-
Notifications
You must be signed in to change notification settings - Fork 0
193 lines (167 loc) · 7.11 KB
/
build-pipelines.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
name: Create basic and base java pipelines
on:
workflow_dispatch:
inputs:
release_pipeline_java_ewb:
description: 'Also release the pipeline-java-ewb container'
required: false
type: boolean
default: false
jobs:
precheck:
runs-on: ubuntu-latest
container: zepben/pipeline-basic
outputs:
base_image: ${{ steps.tags.outputs.base_image }}
container_tags: ${{ steps.tags.outputs.container_tags }}
container_labels: ${{ steps.tags.outputs.container_labels }}
git_tag: ${{ steps.tags.outputs.git_tag }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Work around git permission issue
run: |
dname=$(echo ${{github.repository}} | cut -d'/' -f2)
git config --global --add safe.directory /__w/$dname/$dname
shell: sh
- name: Delete release branch
run: |
# If the `release` branch already exists, remove it
git push origin -d release
continue-on-error: true
- name: Create release branch
run: |
git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*"
git fetch -v origin
git checkout -b release
shell: bash
- name: Figure out the tag for the build
id: tags
shell: bash
run: |
version=$(cat changelog.md | grep UNRELE | grep -o "[0-9]\+\.[0-9]\+\.[0-9]\+")
source /scripts/common.sh
check_tag_exists "${version}"
if [ ${GITHUB_REF_NAME} == "main" ]; then
tags="${version} latest"
labels="version=${version} commit=${GITHUB_SHA}"
echo "container_tags=$tags" >> "${GITHUB_OUTPUT}"
echo "container_labels=$labels" >> "${GITHUB_OUTPUT}"
echo "base_image=zepben/pipeline-java" >> "${GITHUB_OUTPUT}"
echo "git_tag=${version}" >> "${GITHUB_OUTPUT}"
else
tags="test-${GITHUB_REF_NAME}"
labels="version=test-${GITHUB_REF_NAME} commit=${GITHUB_SHA}"
echo "container_tags=$tags" >> "${GITHUB_OUTPUT}"
echo "container_labels=$labels" >> "${GITHUB_OUTPUT}"
echo "base_image=zepben/pipeline-java:test-${GITHUB_REF_NAME}" >> "${GITHUB_OUTPUT}"
echo "git_tag=test-${GITHUB_REF_NAME}" >> "${GITHUB_OUTPUT}"
fi
- name: Update changelog and commit release branch
shell: bash
run: |
source /scripts/common.sh
sed -i "s/UNRELEASED/$(date +'%Y-%m-%d')/g" changelog.md
# Update changelog version
incr_version minor ${{ steps.tags.outputs.git_tag }}
release_notes_template="### Breaking Changes\n* None.\n\n### New Features\n* None.\n\n### Enhancements\n* None.\n\n### Fixes\n* None.\n\n### Notes\n* None.\n"
sed -i "/^# .*/a ## [${new_version}] - UNRELEASED\n$release_notes_template" changelog.md
stage_file changelog.md
# Reset new_version to the unreleased yet tag
new_version=${{ steps.tags.outputs.git_tag }}
# Push release branch to repo
commit_finalize_version
build-basic-pipeline:
runs-on: ubuntu-latest
container: hashicorp/packer:1.11
needs: [precheck]
env:
DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
steps:
- uses: actions/checkout@v4
- name: Packer Version
run: |
packer version
- name: Create zepben/pipeline-basic pipeline container
run: |
apk add docker tar
mkdir /build
export PACKER_CONFIG_DIR=/build
cd pipelines/basic/
packer init basic.pkr.hcl
packer validate basic.pkr.hcl
echo "${{ needs.precheck.outputs.container_labels }}"
# Split the tag values into an array
tags=(${{ needs.precheck.outputs.container_tags }})
# Print every array entry encased by double quotes
container_tags=$(printf "\"%s\"," "${tags[@]}")
# Construct the list parameter for the container tags
packer build -on-error=abort -var container_version_labels="${{ needs.precheck.outputs.container_labels }}" -var container_version_tags="[$container_tags]" -var dockerhub_user=$DOCKER_HUB_USER -var dockerhub_pw=$DOCKER_HUB_ACCESS_TOKEN basic.pkr.hcl
shell: bash
build-java-amazoncorretto:
runs-on: ubuntu-latest
container: hashicorp/packer:1.11
needs: [precheck]
env:
DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
steps:
- uses: actions/checkout@v4
- name: Packer Version
run: |
packer version
- name: Create zepben/pipeline-java-amazoncorretto
run: |
apk add docker tar
mkdir /build
export PACKER_CONFIG_DIR=/build
cd pipelines/Java/
packer init amazoncorretto-config.pkr.hcl
packer validate amazoncorretto-config.pkr.hcl
echo "${{ needs.precheck.outputs.container_labels }}"
# Split the passed values into an array
tags=(${{ needs.precheck.outputs.container_tags }})
# Print every array entry encased by double quotes
container_tags=$(printf "\"%s\"," "${tags[@]}")
# Construct the list parameter for the container tags
packer build -on-error=abort -var container_version_labels="${{ needs.precheck.outputs.container_labels }}" -var container_version_tags="[$container_tags]" -var dockerhub_user=$DOCKER_HUB_USER -var dockerhub_pw=$DOCKER_HUB_ACCESS_TOKEN amazoncorretto-config.pkr.hcl
shell: bash
# Now that we've built the container, built java-ewb in superpom repo
- name: Build java-ewb pipeline
if: ${{ inputs.release_pipeline_java_ewb }}
uses: peter-evans/repository-dispatch@v3
with:
token: ${{ secrets.CI_GITHUB_TOKEN }}
repository: "zepben/evolve-super-pom"
event-type: "build-container"
# TODO: if test, set tag to :test-*
client-payload: '{"base_image": "${{ needs.precheck.outputs.base_image }}"}'
finalise-version:
runs-on: ubuntu-latest
if: ${{ github.ref_name == 'main' }}
container: zepben/pipeline-basic
needs: [precheck, build-basic-pipeline, build-java-amazoncorretto]
steps:
- uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Work around git permission issue
run: |
dname=$(echo ${{github.repository}} | cut -d'/' -f2)
git config --global --add safe.directory /__w/$dname/$dname
shell: sh
- name: Merge and tag
shell: bash
id: tag
run: |
# Merge and tag, and delete release branch
git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*"
git fetch --all
git branch -a
git merge origin/release
git push origin ${GITHUB_REF/refs\/heads\//}
git tag "${{ needs.precheck.outputs.git_tag }}"
git push --tags
git push origin -d release