Add SIMP_BUILD_repoclosure var, default=no (#218) #28
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create GitHub release, build & publish .gem to rubygems.org on SemVer tag push | |
# | |
# This workflow's jobs are only triggered in repos under the `simp` organization | |
# ------------------------------------------------------------------------------ | |
# | |
# NOTICE: **This file is maintained with puppetsync** | |
# | |
# This file is updated automatically as part of a standardized asset baseline. | |
# | |
# The next baseline sync will overwrite any local changes to this file! | |
# | |
# ============================================================================== | |
# | |
# This pipeline uses the following GitHub Action Secrets: | |
# | |
# GitHub Secret variable Type Notes | |
# ------------------------ -------- ---------------------------------------- | |
# RUBYGEMS_API_KEY Required | |
# | |
# ------------------------------------------------------------------------------ | |
# | |
# NOTES: | |
# | |
# * The CHANGELOG text is altered to remove RPM-style date headers, which don't | |
# render well as markdown on the GitHub release pages | |
# | |
# * By default, the gem is built and released using the standard rake tasks | |
# from "bundler/gem_tasks". To override these, create a JSON file at | |
# `.github/workflows.local.json`, using the following format: | |
# | |
# { | |
# "gem_build_command": "bundle exec rake build", | |
# "gem_release_command": "bundle exec rake build release:rubygem_push", | |
# "gem_pkg_dir": "pkg" | |
# } | |
# | |
# All keys are optional. | |
# | |
--- | |
name: 'Tag: Release to GitHub + rubygems.org (no RPMS)' | |
on: | |
push: | |
tags: | |
# NOTE: These filter patterns aren't actually regexes: | |
# https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet | |
- '[0-9]+\.[0-9]+\.[0-9]+' | |
- '[0-9]+\.[0-9]+\.[0-9]+\-[a-z]+[0-9]+' | |
env: | |
PUPPET_VERSION: '~> 7' | |
LOCAL_WORKFLOW_CONFIG_FILE: .github/workflows.local.json | |
jobs: | |
releng-checks: | |
name: "RELENG checks" | |
if: github.repository_owner == 'simp' | |
runs-on: ubuntu-latest | |
outputs: | |
build_command: ${{ steps.commands.outputs.build_command }} | |
release_command: ${{ steps.commands.outputs.release_command }} | |
pkg_dir: ${{ steps.commands.outputs.pkg_dir }} | |
steps: | |
- name: "Assert '${{ github.ref }}' is a tag" | |
run: '[[ "$GITHUB_REF" =~ ^refs/tags/ ]] || { echo "::error ::GITHUB_REF is not a tag: ${GITHUB_REF}"; exit 1 ; }' | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.ref }} | |
clean: true | |
- name: Determine build and release commands | |
id: commands | |
run: | | |
# By default, this is the standard task from "bundler/gem_tasks" | |
# To override it, add the new command to LOCAL_WORKFLOW_CONFIG_FILE | |
GEM_BUILD_COMMAND='bundle exec rake build' | |
GEM_RELEASE_COMMAND='bundle exec rake build release:rubygem_push' | |
GEM_PKG_DIR='pkg' | |
if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \ | |
grep -w '"gem_pkg_dir"' &> /dev/null; then | |
GEM_PKG_DIR="$(jq -r .gem_pkg_dir "$LOCAL_WORKFLOW_CONFIG_FILE" )" | |
fi | |
if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \ | |
grep -w '"gem_build_command"' &> /dev/null; then | |
GEM_BUILD_COMMAND="$(jq -r .gem_build_command "$LOCAL_WORKFLOW_CONFIG_FILE" )" | |
fi | |
if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \ | |
grep -w '"gem_release_command"' &> /dev/null; then | |
GEM_RELEASE_COMMAND="$(jq -r .gem_release_command "$LOCAL_WORKFLOW_CONFIG_FILE" )" | |
fi | |
echo "build_command=$GEM_BUILD_COMMAND" | tee -a "$GITHUB_OUTPUT" | |
echo "pkg_dir=$GEM_PKG_DIR" | tee -a "$GITHUB_OUTPUT" | |
echo "release_command=$GEM_RELEASE_COMMAND" | tee -a "$GITHUB_OUTPUT" | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7 | |
bundler-cache: true | |
- name: Test build the package | |
