Skip to content

Release - traefik - refs/heads/main #350

Release - traefik - refs/heads/main

Release - traefik - refs/heads/main #350

Workflow file for this run

name: Release
run-name: 'Release - ${{ inputs.oci-image-name }} - ${{ github.ref }}'
on:
workflow_dispatch:
inputs:
oci-image-name:
description: 'OCI image to run releases for'
required: true
image-trigger-cache-key:
description: 'Cache key (to fetch image trigger from cache)'
required: false
type: string
external_ref_id: #(1)
description: 'Optional ID for unique run detection'
required: false
type: string
default: "default-id"
jobs:
validate-push-release-request:
runs-on: ubuntu-22.04
name: Validate push release request
outputs:
oci-image-name: ${{ steps.get-image-name.outputs.img-name }}
steps:
- name: ${{ inputs.external_ref_id }} #(2)
run: echo 'Started by ${{ inputs.external_ref_id }}' >> "$GITHUB_STEP_SUMMARY"
- uses: actions/checkout@v3
- name: Infer number of image triggers
uses: tj-actions/changed-files@v35
id: changed-files
with:
dir_names: "true"
separator: ","
files: |
oci/*/image.y*ml
- name: Fail if more than one image
id: get-image-name
run: |
set -ex
img_dir="${{ steps.changed-files.outputs.all_changed_files }}"
occurrences="${img_dir//[^,]}"
if [ ${#occurrences} -ne 0 ]
then
echo "ERR: can only release 1 image at a time, but trying to release ${img_dir}"
exit 1
fi
echo "img-name=$(basename ${img_dir})" >> "$GITHUB_OUTPUT"
do-releases:
runs-on: ubuntu-22.04
name: Release
needs: [validate-push-release-request]
outputs:
gh-releases-matrix: ${{ steps.release-image.outputs.gh-releases-matrix }}
env:
IS_PROD: ${{ ! startsWith(inputs.oci-image-name, 'mock-') }}
steps:
- uses: actions/checkout@v3
- uses: actions/cache/restore@v3
if: ${{ inputs.image-trigger-cache-key != '' }}
with:
path: oci/${{ inputs.oci-image-name }}/image.yaml
key: ${{ inputs.image-trigger-cache-key }}
fail-on-cache-miss: true
- uses: actions/setup-python@v4
with:
python-version: "3.x"
- env:
ROCKS_DEV_LP_SSH_PRIVATE: ${{ secrets.ROCKS_DEV_LP_SSH_PRIVATE }}
ROCKS_DEV_LP_USERNAME: ${{ secrets.ROCKS_DEV_LP_USERNAME }}
CPC_BUILD_TOOLS_REPO: git.launchpad.net/~cloudware/cloudware/+git/cpc_build_tools
# CPC_BUILD_TOOLS_REPO_REF: 9b716ed8a8ba728d036b54b1bb17a8f49dbda434
SKOPEO_BRANCH: 'v1.9.1'
SKOPEO_URL: 'https://github.com/containers/skopeo'
run: |
./src/image/requirements.sh
pip install -r src/image/requirements.txt
- name: Get all revisions per track
id: get-all-canonical-tags
env:
OS_USERNAME: ${{ secrets.SWIFT_OS_USERNAME }}
OS_TENANT_NAME: ${{ secrets.SWIFT_OS_TENANT_NAME }}
OS_PASSWORD: ${{ secrets.SWIFT_OS_PASSWORD }}
OS_REGION_NAME: ${{ secrets.SWIFT_OS_REGION_NAME }}
OS_STORAGE_URL: ${{ secrets.SWIFT_OS_STORAGE_URL }}
IMAGE_NAME: ${{ inputs.oci-image-name }}
SWIFT_CONTAINER_NAME: ${{ vars.SWIFT_CONTAINER_NAME }}
run: ./src/image/get_canonical_tags_from_swift.sh
- name: Do releases from ${{ inputs.oci-image-name }}
id: release-image
env:
# GH has issues with boolean expressions
# https://github.com/actions/runner/issues/1483
DOCKER_HUB_CREDS_PSW: ${{ env.IS_PROD == 'true' && secrets.DOCKER_HUB_CREDS_PSW || secrets.DOCKER_HUB_CREDS_PSW_DEV }}
DOCKER_HUB_CREDS_USR: ${{ env.IS_PROD == 'true' && secrets.DOCKER_HUB_CREDS_USR || secrets.DOCKER_HUB_CREDS_USR_DEV }}
# ACR_CREDS_USR: ${{ env.IS_PROD == 'true' && secrets.ACR_CREDS_USR || secrets.ACR_CREDS_USR_DEV }}
# ACR_CREDS_PSW: ${{ env.IS_PROD == 'true' && secrets.ACR_CREDS_PSW || secrets.ACR_CREDS_PSW_DEV }}
ECR_CREDS_USR: ${{ env.IS_PROD == 'true' && secrets.ECR_CREDS_USR || secrets.ECR_CREDS_USR_DEV }}
ECR_CREDS_PSW: ${{ env.IS_PROD == 'true' && secrets.ECR_CREDS_PSW || secrets.ECR_CREDS_PSW_DEV }}
