Skip to content

Merge branch 'master' into mng-att-prov-choices #10960

Merge branch 'master' into mng-att-prov-choices

Merge branch 'master' into mng-att-prov-choices #10960

Workflow file for this run

name: Build CLI
on:
workflow_dispatch:
repository_dispatch:
push:
branches: [ "**" ]
tags-ignore: [ "**" ]
release:
types: [ published ]
# Ensure only one build at a time for any branch, cancelling any in-progress builds
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# References:
# - https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows
# - https://docs.github.com/en/actions/learn-github-actions/expressions#functions
jobs:
build-tekton:
name: Build Tekton Definitions
runs-on: ubuntu-latest
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
steps:
# 1. Initialize the build
# -------------------------------------------------------------------------------------------
- name: Checkout
uses: actions/checkout@v4
# Without this option, we don't get the tag information
with:
fetch-depth: 0
- name: Initialise the build system
run: |
chmod u+x $GITHUB_WORKSPACE/build/bin/*.sh
$GITHUB_WORKSPACE/build/bin/initbuild.sh
source $GITHUB_WORKSPACE/build/bin/.functions.sh
# 2. Tekton
# -------------------------------------------------------------------------------------------
- name: Build the Tekton definitions
run: $GITHUB_WORKSPACE/build/bin/build-tekton.sh
- name: Upload the Tekton definitions
uses: actions/upload-artifact@v4
with:
name: ibm-mas-tekton.yaml
path: ${{ github.workspace }}/tekton/target/ibm-mas-tekton.yaml
retention-days: 30
- name: Upload the Tekton definitions (FVT)
uses: actions/upload-artifact@v4
with:
name: ibm-mas-tekton-fvt.yaml
path: ${{ github.workspace }}/tekton/target/ibm-mas-tekton-fvt.yaml
retention-days: 30
- name: Upload definition to Artifactory
env:
ARTIFACTORY_GENERIC_RELEASE_URL: ${{ secrets.ARTIFACTORY_GENERIC_RELEASE_URL }}
ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }}
run: |
$GITHUB_WORKSPACE/build/bin/artifactory-release.sh $GITHUB_WORKSPACE/tekton/target/ibm-mas-tekton.yaml
$GITHUB_WORKSPACE/build/bin/artifactory-release.sh $GITHUB_WORKSPACE/tekton/target/ibm-mas-tekton-fvt.yaml
build-python:
name: Build Python Package
runs-on: ubuntu-latest
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
needs: build-tekton
steps:
# 1. Initialize the build
# -------------------------------------------------------------------------------------------
- name: Checkout
id: checkout
uses: actions/checkout@v4
# Without this option, we don't get the tag information
with:
fetch-depth: 0
- name: Initialise the build system
id: init
run: |
chmod u+x $GITHUB_WORKSPACE/build/bin/*.sh
$GITHUB_WORKSPACE/build/bin/initbuild.sh
source $GITHUB_WORKSPACE/build/bin/.functions.sh
# 2. Build Python Package
# -------------------------------------------------------------------------------------------
- name: Download tekton definitions
id: download-tekton
uses: actions/download-artifact@v4
with:
name: ibm-mas-tekton.yaml
path: ${{ github.workspace }}/python/src/mas/cli/templates/
- name: Install
id: install
run: |
cd $GITHUB_WORKSPACE/python
sed -i "s#__version__ = \"100.0.0\"#__version__ = \"${{ env.VERSION_NOPREREL }}\"#g" ${GITHUB_WORKSPACE}/python/src/mas/cli/__init__.py
sed -i "s#self.version = \"100.0.0-pre.local\"#self.version = \"${{ env.VERSION }}\"#g" ${GITHUB_WORKSPACE}/python/src/mas/cli/cli.py
cat ${GITHUB_WORKSPACE}/python/src/mas/cli/__init__.py
python -m pip install --upgrade pip
pip install .[dev]
if [[ -e $GITHUB_WORKSPACE/image/cli/install/mas_devops.tar.gz ]]; then
echo "Found local Python package ($GITHUB_WORKSPACE/image/cli/install/mas_devops.tar.gz) in this PR."
