create-release-branches.bash refinement #90

Summary
Jobs
- build
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/on-commits.yml at cc1728b

	name: create-final-bosh-release

	on:
	push:
	branches:
	- master
	- release-*
	# See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
	# : Matches zero or more characters, but does not match the / character. For example, Octo matches Octocat.
	# **: Matches zero or more of any character.

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- name: checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	# TODO: add caching for cli downloads, see https://github.com/marketplace/actions/cache
	- name: Install bosh-cli
	#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
	uses: jaxxstorm/[email protected]
	with:
	repo: cloudfoundry/bosh-cli
	tag: v7.4.0
	extension-matching: disable
	chmod: 0755
	rename-to: bosh

	# searching for bosh-cli-7.4.0-linux-amd64 with (linux\|x86_64\|x64\|amd64).(linux\|x86_64\|x64\|amd64)..(tar.gz\|zip)
	# bosh-cli-7.4.0-linux-amd64

	- name: Install vendir cli
	#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
	uses: jaxxstorm/[email protected]
	with:
	repo: carvel-dev/vendir
	tag: v0.34.6
	extension-matching: disable
	chmod: 0755
	rename-to: vendir

	- name: Install yq cli
	#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
	uses: jaxxstorm/[email protected]
	with:
	repo: mikefarah/yq
	tag: v4.34.2
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # reduce potential rate limiting

	- name: vendor-add-blob
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
	AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
	run: \|
	set -x # enable traces
	#pwd
	#find .
	# configure git
	git config --global user.name "actions/k3s-boshrelease"
	git config --global user.email "<>"
	git config --global --add safe.directory /github/workspace
	export VENDIR_GITHUB_API_TOKEN="${GITHUB_TOKEN}"
	./vendor.sh
	echo "State after vendir:"
	tree -s src
	git add vendir.lock
	# FIXME: optimize for idempotency
	./addblob.sh
	remote_repo="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git"

	git add config/blobs.yml
	git status
	if git commit -a --dry-run 2>&1 >/dev/null;then
	git commit -a -m "updating blobs" && \
	git push ${remote_repo} HEAD:${GITHUB_REF_NAME}
	else
	echo "Nothing to commit"
	fi
	echo "Resulting State:"
	tree -s src
	if [ -d blobs ];then # The blobs dir is only present when a blob is modified or has not yet been published.
	tree -s blobs
	fi

	- name: create bosh final release
	id: create-bosh-release
	env:
	INPUT_TARGET_BRANCH: ${{github.ref_name}}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
	AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
	run: \|
	set -x # enable traces
	# extract info from vendir
	version=$(yq -r '.directories[0].contents[] \| select (.path=="k3s-io/k3s") \| .githubRelease.tag ' ./vendir.yml)
	version=${version#v}
	release=true

	name=$(yq -r .final_name config/final.yml)
	if [ "${name}" = "null" ]; then
	name=$(yq -r .name config/final.yml)
	fi

	remote_repo="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git"

	# configure git
	git config --global user.name "actions/bosh-releaser@v2"
	git config --global user.email "<>"
	git config --global --add safe.directory /github/workspace

	# if [ ! -z "${INPUT_BUNDLE}" ] && [ "${INPUT_BUNDLE}" != "false" ]; then
	# echo "installing bundle: ${INPUT_BUNDLE}"
	# apk add ruby
	# gem install bundler -v "${INPUT_BUNDLE}"
	# fi

	# remove existing release if any
	if [ -f releases/${name}/${name}-${version}.yml ]; then
	echo "removing pre-existing version ${version}"
	yq -r "{ \"builds\": (.builds \| with_entries(select(.value.version != \"${version}\"))), \"format-version\": .[\"format-version\"]}" < releases/${name}/index.yml > tmp
	mv tmp releases/${name}/index.yml
	rm -f releases/${name}/${name}-${version}.yml
	git commit -a -m "reset release ${version}"
	fi

	echo "creating bosh release: ${name}-${version}.tgz"
	bosh create-release --force --final --version=${version} --tarball=${name}-${version}.tgz

	echo "pushing changes to git repository"
	git add .final_builds
	git add releases/${name}/index.yml
	git add releases/${name}/${name}-${version}.yml
	git commit -a -m "cutting release ${version}"

	# Override any existing tag with same version. This may happen if only part of the renovate PRs were merged
	git tag -a -m "cutting release ${version}" ${version} -f
	git push ${remote_repo} HEAD:${INPUT_TARGET_BRANCH}

	# Delete any existing release with same tag. Ignore push failure if no tag exists.
	! git push --delete ${remote_repo} ${version}

	# Push the tag
	git push ${remote_repo} ${version} --force

	# make asset readable outside docker image
	chmod 644 ${name}-${version}.tgz
	# https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#environment-files
	echo "file=${name}-${version}.tgz" >> $GITHUB_OUTPUT
	echo "version=${version}" >> $GITHUB_OUTPUT

	# see https://github.com/ncipollo/release-action
	- name: create github release
	id: create-github-release
	uses: ncipollo/[email protected]
	with:
	tag: ${{ steps.create-bosh-release.outputs.version }}
	allowUpdates: true # > indicates if we should update a release if it already exists.
	generateReleaseNotes: true
	artifacts: ./${{ steps.create-bosh-release.outputs.file }}
	artifactContentType: application/zip
	removeArtifacts: true
	artifactErrorsFailBuild: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

create-release-branches.bash refinement #90

Workflow file

create-release-branches.bash refinement #90

Jobs

Run details

Workflow file for this run