Commit b5cf079
Consolidate release artifacts, simplify release_tag usage, fix release creation order, and modernize with JavaScript (#10490)
* Initial plan
* Initial plan for merging docker-image steps into release job
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
* Merge docker-image steps into release job
- Moved Docker Buildx setup, login, metadata extraction, build/push, SBOM generation, and attestation steps into the release job
- Removed the separate docker-image job that was downloading binaries from the release
- Docker image now built using locally built binaries from dist/ directory
- Updated release job permissions already include packages: write for Docker push
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
* Merge generate-sbom steps into release job
- Added Go setup and module download steps
- Added SBOM generation (SPDX and CycloneDX formats)
- Added SBOM secrets audit step
- Added SBOM artifact upload and release attachment
- Removed separate generate-sbom job
- SBOM generation now happens immediately after binary build in same job
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
* Simplify release_tag usage by removing redundant output
- Removed release_tag output from release job (line 119)
- Removed release_tag assignment in get_release step (line 179)
- Updated agent job to use needs.config.outputs.release_tag directly (line 288)
- Eliminates unnecessary pass-through of release_tag value from config to release to agent
- All jobs now consistently reference needs.config.outputs.release_tag
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
* Fix release creation order: build all artifacts before publishing
- Removed gh-extension-precompile action (was creating release too early)
- Added direct binary build step using scripts/build-release.sh
- Removed intermediate "Set draft mode", "Upload checksums", "Attach SBOM" steps
- Added final "Create GitHub release" step that creates release with all artifacts
- Release now created AFTER binaries, SBOMs, and Docker image are all built
- All artifacts attached atomically: dist/*, sbom.spdx.json, sbom.cdx.json
- Draft mode handled correctly with --draft flag at creation time
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
* Rewrite compute release configuration step in JavaScript
- Replaced bash script with actions/github-script@v7
- Uses GitHub REST API to fetch latest release instead of gh CLI
- More concise and readable with JavaScript syntax
- Eliminated need for GH_TOKEN env var (provided by github-script)
- Same functionality: computes next version for workflow_dispatch or uses tag from push event
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
* Use release ID to fetch release data and revert action version downgrade
- Changed agent setup to use gh api with release ID instead of gh release view with tag
- Using release ID works correctly for draft releases (gh release view may fail)
- Reverted action_pins.json to restore actions/github-script@v7.1.0 (was incorrectly downgraded to v7.0.1)
- Maintains compatibility with draft release workflow
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: Peli de Halleux <pelikhan@users.noreply.github.com>1 parent 085e057 commit b5cf079
3 files changed
Lines changed: 259 additions & 410 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
45 | 45 | | |
46 | 46 | | |
47 | 47 | | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
48 | 53 | | |
49 | 54 | | |
50 | 55 | | |
| |||
0 commit comments