Anax Release Manager #63
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Anax Release Manager | |
on: | |
workflow_dispatch: | |
inputs: | |
AGBOT_VERSION: | |
description: 'Version of Agbot Image to be released, with build number' | |
required: true | |
type: string | |
ANAX_VERSION: | |
description: 'Version of Anax Images and Packages to be released, with build number' | |
required: true | |
type: string | |
ANAX_K8S_VERSION: | |
description: 'Version of Anax K8s Images to be released, with build number' | |
required: true | |
type: string | |
ANAX_CSS_VERSION: | |
description: 'Version of CSS Image to be released, with build number' | |
required: true | |
type: string | |
ANAX_ESS_VERSION: | |
description: 'Version of ESS Image to be released, with build number' | |
required: true | |
type: string | |
env: | |
DOCKERHUB_REGISTRY: ${{ vars.DOCKERHUB_REPO }} | |
GITHUB_CONTAINER_REGISTRY: ghcr.io/${{ github.repository_owner }} | |
# Variables to control GH CLI | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GH_REPO: ${{ github.repository }} | |
GH_HOST: github.com | |
# Bring GitHub Contexts into Environment | |
AGBOT_VERSION: ${{ github.event.inputs.AGBOT_VERSION }} | |
ANAX_VERSION: ${{ github.event.inputs.ANAX_VERSION }} | |
ANAX_K8S_VERSION: ${{ github.event.inputs.ANAX_K8S_VERSION }} | |
ANAX_CSS_VERSION: ${{ github.event.inputs.ANAX_CSS_VERSION }} | |
ANAX_ESS_VERSION: ${{ github.event.inputs.ANAX_ESS_VERSION }} | |
# Space delimited arrays used in shell scripts, specifying what images should be promoted to what tags in Dockerhub | |
DOCKERHUB_REGISTRY_RELEASE_TAGS: "latest" | |
AGBOT_VERSION_IMAGES: "amd64_agbot" | |
ANAX_VERSION_IMAGES: "amd64_anax arm64_anax ppc64el_anax s390x_anax" | |
ANAX_K8S_VERSION_IMAGES: "amd64_anax_k8s amd64_auto-upgrade-cronjob_k8s arm64_anax_k8s arm64_auto-upgrade-cronjob_k8s ppc64el_anax_k8s ppc64el_auto-upgrade-cronjob_k8s s390x_anax_k8s s390x_auto-upgrade-cronjob_k8s" | |
ANAX_CSS_VERSION_IMAGES: "amd64_cloud-sync-service" | |
ANAX_ESS_VERSION_IMAGES: "amd64_edge-sync-service arm64_edge-sync-service ppc64el_edge-sync-service s390x_edge-sync-service" | |
jobs: | |
prepare-workflow: | |
runs-on: ubuntu-20.04 | |
environment: release_environment | |
steps: | |
# Ensure that the repo variables and secrets are set before running any other steps | |
- name: Check User Set Variables | |
run: | | |
if [[ -z "$DOCKER_USER" ]]; then \ | |
echo "::error::Secret DOCKER_USER was not set"; \ | |
exit 1; \ | |
fi | |
if [[ -z "$DOCKER_TOKEN" ]]; then \ | |
echo "::error::Secret DOCKER_TOKEN was not set"; \ | |
exit 1; \ | |
fi | |
if [[ -z "$DOCKERHUB_REGISTRY" ]]; then \ | |
echo "::error::Variable DOCKERHUB_REPO was not set"; \ | |
exit 1; \ | |
fi | |
env: | |
DOCKER_USER: ${{ secrets.DOCKER_USER }} | |
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
- name: Check if Release Already Exists for Requested Version | |
run: | | |
RELEASE_STATUS=$( | |
curl -L \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | |
-H "X-GitHub-Api-Version: 2022-11-28" \ | |
https://api.github.com/repos/${{ github.repository }}/releases/tags/v${{ env.AGBOT_VERSION }} \ | |
| jq -r '.html_url') | |
sleep 10 | |
if [[ $RELEASE_STATUS != 'null' ]]; then | |
echo "::error::Attempted to create a release for a version of Anax that already has a release page, see $RELEASE_STATUS" | |
exit 1 | |
fi | |
promote-images: | |
needs: prepare-workflow | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
image-version: ['AGBOT_VERSION', 'ANAX_VERSION', 'ANAX_K8S_VERSION', 'ANAX_CSS_VERSION', 'ANAX_ESS_VERSION'] | |
steps: | |
# Upgrade Docker engine version | |
- name: Install Latest Docker Version | |
run: | | |
sudo apt-get purge docker-ce docker-ce-cli containerd.io runc containerd moby-buildx moby-cli moby-compose moby-containerd moby-engine moby-runc | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - | |
