Skip to content

Create release 1.1.0 #174

Create release 1.1.0

Create release 1.1.0 #174

name: "Create release"
run-name: Create release ${{ inputs.name }}
env:
MODULE_REPO: europe-docker.pkg.dev/kyma-project/prod/unsigned/component-descriptors/kyma.project.io/module/btp-operator
IMAGE_REPO: europe-docker.pkg.dev/kyma-project/prod/btp-manager
KYMA_BTP_MANAGER_REPO: ${{ github.repository_owner }}/btp-manager
GIT_EMAIL: [email protected]
GIT_NAME: kyma-gopher-bot
BRANCH_NAME: sec-scanners-config-${{ inputs.name }}
on:
workflow_dispatch:
inputs:
name:
description: 'Create release'
default: ""
required: true
credentials:
type: choice
description: SM credentials
default: real
options:
- dummy
- real
sec-scanners-config:
type: boolean
description: 'Create PR with sec-scanners-config bump'
default: true
k3s-versions:
type: number
description: 'Number of last k3s versions to be used for tests'
dry-run:
type: boolean
description: 'Do not publish'
default: false
jobs:
validate-release:
name: Validate release
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Check if tag already exists
run: |
if [ $(git tag -l ${{ inputs.name }}) ]; then
echo "::error ::Tag ${{ inputs.name }} already exists"
exit 1
fi
- name: Check for existing artifacts from previous release runs
env:
BTP_OPERATOR_REPO: ${{ env.MODULE_REPO }}
BTP_MANAGER_REPO: ${{ env.IMAGE_REPO }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: "./scripts/check_artifacts_existence.sh ${{ inputs.name }} ${{ inputs.name }}"
- name: Setup python
uses: actions/setup-python@v4
with:
python-version: '3.9'
cache: 'pip'
- name: Install requirements
run: pip install -r scripts/python/requirements.txt
- name: Validate labels
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPOSITORY: ${{ env.KYMA_BTP_MANAGER_REPO }}
run: python3 scripts/python/release_label_validator.py
bump-sec-scanners-config:
name: Bump sec-scanners-config
needs: validate-release
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Update sec-scanners-config.yaml
if: ${{ inputs.sec-scanners-config }}
run: scripts/create_scan_config.sh ${{env.IMAGE_REPO}}:${{ inputs.name }} "sec-scanners-config.yaml" ${{ inputs.name }}
- name: Create PR if anything changed
if: ${{ inputs.sec-scanners-config }}
env:
GH_TOKEN: ${{ secrets.BOT_TOKEN }}
run: |
prs=$(gh pr list -A ${{ env.GIT_NAME }} --state open --json headRefName | jq -r '.[] | .headRefName')
if echo $prs | tr " " '\n' | grep -F -q -x ${{ env.BRANCH_NAME }}; then
echo "PR already exists, no need to create a new one"
echo "PR_NUMBER=$(gh pr list --search "base:main head:${{ env.BRANCH_NAME }}" --json number | jq -r '.[] | .number')" >> $GITHUB_ENV
elif [ -z "$(git status --porcelain)" ]; then
echo "Nothing changed, no need to create PR"
echo "PR_NUMBER=-1" >> $GITHUB_ENV
else
PR_STATUS=$(scripts/create_sec_scanner_bump_pr.sh ${{ inputs.name }})
echo "PR_NUMBER=$(echo "$PR_STATUS" | tail -n 1)" >> $GITHUB_ENV
fi
- name: Await PR merge
if: ${{ inputs.sec-scanners-config }}
timeout-minutes: 10
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
if [ "$PR_NUMBER" -gt 0 ]; then
scripts/await_pr_merge.sh
else
echo "Step skipped"
fi
- name: Save latest commit ref
id: pull-ref
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
git checkout main
git pull
LATEST_COMMIT=$(git rev-parse HEAD)
echo "latest_commit=$LATEST_COMMIT" >> $GITHUB_OUTPUT
echo "Latest commit ref $LATEST_COMMIT"
outputs:
latest_commit: ${{ steps.pull-ref.outputs.latest_commit }}
wait-for-prow-jobs:
name: Wait for prow jobs
needs: [create-draft, bump-sec-scanners-config]
runs-on: ubuntu-latest
steps:
- name: Wait for post-btp-manager-module-build status
uses: autotelic/action-wait-for-status-check@6556cf50c8fb6608412945382eae73581f56cbb4
id: wait-for-module-build-status
with:
token: ${{ secrets.GITHUB_TOKEN }}
statusName: "post-btp-manager-module-build"
timeoutSeconds: "300"
ref: ${{ needs.bump-sec-scanners-config.outputs.latest_commit}}
- name: Check if post-btp-manager-module-build status is success
if: steps.wait-for-module-build-status.outputs.state != 'success'
run: |
echo 'post-btp-manager-module-build failed.'
exit 1
- name: Wait for post-btp-manager-build status
uses: autotelic/action-wait-for-status-check@6556cf50c8fb6608412945382eae73581f56cbb4
id: wait-for-image-build-status