python -m pip install $GITHUB_WORKSPACE/image/cli/install/mas_devops.tar.gz
fi
- name: Lint
id: lint
run: |
cd $GITHUB_WORKSPACE/python
flake8 src --count --select=E9,F63,F7,F82 --show-source --statistics
flake8 src --count --exit-zero --max-complexity=10 --max-line-length=200 --statistics
- name: Test
id: test
run: |
cd $GITHUB_WORKSPACE/python
pytest
- name: Build
id: build
run: |
cd $GITHUB_WORKSPACE/python
python -m build
cp $GITHUB_WORKSPACE/python/dist/mas_cli-${{ env.VERSION_NOPREREL }}.tar.gz $GITHUB_WORKSPACE/mas_cli.tar.gz
# 3. Upload and Publish
# -------------------------------------------------------------------------------------------
- name: Upload
id: upload
uses: actions/upload-artifact@v4
with:
name: mas_cli.tar.gz
path: ${{ github.workspace }}/mas_cli.tar.gz
retention-days: 30
- name: Publish package
id: publish
if: github.event_name == 'release'
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
packages-dir: python/dist
build-arm64-container:
name: Build Container Image (arm64)
runs-on: ubuntu-latest
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
needs:
- build-tekton
- build-python
steps:
# 1. Initialize the build
# -------------------------------------------------------------------------------------------
- name: Checkout
id: checkout
uses: actions/checkout@v4
# Without this option, we don't get the tag information
with:
fetch-depth: 0
- name: Initialise the build system
id: init
run: |
chmod u+x $GITHUB_WORKSPACE/build/bin/*.sh
$GITHUB_WORKSPACE/build/bin/initbuild.sh
source $GITHUB_WORKSPACE/build/bin/.functions.sh
# 2. Download Ansible collection from Artifactory
# -------------------------------------------------------------------------------------------
- name: Download Ansible collection from Artifactory
id: download-ansible
if: contains(fromJson('["push", "workflow_dispatch", "repository_dispatch"]'), github.event_name)
env:
ARTIFACTORY_GENERIC_RELEASE_URL: ${{ secrets.ARTIFACTORY_GENERIC_RELEASE_URL }}
ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }}
run: |
if [[ -e $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz ]]; then
echo "Found a local Ansible collection to be used in $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz! Skip download from Artifactory..."
else
echo "Downloading from ***/ibm-mas/ansible-devops/latest/ibm-mas_devops-latest.tar.gz"
wget --header="Authorization:Bearer $ARTIFACTORY_TOKEN" $ARTIFACTORY_GENERIC_RELEASE_URL/ibm-mas/ansible-devops/latest/ibm-mas_devops-latest.tar.gz -O $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz
fi
# 3. Download Built Artifacts
# -------------------------------------------------------------------------------------------
- name: Download the tekton file built in the other job
id: download-tekton
uses: actions/download-artifact@v4
with:
name: ibm-mas-tekton.yaml
path: ${{ github.workspace }}/image/cli/mascli/templates/
- name: Download the python package
id: download-python
uses: actions/download-artifact@v4
with:
name: mas_cli.tar.gz
path: ${{ github.workspace }}/image/cli/install/
# 4. CLI Container Images
# -------------------------------------------------------------------------------------------
- name: Build the container image
id: docker-build
run: |
echo "GITHUB_REF=$GITHUB_REF"
echo "GITHUB_EVENT_NAME=$GITHUB_EVENT_NAME"
# Login to quay.io
docker login --username "${{ secrets.QUAYIO_USERNAME }}" --password "${{ secrets.QUAYIO_PASSWORD }}" quay.io
# Build the images
$GITHUB_WORKSPACE/build/bin/docker-build.sh -r quay.io/ibmmas/cli --target-platform arm64 -b image/cli
# List available images
docker images
# Push the images
docker push quay.io/ibmmas/cli:${{ env.DOCKER_TAG }}-arm64
build-amd64-container:
name: Build Container Image (amd64)
runs-on: ubuntu-latest
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
needs:
- build-tekton
- build-python
steps:
# 1. Initialize the build
# -------------------------------------------------------------------------------------------
- name: Checkout
id: checkout
uses: actions/checkout@v4
# Without this option, we don't get the tag information
with:
fetch-depth: 0
- name: Initialise the build system
id: init
run: |
chmod u+x $GITHUB_WORKSPACE/build/bin/*.sh
$GITHUB_WORKSPACE/build/bin/initbuild.sh
source $GITHUB_WORKSPACE/build/bin/.functions.sh
# 2. Download Ansible collection from Artifactory
# -------------------------------------------------------------------------------------------
- name: Download Ansible collection from Artifactory
id: download-ansible
if: contains(fromJson('["push", "workflow_dispatch", "repository_dispatch"]'), github.event_name)
env:
ARTIFACTORY_GENERIC_RELEASE_URL: ${{ secrets.ARTIFACTORY_GENERIC_RELEASE_URL }}
ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }}
run: |
if [[ -e $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz ]]; then
echo "Found a local Ansible collection to be used in $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz! Skip download from Artifactory..."
