From 4fb8a4f1ce5e0ac398ff676c3ab853826092c5c8 Mon Sep 17 00:00:00 2001 From: Guillaume Berche Date: Mon, 25 Sep 2023 18:00:03 +0200 Subject: [PATCH] Refine actions - new on-commits.yml - renamed main.yaml to on-tags.yml - attempt to make addblob.sh idempotent --- .github/workflows/on-commits.yml | 42 +++++++++++++++++++++ .github/workflows/{main.yml => on-tags.yml} | 0 addblob.sh | 26 ++++++++++--- 3 files changed, 63 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/on-commits.yml rename .github/workflows/{main.yml => on-tags.yml} (100%) diff --git a/.github/workflows/on-commits.yml b/.github/workflows/on-commits.yml new file mode 100644 index 00000000..72b957a8 --- /dev/null +++ b/.github/workflows/on-commits.yml @@ -0,0 +1,42 @@ +name: build-and-release + +on: + push: + +jobs: + build: + runs-on: ubuntu-latest + container: + image: orangeopensource/bosh-release-action:v5 + # FIXME: change entry point + steps: + - name: checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: vendor-add-blob + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }} + AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }} + + with: + entrypoint: cat # avoid running the default entrypoint which tries to execute the bosh-release-action script + run: | + set -x # enable traces + # configure git + git config --global user.name "actions/k3s-boshrelease" + git config --global user.email "<>" + git config --global --add safe.directory /github/workspace + export VENDIR_GITHUB_API_TOKEN="${GITHUB_TOKEN}" + ./vendor.sh + git add vendir.lock + # FIXME: optimize for idem potentency + ./addblob.sh + git add config/blobs.yaml + git commit -a -m "updating blobs" + remote_repo="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git" + git push ${remote_repo} HEAD:main + + diff --git a/.github/workflows/main.yml b/.github/workflows/on-tags.yml similarity index 100% rename from .github/workflows/main.yml rename to .github/workflows/on-tags.yml diff --git a/addblob.sh b/addblob.sh index 2f6e0e21..09addad9 100755 --- a/addblob.sh +++ b/addblob.sh @@ -1,7 +1,23 @@ #!/bin/bash set -x -bosh add-blob src/github.com/k3s-io/k3s/k3s k3s/k3s -bosh add-blob src/github.com/k3s-io/k3s/k3s-airgap-images-amd64.tar k3s-images/k3s-airgap-images-amd64.tar + +# params +# $1: src +# $2: target +function addBlobOnChecksumChange() { + src="$1" + target="$2" + blob_checksum=$(cat config/blobs.yml | yq ."${src}".sha) + src_checksum=$(cat "${src}" | sha256sum | cut -d " " -f1) + if [ "${blob_checksum}" != "${src_checksum}" ]; then + bosh add-blob ${src} ${target} + else + echo "skipping blob creation with exiting checksum: ${src_checksum}" + fi +} + +addBlobOnChecksumChange src/github.com/k3s-io/k3s/k3s k3s/k3s +addBlobOnChecksumChange src/github.com/k3s-io/k3s/k3s-airgap-images-amd64.tar k3s-images/k3s-airgap-images-amd64.tar pushd src/github.com/derailed/k9s/ @@ -9,18 +25,18 @@ tar xfv ./k9s_Linux_amd64.tar.gz popd -bosh add-blob src/github.com/derailed/k9s/k9s k9s/k9s +addBlobOnChecksumChange src/github.com/derailed/k9s/k9s k9s/k9s pushd src/github.com/containerd/nerdctl/ tar xfv ./nerdctl-1.3.1-linux-amd64.tar.gz popd -bosh add-blob src/github.com/containerd/nerdctl/nerdctl nerdctl/nerdctl +addBlobOnChecksumChange src/github.com/containerd/nerdctl/nerdctl nerdctl/nerdctl pushd src curl -LO https://dl.k8s.io/release/v1.24.9/bin/linux/amd64/kubectl --output ./src/kubectl chmod ugo+x kubectl popd -bosh add-blob src/kubectl kubectl/kubectl +addBlobOnChecksumChange src/kubectl kubectl/kubectl