Skip to content

Commit

Permalink
ci: add support for multiple releases of the same upstream version
Browse files Browse the repository at this point in the history
Signed-off-by: Nathan Klick <[email protected]>
  • Loading branch information
nathanklick committed Aug 26, 2024
1 parent 0788545 commit 41959d0
Show file tree
Hide file tree
Showing 6 changed files with 80 additions and 15 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/flow-release-legacy-images.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -109,8 +109,8 @@ jobs:

- name: Check for Existing Releases
run: |
if gh release view legacy-v${{ needs.versions.outputs.runner }} --json id >/dev/null 2>&1; then
echo "::error title=Release Version::Release legacy-v${{ needs.versions.outputs.runner }} already exists and may not be redeployed."
if gh release view legacy-v${{ needs.versions.outputs.tag }} --json id >/dev/null 2>&1; then
echo "::error title=Release Version::Release legacy-v${{ needs.versions.outputs.tag }} already exists and may not be redeployed."
exit 1
fi
Expand Down Expand Up @@ -177,7 +177,7 @@ jobs:
github_token: ${{ secrets.GH_ACCESS_TOKEN }}
author_name: ${{ vars.GIT_USER_NAME }}
author_email: ${{ vars.GIT_USER_EMAIL }}
message: "chore(release): legacy-v${{ needs.versions.outputs.runner }} [skip ci]"
message: "chore(release): legacy-v${{ needs.versions.outputs.tag }} [skip ci]"

finalize-release:
name: Finalize Release
Expand Down Expand Up @@ -228,5 +228,5 @@ jobs:
with:
token: ${{ secrets.GH_ACCESS_TOKEN }}
commit: ${{ github.ref_name }}
tag: legacy-v${{ needs.versions.outputs.runner }}
tag: legacy-v${{ needs.versions.outputs.tag }}
bodyFile: .github/RELEASE_BODY.md
8 changes: 4 additions & 4 deletions .github/workflows/flow-release-scaleset-images.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -105,8 +105,8 @@ jobs:

- name: Check for Existing Releases
run: |
if gh release view scaleset-v${{ needs.versions.outputs.runner }} --json id >/dev/null 2>&1; then
echo "::error title=Release Version::Release scaleset-v${{ needs.versions.outputs.runner }} already exists and may not be redeployed."
if gh release view scaleset-v${{ needs.versions.outputs.tag }} --json id >/dev/null 2>&1; then
echo "::error title=Release Version::Release scaleset-v${{ needs.versions.outputs.tag }} already exists and may not be redeployed."
exit 1
fi
Expand Down Expand Up @@ -171,7 +171,7 @@ jobs:
github_token: ${{ secrets.GH_ACCESS_TOKEN }}
author_name: ${{ vars.GIT_USER_NAME }}
author_email: ${{ vars.GIT_USER_EMAIL }}
message: "chore(release): scaleset-v${{ needs.versions.outputs.runner }} [skip ci]"
message: "chore(release): scaleset-v${{ needs.versions.outputs.tag }} [skip ci]"

finalize-release:
name: Finalize Release
Expand Down Expand Up @@ -222,5 +222,5 @@ jobs:
with:
token: ${{ secrets.GH_ACCESS_TOKEN }}
commit: ${{ github.ref_name }}
tag: scaleset-v${{ needs.versions.outputs.runner }}
tag: scaleset-v${{ needs.versions.outputs.tag }}
bodyFile: .github/RELEASE_BODY.md
5 changes: 4 additions & 1 deletion .github/workflows/zxc-build-scaleset-images.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,9 @@ jobs:
version: v0.16.2
driver-opts: network=host

