forked from cert-manager/cert-manager
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild_cert_manager.yaml
37 lines (29 loc) · 1.34 KB
/
build_cert_manager.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# This cloudbuild config file is intended to be triggered when a tag is pushed to the cert-manager repo
# and will build a cert-manager release and push to Google Cloud Storage (GCS).
# The release won't be published automatically; this file just defines the build steps.
# The full release and publish process is documented here:
# https://cert-manager.io/docs/contributing/release-process/
timeout: 2700s # 45m
steps:
# cert-manager relies on the git checkout to determine release version, among other things
# By default, gcb only does a shallow clone, so we need to "unshallow" to get more details
- name: gcr.io/cloud-builders/git
args: ['fetch', '--unshallow']
## Build release artifacts and push to a bucket
- name: 'eu.gcr.io/jetstack-build-infra-images/make-dind:20230406-0ef4440-bullseye'
entrypoint: bash
args:
- -c
- |
set -eu -o pipefail
make vendor-go
make CMREL_KEY="${_KMS_KEY}" RELEASE_TARGET_BUCKET="${_RELEASE_TARGET_BUCKET}" -j16 upload-release
echo "Wrote to ${_RELEASE_TARGET_BUCKET}"
tags:
- "cert-manager-tag-push"
- "ref-${REF_NAME}-${COMMIT_SHA}"
substitutions:
_KMS_KEY: "projects/cert-manager-release/locations/europe-west1/keyRings/cert-manager-release/cryptoKeys/cert-manager-release-signing-key/cryptoKeyVersions/1"
_RELEASE_TARGET_BUCKET: "cert-manager-release"
options:
machineType: N1_HIGHCPU_32