Cut Release #11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Cut Release | |
on: workflow_dispatch | |
jobs: | |
check-requirements: | |
name: Check Requirements | |
runs-on: ubuntu-latest | |
environment: release-check | |
steps: | |
- name: Check For Admin Permission | |
uses: actions-cool/check-user-permission@v2 | |
with: | |
require: admin | |
username: ${{ github.triggering_actor }} | |
- name: Check Repository | |
run: | | |
if [ "${{ vars.RUN_RELEASE_BUILDS }}" = "1" ]; then | |
MSG="Running workflow because RUN_RELEASE_BUILDS=1" | |
echo "${MSG}" | |
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" | |
exit 0 | |
fi | |
echo "Trying to run the release workflow from repository ${{ github.repository }}" | |
if [ "${{ github.repository }}" != "saltstack/salt-vmtools" ]; then | |
MSG="Running the release workflow from the ${{ github.repository }} repository is not allowed" | |
echo "${MSG}" | |
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" | |
MSG="Allowed repository: saltstack/salt-vmtools" | |
echo "${MSG}" | |
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" | |
exit 1 | |
else | |
MSG="Allowed to release from repository ${{ github.repository }}" | |
echo "${MSG}" | |
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" | |
fi | |
- name: Check Branch | |
run: | | |
echo "Trying to run the release workflow from branch ${{ github.ref_name }}" | |
if [ "${{ github.ref_name }}" != "main" ]; then | |
echo "Running the release workflow from the ${{ github.ref_name }} branch is not allowed" | |
echo "Allowed branches: main" | |
exit 1 | |
else | |
echo "Allowed to release from branch ${{ github.ref_name }}" | |
fi | |
update-main: | |
name: Update CHANGELOG.md and linux/svtminion.sh windows/svtminion.ps1 | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write # To be able to publish the release | |
environment: release | |
needs: | |
- check-requirements | |
outputs: | |
release-version: ${{ steps.update-repo.outputs.release-version }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: main | |
repository: ${{ github.repository }} | |
ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
- name: Install Requirements | |
run: | | |
python3 -m pip install -r requirements/release.txt | |
pre-commit install --install-hooks | |
- name: Configure Git | |
shell: bash | |
run: | | |
git config --global --add safe.directory "$(pwd)" | |
git config --global user.name "Salt Project Packaging" | |
git config --global user.email [email protected] | |
git config --global commit.gpgsign false | |
- name: Update Repository | |
id: update-repo | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
python3 .github/workflows/scripts/cut-release.py --repo ${{ github.repository }} | |
- name: Show Changes | |
run: | | |
git status | |
git diff | |
- name: Commit Changes | |
run: | | |
git commit -am "Update main branch for the ${{ steps.update-repo.outputs.release-version }} release" || \ | |
git commit -am "Update main branch for the ${{ steps.update-repo.outputs.release-version }} release" | |
- name: Push Changes | |
uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 | |
with: | |
ssh: true | |
atomic: true | |
branch: main | |
repository: ${{ github.repository }} | |
- name: Upload Release Details | |
uses: actions/upload-artifact@v4 | |
with: | |
name: release-details | |
path: | | |
.cut_release_version | |
.cut_release_changes | |
include-hidden-files: true | |
publish-release: | |
name: Create GitHub Release | |
runs-on: ubuntu-latest | |
needs: | |
- update-main | |
environment: release | |
permissions: | |
contents: write # To be able to publish the release | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: main | |
repository: ${{ github.repository }} | |
ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
- name: Configure Git | |
shell: bash | |
run: | | |
git config --global --add safe.directory "$(pwd)" | |
git config --global user.name "Salt Project Packaging" | |
git config --global user.email [email protected] | |
git config --global commit.gpgsign false | |
- name: Download Release Details | |
uses: actions/download-artifact@v4 | |
with: | |
name: release-details | |
- name: Update Environment | |
run: | | |
CUT_RELEASE_VERSION=$(cat .cut_release_version) | |
echo "CUT_RELEASE_VERSION=${CUT_RELEASE_VERSION}" >> "$GITHUB_ENV" | |
- name: Update linux/svtminion.sh sha256sum's | |
run: | | |
sha256sum linux/svtminion.sh | awk '{ print $1 }' > svtminion.sh.sha256 | |
sha256sum windows/svtminion.ps1 | awk '{ print $1 }' > svtminion.ps1.sha256 | |
ls -alh | |
git add svtminion.sh.sha256 | |
git add svtminion.ps1.sha256 | |
git commit -am "Update sha256 checksums" || git commit -am "Update sha256 checksums" | |
- name: Push Changes | |
uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 | |
with: | |
ssh: true | |
tags: true | |
atomic: true | |
branch: main | |
repository: ${{ github.repository }} | |
- name: Tag The ${{ needs.update-main.outputs.release-version }} Release | |
run: | | |
git tag -f --no-sign -m "Release ${{ needs.update-main.outputs.release-version }}" -a ${{ needs.update-main.outputs.release-version }} | |
- name: Create Github Release | |
uses: softprops/action-gh-release@v1 | |
with: | |
name: ${{ env.CUT_RELEASE_VERSION }} | |
tag_name: ${{ env.CUT_RELEASE_VERSION }} | |
body_path: .cut_release_changes | |
target_commitish: main | |
draft: false | |
prerelease: false | |
generate_release_notes: false | |
files: | | |
linux/svtminion.sh | |
windows/svtminion.ps1 | |
svtminion.sh.sha256 | |
svtminion.ps1.sha256 | |
LICENSE | |
- name: Delete Release Details Artifact | |
uses: geekyeggo/delete-artifact@v5 | |
with: | |
name: release-details | |
failOnError: false | |
update-main-checksums: | |
name: Update Release Checksums on Main | |
runs-on: ubuntu-latest | |
needs: | |
- publish-release | |
environment: release | |
permissions: | |
contents: write # For action peter-evans/create-pull-request | |
pull-requests: write # For action peter-evans/create-pull-request | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: main | |
repository: ${{ github.repository }} | |
ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
- name: Get linux/svtminion.sh on main branch sha256sum | |
run: | | |
echo "SH=$(sha256sum linux/svtminion.sh | awk '{ print $1 }')" >> "$GITHUB_ENV" | |
echo "VMTS_VERSION=$(bash linux/svtminion.sh --version | awk '{ print $1 }')" >> "$GITHUB_ENV" | |
- uses: actions/checkout@v4 | |
with: | |
ref: main | |
repository: ${{ github.repository }} | |
ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
- name: Configure Git | |
shell: bash | |
run: | | |
git config --global --add safe.directory "$(pwd)" | |
git config --global user.name "Salt Project Packaging" | |
git config --global user.email [email protected] | |
git config --global commit.gpgsign false | |
- name: Update Latest Release on README | |
run: | | |
python3 .github/workflows/scripts/update-release-shasum.py ${{ env.VMTS_VERSION }} ${{ env.SH }} | |
- name: Show Changes | |
run: | | |
git status | |
git diff | |
- name: Commit Changes | |
run: | | |
git commit -am "Update README.md with ${{ env.VMTS_VERSION }} release sha256sum" || \ | |
git commit -am "Update README.md with ${{ env.VMTS_VERSION }} release sha256sum" | |
- name: Push Changes | |
uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 | |
with: | |
ssh: true | |
atomic: true | |
branch: main | |
repository: ${{ github.repository }} |