From 8c245b22d2267b9d6bbbce378389a15688c60176 Mon Sep 17 00:00:00 2001
From: Jeremy Facchetti <facchettos@gmail.com>
Date: Thu, 16 May 2024 13:34:16 +0200
Subject: [PATCH] added release pipeline

---
 .github/workflows/release.yaml | 95 ++++++++++++++++++++++++++++++++++
 1 file changed, 95 insertions(+)
 create mode 100644 .github/workflows/release.yaml

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
new file mode 100644
index 00000000..fa839268
--- /dev/null
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,95 @@
+name: Release
+
+on:
+  release:
+    types: [created]
+
+permissions:
+  contents: read
+
+jobs:
+  publish-image:
+    if: startsWith(github.ref, 'refs/tags/v') == true
+    runs-on: ubuntu-22.04
+
+    permissions:
+      id-token: write # This is the key for OIDC cosign!
+      packages: write
+      contents: read
+
+    steps:
+      - uses: actions/checkout@v3
+      - uses: sigstore/cosign-installer@main
+        with:
+          cosign-release: "v2.0.2"
+      - id: get_version
+        run: |
+          RELEASE_VERSION=$(echo $GITHUB_REF | sed -nE 's!refs/tags/!!p')
+          echo "::set-output name=release_version::$RELEASE_VERSION"
+      - name: Get Docker tags
+        id: docker_meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ghcr.io/loft-sh/rancher-nodeless-plugin
+          tags: |
+            type=semver,pattern={{version}}
+            type=raw,value=latest
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Login to ghcr.io
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: loft-sh
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push the hooks
+        working-directory: ./examples/hooks
+        id: docker_build
+        uses: docker/build-push-action@v4
+        with:
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: "ghcr.io/loft-sh/vcluster-example-hooks:${{steps.get_version.outputs.release_version}}"
+          labels: ${{ steps.docker_meta.outputs.labels }}
+      - name: Images digests for 
+        run: echo ${{ steps.docker_build.outputs.digest }}
+      - name: Build and push the bootstrap
+        id: docker_build
+        working-directory: ./examples/bootstrap-with-deployment
+        uses: docker/build-push-action@v4
+        with:
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: "ghcr.io/loft-sh/vcluster-example-bootstrap-bootstrap-with-deployment:${{steps.get_version.outputs.release_version}}"
+          labels: ${{ steps.docker_meta.outputs.labels }}
+      - name: Images digests for bootstrap
+        run: echo ${{ steps.docker_build.outputs.digest }}
+      - name: Build and push import secret
+        working-directory: ./examples/import-secrets
+        id: docker_build
+        uses: docker/build-push-action@v4
+        with:
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: "ghcr.io/loft-sh/vcluster-example-import-secrets:${{steps.get_version.outputs.release_version}}"
+          labels: ${{ steps.docker_meta.outputs.labels }}
+      - name: Images digests for import secret
+        run: echo ${{ steps.docker_build.outputs.digest }}
+      - name: Build and push crd sync
+        working-directory: ./examples/crd-sync
+        id: docker_build
+        uses: docker/build-push-action@v4
+        with:
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: "ghcr.io/loft-sh/vcluster-example-crd-sync:${{steps.get_version.outputs.release_version}}"
+          labels: ${{ steps.docker_meta.outputs.labels }}
+      - name: Images digests for crd sync
+        run: echo ${{ steps.docker_build.outputs.digest }}
+