Skip to content

Commit 64e24b0

Browse files
reggie-kreggie-k
committed
calculate params in setup-variables
Signed-off-by: reggie-k <regina.voloshin@codefresh.io>
1 parent 304130a commit 64e24b0

File tree

1 file changed

+23
-10
lines changed

1 file changed

+23
-10
lines changed

.github/workflows/release.yaml

Lines changed: 23 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -10,25 +10,20 @@ on:
1010
permissions: {}
1111

1212
env:
13-
# Image repository configuration - can be overridden in forks
14-
IMAGE_REGISTRY: ${{ vars.IMAGE_REGISTRY || 'quay.io' }}
15-
IMAGE_NAMESPACE: ${{ vars.IMAGE_NAMESPACE || 'argoproj' }}
16-
IMAGE_REPOSITORY: ${{ vars.IMAGE_REPOSITORY || 'argocd' }}
17-
# Fork release control - set to 'true' in fork to enable release workflows
18-
ENABLE_FORK_RELEASES: ${{ vars.ENABLE_FORK_RELEASES || 'false' }}
1913
# renovate: datasource=golang-version packageName=golang
2014
GOLANG_VERSION: '1.25.3' # Note: go-version must also be set in job argocd-image.with.go-version
2115

2216
jobs:
2317
argocd-image:
18+
needs: [setup-variables]
2419
permissions:
2520
contents: read
2621
id-token: write # for creating OIDC tokens for signing.
2722
packages: write # used to push images to `ghcr.io` if used.
2823
if: github.repository == 'argoproj/argo-cd' || (github.repository_owner != 'argoproj' && vars.ENABLE_FORK_RELEASES == 'true' && startsWith(github.ref, 'refs/tags/') && vars.IMAGE_NAMESPACE && vars.IMAGE_NAMESPACE != 'argoproj')
2924
uses: ./.github/workflows/image-reuse.yaml
3025
with:
31-
quay_image_name: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_REPOSITORY }}:${{ github.ref_name }}
26+
quay_image_name: ${{ needs.setup-variables.outputs.quay_image_name }}
3227
# Note: cannot use env variables to set go-version (https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations)
3328
# renovate: datasource=golang-version packageName=golang
3429
go-version: 1.25.3
@@ -45,6 +40,12 @@ jobs:
4540
outputs:
4641
is_pre_release: ${{ steps.var.outputs.is_pre_release }}
4742
is_latest_release: ${{ steps.var.outputs.is_latest_release }}
43+
image_registry: ${{ steps.var.outputs.image_registry }}
44+
image_namespace: ${{ steps.var.outputs.image_namespace }}
45+
image_repository: ${{ steps.var.outputs.image_repository }}
46+
quay_image_name: ${{ steps.var.outputs.quay_image_name }}
47+
provenance_image: ${{ steps.var.outputs.provenance_image }}
48+
sbom_image: ${{ steps.var.outputs.sbom_image }}
4849
steps:
4950
- name: Checkout code
5051
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
@@ -73,9 +74,21 @@ jobs:
7374
fi
7475
echo "is_pre_release=$PRE_RELEASE" >> $GITHUB_OUTPUT
7576
echo "is_latest_release=$IS_LATEST" >> $GITHUB_OUTPUT
77+
78+
# Calculate image names with defaults (single source of truth)
79+
IMAGE_REGISTRY="${{ vars.IMAGE_REGISTRY || 'quay.io' }}"
80+
IMAGE_NAMESPACE="${{ vars.IMAGE_NAMESPACE || 'argoproj' }}"
81+
IMAGE_REPOSITORY="${{ vars.IMAGE_REPOSITORY || 'argocd' }}"
82+
83+
echo "image_registry=$IMAGE_REGISTRY" >> $GITHUB_OUTPUT
84+
echo "image_namespace=$IMAGE_NAMESPACE" >> $GITHUB_OUTPUT
85+
echo "image_repository=$IMAGE_REPOSITORY" >> $GITHUB_OUTPUT
86+
echo "quay_image_name=$IMAGE_REGISTRY/$IMAGE_NAMESPACE/$IMAGE_REPOSITORY:${{ github.ref_name }}" >> $GITHUB_OUTPUT
87+
echo "provenance_image=$IMAGE_REGISTRY/$IMAGE_NAMESPACE/$IMAGE_REPOSITORY" >> $GITHUB_OUTPUT
88+
echo "sbom_image=$IMAGE_REGISTRY/$IMAGE_NAMESPACE/$IMAGE_REPOSITORY:${{ github.ref_name }}" >> $GITHUB_OUTPUT
7689
7790
argocd-image-provenance:
78-
needs: [argocd-image]
91+
needs: [setup-variables, argocd-image]
7992
permissions:
8093
actions: read # for detecting the Github Actions environment.
8194
id-token: write # for creating OIDC tokens for signing.
@@ -84,7 +97,7 @@ jobs:
8497
if: github.repository == 'argoproj/argo-cd' || (github.repository_owner != 'argoproj' && vars.ENABLE_FORK_RELEASES == 'true' && startsWith(github.ref, 'refs/tags/') && vars.IMAGE_NAMESPACE && vars.IMAGE_NAMESPACE != 'argoproj')
8598
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
8699
with:
87-
image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_REPOSITORY }}
100+
image: ${{ needs.setup-variables.outputs.provenance_image }}
88101
digest: ${{ needs.argocd-image.outputs.image-digest }}
89102
secrets:
90103
registry-username: ${{ secrets.RELEASE_QUAY_USERNAME }}
@@ -213,7 +226,7 @@ jobs:
213226
# managers (gomod, yarn, npm).
214227
PROJECT_FOLDERS: '.,./ui'
215228
# full qualified name of the docker image to be inspected
216-
DOCKER_IMAGE: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_REPOSITORY }}:${{ github.ref_name }}
229+
DOCKER_IMAGE: ${{ needs.setup-variables.outputs.sbom_image }}
217230
run: |
218231
yarn install --cwd ./ui
219232
go install github.com/spdx/spdx-sbom-generator/cmd/generator@$SPDX_GEN_VERSION

0 commit comments

Comments
 (0)