-
Notifications
You must be signed in to change notification settings - Fork 88
144 lines (135 loc) · 6.25 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
#
# Copyright (c) 2019-2023 Red Hat, Inc.
# This program and the accompanying materials are made
# available under the terms of the Eclipse Public License 2.0
# which is available at https://www.eclipse.org/legal/epl-2.0/
#
# SPDX-License-Identifier: EPL-2.0
#
# Contributors:
# Red Hat, Inc. - initial API and implementation
#
# This Workflow performs a full release of che-operator
name: Release Che Operator
on:
workflow_dispatch:
inputs:
version:
description: 'The version that is going to be released. Should be in format 7.yy.z'
required: true
forceRecreateTags:
description: If true, tags will be recreated. Use with caution
required: false
default: 'false'
dryRun:
description: If true, dry run will be performed. No changes will be pushed to the repository
required: false
default: 'false'
jobs:
build:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Check existing tags
run: |
set +e
RECREATE_TAGS=${{ github.event.inputs.forceRecreateTags }}
VERSION=${{ github.event.inputs.version }}
EXISTING_TAG=$(git ls-remote --exit-code origin refs/tags/${VERSION})
if [[ -n ${EXISTING_TAG} ]]; then
if [[ ${RECREATE_TAGS} == "true" ]]; then
echo "[INFO] Removing tag for ${VERSION} version. New tag will be recreated during release."
git push origin :$VERSION
else
echo "[ERROR] Cannot proceed with release - tag ${EXISTING_TAG} already exists."
exit 1
fi
else
echo "[INFO] No existing tags detected for $VERSION"
fi
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Set up Python 3.9
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install operator courier, yq and base32 wrapper
run: |
python -m pip install --upgrade pip
pip install yq
pip install semver
sudo apt-get -y -q install
# get base32 util from che-release project
wget https://raw.githubusercontent.com/eclipse/che-release/master/utils/base32
# copy base32 python-based helper script into dir that's accessed from PATH (so it's accessible to this and other called scripts)
sudo cp -f $(pwd)/base32 /usr/local/bin/
sudo chmod +x /usr/local/bin/base32
#remove base32 from current directory to avoid it being commited during release
rm $(pwd)/base32
- name: Set up Go 1.21.10
uses: actions/setup-go@v3
with:
go-version: 1.21.10
- name: Release operator
env:
IMAGE_REGISTRY_HOST: quay.io
IMAGE_REGISTRY_USER_NAME: eclipse
run: |
CHE_VERSION=${{ github.event.inputs.version }}
if [[ ${{ github.event.inputs.dryRun }} == "true" ]]; then DRY_RUN_FLAG="--dry-run"; fi
echo "CHE_VERSION=${CHE_VERSION}"
echo "DRY_RUN_FLAG=${DRY_RUN_FLAG}"
BRANCH=${CHE_VERSION%.*}.x
echo "BRANCH=${BRANCH}"
git config --global user.name "Mykhailo Kuznietsov"
git config --global user.email "[email protected]"
export GITHUB_TOKEN=${{ secrets.CHE_BOT_GITHUB_TOKEN }}
set -e
OP_SDK_DIR=/opt/operator-sdk
mkdir -p $OP_SDK_DIR
make download-operator-sdk DEST="${OP_SDK_DIR}"
go install golang.org/x/tools/cmd/goimports@latest
export PATH="$PATH:$OP_SDK_DIR"
export QUAY_ECLIPSE_CHE_USERNAME=${{ secrets.QUAY_USERNAME }}
export QUAY_ECLIPSE_CHE_PASSWORD=${{ secrets.QUAY_PASSWORD }}
if [[ ${CHE_VERSION} == *".0" ]]; then
build/scripts/release/make-release.sh ${CHE_VERSION} --release --check-resources --release-olm-files ${DRY_RUN_FLAG}
else
git checkout ${BRANCH}
build/scripts/release/make-release.sh ${CHE_VERSION} --release --release-olm-files ${DRY_RUN_FLAG}
fi
# default robot account on quay does not have permissions for application repos
# so we provide credentials for accounts that do
export QUAY_USERNAME_K8S=${{ secrets.QUAY_ECLIPSE_CHE_OPERATOR_KUBERNETES_USERNAME }}
export QUAY_PASSWORD_K8S=${{ secrets.QUAY_ECLIPSE_CHE_OPERATOR_KUBERNETES_PASSWORD }}
export QUAY_USERNAME_OS=${{ secrets.QUAY_ECLIPSE_CHE_OPERATOR_OPENSHIFT_USERNAME }}
export QUAY_PASSWORD_OS=${{ secrets.QUAY_ECLIPSE_CHE_OPERATOR_OPENSHIFT_PASSWORD }}
# echo "[DEBUG] Using credentials:"
# echo "[DEBUG] QUAY_USERNAME_K8S = ${QUAY_USERNAME_K8S} and"
# echo "[DEBUG] QUAY_USERNAME_OS = ${QUAY_USERNAME_OS}"
git checkout ${CHE_VERSION}-release
build/scripts/release/make-release.sh ${CHE_VERSION} --push-olm-bundles ${DRY_RUN_FLAG}
# perform extra checkouts to ensure branches exist locally
git checkout ${BRANCH}
git checkout ${CHE_VERSION}-release
force_update=""
if [[ ${{ github.event.inputs.forceRecreateTags }} == "true" ]]; then force_update="--force"; fi
build/scripts/release/make-release.sh ${CHE_VERSION} --push-git-changes --pull-requests ${force_update} ${DRY_RUN_FLAG}
#- name: Create failure MM message
#if: ${{ failure() }}
#run: |
#echo "{\"text\":\":no_entry_sign: Che Operator ${{ github.event.inputs.version }} release has failed: https://github.com/eclipse-che/che-operator/actions/workflows/release.yml\"}" > mattermost.json
#- name: Create success MM message
#run: |
#echo "{\"text\":\":white_check_mark: Che Operator ${{ github.event.inputs.version }} release PR have been created: https://github.com/eclipse-che/che-operator/pulls/che-bot\"}" > mattermost.json
#- name: Send MM message
#if: ${{ success() }} || ${{ failure() }}
#uses: mattermost/[email protected]
#env:
#MATTERMOST_WEBHOOK_URL: ${{ secrets.MATTERMOST_WEBHOOK_URL }}
#MATTERMOST_CHANNEL: eclipse-che-releases
#MATTERMOST_USERNAME: che-bot