crucible-release #70
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: crucible-release | |
| on: # yamllint disable-line rule:truthy | |
| workflow_dispatch: | |
| inputs: | |
| dry_run: | |
| required: false | |
| type: boolean | |
| description: Do NOT push/delete tag to/from the repositories | |
| default: false | |
| custom_tag: | |
| required: false | |
| type: string | |
| description: Custom tag to push/delete | |
| default: '' | |
| action: | |
| required: true | |
| type: choice | |
| options: | |
| - push | |
| - delete | |
| description: Action to perform with the custom-tag (push or delete) | |
| default: 'push' | |
| force_push: | |
| required: false | |
| type: boolean | |
| description: FORCE push (override tag) | |
| default: false | |
| workflow_call: | |
| inputs: | |
| dry_run: | |
| required: false | |
| type: boolean | |
| description: Do NOT push/delete tag to/from the repositories | |
| custom_tag: | |
| required: false | |
| type: string | |
| description: Custom tag to push/delete | |
| default: '' | |
| action: | |
| required: true | |
| type: string | |
| description: Action to perform (push or delete) | |
| force_push: | |
| required: false | |
| type: boolean | |
| description: FORCE push (override tag) | |
| secrets: | |
| PRIVATE_KEY__TAG_CRUCIBLE_RELEASE: | |
| required: true | |
| concurrency: | |
| group: crucible-release | |
| cancel-in-progress: false | |
| jobs: | |
| release-tag: | |
| runs-on: [ self-hosted, workflow-overhead ] | |
| timeout-minutes: 10 | |
| outputs: | |
| tag: ${{ steps.gen-release-tag.outputs.tag }} | |
| repos: ${{ steps.get-repos.outputs.repos }} | |
| steps: | |
| - name: Generate release tag | |
| id: gen-release-tag | |
| run: | | |
| if [ "${{ inputs.custom_tag }}" == "" ]; then | |
| year="$(date -u +%Y)" | |
| month="$(date -u +%m)" | |
| month=${month#0} | |
| quarter="$(((month-1)/3+1))" | |
| echo "tag=$year.$quarter" >> $GITHUB_OUTPUT | |
| else | |
| echo "tag=${{ inputs.custom_tag }}" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Display params | |
| id: get-params | |
| env: | |
| TAG: ${{ steps.gen-release-tag.outputs.tag }} | |
| DRY_RUN: ${{ inputs.dry_run }} | |
| CUSTOM_TAG: ${{ inputs.custom_tag }} | |
| ACTION: ${{ inputs.action }} | |
| GITHUB_EVENT: ${{ github.event_name }} | |
| FORCE_PUSH: ${{ inputs.force_push }} | |
| run: | | |
| echo "tag=$TAG" | |
| echo "dry_run=$DRY_RUN" | |
| echo "custom_tag=$CUSTOM_TAG" | |
| echo "action=$ACTION" | |
| echo "github_event=$GITHUB_EVENT" | |
| echo "force_push=$FORCE_PUSH" | |
| - name: Generate token | |
| id: generate-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ vars.APP_ID__TAG_CRUCIBLE_RELEASE }} | |
| private-key: ${{ secrets.PRIVATE_KEY__TAG_CRUCIBLE_RELEASE }} | |
| owner: ${{ github.repository_owner }} | |
| - name: checkout crucible default | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: perftool-incubator/crucible | |
| ref: ${{ github.ref }} | |
| path: crucible | |
| set-safe-directory: false | |
| fetch-tags: true | |
| token: ${{ steps.generate-token.outputs.token }} | |
| - name: push/delete tag to/from the crucible repo | |
| if: ${{ inputs.dry_run == false }} | |
| env: | |
| TAG: ${{ steps.gen-release-tag.outputs.tag }} | |
| run: | | |
| cd $GITHUB_WORKSPACE | |
| cd crucible | |
| echo "Fetching remote heads/tags..." | |
| git fetch --prune --prune-tags | |
| echo "Tags:" | |
| git ls-remote --tags origin | |
| echo "Local Tags:" | |
| git tag | |
| echo "Branches:" | |
| git ls-remote --heads origin | |
| echo "Local Branches:" | |
| git branch | |
| echo "Current commit's object name:" | |
| git rev-parse --verify HEAD | |
| echo "Current object name for tag $TAG (if it exists):" | |
| git rev-parse --verify tags/$TAG || true | |
| echo "Current object name for branch $TAG (if it exists):" | |
| git rev-parse --verify remotes/origin/$TAG || true | |
| if [ "${{ inputs.action }}" == "push" ]; then | |
| ARGS="" | |
| if [ "${{ inputs.force_push }}" == "true" ]; then | |
| ARGS="--force" | |
| fi | |
| git checkout -B $TAG | |
| git push origin heads/$TAG $ARGS #branch | |
| git tag $TAG $ARGS | |
| git push origin tags/$TAG $ARGS #tag | |
| elif [ "${{ inputs.action }}" == "delete" ]; then | |
| if [ "${{ inputs.force_push }}" == "true" ]; then | |
| git push --delete origin tags/$TAG || true #tag | |
| git push --delete origin heads/$TAG || true #branch | |
| else | |
| git push --delete origin tags/$TAG #tag | |
| git push --delete origin heads/$TAG #branch | |
| fi | |
| fi | |
| echo "Tags:" | |
| git ls-remote --tags origin | |
| echo "Current object name for tag $TAG (if it exists):" | |
| git rev-parse --verify tags/$TAG || true | |
