Skip to content

Merge pull request #32 from orange-cloudfoundry/renovate/jaxxstorm-ac… #30

Merge pull request #32 from orange-cloudfoundry/renovate/jaxxstorm-ac…

Merge pull request #32 from orange-cloudfoundry/renovate/jaxxstorm-ac… #30

name: create-final-bosh-release
permissions:
contents: write # allow git push to repo and the github release and its artefact
on:
push:
branches:
- master
# See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
# *: Matches zero or more characters, but does not match the / character. For example, Octo* matches Octocat.
# **: Matches zero or more of any character.
paths: # only trigger on bosh-relevant changes
- .final_builds/**
- config/**
- jobs/**
- releases/**
- vendir.yml
- .github/workflows/create-final-bosh-release-on-commits.yml
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
# TODO: add caching for cli downloads, see https://github.com/marketplace/actions/cache
- name: Install bosh-cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0
with:
repo: cloudfoundry/bosh-cli
tag: v7.4.0
extension-matching: disable
chmod: 0755
rename-to: bosh
# searching for bosh-cli-7.4.0-linux-amd64 with (linux|x86_64|x64|amd64).*(linux|x86_64|x64|amd64).*.(tar.gz|zip)
# bosh-cli-7.4.0-linux-amd64
- name: Install vendir cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0
with:
repo: carvel-dev/vendir
tag: v0.34.6
extension-matching: disable
chmod: 0755
rename-to: vendir
- name: Install yq cli
#See https://github.com/marketplace/actions/install-a-binary-from-github-releases
uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0
with:
repo: mikefarah/yq
tag: v4.34.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # reduce potential rate limiting
- name: vendor-add-blob
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
run: |
set -x # enable traces
#pwd
#find .
# configure git
git config --global user.name "workflows/k9s-package/create-final-bosh-release"
git config --global user.email "<>"
git config --global --add safe.directory /github/workspace
export VENDIR_GITHUB_API_TOKEN="${GITHUB_TOKEN}"
./vendor.sh
echo "State after vendir:"
tree -s src
git add vendir.lock
# FIXME: optimize for idempotency
./addblob.sh
remote_repo="https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git"
git add config/blobs.yml
git status
if git commit -a --dry-run 2>&1 >/dev/null;then
git commit -a -m "updating blobs" && \
git push ${remote_repo} HEAD:${GITHUB_REF_NAME}
else
echo "Nothing to commit"
fi
echo "Resulting State:"
tree -s src
if [ -d blobs ];then # The blobs dir is only present when a blob is modified or has not yet been published.
tree -s blobs
fi
- name: Extract k9s version
id: extract_version
uses: orange-cloudfoundry/extract-vendir-version-action@9805769b7bbd0fc9d58a0616750ce2fd9ff954dd # v0.4.0
with:
library: "derailed/k9s"
- name: create bosh final release
id: create-bosh-release
uses: orange-cloudfoundry/create-bosh-release-action@a2a9c1f8c74ecaf1e317140ac2cda5861eb25b7f # v1.0.4
with:
target_branch: ${{github.ref_name}}
tag_name: ${{ steps.extract_version.outputs.version }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_BOSH_ACCES_KEY_ID: ${{ secrets.AWS_BOSH_ACCES_KEY_ID }}
AWS_BOSH_SECRET_ACCES_KEY: ${{ secrets.AWS_BOSH_SECRET_ACCES_KEY }}
# see https://github.com/ncipollo/release-action
- name: create github release
id: create-github-release
if: ${{ steps.create-bosh-release.outputs.need_gh_release == 'true' }}
uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
with:
tag: ${{ steps.create-bosh-release.outputs.tagged_version }}
draft: false
allowUpdates: true # > indicates if we should update a release if it already exists.
omitDraftDuringUpdate: true # > Indicates if the draft flag should be omitted during updates. The draft flag will still be applied for newly created releases. This will preserve the existing draft state during updates.
generateReleaseNotes: true
artifacts: ./${{ steps.create-bosh-release.outputs.file }}
artifactContentType: application/zip
removeArtifacts: true
artifactErrorsFailBuild: true