else
echo "Downloading from ***/ibm-mas/ansible-devops/latest/ibm-mas_devops-latest.tar.gz"
wget --header="Authorization:Bearer $ARTIFACTORY_TOKEN" $ARTIFACTORY_GENERIC_RELEASE_URL/ibm-mas/ansible-devops/latest/ibm-mas_devops-latest.tar.gz -O $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz
fi
# 3. Download Built Artifacts
# -------------------------------------------------------------------------------------------
- name: Download the tekton file built in the other job
id: download-tekton
uses: actions/download-artifact@v4
with:
name: ibm-mas-tekton.yaml
path: ${{ github.workspace }}/image/cli/mascli/templates/
- name: Download the python package
id: download-python
uses: actions/download-artifact@v4
with:
name: mas_cli.tar.gz
path: ${{ github.workspace }}/image/cli/install/
# 4. CLI Container Images
# -------------------------------------------------------------------------------------------
- name: Build the container image
id: docker-build
run: |
echo "GITHUB_REF=$GITHUB_REF"
echo "GITHUB_EVENT_NAME=$GITHUB_EVENT_NAME"
# Login to quay.io
docker login --username "${{ secrets.QUAYIO_USERNAME }}" --password "${{ secrets.QUAYIO_PASSWORD }}" quay.io
# Build the images
$GITHUB_WORKSPACE/build/bin/docker-build.sh -r quay.io/ibmmas/cli --target-platform amd64 -b image/cli
# List available images
docker images
# Push the images
docker push quay.io/ibmmas/cli:${{ env.DOCKER_TAG }}-amd64
build-s390x-container:
name: Build Container Image (s390x)
runs-on: ubuntu-latest
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
needs:
- build-tekton
- build-python
steps:
# 1. Initialize the build
# -------------------------------------------------------------------------------------------
- name: Checkout
id: checkout
uses: actions/checkout@v4
# Without this option, we don't get the tag information
with:
fetch-depth: 0
- name: Initialise the build system
id: init
run: |
chmod u+x $GITHUB_WORKSPACE/build/bin/*.sh
$GITHUB_WORKSPACE/build/bin/initbuild.sh
source $GITHUB_WORKSPACE/build/bin/.functions.sh
# 2. Download Ansible collection from Artifactory
# -------------------------------------------------------------------------------------------
- name: Download Ansible collection from Artifactory
id: download-ansible
if: contains(fromJson('["push", "workflow_dispatch", "repository_dispatch"]'), github.event_name)
env:
ARTIFACTORY_GENERIC_RELEASE_URL: ${{ secrets.ARTIFACTORY_GENERIC_RELEASE_URL }}
ARTIFACTORY_TOKEN: ${{ secrets.ARTIFACTORY_TOKEN }}
run: |
if [[ -e $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz ]]; then
echo "Found a local Ansible collection to be used in $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz! Skip download from Artifactory..."
