forked from orange-cloudfoundry/k3s-boshrelease
-
Notifications
You must be signed in to change notification settings - Fork 1
133 lines (121 loc) · 5.5 KB
/
create-final-bosh-release-on-commits.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: create-final-bosh-release
permissions:
contents: write # allow git push to repo and the GitHub release and its artefact
on:
workflow_dispatch: # to allow manual triggering to be able to create a release even on change on other paths
push:
branches:
- master
- release-*
# See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
# *: Matches zero or more characters, but does not match the / character. For example, Octo* matches Octocat.
# **: Matches zero or more of any character.
paths: # only trigger on bosh-relevant changes
- .final_builds/**
- config/**
- jobs/**
- releases/**
- vendir.yml
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
# TODO: add caching for cli downloads, see https://github.com/marketplace/actions/cache
- name: Install bosh-cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/action-install-gh-release@25d5e2dd555cd74f1fab9ac1e6ea117acde2c0c4 # v1.12.0
with:
repo: cloudfoundry/bosh-cli
tag: v7.6.2
extension-matching: disable
chmod: 0755
rename-to: bosh
# searching for bosh-cli-7.4.0-linux-amd64 with (linux|x86_64|x64|amd64).*(linux|x86_64|x64|amd64).*.(tar.gz|zip)
# bosh-cli-7.4.0-linux-amd64
- name: Install vendir cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/action-install-gh-release@25d5e2dd555cd74f1fab9ac1e6ea117acde2c0c4 # v1.12.0
with:
repo: carvel-dev/vendir
tag: v0.40.2
extension-matching: disable
chmod: 0755
rename-to: vendir
- name: Install yq cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/action-install-gh-release@25d5e2dd555cd74f1fab9ac1e6ea117acde2c0c4 # v1.12.0
with:
repo: mikefarah/yq
tag: v4.44.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # reduce potential rate limiting
- name: vendor-add-blob
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
run: |
set -x # enable traces
#pwd
#find .
# configure git
git config --global user.name "workflows/k3s-boshrelease/create-final-bosh-release"
git config --global user.email "<>"
git config --global --add safe.directory /github/workspace
export VENDIR_GITHUB_API_TOKEN="${GITHUB_TOKEN}"
./vendor.sh
echo "State after vendir:"
tree -s src
git add vendir.lock
# FIXME: optimize for idempotency
./addblob.sh
remote_repo="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git"
git add config/blobs.yml
git status
if git commit -a --dry-run 2>&1 >/dev/null;then
git commit -a -m "updating blobs" && \
git push ${remote_repo} HEAD:${GITHUB_REF_NAME}
else
echo "Nothing to commit"
fi
echo "Resulting State:"
tree -s src
if [ -d blobs ];then # The blobs dir is only present when a blob is modified or has not yet been published.
tree -s blobs
fi
- name: Extract k9s version
id: extract_version
uses: orange-cloudfoundry/extract-vendir-version-action@4e0e9300b0a7fe81a02536f631073c2accab9680 # v0.2.0
with:
library: "k3s-io/k3s"
- name: create bosh final release
id: create-bosh-release
uses: orange-cloudfoundry/create-bosh-release-action@916ad18a668fe168c7cd643a0f56e8e48623b3f6 # v1.0.3
with:
target_branch: ${{github.ref_name}}
tag_name: ${{ steps.extract_version.outputs.version }}
override_existing: true # allow deletion of existing tags
force_version_consistency: true # to force tag_name without 'v' prefix
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
# see https://github.com/ncipollo/release-action
- name: create github release
id: create-github-release
if: ${{ steps.create-bosh-release.outputs.need_gh_release == 'true' }}
uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
with:
tag: ${{ steps.create-bosh-release.outputs.version }}
draft: false
allowUpdates: true # > indicates if we should update a release if it already exists.
omitDraftDuringUpdate: true # > Indicates if the draft flag should be omitted during updates. The draft flag will still be applied for newly created releases. This will preserve the existing draft state during updates.
generateReleaseNotes: true
artifacts: ./${{ steps.create-bosh-release.outputs.file }}
artifactContentType: application/zip
removeArtifacts: true
artifactErrorsFailBuild: true