update .github/actions #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish artifacts | |
on: | |
release: | |
types: [published] | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
# note: we do not use any concurrency here, in order to avoid queued release workflows being cancelled by | |
# higher priority push/pull_request workflows | |
env: | |
REGCTL_VERSION: v0.4.8 | |
SEMVER_VERSION: 3.4.0 | |
REGISTRY: ghcr.io | |
# CHART_REPOSITORY: | |
# CHART_DIRECTORY: | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
test: | |
name: Run tests | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Setup go | |
uses: actions/setup-go@v4 | |
with: | |
go-version-file: 'go.mod' | |
- name: Check that license header boilerplate is correct | |
run: | | |
this_year=$(date +%Y) | |
last_year=$((this_year-1)) | |
repository=$(echo ${{ github.repository }} | cut -d/ -f2) | |
boilerplate=hack/boilerplate.go.txt | |
tempdir=$(mktemp -d) | |
trap 'rm -rf $tempdir' EXIT | |
cat > $tempdir/boilerplate-this-year <<END | |
/* | |
SPDX-FileCopyrightText: $this_year SAP SE or an SAP affiliate company and $repository contributors | |
SPDX-License-Identifier: Apache-2.0 | |
*/ | |
END | |
cat > $tempdir/boilerplate-last-year <<END | |
/* | |
SPDX-FileCopyrightText: $last_year SAP SE or an SAP affiliate company and $repository contributors | |
SPDX-License-Identifier: Apache-2.0 | |
*/ | |
END | |
if diff -q $boilerplate $tempdir/boilerplate-this-year >/dev/null; then | |
exit 0 | |
fi | |
if diff -q $boilerplate $tempdir/boilerplate-last-year >/dev/null; then | |
>&1 echo "Warning: license boilerplate outdated ($last_year); next year, this will result in an error." | |
exit 0 | |
fi | |
>&1 echo "Error: incorrect license boilerplate." | |
exit 1 | |
END | |
- name: Check that license headers are correct | |
run: | | |
boilerplate=hack/boilerplate.go.txt | |
tempdir=$(mktemp -d) | |
trap 'rm -rf $tempdir' EXIT | |
boilerplate_linecount=$(wc -l $boilerplate | awk '{print $1}') | |
errors=0 | |
for f in $(find . -name "*.go"); do | |
if head -n 1 $f | grep -q "!ignore_autogenerated"; then | |
continue | |
fi | |
head -n $boilerplate_linecount $f > $tempdir/out | |
if ! diff -q $tempdir/out $boilerplate >/dev/null; then | |
>&1 echo "Error: incorrect license header found in $f." | |
errors=$((errors+1)) | |
fi | |
rm -f $tempdir/out | |
done | |
if [ $errors -gt 0 ]; then | |
exit 1 | |
fi | |
- name: Check that generated artifacts are up-to-date | |
run: | | |
make generate | |
echo "Running 'git status' ..." | |
git status --porcelain | tee status.out | |
if [[ -s status.out ]]; then | |
>&1 echo "Generated artifacts are not up-to-date; probably 'make generate' was not run before committing." | |
exit 1 | |
else | |
echo "Generated artifacts are up-to-date." | |
fi | |
- name: Check that manifests are up-to-date | |
run: | | |
make manifests | |
echo "Running 'git status' ..." | |
git status --porcelain | tee status.out | |
if [[ -s status.out ]]; then | |
>&1 echo "Manifests are not up-to-date; probably 'make manifests' was not run before committing." | |
exit 1 | |
else | |
echo "Manifests are up-to-date." | |
fi | |
- name: Run tests | |
run: | | |
make envtest | |
KUBEBUILDER_ASSETS=$(pwd)/bin/k8s/current E2E_ENABLED=${{ github.event_name == 'release' }} go test -count 1 ./... | |
build-docker: | |
name: Build Docker image | |
runs-on: ubuntu-22.04 | |
needs: test | |
permissions: | |
contents: read | |
packages: write | |
env: | |
IMAGE_NAME: ${{ github.repository }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to the Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ github.token }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
- name: Build Docker image | |
uses: docker/build-push-action@v4 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
context: . | |
cache-from: | | |
type=gha,scope=sha-${{ github.sha }} | |
type=gha,scope=${{ github.ref_name }} | |
type=gha,scope=${{ github.base_ref || 'main' }} | |
type=gha,scope=main | |
cache-to: | | |
type=gha,scope=sha-${{ github.sha }},mode=max | |
type=gha,scope=${{ github.ref_name }},mode=max | |
push: ${{ github.event_name == 'release' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
build-crds: | |