else
echo "Downloading from ***/ibm-mas/ansible-devops/latest/ibm-mas_devops-latest.tar.gz"
wget --header="Authorization:Bearer $ARTIFACTORY_TOKEN" $ARTIFACTORY_GENERIC_RELEASE_URL/ibm-mas/ansible-devops/latest/ibm-mas_devops-latest.tar.gz -O $GITHUB_WORKSPACE/image/cli/install/ibm-mas_devops.tar.gz
fi
# 3. Download Built Artifacts
# -------------------------------------------------------------------------------------------
- name: Download the tekton file built in the other job
id: download-tekton
uses: actions/download-artifact@v4
with:
name: ibm-mas-tekton.yaml
path: ${{ github.workspace }}/image/cli/mascli/templates/
- name: Download the python package
id: download-python
uses: actions/download-artifact@v4
with:
name: mas_cli.tar.gz
path: ${{ github.workspace }}/image/cli/install/
# 4. CLI Container Images
# -------------------------------------------------------------------------------------------
- name: Build the container image
id: docker-build
run: |
echo "GITHUB_REF=$GITHUB_REF"
echo "GITHUB_EVENT_NAME=$GITHUB_EVENT_NAME"
# Login to quay.io
docker login --username "${{ secrets.QUAYIO_USERNAME }}" --password "${{ secrets.QUAYIO_PASSWORD }}" quay.io
# Build the images
$GITHUB_WORKSPACE/build/bin/docker-build.sh -r quay.io/ibmmas/cli --target-platform s390x -b image/cli
# List available images
docker images
# Push the images
docker push quay.io/ibmmas/cli:${{ env.DOCKER_TAG }}-s390x
build-manifest:
name: Build Manifest
runs-on: ubuntu-latest
needs:
- build-amd64-container
- build-s390x-container
- build-arm64-container
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
steps:
- name: Checkout
uses: actions/checkout@v4
# Without this option, we don't get the tag information
with:
fetch-depth: 0
- name: Initialise the build system
run: |
chmod u+x $GITHUB_WORKSPACE/build/bin/*.sh
$GITHUB_WORKSPACE/build/bin/initbuild.sh
source $GITHUB_WORKSPACE/build/bin/.functions.sh
- name: Publish the manifest
run: |
echo "GITHUB_REF=$GITHUB_REF"
echo "GITHUB_EVENT_NAME=$GITHUB_EVENT_NAME"
# Login to quay.io
docker login --username "${{ secrets.QUAYIO_USERNAME }}" --password "${{ secrets.QUAYIO_PASSWORD }}" quay.io
# Publish the manifest
$GITHUB_WORKSPACE/build/bin/docker-manifest.sh -r quay.io/ibmmas/cli --target-platforms amd64,s390x,arm64
# Re-issue the manifest under an alias where needed
# https://github.com/docker/buildx/issues/1744#issuecomment-1896645786
if [[ "$GITHUB_REF" == "refs/heads/master" ]]; then
docker buildx imagetools create -t quay.io/ibmmas/cli:master quay.io/ibmmas/cli:${{ env.DOCKER_TAG }}
elif [[ "$GITHUB_EVENT_NAME" == "release" ]]; then
docker buildx imagetools create -t quay.io/ibmmas/cli:latest quay.io/ibmmas/cli:${{ env.DOCKER_TAG }}
fi
pyinstaller-windows:
name: Build Windows CLI
runs-on: windows-latest
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
needs:
- build-tekton
- build-python
steps:
# 1. Initialize the build
# -------------------------------------------------------------------------------------------
- name: Checkout
id: checkout
uses: actions/checkout@v4
# 2. Run PyInstaller
# -------------------------------------------------------------------------------------------
- name: Download the tekton file
id: download-tekton
uses: actions/download-artifact@v4
with:
name: ibm-mas-tekton.yaml
path: ${{ github.workspace }}/python/src/mas/cli/templates/
- name: Download the python package
id: download-python
uses: actions/download-artifact@v4
with:
name: mas_cli.tar.gz
path: ${{ github.workspace }}/
- name: Build the Windows executable
id: build
run: |
python -m pip install --upgrade pip virtualenv
python -m venv .venv
.\.venv\Scripts\activate
python -m pip install "./mas_cli.tar.gz[dev]"
python -m pip list
pyinstaller --distpath python/dist --onefile --noconfirm --collect-data mas.devops --collect-data mas.cli python/src/mas-cli
# 3. Upload and Publish
# -------------------------------------------------------------------------------------------
- name: Upload mas-cli
id: upload
uses: actions/upload-artifact@v4
with:
name: mas-cli-windows-amd64
path: ${{ github.workspace }}/python/dist/mas-cli.exe
retention-days: 30
- name: Publish the new cli
id: publish
if: github.event_name == 'release'
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ${{ github.workspace }}/python/dist/mas-cli.exe
asset_name: mas-cli-windows-amd64.exe
tag: ${{ github.ref }}
overwrite: true
pyinstaller-linux:
