kustomize-pass 0.5.1

kustomize generator and transformer plugin for pass managed secrets
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

name: release
on:
  workflow_dispatch:
    inputs:
      bump-level:
        description: cargo-release bump level
        type: choice
        options:
          - patch
          - minor
          - major
        default: patch
        required: true
jobs:

  cargo-release:
    runs-on: ubuntu-latest
    outputs:
      tag: ${{ steps.extract-git-tag.outputs.tag }}
    steps:
      - run: |
          sudo apt-get update
          sudo apt-get install libgpgme-dev
      - run: cargo install cargo-release
      - uses: actions/checkout@v3
      - name: Configure git identity
        run: |
          git config user.email "github-actions[bot]@users.noreply.github.com"
          git config user.name "github-actions[bot]"
      - name: Execute cargo-release (and cargo-publish)
        run: cargo release -v --no-confirm --execute ${{ inputs.bump-level }}
        env:
          CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
      - id: extract-git-tag
        run: |
          GIT_TAG=$(git describe --exact-match)
          echo "::set-output name=tag::$GIT_TAG"
        shell: bash

  build-binary:
    strategy:
      matrix:
        os:
          - { runner: ubuntu-22.04, bin-suffix: linux-ubuntu-2204 }
          - { runner: ubuntu-20.04, bin-suffix: linux-generic }
    runs-on: ${{ matrix.os.runner }}
    needs: [ cargo-release ]
    steps:
      - run: |
          sudo apt-get update
          sudo apt-get install libgpgme-dev
      - uses: actions/checkout@v3
        with:
          ref: ${{ needs.cargo-release.outputs.tag }}
      - run: cargo build -v --all-features --profile=release
      - run: mv target/release/kustomize-pass target/release/kustomize-pass--${{ matrix.os.bin-suffix }}
      - uses: actions/upload-artifact@v3
        with:
          name: kustomize-pass--${{ matrix.os.bin-suffix }}
          path: target/release/kustomize-pass--${{ matrix.os.bin-suffix }}

  github-release:
    runs-on: ubuntu-latest
    needs: [ cargo-release, build-binary ]
    permissions:
      contents: write
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ needs.cargo-release.outputs.tag }}
      - uses: actions/download-artifact@v3
        with:
          path: ./artifacts
      - run: |
          ls -l artifacts
      - uses: softprops/action-gh-release@v1
        with:
          body_path: changelog.md
          tag_name: ${{ needs.cargo-release.outputs.tag }}
          fail_on_unmatched_files: true
          token: ${{ secrets.GITHUB_TOKEN }}
          files: |
            artifacts/*/kustomize-pass--**

  reset-changelog:
    runs-on: ubuntu-latest
    needs: [ github-release ]
    permissions:
      contents: write
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ github.ref }}
      - run: cp .github/changelog_skeleton.md ./changelog.md
      - uses: stefanzweifel/git-auto-commit-action@v4
        with:
          commit_message: reset changelog for new development iteration
          file_pattern: changelog.md