Skip to content

Commit 554b6d0

Browse files
tenthirtyamtenthirtyam
committed
chore(gh): update release
Update release workflow to work with SSO-enabled organization requirements. Signed-off-by: Ryan Johnson <[email protected]>
1 parent 7aad204 commit 554b6d0

File tree

1 file changed

+8
-17
lines changed

1 file changed

+8
-17
lines changed

.github/workflows/govmomi-release.yaml

Lines changed: 8 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -27,20 +27,19 @@ jobs:
2727
release:
2828
name: Create Release
2929
runs-on: ubuntu-latest
30+
permissions:
31+
contents: write
3032
timeout-minutes: 60
3133
outputs:
3234
latesttag: ${{ steps.tag.outputs.islatest }}
33-
3435
steps:
3536
- name: Docker Login
3637
run: docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }}
37-
3838
- name: Checkout Repository
3939
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
4040
with:
4141
fetch-depth: 0 # for CHANGELOG
4242
ref: ${{ github.ref }} # branch provided on dispatch
43-
4443
- name: Validate Branch and Tag
4544
run: |
4645
# do not allow release on main branch
@@ -63,12 +62,10 @@ jobs:
6362
6463
# set tag environment variable
6564
echo "TAG=${{ inputs.tag }}" >> $GITHUB_ENV
66-
6765
- name: Setup Go
6866
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
6967
with:
7068
go-version: '1.23'
71-
7269
- name: Update version.go
7370
run: |
7471
# strip semantic v
@@ -85,7 +82,6 @@ jobs:
8582
# commit changes
8683
git add internal/version/version.go
8784
git commit -s -m "chore: Update version.go for ${TAG}"
88-
8985
- name: Create Tag
9086
id: tag
9187
run: |
@@ -101,12 +97,13 @@ jobs:
10197
else
10298
echo "islatest=false >> $GITHUB_OUTPUT"
10399
fi
104-
105100
- name: Push to Release Branch
106101
if: ${{ !inputs.dryrun }}
102+
env:
103+
GOVMOMI_RELEASE: ${{ secrets.GOVMOMI_RELEASE }}
107104
run: |
105+
git remote set-url origin https://x-access-token:${GOVMOMI_RELEASE}@github.com/${{ github.repository }}
108106
git push --atomic --follow-tags origin ${{ github.ref }}
109-
110107
- name: Create Release CHANGELOG
111108
env:
112109
IMAGE: quay.io/git-chglog/git-chglog
@@ -115,7 +112,6 @@ jobs:
115112
run: |
116113
# generate CHANGELOG for this Github release tag only
117114
docker run --rm -v $PWD:/workdir ${IMAGE}@sha256:${IMAGE_SHA} -o RELEASE_CHANGELOG.md --sort semver --tag-filter-pattern '^v[0-9]+' ${TAG}
118-
119115
- name: Archive CHANGELOG
120116
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
121117
continue-on-error: true
@@ -124,7 +120,6 @@ jobs:
124120
path: |
125121
./RELEASE_CHANGELOG.md
126122
retention-days: 14
127-
128123
- name: Simulate Release without Pushing Artifacts
129124
if: ${{ inputs.dryrun }}
130125
uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # v6.3.0
@@ -133,31 +128,29 @@ jobs:
133128
with:
134129
version: latest
135130
args: release --snapshot --clean --release-notes RELEASE_CHANGELOG.md
136-
137131
- name: Create Release
138132
if: ${{ !inputs.dryrun }}
139133
uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # v6.3.0
140134
env:
141-
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
135+
GITHUB_TOKEN: ${{ secrets.GOVMOMI_RELEASE }}
142136
with:
143137
version: latest
144138
args: release --clean --release-notes RELEASE_CHANGELOG.md # will push artefacts and container images
145-
146139
pull-request:
147140
needs: release
148141
name: Create CHANGELOG.md PR
149142
runs-on: ubuntu-latest
143+
permissions:
144+
contents: write
150145
continue-on-error: true
151146
# Only update CHANGELOG for latest semver tag.
152147
if: ${{ !inputs.dryrun && needs.release.outputs.latesttag == 'true' }}
153-
154148
steps:
155149
- name: Checkout Repository
156150
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
157151
with:
158152
fetch-depth: 0 # for CHANGELOG
159153
ref: main
160-
161154
- name: Commit CHANGELOG
162155
env:
163156
IMAGE: quay.io/git-chglog/git-chglog
@@ -166,7 +159,6 @@ jobs:
166159
run: |
167160
# update CHANGELOG
168161
docker run --rm -v $PWD:/workdir ${IMAGE}@sha256:${IMAGE_SHA} -o CHANGELOG.md --sort semver --tag-filter-pattern '^v[0-9]+' -t .chglog/CHANGELOG.tpl.md
169-
170162
- name: Create Pull Request
171163
id: cpr
172164
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
@@ -181,7 +173,6 @@ jobs:
181173
182174
> **Note**
183175
> Due to a [limitation](https://github.com/peter-evans/create-pull-request/blob/master/docs/concepts-guidelines.md#triggering-further-workflow-runs) in Github Actions please **close and immediately reopen** this PR to trigger the required workflow checks before merging.
184-
185176
- name: Pull Request Information
186177
run: |
187178
echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"

0 commit comments

Comments
 (0)