name: Build Linux CLI
# We intentionally run on the oldest available Ubuntu runner, as this will result in a binary
# usable on older and newer versions of linux.
runs-on: ubuntu-20.04
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
needs:
- build-tekton
- build-python
steps:
# 1. Initialize the build
# -------------------------------------------------------------------------------------------
- name: Checkout
id: checkout
uses: actions/checkout@v4
# 2. Run PyInstaller
# -------------------------------------------------------------------------------------------
- name: Download the tekton file
id: download-tekton
uses: actions/download-artifact@v4
with:
name: ibm-mas-tekton.yaml
path: ${{ github.workspace }}/python/src/mas/cli/templates/
- name: Download the python package
id: download-python
uses: actions/download-artifact@v4
with:
name: mas_cli.tar.gz
path: ${{ github.workspace }}/
- name: Build the Linux executable
id: build
run: |
python -m pip install --upgrade pip virtualenv
python -m venv .venv
source .venv/bin/activate
python -m pip install ./mas_cli.tar.gz[dev]
python -m pip list
pyinstaller --distpath python/dist --onefile --noconfirm --collect-data mas.devops --collect-data mas.cli python/src/mas-cli
# 3. Upload and Publish
# -------------------------------------------------------------------------------------------
- name: Upload mas-cli
id: upload
uses: actions/upload-artifact@v4
with:
name: mas-cli-linux-amd64
path: ${{ github.workspace }}/python/dist/mas-cli
retention-days: 30
- name: Publish the new cli
id: publish
if: github.event_name == 'release'
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ${{ github.workspace }}/python/dist/mas-cli
asset_name: mas-cli-linux-amd64
tag: ${{ github.ref }}
overwrite: true
pyinstaller-macos:
name: Build MacOS CLI
runs-on: macos-latest
if: ${{ !contains(github.event.head_commit.message, '[doc]') }}
needs:
- build-tekton
- build-python
steps:
# 1. Initialize the build
# -------------------------------------------------------------------------------------------
- name: Checkout
id: checkout
uses: actions/checkout@v4
# 2. Run PyInstaller
# -------------------------------------------------------------------------------------------
- name: Download the tekton file
id: download-tekton
uses: actions/download-artifact@v4
with:
name: ibm-mas-tekton.yaml
path: ${{ github.workspace }}/python/src/mas/cli/templates/
- name: Download the python package
id: download-python
uses: actions/download-artifact@v4
with:
name: mas_cli.tar.gz
path: ${{ github.workspace }}/
- name: Build the Linux executable
id: build
run: |
python -m pip install --upgrade pip virtualenv
python -m venv .venv
source .venv/bin/activate
python -m pip install ./mas_cli.tar.gz[dev]
python -m pip list
pyinstaller --distpath python/dist --onefile --noconfirm --collect-data mas.devops --collect-data mas.cli python/src/mas-cli
# 3. Upload and Publish
# -------------------------------------------------------------------------------------------
- name: Upload mas-cli
id: upload
uses: actions/upload-artifact@v4
with:
name: mas-cli-macos-arm64
path: ${{ github.workspace }}/python/dist/mas-cli
retention-days: 30
- name: Publish the new cli
id: publish
if: github.event_name == 'release'
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ${{ github.workspace }}/python/dist/mas-cli
asset_name: mas-cli-macos-arm64
tag: ${{ github.ref }}
overwrite: true