forked from orange-cloudfoundry/k3s-boshrelease
-
Notifications
You must be signed in to change notification settings - Fork 1
176 lines (153 loc) · 7.04 KB
/
on-commits.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
name: create-final-bosh-release
on:
push:
branches:
- master
- release-*
# See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
# *: Matches zero or more characters, but does not match the / character. For example, Octo* matches Octocat.
# **: Matches zero or more of any character.
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# TODO: add caching for cli downloads, see https://github.com/marketplace/actions/cache
- name: Install bosh-cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/[email protected]
with:
repo: cloudfoundry/bosh-cli
tag: v7.4.0
extension-matching: disable
chmod: 0755
rename-to: bosh
# searching for bosh-cli-7.4.0-linux-amd64 with (linux|x86_64|x64|amd64).*(linux|x86_64|x64|amd64).*.(tar.gz|zip)
# bosh-cli-7.4.0-linux-amd64
- name: Install vendir cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/[email protected]
with:
repo: carvel-dev/vendir
tag: v0.34.6
extension-matching: disable
chmod: 0755
rename-to: vendir
- name: Install yq cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/[email protected]
with:
repo: mikefarah/yq
tag: v4.34.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # reduce potential rate limiting
- name: vendor-add-blob
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
run: |
set -x # enable traces
#pwd
#find .
# configure git
git config --global user.name "actions/k3s-boshrelease"
git config --global user.email "<>"
git config --global --add safe.directory /github/workspace
export VENDIR_GITHUB_API_TOKEN="${GITHUB_TOKEN}"
./vendor.sh
echo "State after vendir:"
tree -s src
git add vendir.lock
# FIXME: optimize for idempotency
./addblob.sh
remote_repo="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git"
git add config/blobs.yml
git status
if git commit -a --dry-run 2>&1 >/dev/null;then
git commit -a -m "updating blobs" && \
git push ${remote_repo} HEAD:${GITHUB_REF_NAME}
else
echo "Nothing to commit"
fi
echo "Resulting State:"
tree -s src
if [ -d blobs ];then # The blobs dir is only present when a blob is modified or has not yet been published.
tree -s blobs
fi
- name: create bosh final release inlined
env:
INPUT_TARGET_BRANCH: ${{github.ref_name}}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
run: |
set -x # enable traces
# extract info from vendir
version=$(yq -r '.directories[0].contents[] | select (.path=="k3s-io/k3s") | .githubRelease.tag ' ./vendir.yml)
version=${version#v}
release=true
name=$(yq -r .final_name config/final.yml)
if [ "${name}" = "null" ]; then
name=$(yq -r .name config/final.yml)
fi
remote_repo="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git"
# configure git
git config --global user.name "actions/bosh-releaser@v2"
git config --global user.email "<>"
git config --global --add safe.directory /github/workspace
# if [ ! -z "${INPUT_BUNDLE}" ] && [ "${INPUT_BUNDLE}" != "false" ]; then
# echo "installing bundle: ${INPUT_BUNDLE}"
# apk add ruby
# gem install bundler -v "${INPUT_BUNDLE}"
# fi
# remove existing release if any
if [ -f releases/${name}/${name}-${version}.yml ]; then
echo "removing pre-existing version ${version}"
yq -r "{ \"builds\": (.builds | with_entries(select(.value.version != \"${version}\"))), \"format-version\": .[\"format-version\"]}" < releases/${name}/index.yml > tmp
mv tmp releases/${name}/index.yml
rm -f releases/${name}/${name}-${version}.yml
git commit -a -m "reset release ${version}"
fi
echo "creating bosh release: ${name}-${version}.tgz"
bosh create-release --force --final --version=${version} --tarball=${name}-${version}.tgz
echo "pushing changes to git repository"
git add .final_builds
git add releases/${name}/index.yml
git add releases/${name}/${name}-${version}.yml
git commit -a -m "cutting release ${version}"
# Override any existing tag with same version. This may happen if only part of the renovate PRs were merged
git tag -a -m "cutting release ${version}" ${version} -f
git push ${remote_repo} HEAD:${INPUT_TARGET_BRANCH}
# Delete any existing release with same tag. Ignore push failure if no tag exists.
! git push --delete ${remote_repo} ${version}
# Push the tag
git push ${remote_repo} ${version} --force
# make asset readable outside docker image
chmod 644 ${name}-${version}.tgz
# TODO: update this deprecated github action syntax
echo "::set-output name=file::${name}-${version}.tgz"
echo "::set-output name=version::${version}"
- name: create github release
id: create-github-release
if: success() && startsWith(github.ref, 'refs/tags/')
uses: actions/create-release@v1
with:
tag_name: ${{ github.ref }}
release_name: ${{ github.ref }}
body: "cutting release ${{ steps.create-bosh-release.outputs.version }}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: upload-assets
id: upload-release-asset
uses: actions/upload-release-asset@v1
with:
upload_url: ${{ steps.create-github-release.outputs.upload_url }}
asset_path: ./${{ steps.create-bosh-release.outputs.file }}
asset_name: ${{ steps.create-bosh-release.outputs.file }}
asset_content_type: application/zip
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}