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | |
sudo apt-get update | |
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin | |
# Authenticate Dockerhub to allow pushing to our image repo | |
- name: Login to Dockerhub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKER_USER }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
# Get the images for agbot based on the inputted version, | |
- name: Get and Promote ${{ matrix.image-version }} Images | |
run: | | |
IMAGE_LIST=$${{ matrix.image-version }}_IMAGES | |
IMAGE_VERSION=$${{ matrix.image-version }} | |
IMAGES_TO_LOAD=($IMAGE_LIST) | |
RELEASE_TAGS=($DOCKERHUB_REGISTRY_RELEASE_TAGS) | |
for image in "${IMAGES_TO_LOAD[@]}"; do | |
gh run download -n anax-linux-${image}-image-v${IMAGE_VERSION} | |
cat ${image}.tar.gz | docker load | |
for tag in "${RELEASE_TAGS[@]}"; do | |
docker push ${DOCKERHUB_REGISTRY}/${image}:${IMAGE_VERSION} | |
docker tag ${DOCKERHUB_REGISTRY}/${image}:${IMAGE_VERSION} ${DOCKERHUB_REGISTRY}/${image}:${tag} | |
docker push ${DOCKERHUB_REGISTRY}/${image}:${tag} | |
done | |
done | |
create-release: | |
needs: promote-images | |
runs-on: ubuntu-20.04 | |
steps: | |
# Get Packages | |
- name: Get Packages & Files from Build Workflow Artifacts | |
run: | | |
mkdir -p $RUNNER_TEMP/release_files/upload && cd $RUNNER_TEMP/release_files | |
# Debian Packages | |
gh run download -n anax-linux-amd64-deb-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-linux-deb-amd64.tar.gz *.deb | |
rm -rf *.deb | |
gh run download -n anax-linux-arm64-deb-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-linux-deb-arm64.tar.gz *.deb | |
rm -rf *.deb | |
gh run download -n anax-linux-armhf-deb-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-linux-deb-armhf.tar.gz *.deb | |
rm -rf *.deb | |
gh run download -n anax-linux-ppc64el-deb-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-linux-deb-ppc64el.tar.gz *.deb | |
rm -rf *.deb | |
gh run download -n anax-linux-s390x-deb-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-linux-deb-s390x.tar.gz *.deb | |
rm -rf *.deb | |
# RPM Packages | |
gh run download -n anax-linux-ppc64el-rpm-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-linux-rpm-ppc64le.tar.gz *.rpm | |
rm -rf *.rpm | |
gh run download -n anax-linux-amd64-rpm-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-linux-rpm-x86_64.tar.gz *.rpm | |
rm -rf *.rpm | |
gh run download -n anax-linux-s390x-rpm-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-linux-rpm-s390x.tar.gz *.rpm | |
rm -rf *.rpm | |
# MacOS Packages ??ARM?? | |
gh run download -n anax-mac-amd64-mac-package-v${AGBOT_VERSION} | |
tar -czvf upload/horizon-agent-macos-pkg-x86_64.tar.gz horizon* | |
rm -rf horizon* | |
# Agent Files | |
cd ./upload | |
gh run download -n anax-agent-files-v${AGBOT_VERSION} | |
# Create GH release page | |
# missing './release_files/upload/horizon-agent-macos-pkg-arm64.tar.gz' | |
# Temporarily use jenkins to upload the mac arm64 package to GHCR? | |
- name: Create GitHub Release | |
run: | | |
mkdir -p $RUNNER_TEMP/download_agbot && cd $RUNNER_TEMP/download_agbot | |
gh run download -n anax-linux-amd64_agbot-image-v${AGBOT_VERSION} | |
docker load --input amd64_agbot.tar.gz | |
SHORTCOMMIT=$(skopeo inspect docker-daemon:${{ env.DOCKERHUB_REGISTRY }}/amd64_agbot:${AGBOT_VERSION} | jq -r .Labels.release) | |
COMMITISH=$( | |
curl -L \ | |
-H "Accept: application/vnd.github.sha" \ | |
-H "Authorization: Bearer ${GH_TOKEN}" \ | |
-H "X-GitHub-Api-Version: 2022-11-28" \ | |
https://api.github.com/repos/${{ github.repository }}/commits/${SHORTCOMMIT}) | |
gh release create v${AGBOT_VERSION} \ | |
${RUNNER_TEMP}/release_files/upload/*.tar.gz \ | |
${RUNNER_TEMP}/release_files/upload/agent-install.sh \ | |
-t "v${AGBOT_VERSION} Packages" \ | |
-n "Horizon agent packages from the ${AGBOT_VERSION} build" \ | |
--target $COMMITISH |