Skip to content

Commit

Permalink
Merge pull request #490 from yiannistri/89-migrate-gha-release-v2.8
Browse files Browse the repository at this point in the history
[v2.8] fix: Replace unapproved GH Actions with approved ones
  • Loading branch information
mjura authored Jun 3, 2024
2 parents 9be5884 + a72c800 commit 85c8097
Show file tree
Hide file tree
Showing 9 changed files with 81 additions and 53 deletions.
5 changes: 3 additions & 2 deletions .github/workflows/apidiff.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,11 @@ jobs:
go-apidiff:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-go@v5
with:
go-version: 1.21.x
- uses: joelanford/go-apidiff@main
- name: Generate API diff
run: make apidiff
4 changes: 2 additions & 2 deletions .github/workflows/build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v4
uses: actions/setup-go@v5
with:
go-version: 1.21.x
- name: Build GKE operator binary
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v4
uses: actions/setup-go@v5
with:
go-version: 1.21.x
- name: Analysis
uses: golangci/golangci-lint-action@v3
uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1
with:
args: -v
skip-pkg-cache: true
2 changes: 1 addition & 1 deletion .github/workflows/nightly-publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Build binary
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scan.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Build binary
Expand Down
49 changes: 29 additions & 20 deletions .github/workflows/update-rancher-charts.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,17 @@ on:
ref:
description: "Branch to use for GitHub action workflow"
required: true
default: "master"
default: "release-v2.8"
operator_path:
description: "Operator github repo for the workflow"
required: true
default: "gke-operator"
charts_ref:
description: "Submit PR against the following rancher/charts branch (e.g. dev-v2.7)"
required: true
default: "dev-v2.7"
default: "dev-v2.8"
prev_operator_version:
description: "Previous operator version (e.g. 1.1.0-rc2)"
description: "Previous operator version (e.g. 1.2.0-rc.1)"
required: true
default: ""
new_operator_version:
Expand All @@ -39,34 +39,43 @@ jobs:
create-rancher-charts-pr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{github.event.inputs.ref}}
path: ${{github.event.inputs.operator_path}}
persist-credentials: false
- name: Checkout rancher/charts
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
fetch-depth: 0
repository: rancher/charts
ref: ${{github.event.inputs.charts_ref}}
path: charts
- name: Run release script
persist-credentials: false
- name: Run release script # release script is responsible for git add/commit
run: ./${{github.event.inputs.operator_path}}/.github/scripts/update-rancher-charts.sh ${{github.event.inputs.prev_operator_version}} ${{github.event.inputs.new_operator_version}} ${{github.event.inputs.prev_chart}} ${{github.event.inputs.new_chart}} ${{github.event.inputs.should_replace}}
env:
OPERATOR: ${{github.event.inputs.operator_path}}
- name: Create Pull Request
uses: peter-evans/create-pull-request@v5
- name: Set timestamp
run: echo "TIMESTAMP=$(date +'%s')" >> "$GITHUB_ENV"
- name: Push changes
env:
USERNAME: highlander-ci-bot
TOKEN: ${{ secrets.CI_BOT_TOKEN }}
run: |
git remote add bot-fork https://${USERNAME}:${TOKEN}@github.com/highlander-ci-bot/charts.git
git push bot-fork HEAD:${{github.event.inputs.new_operator_version}}-${{env.TIMESTAMP}}
- name: Create PR
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
token: ${{secrets.CI_BOT_TOKEN}}
push-to-fork: highlander-ci-bot/charts
title: 'Update ${{github.event.inputs.operator_path}} to v${{github.event.inputs.new_operator_version}}'
body: |
Update ${{github.event.inputs.operator_path}} to v${{github.event.inputs.new_operator_version}}
Changelog: https://github.com/rancher/${{github.event.inputs.operator_path}}/releases/tag/v${{github.event.inputs.new_operator_version}}
cc @rancher/highlander
branch-suffix: timestamp
base: ${{github.event.inputs.charts_ref}}
path: ./charts/
github-token: ${{secrets.CI_BOT_TOKEN}}
script: |
github.pulls.create({
owner: 'rancher',
repo: 'charts',
head: 'highlander-ci-bot:${{github.event.inputs.new_eks_operator}}-${{env.TIMESTAMP}}',
base: ${{github.event.inputs.charts_ref}},
title: 'Update ${{github.event.inputs.operator_path}} to v${{github.event.inputs.new_operator_version}}',
