Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cherry-pick to release-1.0: Release without version input (#396) #398

Closed
wants to merge 1 commit into from
Closed

Cherry-pick to release-1.0: Release without version input (#396) #398

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 27 additions & 25 deletions .github/workflows/create-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,40 +2,45 @@ name: "Create release"

on:
workflow_dispatch:
inputs:
name:
description: 'Release name ( e.g. "2.1.3" )'
default: ""
required: true

jobs:
verify-head-status:
name: Verify head (image version and prow job)
verify-release:
name: Verify release
runs-on: ubuntu-latest
outputs:
version: ${{ steps.gen-version.outputs.VERSION }}

steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Verify that the current branch has a name that starts with 'release-'
- name: Generate version number
id: gen-version
run: |
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
if [[ "$CURRENT_BRANCH" == release-* ]]; then
echo "Branch name starts with 'release-'."
else
echo "Branch name does not start with 'release-'."
exit 1
fi
# get script
GET_VERSION=$(mktemp /tmp/get-version-from-branch.XXXXX)
curl -L https://raw.githubusercontent.com/kyma-project/eventing-tools/main/hack/scripts/get-version-from-branch.sh -o "${GET_VERSION}"
chmod +x "${GET_VERSION}"
# get version via script
VERSION=$("${GET_VERSION}")
# push version to output environment file
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT

- name: Check image Tag
run: ./scripts/check_tag_info.sh ${{ github.event.inputs.name }}
env:
VERSION: ${{ steps.gen-version.outputs.VERSION }}
run: ./scripts/check_sec-scanners-config.sh $VERSION

create-draft:
name: Create draft release
needs: verify-head-status
runs-on: ubuntu-latest
env:
VERSION: ${{ needs.verify-release.outputs.VERSION }}
outputs:
release_id: ${{ steps.create-draft.outputs.release_id }}

steps:
- name: Checkout code
Expand All @@ -46,37 +51,34 @@ jobs:
- name: Create changelog
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: ./scripts/create_changelog.sh ${{ github.event.inputs.name }}
run: ./scripts/create_changelog.sh $VERSION

- name: Create draft release
id: create-draft
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
RELEASE_ID=$(./scripts/create_draft_release.sh ${{ github.event.inputs.name }})
RELEASE_ID=$(./scripts/create_draft_release.sh $VERSION
echo "release_id=$RELEASE_ID" >> $GITHUB_OUTPUT

- name: Create lightweight tag
run: |
git tag ${{ github.event.inputs.name }}
git push origin ${{ github.event.inputs.name }}
git tag $VERSION
git push origin $VERSION

- name: Verify job status
run: ./scripts/verify-status.sh ${{ github.ref_name }} 600 10 30

- name: Create and upload eventing-manager.yaml and eventing-default-cr.yaml
env:
PULL_BASE_REF: ${{ github.event.inputs.name }}
PULL_BASE_REF: $VERSION
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
IMG: "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:${{ github.event.inputs.name }}"
IMG: "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:${VERSION}"
MODULE_REGISTRY: "europe-docker.pkg.dev/kyma-project/prod/unsigned"
KUSTOMIZE_VERSION: "v4.5.6"
run: |
./scripts/render_and_upload_manifests.sh

outputs:
release_id: ${{ steps.create-draft.outputs.release_id }}

publish-release:
name: Publish release
needs: [verify-head-status, create-draft]
Expand Down
16 changes: 9 additions & 7 deletions scripts/check_tag_info.sh → scripts/check_sec-scanners-config.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
#!/usr/bin/env bash

##############################
# Check tags in security-scan-config.yaml
# Image Tag, rc-tag
##############################
# This script checks thate the RC-Tag and the eventing-manager image have the tag of the corresponding release.

# Error handling:
set -o nounset # treat unset variables as an error and exit immediately.
set -o errexit # exit immediately when a command fails.
set -E # needs to be set if we want the ERR trap
set -o pipefail # prevents errors in a pipeline from being masked

# Get release version
DESIRED_TAG="${1:-"main"}"
Expand All @@ -19,12 +21,12 @@ RC_TAG=$(cat sec-scanners-config.yaml | grep "${RC_TAG_TO_CHECK}" | cut -d : -f

# Check IMAGE_TAG and required image tag
if [[ "$IMAGE_TAG" != "$DESIRED_TAG" ]] || [[ "$RC_TAG" != "$DESIRED_TAG" ]]; then
# ERROR: Tag issue
echo "Tags are not correct:
# ERROR: Tag issue
echo "Tags are not correct:
- wanted: $DESIRED_TAG
- security-scanner image tag: $IMAGE_TAG
- rc-tag: $RC_TAG"
exit 1
exit 1
fi

# OK: Everything is fine
Expand Down
Loading