use reusable workflows in create-release workflow. #454
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,96 +1,77 @@ | ||
| name: Create release | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| DRY_RUN: | ||
| type: boolean | ||
| default: false | ||
| description: "Dry run: setting this to `true` will skip the final step of publishing the release, leaving it as a draft-release. This can be helpful for testing and debugging. Note that the tag and release are still getting generated and the next run of this result in incremented release version. To avoid this, do not forget to delete the resulting release and tag." | ||
|
|
||
| jobs: | ||
| gen-version: | ||
| name: Generate semantic version from branch and tags | ||
| uses: kyma-project/eventing-tools/.github/workflows/get-version-from-release-branch-reusable.yml@d491378dbbeef63bf8616f1a1b2b1a49ea5f9eeb | ||
| # outputs: VERSION | ||
|
|
||
| bump-sec-scanners-config: | ||
| name: Bump the sec-scanners-config.yaml | ||
| needs: gen-version | ||
| uses: kyma-project/eventing-tools/.github/workflows/bump-sec-scanners-config-reusable.yml@e8d1cd652dd636ad14b420da984f0bd4bf84ee0a | ||
| with: | ||
| VERSION: ${{ needs.gen-version.outputs.VERSION }} | ||
| secrets: | ||
| BOT_PAT: ${{ secrets.BOT_PAT }} | ||
|
|
||
| run-unit-test: | ||
| name: Run Unit Tests | ||
| needs: [gen-version, bump-sec-scanners-config] | ||
| uses: kyma-project/eventing-tools/.github/workflows/unit-test-reusable.yml@d491378dbbeef63bf8616f1a1b2b1a49ea5f9eeb | ||
|
|
||
| run-golint-cli: | ||
| name: Run Golint-cli | ||
| needs: [gen-version, bump-sec-scanners-config] | ||
| uses: kyma-project/eventing-tools/.github/workflows/lint-reusable.yml@d491378dbbeef63bf8616f1a1b2b1a49ea5f9eeb | ||
|
|
||
| build-image: | ||
| name: Build image | ||
| needs: [gen-version, run-unit-test, run-golint-cli] | ||
| uses: kyma-project/eventing-tools/.github/workflows/trigger-prow-build-job-reusable.yml@f509756e135aa2255cfd9e96c833fe5c6e511b3b | ||
| with: | ||
| VERSION: ${{ needs.gen-version.outputs.VERSION }} | ||
| TIMEOUT: 1200000 # 20 minutes | ||
| INTERVAL: 60000 # 1 minute | ||
| CONTEXT: "release-eventing-manager-build" | ||
| COMMIT_REF: ${{ github.ref_name }} | ||
| secrets: inherit | ||
|
|
||
| create-draft-release: | ||
| name: Create a draft release | ||
| needs: [gen-version, run-unit-test, run-golint-cli, build-image] | ||
| uses: kyma-project/eventing-tools/.github/workflows/create-draft-release-reusable.yml@5c713986ad2249557ad12481a3608480f548975c | ||
| with: | ||
| VERSION: ${{ needs.gen-version.outputs.VERSION }} | ||
| secrets: | ||
| BOT_PAT: ${{ secrets.BOT_PAT }} | ||
| GH_TOKEN: ${{ secrets.GH_TOKEN }} | ||
|
|
||
| render-and-upload-manifest: | ||
| name: Render and upload the manifests | ||
| needs: [gen-version, create-draft-release, build-image] | ||
| uses: kyma-project/eventing-tools/.github/workflows/render-and-upload-manifests-reusable.yml@5c713986ad2249557ad12481a3608480f548975c | ||
| with: | ||
| VERSION: ${{ needs.gen-version.outputs.VERSION }} | ||
| CR_FILE: eventing-default-cr.yaml | ||
| CRD_FILE: eventing-manager.yaml | ||
| secrets: | ||
| BOT_PAT: ${{ secrets.BOT_PAT }} | ||
|
|
||
| publish-release: | ||
| if: ${{ !inputs.DRY_RUN }} | ||
