com/${{ github.repository }}/commit/\(.sha))) by @\(.author.login // .commit.author.name)"' > /tmp/commits.txt || exit 1 | |
| echo "COMMITS<<EOF" >> $GITHUB_ENV | |
| cat /tmp/commits.txt >> $GITHUB_ENV | |
| echo "EOF" >> $GITHUB_ENV | |
| echo "PREVIOUS_TAG=${LAST_TAG}" >> $GITHUB_ENV | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: ${{ github.ref_name }} | |
| name: 'Release ${{ github.ref_name }}' | |
| body: | | |
| ## Docker Image | |
| ```bash | |
| docker pull ${{ env.IMAGE_NAME }}:${{ github.ref_name }} | |
| ``` | |
| **Image digest:** | |
| ``` | |
| ${{ env.IMAGE_NAME }}:${{ github.ref_name }}@${{ env.IMAGE_DIGEST }} | |
| ``` | |
| ## Build Information | |
| - **Version**: `${{ steps.build-vars.outputs.APP_VERSION }}` | |
| - **Build Time**: `${{ steps.build-vars.outputs.BUILD_TIME }}` | |
| - **Repository**: [${{ steps.build-vars.outputs.REPO_URL }}](${{ steps.build-vars.outputs.REPO_URL }}) | |
| - **Platform**: `linux/amd64` | |
| - **Attestations**: SLSA Provenance, SBOM | |
| ## Changes in This Release | |
| ${{ env.COMMITS }} | |
| --- | |
| **Full Changelog**: https://github.com/${{ github.repository }}/compare/${{ env.PREVIOUS_TAG != '' && env.PREVIOUS_TAG || steps.build-vars.outputs.INITIAL_COMMIT }}...${{ github.ref_name }} | |
| files: | | |
| ${{ steps.docker.outputs.sbom }} | |
| ${{ steps.docker.outputs.provenance }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |