name: Generate CRDs on: workflow_dispatch: schedule: - cron: "0 3 * * 1" push: branches: [ main ] permissions: contents: write id-token: write jobs: generate-and-publish: runs-on: ubuntu-latest steps: - name: Checkout repo uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '20' registry-url: 'https://registry.npmjs.org' # Force latest NPM to support OIDC correctly # https://github.com/orgs/community/discussions/173102 # Seriously, what the fuck Github. - name: Update NPM run: npm install -g npm@latest - name: Install dependencies run: | npm install -g typescript npm install - name: Fetch binaries & Generate run: | GW_VERSION=$(curl -s https://api.github.com/repos/kubernetes-sigs/gateway-api/releases/latest | jq -r .tag_name) echo "GW_VERSION=$GW_VERSION" >> $GITHUB_ENV CM_VERSION=$(curl -s https://api.github.com/repos/cert-manager/cert-manager/releases/latest | jq -r .tag_name) echo "CM_VERSION=$CM_VERSION" >> $GITHUB_ENV CRD2PULUMI_VERSION=1.6.0 curl -L "https://github.com/pulumi/crd2pulumi/releases/download/v${CRD2PULUMI_VERSION}/crd2pulumi-v${CRD2PULUMI_VERSION}-linux-amd64.tar.gz" -o crd2pulumi.tar.gz tar -xzf crd2pulumi.tar.gz chmod +x crd2pulumi sudo mv crd2pulumi /usr/local/bin/crd2pulumi node generate-crds.js - name: Bump version and Commit run: | git config --global user.name "github-actions[bot]" git config --global user.email "github-actions[bot]@users.noreply.github.com" # Bump version (updates package.json) npm version patch --no-git-tag-version git add . git commit -m "Update CRDs and bump version" git push - name: Publish to npm (Trusted Publishing) if: github.ref == 'refs/heads/main' run: npm publish --provenance --access public