| needs: [gen-version, render-and-upload-manifest, build-image] | ||
| name: Publish the release | ||
| uses: kyma-project/eventing-tools/.github/workflows/publish-release-reusable.yml@d491378dbbeef63bf8616f1a1b2b1a49ea5f9eeb | ||
| with: | ||
| VERSION: ${{ needs.gen-version.outputs.VERSION }} | ||
| secrets: | ||
| BOT_PAT: ${{ secrets.BOT_PAT }} | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| #!/usr/bin/env bash | ||
|
There was a problem hiding this comment. Does it make sense to move this script to the common tools repo so other repositories may use it? There was a problem hiding this comment. I thought about this. My intention was to give more flexibility with the changelog (similar to the |
||
|
|
||
| PREVIOUS_RELEASE=$2 # for testability | ||
|
|
||
| # standard bash error handling | ||
| set -o nounset # treat unset variables as an error and exit immediately. | ||
| set -o errexit # exit immediately when a command fails. | ||
| set -E # needs to be set if we want the ERR trap | ||
| set -o pipefail # prevents errors in a pipeline from being masked | ||
|
|
||
| RELEASE_TAG=$1 | ||
|
|
||
| REPOSITORY=${REPOSITORY:-kyma-project/eventing-manager} | ||
| GITHUB_URL=https://api.github.com/repos/${REPOSITORY} | ||
| GITHUB_AUTH_HEADER="Authorization: token ${GITHUB_TOKEN}" | ||
| CHANGELOG_FILE="CHANGELOG.md" | ||
|
|
||
| if [ "${PREVIOUS_RELEASE}" == "" ]; then | ||
| PREVIOUS_RELEASE=$(git describe --tags --abbrev=0) | ||
| fi | ||
|
|
||
| echo "## What has changed" >>${CHANGELOG_FILE} | ||
|
|
||
| git log ${PREVIOUS_RELEASE}..HEAD --pretty=tformat:"%h" --reverse | while read -r commit; do | ||
| COMMIT_AUTHOR=$(curl -H "${GITHUB_AUTH_HEADER}" -sS "${GITHUB_URL}/commits/${commit}" | jq -r '.author.login') | ||
| if [ "${COMMIT_AUTHOR}" != "kyma-bot" ]; then | ||
| git show -s ${commit} --format="* %s by @${COMMIT_AUTHOR}" >>${CHANGELOG_FILE} | ||
| fi | ||
| done | ||
|
|
||
| NEW_CONTRIB=$$.new | ||
|
There was a problem hiding this comment. (nit) |
||
|
|
||
| join -v2 \ | ||
| <(curl -H "${GITHUB_AUTH_HEADER}" -sS "${GITHUB_URL}/compare/$(git rev-list --max-parents=0 HEAD)...${PREVIOUS_RELEASE}" | jq -r '.commits[].author.login' | sort -u) \ | ||
| <(curl -H "${GITHUB_AUTH_HEADER}" -sS "${GITHUB_URL}/compare/${PREVIOUS_RELEASE}...HEAD" | jq -r '.commits[].author.login' | sort -u) >${NEW_CONTRIB} | ||
|
|
||
| if [ -s ${NEW_CONTRIB} ]; then | ||
| echo -e "\n## New contributors" >>${CHANGELOG_FILE} | ||
| while read -r user; do | ||
| REF_PR=$(grep "@${user}" ${CHANGELOG_FILE} | head -1 | grep -o " (#[0-9]\+)" || true) | ||
| if [ -n "${REF_PR}" ]; then #reference found | ||
| REF_PR=" in ${REF_PR}" | ||
| fi | ||
| echo "* @${user} made first contribution${REF_PR}" >>${CHANGELOG_FILE} | ||
| done <${NEW_CONTRIB} | ||
| fi | ||
|
|
||
| echo -e "\n**Full changelog**: https://github.com/$REPOSITORY/compare/${PREVIOUS_RELEASE}...${RELEASE_TAG}" >>${CHANGELOG_FILE} | ||
|
|
||
| # cleanup | ||
| rm ${NEW_CONTRIB} || echo "cleaned up" | ||
|
There was a problem hiding this comment. (nit) IMO, no need to echo anything here, because removing the file is an internal housekeeping. There was a problem hiding this comment. I removed the whole section. It is just not needed. |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| #!/usr/bin/env bash | ||