body: 'Update ${{github.event.inputs.operator_path}} to v${{github.event.inputs.new_operator_version}\n\nChangelog: https://github.com/rancher/${{github.event.inputs.operator_path}}/releases/tag/v${{github.event.inputs.new_operator_version}}\n\ncc @rancher/highlander'
})
51 changes: 30 additions & 21 deletions .github/workflows/update-rancher-dep.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,13 @@ on:
ref:
description: "Branch to use for GitHub action workflow"
required: true
default: "master"
default: "release-v2.8"
rancher_ref:
description: "Submit PR against the following rancher/rancher branch (e.g. release/v2.7)"
required: true
default: "release/v2.7"
default: "release/v2.8"
new_version:
description: "New operator version (e.g. 1.1.0-rc2), don't include the 'v'"
description: "New operator version (e.g. 1.2.0-rc.1), don't include the 'v'"
required: true
default: ""
operator_path:
Expand All @@ -28,37 +28,46 @@ jobs:
create-rancher-pr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{github.event.inputs.ref}}
path: ${{github.event.inputs.operator_path}}
persist-credentials: false
- name: Checkout rancher/rancher
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
fetch-depth: 0
repository: rancher/rancher
ref: ${{github.event.inputs.rancher_ref}}
path: rancher
- uses: actions/setup-go@v4
persist-credentials: false
- uses: actions/setup-go@v5
with:
go-version: ${{ env.SETUP_GO_VERSION }}
- name: Run release script
- name: Run release script # release script is responsible for git add/commit
run: ./${{github.event.inputs.operator_path}}/.github/scripts/update-rancher-dep.sh ${{github.event.inputs.new_version}}
env:
OPERATOR: ${{github.event.inputs.operator_path}}
- name: Create Pull Request
uses: peter-evans/create-pull-request@v5
- name: Set timestamp
run: echo "TIMESTAMP=$(date +'%s')" >> "$GITHUB_ENV"
- name: Push changes
env:
USERNAME: highlander-ci-bot
TOKEN: ${{ secrets.CI_BOT_TOKEN }}
run: |
git remote add bot-fork https://${USERNAME}:${TOKEN}@github.com/highlander-ci-bot/rancher.git
git push bot-fork HEAD:${{github.event.inputs.new_version}}-${{env.TIMESTAMP}}
- name: Create PR
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
token: ${{secrets.CI_BOT_TOKEN}}
push-to-fork: highlander-ci-bot/rancher
title: ' Update operator to v${{github.event.inputs.new_version}}'
body: |
Update operator to v${{github.event.inputs.new_version}}
Changelog: https://github.com/rancher/${{github.event.inputs.operator_path}}/releases/tag/v${{github.event.inputs.new_version}}
cc @rancher/highlander
branch-suffix: timestamp
base: ${{github.event.inputs.rancher_ref}}
path: ./rancher/
github-token: ${{secrets.CI_BOT_TOKEN}}
script: |
github.pulls.create({
owner: 'rancher',
repo: 'rancher',
head: 'highlander-ci-bot:${{github.event.inputs.new_version}}-${{env.TIMESTAMP}}',
base: ${{github.event.inputs.rancher_ref}},
title: 'Update operator to v${{github.event.inputs.new_version}}',
body: 'Update operator to v${{github.event.inputs.new_version}}\n\nChangelog: https://github.com/rancher/${{github.event.inputs.operator_path}}/releases/tag/v${{github.event.inputs.new_version}}\n\ncc @rancher/highlander'
})
4 changes: 2 additions & 2 deletions .github/workflows/verify.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,9 @@ jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v4
uses: actions/setup-go@v5
with:
go-version: 1.21.x
- name: Run make verify
Expand Down
10 changes: 10 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,10 @@ GINKGO_VER := v2.17.1
GINKGO_BIN := ginkgo
GINKGO := $(BIN_DIR)/$(GINKGO_BIN)-$(GINKGO_VER)

GO_APIDIFF_VER := v0.8.2
GO_APIDIFF_BIN := go-apidiff
GO_APIDIFF := $(BIN_DIR)/$(GO_APIDIFF_BIN)-$(GO_APIDIFF_VER)

SETUP_ENVTEST_VER := v0.0.0-20211110210527-619e6b92dab9
SETUP_ENVTEST_BIN := setup-envtest
SETUP_ENVTEST := $(BIN_DIR)/$(SETUP_ENVTEST_BIN)-$(SETUP_ENVTEST_VER)
Expand Down Expand Up @@ -172,3 +176,9 @@ docker-build-e2e:
.PHOHY: delete-local-kind-cluster
delete-local-kind-cluster: ## Delete the local kind cluster
kind delete cluster --name=$(CLUSTER_NAME)

APIDIFF_OLD_COMMIT ?= $(shell git rev-parse origin/release-v2.8)

.PHONY: apidiff
apidiff: $(GO_APIDIFF) ## Check for API differences
$(GO_APIDIFF) $(APIDIFF_OLD_COMMIT) --print-compatible

0 comments on commit 85c8097

Please sign in to comment.