Skip to content

Bump github.com/openziti/storage from 0.3.1 to 0.3.2 in the openziti group across 1 directory #648

Bump github.com/openziti/storage from 0.3.1 to 0.3.2 in the openziti group across 1 directory

Bump github.com/openziti/storage from 0.3.1 to 0.3.2 in the openziti group across 1 directory #648

name: Release Quickstart Workflow
on:
pull_request_target:
types:
- closed
branches:
- main
push:
tags:
- 'v*.*.*'
jobs:
release-quickstart:
name: Release Quickstart Job
# this is only run on the official upstream repo when a PR is merged to the default branch "main" or a release tag
# is pushed; merges to main trigger a quickstart release with a commit SHA suffix featuring the previous ziti binary
# release version, whereas release tag pushes trigger a quickstart release with the same tag name and the same ziti
# binary release version
if: github.repository_owner == 'openziti'
&& (
startsWith(github.ref_name, 'v')
|| (github.event.pull_request.merged == true && contains(github.event.pull_request.labels.*.name, 'quickstartrelease'))
)
runs-on: ubuntu-latest
env:
ZITI_QUICKSTART_IMAGE: ${{ vars.ZITI_QUICKSTART_IMAGE || 'docker.io/openziti/quickstart' }}
# use github.ref, not github.head_ref, because this workflow should only run on merged PRs in the target/base
# branch context, not the PR source branch
GITHUB_REF: ${{ github.ref }}
# user github.sha, not github.pull_request.head.sha, because this workflow should only run on merged PRs in the
# target/base branch, not the PR source branch
GITHUB_SHA: ${{ github.sha }}
steps:
- name: Debug action
uses: hmarr/debug-action@v3.0.0
- name: Wait for other builds to complete
uses: lewagon/wait-on-check-action@v1.3.4
with:
ref: ${{ env.GITHUB_SHA }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
# seconds between polling the checks api for job statuses
wait-interval: 20
# confusingly, this means "pause this step until all jobs from all workflows in same run have completed"
running-workflow-name: Release Quickstart Job
- name: Checkout Workspace
uses: actions/checkout@v4
- name: Install Go
id: setup-go
uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
- name: Install Ziti CI
uses: openziti/ziti-ci@v1
- name: Set Up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: amd64,arm64
- name: Set Up Docker BuildKit
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
# it is preferable to obtain the username from a var so that
# recurrences of the same string are not masked in CI output
username: ${{ vars.DOCKER_HUB_API_USER || secrets.DOCKER_HUB_API_USER }}
password: ${{ secrets.DOCKER_HUB_API_TOKEN }}
- name: Compute the Ziti Quickstart Version String
id: get_version
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REF_NAME: ${{ github.ref_name }}
shell: bash
run: |
function validateSemver() {
if ! [[ "${1}" =~ ^v?[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "ERROR: ${1} is not a release semver" >&2
return 1
fi
}
if [[ "${GITHUB_REF_NAME}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# Set output parameters for release tags
echo QUICKSTART_VERSION="${GITHUB_REF_NAME}" | tee -a $GITHUB_OUTPUT
elif [[ "${GITHUB_REF_NAME}" =~ ^main$ ]]; then
# compute the latest release version to install in the quickstart image
QUICKSTART_VERSION="$($(go env GOPATH)/bin/ziti-ci -q get-current-version ${ZITI_BASE_VERSION:+--base-version $ZITI_BASE_VERSION})"
# drop the leading 'v', if any
QUICKSTART_VERSION=${QUICKSTART_VERSION#v}
validateSemver "${QUICKSTART_VERSION}"
# Append short SHA to identify quickstart docker images shipped on merge to main
QUICKSTART_VERSION="${QUICKSTART_VERSION}-$(git rev-parse --short ${GITHUB_SHA})"
echo QUICKSTART_VERSION="${QUICKSTART_VERSION}" | tee -a $GITHUB_OUTPUT
else
echo "ERROR: Unexpected GITHUB_REF_NAME=${GITHUB_REF_NAME}" >&2
exit 1
fi
# configure the env var used by the quickstart's Dockerfile to download the correct version of ziti for the
# target architecture of each image build by trimming the hyphenated short sha suffix so that the preceding
# release version of the ziti executable is installed in the quickstart container image
ZITI_OVERRIDE_VERSION=${QUICKSTART_VERSION%-*}
echo ZITI_OVERRIDE_VERSION="${ZITI_OVERRIDE_VERSION}" | tee -a $GITHUB_OUTPUT
# container image tag :latest is published on merge to default branch "main" and on release tags
- name: Configure Quickstart Container
env:
IMAGE_REPO: ${{ env.ZITI_QUICKSTART_IMAGE }}
IMAGE_TAG: ${{ steps.get_version.outputs.QUICKSTART_VERSION }}
id: tagprep_qs
shell: bash
run: |
DOCKER_TAGS="${IMAGE_REPO}:${IMAGE_TAG}"
DOCKER_TAGS+=",${IMAGE_REPO}:latest"
echo DOCKER_TAGS="${DOCKER_TAGS}" | tee -a $GITHUB_OUTPUT
- name: Build & Push Multi-Platform Quickstart Container Image to Hub
uses: docker/build-push-action@v6
with:
builder: ${{ steps.buildx.outputs.name }}
context: ${{ github.workspace }}/quickstart/docker/image
platforms: linux/amd64,linux/arm64
tags: ${{ steps.tagprep_qs.outputs.DOCKER_TAGS }}
build-args: |
ZITI_VERSION_OVERRIDE=${{ steps.get_version.outputs.ZITI_VERSION_OVERRIDE }}
push: true
- name: Configure Python
shell: bash
run: |
pip install --requirement ./dist/cloudfront/get.openziti.io/requirements.txt
python --version
- name: Deploy the CloudFront Function for get.openziti.io
shell: bash
run: python ./dist/cloudfront/get.openziti.io/deploy-cloudfront-function.py
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ vars.AWS_REGION || secrets.AWS_REGION }}