| echo "Current object name for branch $TAG (if it exists):" | |
| git rev-parse --verify remotes/origin/$TAG || true | |
| - name: Get the list of sub-projects | |
| id: get-repos | |
| run: | | |
| cd $GITHUB_WORKSPACE | |
| cd crucible/config | |
| # get 3rd column (repo URL) without the starting '/' (remove first char), | |
| # so repo urls /a /b /c are extracted to a b c | |
| # and add to a bash array ( a b c ) | |
| projects=( $(jq -r '.official[] | select(.name != "crucible") | .repository | sub(".*\/"; "")' repos.json) ) | |
| # builtin implict join array "a","b","c" (double quotes for a valid json) | |
| printf -v list '"%s",' "${projects[@]}" | |
| # convert to a comma separated list ["a","b","c"] | |
| echo "repos=[${list%,}]" >> $GITHUB_OUTPUT | |
| - name: Display sub-projects repos list | |
| id: display-repos | |
| env: | |
| REPOS: ${{ steps.get-repos.outputs.repos }} | |
| run: echo "$REPOS" | |
| projects-tag: | |
| runs-on: [ self-hosted, workflow-overhead ] | |
| timeout-minutes: 10 | |
| needs: | |
| - release-tag | |
| strategy: | |
| matrix: | |
| repository: ${{ fromJSON(needs.release-tag.outputs.repos) }} | |
| steps: | |
| - name: Display sub-project repository name | |
| run: | | |
| echo "repository=${{ matrix.repository }}" | |
| - name: Generate token | |
| id: generate-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ vars.APP_ID__TAG_CRUCIBLE_RELEASE }} | |
| private-key: ${{ secrets.PRIVATE_KEY__TAG_CRUCIBLE_RELEASE }} | |
| owner: ${{ github.repository_owner }} | |
| - name: checkout sub-project repository | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: perftool-incubator/${{ matrix.repository }} | |
| path: ${{ matrix.repository }} | |
| set-safe-directory: false | |
| fetch-tags: true | |
| token: ${{ steps.generate-token.outputs.token }} | |
| - name: push/delete release tag | |
| if: ${{ inputs.dry_run == false }} | |
| env: | |
| TAG: ${{ needs.release-tag.outputs.tag }} | |
| run: | | |
| cd $GITHUB_WORKSPACE | |
| cd ${{ matrix.repository }} | |
| echo "Fetching remote heads/tags..." | |
| git fetch --prune --prune-tags | |
| echo "Tags:" | |
| git ls-remote --tags origin | |
| echo "Local Tags:" | |
| git tag | |
| echo "Branches:" | |
| git ls-remote --heads origin | |
| echo "Local Branches:" | |
| git branch | |
| echo "Current commit's object name:" | |
| git rev-parse --verify HEAD | |
| echo "Current object name for tag $TAG (if it exists):" | |
| git rev-parse --verify tags/$TAG || true | |
| echo "Current object name for branch $TAG (if it exists):" | |
| git rev-parse --verify remotes/origin/$TAG || true | |
| if [ "${{ inputs.action }}" == "push" ]; then | |
| ARGS="" | |
| if [ "${{ inputs.force_push }}" == "true" ]; then | |
| ARGS="--force" | |
| fi | |
| git checkout -B $TAG | |
| git push origin heads/$TAG $ARGS #branch | |
| git tag $TAG $ARGS | |
| git push origin tags/$TAG $ARGS #tag | |
| elif [ "${{ inputs.action }}" == "delete" ]; then | |
| if [ "${{ inputs.force_push }}" == "true" ]; then | |
| git push --delete origin tags/$TAG || true #tag | |
| git push --delete origin heads/$TAG || true #branch | |
| else | |
| git push --delete origin tags/$TAG #tag | |
| git push --delete origin heads/$TAG #branch | |
| fi | |
| fi | |
| echo "Tags:" | |
| git ls-remote --tags origin | |
| echo "Current object name for tag $TAG (if it exists):" | |
| git rev-parse --verify tags/$TAG || true | |
| echo "Current object name for branch $TAG (if it exists):" | |
| git rev-parse --verify remotes/origin/$TAG || true | |
| crucible-release-verification: | |
| if: ${{ inputs.action == 'push' }} | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| needs: | |
| - release-tag | |
| - projects-tag | |
| steps: | |
| - name: checkout crucible | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: perftool-incubator/crucible | |
| ref: ${{ github.ref }} | |
| path: crucible | |
| fetch-tags: true | |
| - name: prepare installation resources | |
| run: | | |
| touch /tmp/auth-file.json | |
| cfgfile=$(grep SYSCONFIG= crucible/crucible-install.sh | cut -d '=' -f2 | sed 's/"//g') | |
| sudo mkdir -p $(dirname $cfgfile) | |
| - name: test release install | |
| env: | |
| TAG: ${{ needs.release-tag.outputs.tag }} | |
| run: | | |
| sudo ./crucible/crucible-install.sh \ | |
| --release $TAG \ | |
| --engine-registry myregistry.io/crucible \ | |
| --engine-auth-file /tmp/auth-file.json \ | |
| --name "Nobody" \ | |
| --email "[email protected]" \ | |
| --verbose | |
| crucible-release-complete: | |
| runs-on: [ self-hosted, workflow-overhead ] | |
| timeout-minutes: 10 | |
| needs: | |
| - crucible-release-verification | |
| steps: | |
| - name: | |
| run: | | |
| echo "crucible-release-complete" |