# ECR_LTS_CREDS_USR: ${{ env.IS_PROD == 'true' && secrets.ECR_LTS_CREDS_USR || secrets.ECR_LTS_CREDS_USR_DEV }}
# ECR_LTS_CREDS_PSW: ${{ env.IS_PROD == 'true' && secrets.ECR_LTS_CREDS_PSW || secrets.ECR_LTS_CREDS_PSW_DEV }}
# ACR_NAMESPACE: ${{ env.IS_PROD == 'true' && 'ubuntu.azurecr.io' || secrets.ACR_NAMESPACE_DEV }}
DOCKER_HUB_NAMESPACE: ${{ env.IS_PROD == 'true' && 'docker.io/ubuntu' || secrets.DOCKER_HUB_NAMESPACE_DEV }}
ECR_NAMESPACE: ${{ env.IS_PROD == 'true' && 'ubuntu' || secrets.ECR_NAMESPACE_DEV }}
# ECR_LTS_NAMESPACE: ${{ env.IS_PROD == 'true' && 'lts' || secrets.ECR_LTS_NAMESPACE_DEV }}
PYTHONUNBUFFERED: 1
run: |
set -ex
echo "Running in production? ${{ env.IS_PROD == 'true' && 'YES' || 'NO' }}"
python3 -m src.image.release \
--image-trigger oci/${{ inputs.oci-image-name }}/image.yaml \
--image-name ${{ inputs.oci-image-name }} \
--all-releases oci/${{ inputs.oci-image-name }}/_releases.json \
--all-revision-tags "${{ steps.get-all-canonical-tags.outputs.canonical-tags-file }}" \
--ghcr-repo "${{ github.repository_owner }}/oci-factory"
- run: git pull --quiet
- name: Commit oci/${{ inputs.oci-image-name }}/_releases.json
uses: actions-x/commit@v6
with:
token: ${{ secrets.GITHUB_TOKEN }}
branch: ${{ github.ref }}
message: 'ci: automatically update oci/${{ inputs.oci-image-name }}/_releases.json, from ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'
files: oci/${{ inputs.oci-image-name }}/_releases.json
dispatch-documentation:
runs-on: ubuntu-22.04
name: Dispatch documentation
needs: [do-releases]
steps:
- name: Run documentation
# Using this actions cause others can have this problem:
# https://github.com/convictional/trigger-workflow-and-wait/issues/61
uses: mathze/[email protected]
id: run-documentation
with:
token: ${{ secrets.GITHUB_TOKEN }}
ref: ${{ github.ref_name }}
fail-on-error: true
workflow-name: Documentation.yaml
payload: '{ "oci-image-name": "${{ inputs.oci-image-name }}"}'
use-marker-step: true
trigger-timeout: '30m'
run-id: dummy
- name: Write step summary
run: |
url='${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ steps.run-documentation.outputs.run-id }}'
echo " - Triggered documentation updates for '${{ inputs.oci-image-name }}' at [${url}](${url})" >> "$GITHUB_STEP_SUMMARY"
- name: Enforce docs conclusion
if: ${{ steps.run-documentation.outputs.run-conclusion != 'success' }}
# The previous step doesn't always raise an error
run: |
url='${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ steps.run-documentation.outputs.run-id }}'
echo "Failed to generate docs for '${{ inputs.oci-image-name }}' at [${url}](${url})."
exit 1
do-github-release:
runs-on: ubuntu-22.04
name: Github-Release
needs: [do-releases]
strategy:
fail-fast: true
matrix: ${{ fromJSON(needs.do-releases.outputs.gh-releases-matrix) }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ matrix.canonical-tag }}
- uses: dev-drprasad/[email protected]
# We force delete an existing tag because otherwise we won't get
# an email notification and the GH release will have the date from when
# it was created the first time (i.e. force-push won't update the date)
continue-on-error: true
with:
tag_name: ${{ matrix.release-name }}
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Create Git tag
uses: rickstaa/action-create-tag@v1
with:
tag: "${{ matrix.release-name }}"
message: "release(${{ matrix.name }}): Release image revision ${{ matrix.revision }} to ${{ matrix.channel }}"
github_token: ${{ secrets.ROCKSBOT_TOKEN }}
commit_sha: ${{ matrix.canonical-tag }}
force_push_tag: true
- uses: "softprops/action-gh-release@v1"
with:
name: "${{ matrix.release-name }}"
tag_name: "${{ matrix.release-name }}"
token: "${{ secrets.ROCKSBOT_TOKEN }}"