|
|
||
| set -e | ||
|
|
||
| # This scrpit generates the sec-scanners-config by fetching all relevant images. | ||
|
|
||
| TAG=$1 | ||
| OUTPUT_FILE=${2:-"sec-scanners-config.yaml"} | ||
| WEBHOOK_FILE=${3-"config/webhook/kustomization.yaml"} | ||
| PUBLISHER_FILE=${4-"config/manager/manager.yaml"} | ||
| KUSTOMIZATION_FILE=${5-"config/manager/kustomization.yaml"} | ||
| # Fetch Webhook Image. | ||
| echo "fetching webhook image from ${WEBHOOK_FILE}" | ||
| WEBHOOK_IMAGE=$(yq eval '.images[0].newName' <"$WEBHOOK_FILE") | ||
| WEBHOOK_TAG=$(yq eval '.images[0].newTag' <"$WEBHOOK_FILE") | ||
| WEBHOOK_IMAGE="${WEBHOOK_IMAGE}:$WEBHOOK_TAG" | ||
| echo -e "webhook image is ${WEBHOOK_IMAGE} \n" | ||
|
|
||
| # Fetch Publisher Image. | ||
| echo "fetching publisher image from ${PUBLISHER_FILE}" | ||
| PUBLISHER_IMAGE=$(yq eval '.spec.template.spec.containers[0].env[] | select(.name == "PUBLISHER_IMAGE") | .value' <"${PUBLISHER_FILE}") | ||
| echo -e "publisher image is ${PUBLISHER_IMAGE} \n" | ||
|
|
||
| # Generating File. | ||
| echo -e "generating to ${OUTPUT_FILE} \n" | ||
| cat <<EOF | tee "${OUTPUT_FILE}" | ||
| # Dont edit this file; it is autogenerated by github action 'Create release'. | ||
| # The value for the publisher image is extracted from ${PUBLISHER_FILE}. | ||
| # The value for the webhook image is extracted from ${WEBHOOK_FILE}. | ||
| module-name: eventing | ||
| rc-tag: ${TAG} | ||
| protecode: | ||
| - europe-docker.pkg.dev/kyma-project/prod/eventing-manager:${TAG} | ||
| - ${PUBLISHER_IMAGE} | ||
| - ${WEBHOOK_IMAGE} | ||
| whitesource: | ||
| language: golang-mod | ||
| subprojects: false | ||
| exclude: | ||
| - "**/test/**" | ||
| - "**/*_test.go" | ||
| - "/hack/**" | ||
| EOF | ||
|
|
||
| # Bump kustomization file | ||
| sed -i "/images.newTag/c\images.newTag: ${VERSION}" "${KUSTOMIZATION_FILE}" | ||
| awk -v ntv="$VERSION" '/newTag:/ {print $1 ":" " " ntv} !/newTag:/' "$KUSTOMIZATION_FILE" >tmp_file && mv tmp_file "$KUSTOMIZATION_FILE" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| #!/usr/bin/env bash | ||
|
|
||
| # standard bash error handling | ||
| set -o nounset # treat unset variables as an error and exit immediately. | ||
| set -o errexit # exit immediately when a command fails. | ||
| set -E # needs to be set if we want the ERR trap | ||
| set -o pipefail # prevents errors in a pipeline from being masked | ||
|
|
||
| VERSION=$1 | ||
| IMG="europe-docker.pkg.dev/kyma-project/prod/eventing-manager:${VERSION}" make render-manifest |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why does
run-unit-testneedbump-sec-scanners-config?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It does not need it, it will just wait to run the unit tests after
bump-sec-scanners-config(because of the PR we create in the that part). In general, all the jobs will run consecutively. Onlylintandunit-testwill run in parallel because they are independent of each other. That flow is controlled by theneedinstructions.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the only flow that is really needed is the
gen-versionbecause only if it get's marked asneedsthe output (VERSION) gets available in the other jobs.