https://github.com/carvel-dev/release-scripts
contains scripts for releasing carvel tools
https://github.com/carvel-dev/release-scripts
carvel
Last synced: 4 months ago
JSON representation
contains scripts for releasing carvel tools
- Host: GitHub
- URL: https://github.com/carvel-dev/release-scripts
- Owner: carvel-dev
- License: apache-2.0
- Created: 2021-09-03T16:23:04.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2025-05-16T18:04:07.000Z (5 months ago)
- Last Synced: 2025-05-16T19:22:18.032Z (5 months ago)
- Topics: carvel
- Language: Shell
- Homepage:
- Size: 255 KB
- Stars: 4
- Watchers: 10
- Forks: 3
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
README
# release-scripts
## Overview
release-scripts contains scripting assets related to distributing carvel's binaries to the various distribution channels. i.e. Homebrew, carvel.dev install.sh script etc.
- .github/ contains github action workflow files
- ./scripts/ contains scripts used by the github action in this repo
- releases.yaml contains all the tools shasums for the latest version (used on the generation of the install.sh)
## How can a tool start using this release process:
1. The following step need to be added to the current release-published.yml of the tools repository
for e.g.
```
- run: |
curl -X POST https://api.github.com/repos/carvel-dev/release-scripts/dispatches \
-H 'Accept: application/vnd.github.everest-preview+json' \
-u ${{ secrets.ACCESS_TOKEN }} \
--data '{"event_type": "_released", "client_payload": { "tagName": "${{ github.event.release.tag_name }}", "repo": "${{ github.repository }}", "toolName": "" }}'
```
Need to change in the above:
- `ACCESS_TOKEN` this secret needs to be one the format username@accessToken and the user needs to have access to execute workflows in this repository
- `` should be replace with the tool name
## How can a new carvel tool start using this release process:
1. Enable in the tool the published workflow and add the [step in this question](#how-can-a-tool-start-using-this-release-process)
2. Edit `releases.yaml` and add the following entry to it:
```yaml
- product: YourProductName
```
3. Release the new tool on the tools Github Repository and the automation will start running
**Note:** This automated release process will make the tool installable via installation script from the website
## Start using the trivy scanning for CLI tools
### Pre-requirements
- The repository has a `./hack/build.sh` script that will build the binaries
### Steps
1. Create a secret named `SLACK_WEBHOOK_URL` that points to a slack webhook or slack workflow.
2. Create a new workflow that looks like this:
```yaml
name: Trivy CVE Dependency Scanner
on:
schedule:
- cron: '0 0 * * *'
jobs:
trivy-scan:
uses: carvel-dev/release-scripts/.github/workflows/trivy-scan.yml@main
with:
repo: carvel-dev/imgpkg
tool: imgpkg
goVersion: 1.17.0
secrets:
githubToken: ${{ secrets.GITHUB_TOKEN }}
slackWebhookURL: ${{ secrets.SLACK_WEBHOOK_URL }}
```