From e4d3a965660d8f9cd55463d11220154f9058b61a Mon Sep 17 00:00:00 2001
From: Friedrich <jens.wilken@sap.com>
Date: Tue, 16 Jan 2024 09:47:07 +0100
Subject: [PATCH] Release without version input (#396)

* Fix release of manifests (#340) (#341)

* clean up create-release.yml

Clean up the create-release.yml by removing a number of unused and outcommented lines.

* rename release.sh to render_and_upload_manifests.sh

Rename the scripts/release.sh to render_and_upload_manifests.sh to point clearly out, what the script is about.

* call manifest release from create-release.yml

Call the render_and_upload_manifests.sh because it no longer created by a prow job.

* deactivate module-template upload

Deactivate the upload of the module-template. All functionality for the module-template will be removed eventually, in a follow up PR.

* fix reference of env var

* fix reference to release name (#342)

* add missing env vars for IMG and MODULE_REGISTERY (#343)

* add missing env vars for IMG and MODULE_REGISTERY

* remove arg

* add KUSTOMIZE_VERSION

* fix wrong token (#344)

* add missing env vars for IMG and MODULE_REGISTERY

* remove arg

* replace the BOT_GITHUB_TOKEN with the GITHUB_TOKEN

* remove call of make module-build (#347)

* remove call of make module-build

We really only need to render the manifests so lets remove module-build.

* revert removal of MODULE_REGISTERY

* fix spelling of env var name (#348)

* release-without-version-input

* improve check_sec-scanners-config.sh

rename from check_tag_info.sh to check_sec-scanners-config.sh and add error handling and desciption.

* clean up
---
 .github/workflows/create-release.yml          | 52 ++++++++++---------
 ...g_info.sh => check_sec-scanners-config.sh} | 16 +++---
 2 files changed, 36 insertions(+), 32 deletions(-)
 rename scripts/{check_tag_info.sh => check_sec-scanners-config.sh} (61%)

diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
index af73a0d3..c372a920 100644
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@@ -2,16 +2,13 @@ name: "Create release"
 
 on:
   workflow_dispatch:
-    inputs:
-      name:
-        description: 'Release name ( e.g. "2.1.3" )'
-        default: ""
-        required: true
 
 jobs:
-  verify-head-status:
-    name: Verify head (image version and prow job)
+  verify-release:
+    name: Verify release
     runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.gen-version.outputs.VERSION }}
 
     steps:
       - name: Checkout code
@@ -19,23 +16,31 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Verify that the current branch has a name that starts with 'release-'
+      - name: Generate version number
+        id: gen-version
         run: |
-          CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
-          if [[ "$CURRENT_BRANCH" == release-* ]]; then
-            echo "Branch name starts with 'release-'."
-          else
-            echo "Branch name does not start with 'release-'."
-            exit 1
-          fi
+          # get script
+          GET_VERSION=$(mktemp /tmp/get-version-from-branch.XXXXX)
+          curl -L https://raw.githubusercontent.com/kyma-project/eventing-tools/main/hack/scripts/get-version-from-branch.sh -o "${GET_VERSION}"
+          chmod +x "${GET_VERSION}"
+          # get version via script
+          VERSION=$("${GET_VERSION}")
+          # push version to output environment file
+          echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
 
       - name: Check image Tag
-        run: ./scripts/check_tag_info.sh ${{ github.event.inputs.name }}
+        env:
+          VERSION: ${{ steps.gen-version.outputs.VERSION }}
+        run: ./scripts/check_sec-scanners-config.sh $VERSION
 
   create-draft:
     name: Create draft release
     needs: verify-head-status
     runs-on: ubuntu-latest
+    env:
+      VERSION: ${{ needs.verify-release.outputs.VERSION }}
+    outputs:
+      release_id: ${{ steps.create-draft.outputs.release_id }}
 
     steps:
       - name: Checkout code
@@ -46,37 +51,34 @@ jobs:
       - name: Create changelog
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: ./scripts/create_changelog.sh ${{ github.event.inputs.name }}
+        run: ./scripts/create_changelog.sh $VERSION
 
       - name: Create draft release
         id: create-draft
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          RELEASE_ID=$(./scripts/create_draft_release.sh ${{ github.event.inputs.name }})
+          RELEASE_ID=$(./scripts/create_draft_release.sh $VERSION
           echo "release_id=$RELEASE_ID" >> $GITHUB_OUTPUT
 
       - name: Create lightweight tag
         run: |
-          git tag ${{ github.event.inputs.name }}
-          git push origin ${{ github.event.inputs.name }}
+          git tag $VERSION
+          git push origin $VERSION
 
       - name: Verify job status
         run: ./scripts/verify-status.sh ${{ github.ref_name }} 600 10 30
 
       - name: Create and upload eventing-manager.yaml and eventing-default-cr.yaml
         env:
-          PULL_BASE_REF: ${{ github.event.inputs.name }}
+          PULL_BASE_REF: $VERSION
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          IMG: "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:${{ github.event.inputs.name }}"
+          IMG: "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:${VERSION}"
           MODULE_REGISTRY: "europe-docker.pkg.dev/kyma-project/prod/unsigned"
           KUSTOMIZE_VERSION: "v4.5.6"
         run: |
           ./scripts/render_and_upload_manifests.sh
 
-    outputs:
-      release_id: ${{ steps.create-draft.outputs.release_id }}
-
   publish-release:
     name: Publish release
     needs: [verify-head-status, create-draft]
diff --git a/scripts/check_tag_info.sh b/scripts/check_sec-scanners-config.sh
similarity index 61%
rename from scripts/check_tag_info.sh
rename to scripts/check_sec-scanners-config.sh
index 28a5c8b9..40497b80 100755
--- a/scripts/check_tag_info.sh
+++ b/scripts/check_sec-scanners-config.sh
@@ -1,10 +1,12 @@
 #!/usr/bin/env bash
 
-##############################
-# Check tags in security-scan-config.yaml
-# Image Tag, rc-tag
-##############################
+# This script checks thate the RC-Tag and the eventing-manager image have the tag of the corresponding release.
 
+# Error handling:
+set -o nounset  # treat unset variables as an error and exit immediately.
+set -o errexit  # exit immediately when a command fails.
+set -E          # needs to be set if we want the ERR trap
+set -o pipefail # prevents errors in a pipeline from being masked
 
 # Get release version
 DESIRED_TAG="${1:-"main"}"
@@ -19,12 +21,12 @@ RC_TAG=$(cat sec-scanners-config.yaml | grep "${RC_TAG_TO_CHECK}" | cut -d : -f
 
 # Check IMAGE_TAG and required image tag
 if [[ "$IMAGE_TAG" != "$DESIRED_TAG" ]] || [[ "$RC_TAG" != "$DESIRED_TAG" ]]; then
-  # ERROR: Tag issue
-  echo "Tags are not correct:
+	# ERROR: Tag issue
+	echo "Tags are not correct:
   - wanted: $DESIRED_TAG
   - security-scanner image tag: $IMAGE_TAG
   - rc-tag: $RC_TAG"
-  exit 1
+	exit 1
 fi
 
 # OK: Everything is fine