run: "${{ steps.commands.outputs.build_command }}" | |
- name: "Assert '${{ github.ref }}' matches the package version" | |
run: | | |
tag="${GITHUB_REF/refs\/tags\//}" | |
[ -d "${{ steps.commands.outputs.pkg_dir }}" ] || \ | |
{ echo "::error ::No directory found at ${{ steps.commands.outputs.pkg_dir }}/" ; exit 3 ; } | |
ls -1 "${{ steps.commands.outputs.pkg_dir }}"/*.gem || \ | |
{ echo "::error ::No gem file found at ${{ steps.commands.outputs.pkg_dir }}/*.gem" ; exit 2 ; } | |
[ -f "${{ steps.commands.outputs.pkg_dir }}"/*-${tag}.gem ] || \ | |
{ echo "::error ::tag '${tag}' does not match package $(ls -1 ${{ steps.commands.outputs.pkg_dir }}/*.gem)"; exit 1 ; } | |
create-github-release: | |
name: Deploy GitHub Release | |
needs: [ releng-checks ] | |
if: github.repository_owner == 'simp' | |
runs-on: ubuntu-latest | |
outputs: | |
prerelease: ${{ steps.tag-check.outputs.prerelease }} | |
tag: ${{ steps.tag-check.outputs.tag }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.ref }} | |
clean: true | |
fetch-depth: 0 | |
- name: Get tag & annotation info (${{github.ref}}) | |
id: tag-check | |
run: | | |
tag="${GITHUB_REF/refs\/tags\//}" | |
annotation="$(git for-each-ref "$GITHUB_REF" --format='%(contents)' --count=1)" | |
annotation_title="$(echo "$annotation" | head -1)" | |
if [[ "$tag" =~ ^(simp-|v)?[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta|pre|post)?([0-9]+)?)?$ ]]; then | |
if [ -n "${BASH_REMATCH[2]}" ]; then | |
prerelease=yes | |
annotation_title="Pre-release of ${tag}" | |
fi | |
else | |
printf '::error ::Release Tag format is not SemVer, X.Y.Z-R, X.Y.Z-<prerelease>: "%s"\n' "$RELEASE_TAG" | |
exit 88 | |
fi | |
echo "tag=$tag" | tee -a "$GITHUB_OUTPUT" | |
echo "prerelease=$prerelease" | tee -a "$GITHUB_OUTPUT" | |
echo "TARGET_TAG=$tag" | tee -a "$GITHUB_ENV" | |
# Prepare annotation body as a file for the next step | |
# | |
# * The GitHub Release renders the text in this file as markdown | |
# * The `perl -pe` removes RPM-style date headers from the CHANGELOG, | |
# because they don't render well as markdown on the Release page | |
echo "RELEASE_MESSAGE<<EOF$$" >> "$GITHUB_ENV" | |
printf '%s\n\n' "$annotation_title" >> "$GITHUB_ENV" | |
echo "$annotation" | tail -n +2 | \ | |
perl -pe 'BEGIN{undef $/;} s/\n\* (Mon|Tue|Wed|Thu|Fri|Sat|Sun) .*?\n//smg;' >> "$GITHUB_ENV" | |
echo "EOF$$" >> "$GITHUB_ENV" | |
- name: Create Release | |
id: create_release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
IS_PRERELEASE: ${{ steps.tag-check.outputs.prerelease }} | |
run: | | |
echo "${RELEASE_MESSAGE}" > /tmp/.commit-msg.txt | |
args=(-F /tmp/.commit-msg.txt) | |
[[ $IS_PRERELEASE == yes ]] && args+=(--prerelease) | |
gh release create ${args[@]} "$TARGET_TAG" | |
deploy-rubygem: | |
name: Deploy RubyGem Release | |
needs: [ releng-checks, create-github-release ] | |
if: (github.repository_owner == 'simp') && (needs.create-github-release.outputs.prerelease != 'yes') | |
runs-on: ubuntu-latest | |
env: | |
RUBYGEMS_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }} | |
BUILD_COMMAND: ${{ needs.releng-checks.outputs.build_command }} | |
RELEASE_COMMAND: ${{ needs.releng-checks.outputs.release_command }} | |
PKG_DIR: ${{ needs.releng-checks.outputs.pkg_dir }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.ref }} | |
clean: true | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 2.7 | |
bundler-cache: true | |
- name: Build RubyGem | |
run: | | |
echo "Setting up file permissions..." | |
chmod -R go=u-w . | |
echo "Running '$BUILD_COMMAND'..." | |
$BUILD_COMMAND | |
- name: Release RubyGem | |
run: | | |
echo "Setting up gem credentials..." | |
mkdir -p ~/.gem | |
cat << EOF > ~/.gem/credentials | |
--- | |
:rubygems_api_key: ${RUBYGEMS_API_KEY} | |
EOF | |
chmod 0600 ~/.gem/credentials | |
echo "Running '$RELEASE_COMMAND'..." | |
$RELEASE_COMMAND |