From 871f181e81b14a049b0754a9e6f9af7cb6589a84 Mon Sep 17 00:00:00 2001 From: Christoph Barbian Date: Fri, 28 Jul 2023 16:59:38 +0200 Subject: [PATCH] update workflows --- .github/workflows/build.yaml | 4 ++-- .github/workflows/publish.yaml | 7 +++++-- .github/workflows/release.yaml | 17 +++++++++++------ 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 3b96e93..1d77421 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -49,7 +49,7 @@ jobs: if [ -z "$(git status --porcelain)" ]; then echo "Generated artifacts are up-to-date." else - >&1 echo "Generated artifacts are not up-to-date; probably 'make generate' was not run before committing." + >&2 echo "Generated artifacts are not up-to-date; probably 'make generate' was not run before committing." exit 1 fi @@ -60,7 +60,7 @@ jobs: if [ -z "$(git status --porcelain)" ]; then echo "Manifests are up-to-date." else - >&1 echo "Manifests are not up-to-date; probably 'make manifests' was not run before committing." + >&2 echo "Manifests are not up-to-date; probably 'make manifests' was not run before committing." exit 1 fi diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index d5a16d0..63ded4d 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -146,13 +146,13 @@ jobs: old_version=$(yq .appVersion $chart_directory/Chart.yaml) if [ "${old_version:0:1}" != v ] || [ "$(semver validate $old_version)" != valid ]; then - >&1 echo "Found invalid current appVersion ($old_version) in $chart_directory/Chart.yaml)." + >&2 echo "Found invalid current appVersion ($old_version) in $chart_directory/Chart.yaml)." exit 1 fi new_version=${{ github.event.release.tag_name }} if [ "${new_version:0:1}" != v ] || [ "$(semver validate $new_version)" != valid ]; then - >&1 echo "Invalid target appVersion ($new_version)." + >&2 echo "Invalid target appVersion ($new_version)." exit 1 fi @@ -193,6 +193,9 @@ jobs: echo "version_bump=$version_bump" >> $GITHUB_OUTPUT + # add some safety sleep to overcome github race conditions + sleep 10s + - name: Release chart repository if: steps.update.outputs.version_bump != '' uses: benc-uk/workflow-dispatch@v1 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 4a21d9e..35ce2c2 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -35,9 +35,14 @@ jobs: permissions: contents: write - # TODO: ensure that github.ref is not refs/tags/* - # TODO: maybe even ensure that github.ref == refs/heads/main steps: + - name: Validate ref + run: | + if [ "${{ github.ref }}" != refs/heads/main ]; then + >&2 echo "Invalid ref: ${{ github.ref }} (expected: refs/heads/main)" + exit 1 + fi + - name: Checkout repository uses: actions/checkout@v3 with: @@ -68,7 +73,7 @@ jobs: # ok ;; *) - >&1 echo "Invalid input: version-bump ($version_bump)." + >&2 echo "Invalid input: version-bump ($version_bump)." exit 1 esac if [ -z "$current_version" ]; then @@ -83,15 +88,15 @@ jobs: version=${BASH_REMATCH[1]} tag=$desired_version else - >&1 echo "Invalid input: desired-version ($desired_version) should start with $TAG_PREFIX." + >&2 echo "Invalid input: desired-version ($desired_version) should start with $TAG_PREFIX." exit 1 fi if [ "$(semver validate $version)" != valid ]; then - >&1 echo "Invalid input: desired-version ($version) is not a valid semantic version." + >&2 echo "Invalid input: desired-version ($version) is not a valid semantic version." exit 1 fi if [ "$(semver compare $version $current_version)" -le 0 ]; then - >&1 echo "Invalid input: desired-version ($version) should be higher than current version ($current_version)." + >&2 echo "Invalid input: desired-version ($version) should be higher than current version ($current_version)." exit 1 fi fi