with:
token: ${{ secrets.GITHUB_TOKEN }}
statusName: "post-btp-manager-build"
timeoutSeconds: "300"
ref: ${{ needs.bump-sec-scanners-config.outputs.latest_commit}}
- name: Check if post-btp-manager-build status is success
if: steps.wait-for-image-build-status.outputs.state != 'success'
run: |
echo 'post-btp-manager-build failed.'
exit 1
run-unit-tests:
name: Unit tests
needs: create-draft
uses: "./.github/workflows/run-unit-tests-reusable.yaml"
run-e2e-tests:
name: E2E tests
needs: wait-for-prow-jobs
uses: "./.github/workflows/run-e2e-tests-reusable.yaml"
secrets: inherit
with:
image-tag: ${{ github.event.inputs.name }}
module-tag: ${{ github.event.inputs.name }}
image-repo: europe-docker.pkg.dev/kyma-project/prod/btp-manager
module-repo: europe-docker.pkg.dev/kyma-project/prod/unsigned/component-descriptors/kyma.project.io/module/btp-operator
credentials-mode: ${{ github.event.inputs.credentials }}
last-k3s-versions: ${{ github.event.inputs.k3s-versions || vars.LAST_K3S_VERSIONS }}
run-stress-tests:
name: Stress tests
needs: wait-for-prow-jobs
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Prepare k3s cluster and docker registry
run: "./scripts/testing/k3s-setup.sh --wait"
- name: Wait for artifacts
env:
BTP_OPERATOR_REPO: ${{ env.MODULE_REPO }}
BTP_MANAGER_REPO: ${{ env.IMAGE_REPO }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: "./scripts/await_artifacts.sh ${{ inputs.name }} ${{ inputs.name }}"
- name: Install BTP operator
timeout-minutes: 2
run: "./scripts/testing/install.sh $MODULE_REPO:${{ inputs.name }} dummy ci"
- name: BTP Manager controller resources usage
run: "kubectl top pod -l app.kubernetes.io/component=btp-manager.kyma-project.io -n kyma-system --containers"
- name: SAP BTP Operator controller resources usage
run: "kubectl top pod -l app.kubernetes.io/name=sap-btp-operator -n kyma-system --containers"
- name: Run tests
run: ./scripts/testing/./stress-mem.sh 500 30
- name: Check BTP manager restarts
run: "./scripts/testing/check_btp-manager_restarts.sh"
- name: BTP Manager controller resources usage
run: "kubectl top pod -l app.kubernetes.io/component=btp-manager.kyma-project.io -n kyma-system --containers"
- name: SAP BTP Operator controller resources usage
run: "kubectl top pod -l app.kubernetes.io/name=sap-btp-operator -n kyma-system --containers"
- name: Prepare stress data - Secrets and ConfigMaps
run: "./scripts/testing/create-secrets-configmaps.sh 120"
- name: BTP Manager controller resources usage
run: "kubectl top pod -l app.kubernetes.io/component=btp-manager.kyma-project.io -n kyma-system --containers"
- name: SAP BTP Operator controller resources usage
run: "kubectl top pod -l app.kubernetes.io/name=sap-btp-operator -n kyma-system --containers"
- name: Check BTP manager restarts
run: |
sleep 15
./scripts/testing/check_btp-manager_restarts.sh
run-e2e-upgrade-tests:
name: E2E upgrade tests
needs: wait-for-prow-jobs
secrets: inherit
if: ${{ inputs.credentials == 'real' }}
uses: "./.github/workflows/run-e2e-upgrade-tests-reusable.yaml"
with:
image-tag: ${{ github.event.inputs.name }}
module-tag: ${{ github.event.inputs.name }}
image-repo: europe-docker.pkg.dev/kyma-project/prod/btp-manager
module-repo: europe-docker.pkg.dev/kyma-project/prod/unsigned/component-descriptors/kyma.project.io/module/btp-operator
create-draft:
name: Create draft release
needs: bump-sec-scanners-config
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ needs.bump-sec-scanners-config.outputs.latest_commit}}
- name: Create draft release
id: create-draft
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
RELEASE_ID=$(./scripts/create_draft_release.sh ${{ github.event.inputs.name }})
echo "release_id=$RELEASE_ID" >> $GITHUB_OUTPUT
- name: Create lightweight tag
run: |
git tag ${{ github.event.inputs.name }}
git push origin ${{ github.event.inputs.name }}
outputs:
release_id: ${{ steps.create-draft.outputs.release_id }}
publish-release:
name: Publish release
needs: [create-draft, run-unit-tests, run-e2e-tests, run-e2e-upgrade-tests, run-stress-tests]
if: ${{ !inputs.dry-run }}
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Publish release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: ./scripts/publish_release.sh ${{ needs.create-draft.outputs.release_id }}