From f42c9260ad33d05749eb9ab54604af432c73d9da Mon Sep 17 00:00:00 2001 From: jeremy cotineau Date: Thu, 31 Oct 2024 16:14:42 +0100 Subject: [PATCH] SONAR-23539 make github action compatible with community build releases --- .github/workflows/release-template.yml | 33 +++++++++++++++++ .github/workflows/release.yml | 51 ++++++++++++++------------ 2 files changed, 60 insertions(+), 24 deletions(-) create mode 100644 .github/workflows/release-template.yml diff --git a/.github/workflows/release-template.yml b/.github/workflows/release-template.yml new file mode 100644 index 000000000..fd6b2064b --- /dev/null +++ b/.github/workflows/release-template.yml @@ -0,0 +1,33 @@ +name: Reusable release job template + +on: + workflow_call: + inputs: + tag: + required: true + type: string + +jobs: + release: + name: Upload Release Asset + runs-on: ubuntu-latest + permissions: + contents: write + id-token: write + steps: + - id: secrets + uses: SonarSource/vault-action-wrapper@3.0.0 + with: + secrets: | + development/kv/data/sign key | gpg_key; + development/kv/data/sign passphrase | gpg_passphrase; + - name: Generate CycloneDX SBOM + uses: SonarSource/gh-action_sbom@v1 + with: + image: "sonarqube:${{ inputs.tag }}" + filename: "sonarqube-${{ inputs.tag }}-bom.json" + upload-artifact: true + upload-release-assets: true + env: + GPG_PRIVATE_KEY_PASSPHRASE: ${{ fromJSON(steps.secrets.outputs.vault).gpg_passphrase }} + GPG_PRIVATE_KEY_BASE64: ${{ fromJSON(steps.secrets.outputs.vault).gpg_key }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 88632c29e..4e237ea6c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,8 +6,9 @@ on: - created jobs: - release: - name: Upload Release Asset + release-9-x: + name: Upload Release Assets for 9-X releases + if: contains(github.event.release.name, '9.') strategy: fail-fast: false matrix: @@ -17,29 +18,31 @@ jobs: - 9-enterprise - 9-datacenter-app - 9-datacenter-search - - 10-community + uses: ./.github/workflows/release-template.yml + with: + tag: ${{ matrix.tag }} + release-10-x: + name: Upload Release Assets for 10-X releases + if: contains(github.event.release.name, '10.') + strategy: + fail-fast: false + matrix: + tag: - 10-developer - 10-enterprise - 10-datacenter-app - 10-datacenter-search - runs-on: ubuntu-latest - permissions: - contents: write - id-token: write - steps: - - id: secrets - uses: SonarSource/vault-action-wrapper@3.0.0 - with: - secrets: | - development/kv/data/sign key | gpg_key; - development/kv/data/sign passphrase | gpg_passphrase; - - name: Generate CycloneDX SBOM - uses: SonarSource/gh-action_sbom@v1 - with: - image: "sonarqube:${{ matrix.tag }}" - filename: "sonarqube-${{ matrix.tag }}-bom.json" - upload-artifact: true - upload-release-assets: true - env: - GPG_PRIVATE_KEY_PASSPHRASE: ${{ fromJSON(steps.secrets.outputs.vault).gpg_passphrase }} - GPG_PRIVATE_KEY_BASE64: ${{ fromJSON(steps.secrets.outputs.vault).gpg_key }} + uses: ./.github/workflows/release-template.yml + with: + tag: ${{ matrix.tag }} + release-community-build: + name: Upload Release Assets for community-build release + if: contains(github.event.release.name, 'community-build') + strategy: + fail-fast: false + matrix: + tag: + - community + uses: ./.github/workflows/release-template.yml + with: + tag: ${{ matrix.tag }} \ No newline at end of file