name: Build CRD image | |
runs-on: ubuntu-22.04 | |
needs: test | |
if: github.event_name == 'release' | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Setup regctl | |
uses: regclient/actions/regctl-installer@main | |
with: | |
release: ${{ env.REGCTL_VERSION }} | |
install-dir: ${{ runner.temp }}/bin | |
- name: Log in to the registry | |
# regctl-login action is currently broken ... | |
# uses: regclient/actions/regctl-login@main | |
# with: | |
# registry: ${{ env.REGISTRY }} | |
# username: ${{ github.actor }} | |
# password: ${{ github.token }} | |
run: | | |
regctl registry login $REGISTRY --user ${{ github.actor }} --pass-stdin <<< ${{ github.token }} | |
- name: Build artifact | |
run: | | |
cd crds | |
repository=${{ github.repository }}/crds | |
tar cvz * | regctl artifact put -m application/gzip $REGISTRY/${repository,,}:${{ github.event.release.tag_name }} | |
update-chart: | |
name: Update Helm chart | |
runs-on: ubuntu-22.04 | |
needs: [build-docker,build-crds] | |
if: github.event_name == 'release' | |
steps: | |
- name: Prepare | |
id: prepare | |
run: | | |
chart_repository=$CHART_REPOSITORY | |
if [ -z "$chart_repository" ]; then | |
chart_repository=${{ github.repository }}-helm | |
fi | |
echo "chart_repository=$chart_repository" >> $GITHUB_OUTPUT | |
chart_directory=$CHART_DIRECTORY | |
if [ -z "$chart_directory" ]; then | |
chart_directory=chart | |
fi | |
echo "chart_directory=$chart_directory" >> $GITHUB_OUTPUT | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Checkout chart repository | |
uses: actions/checkout@v3 | |
with: | |
repository: ${{ steps.prepare.outputs.chart_repository }} | |
path: chart-repository | |
token: ${{ secrets.WORKFLOW_USER_GH_TOKEN }} | |
- name: Setup semver | |
uses: ./.github/actions/setup-semver | |
with: | |
version: ${{ env.SEMVER_VERSION }} | |
install-directory: ${{ runner.temp }}/bin | |
- name: Update chart repository | |
id: update | |
run: | | |
cd chart-repository | |
chart_directory=${{ steps.prepare.outputs.chart_directory }} | |
old_version=$(yq .appVersion $chart_directory/Chart.yaml) | |
if [ "${old_version:0:1}" != v ] || [ "$(semver validate $old_version)" != valid ]; then | |
>&1 echo "Found invalid current appVersion ($old_version) in $chart_directory/Chart.yaml)." | |
exit 1 | |
fi | |
new_version=${{ github.event.release.tag_name }} | |
if [ "${new_version:0:1}" != v ] || [ "$(semver validate $new_version)" != valid ]; then | |
>&1 echo "Invalid target appVersion ($new_version)." | |
exit 1 | |
fi | |
if [ $(semver compare $new_version $old_version) -lt 0 ]; then | |
echo "Target appVersion ($new_version) is lower than current appVersion ($old_version); skipping update ..." | |
exit 0 | |
fi | |
version_bump=$(semver diff $new_version $old_version) | |
echo "Found appVersion bump: $version_bump." | |
if [ "$version_bump" != major ] && [ "$version_bump" != minor ]; then | |
version_bump=patch | |
fi | |
echo "Performing chart version bump: $version_bump ..." | |
echo "Updating custom resource definitions ($chart_directory/crds) ..." | |
rm -rf $chart_directory/crds | |
cp -r ../crds $chart_directory | |
echo "Updating appVersion in $chart_directory/Chart.yaml (current: $old_version; target: $new_version) ..." | |
perl -pi -e "s#^appVersion:.*#appVersion: $new_version#g" $chart_directory/Chart.yaml | |
if [ -z "$(git status --porcelain)" ]; then | |
echo "Nothing has changed; skipping commit/push ..." | |
exit 0 | |
fi | |
git config user.name "${{ vars.WORKFLOW_USER_NAME }}" | |
git config user.email "${{ vars.WORKFLOW_USER_EMAIL }}" | |
git add -A | |
git commit -F- <<END | |
Update chart (triggered by operator release $new_version) | |
Repository: ${{ github.repository }} | |
Release: ${{ github.event.release.tag_name }} | |
Commit: ${{ github.sha }} | |
END | |
git push | |
echo "version_bump=$version_bump" >> $GITHUB_OUTPUT | |
- name: Release chart repository | |
if: steps.update.outputs.version_bump != '' | |
uses: benc-uk/workflow-dispatch@v1 | |
with: | |
repo: ${{ steps.prepare.outputs.chart_repository }} | |
workflow: release.yaml | |
ref: main | |
token: ${{ secrets.WORKFLOW_USER_GH_TOKEN }} | |
inputs: '{ "version-bump": "${{ steps.update.outputs.version_bump }}" }' |