- name: Setup Terraform
uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2

- name: Archive Tool Cache
working-directory: ${{ runner.tool_cache }}
run: tar -czf ${{ env.TOOL_CACHE_ARTIFACT_NAME }} *
Expand All @@ -194,7 +197,7 @@ jobs:
retention-days: 1
path: ${{ runner.tool_cache }}/${{ env.TOOL_CACHE_ARTIFACT_NAME }}

build-legacy-images:
build-scaleset-images:
name: ${{ inputs.custom-job-label || 'Build' }}
runs-on: ubuntu-22.04
needs:
Expand Down
15 changes: 15 additions & 0 deletions .github/workflows/zxc-retrieve-upstream-versions.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,9 @@ on:
required: false
default: "Check"
outputs:
tag:
description: "Tag Version"
value: ${{ jobs.versions.outputs.tag-version }}
runner:
description: "Runner Version"
value: ${{ jobs.versions.outputs.runner-version }}
Expand All @@ -57,6 +60,7 @@ jobs:
name: ${{ inputs.custom-job-label || 'Check' }}
runs-on: ubuntu-22.04
outputs:
tag-version: ${{ steps.tag.outputs.version }}
runner-version: ${{ steps.runner.outputs.version }}
hooks-version: ${{ steps.hooks.outputs.version }}
steps:
Expand Down Expand Up @@ -130,3 +134,14 @@ jobs:
LATEST_TAG="$(gh release view ${TARGET_TAG} -R actions/runner-container-hooks --json tagName | jq -r '.tagName')"
VERSION="$(semver get release ${LATEST_TAG})"
echo "version=${VERSION}" >>"${GITHUB_OUTPUT}"
- name: Tag Version Information
id: tag
run: |
RELEASE="$(semver get release "${{ inputs.explicit-runner-version }}")"
BUILD="$(semver get build "${{ inputs.explicit-runner-version }}")"
VERSION="${RELEASE}"
[[ -n "${BUILD}" ]] && VERSION="${VERSION}+${BUILD}"
echo "version=${VERSION}" >>"${GITHUB_OUTPUT}"
52 changes: 48 additions & 4 deletions .github/workflows/zxcron-automatic-releases.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,8 @@ jobs:
needs:
- versions
outputs:
release-needed: ${{ steps.release.outputs.needed }}
legacy-release-needed: ${{ steps.legacy-release.outputs.needed }}
scaleset-release-needed: ${{ steps.scaleset-release.outputs.needed }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
Expand All @@ -57,8 +58,8 @@ jobs:
- name: Authorize GH CLI
run: echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token

- name: Check for Existing Releases
id: release
- name: Check for Existing Legacy Releases
id: legacy-release
run: |
NEEDED="true"
if gh release view legacy-v${{ needs.versions.outputs.runner }} --json id >/dev/null 2>&1; then
Expand All @@ -68,13 +69,24 @@ jobs:
echo "needed=${NEEDED}" >> "${GITHUB_OUTPUT}"
- name: Check for Existing ScaleSet Releases
id: scaleset-release
run: |
NEEDED="true"
if gh release view scaleset-v${{ needs.versions.outputs.runner }} --json id >/dev/null 2>&1; then
echo "::info title=Release Version::Release scaleset-v${{ needs.versions.outputs.runner }} already exists and may not be redeployed."
NEEDED="false"
fi
echo "needed=${NEEDED}" >> "${GITHUB_OUTPUT}"
legacy-release:
name: Legacy Release
runs-on: ubuntu-22.04
needs:
- versions
- safety-checks
if: ${{ needs.safety-checks.outputs.release-needed == 'true' }}
if: ${{ needs.safety-checks.outputs.legacy-release-needed == 'true' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
Expand All @@ -101,3 +113,35 @@ jobs:
-f "build-default-image=true" \
-f "build-dind-image=true" \
-f "dry-run-enabled=false"
scaleset-release:
name: ScaleSet Release
runs-on: ubuntu-22.04
needs:
- versions
- safety-checks
if: ${{ needs.safety-checks.outputs.scaleset-release-needed == 'true' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit

- name: Checkout Code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Install GH CLI
uses: sersoft-gmbh/setup-gh-cli-action@2d02c06e284b7d55e954d6d6406e7a886f45a818 # v2.0.1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}

- name: Authorize GH CLI
run: echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token

- name: Launch ScaleSet Release Workflow
run: |
gh workflow run "flow-release-scaleset-images.yaml" \
-r main \
-f "runner-version=${{ needs.versions.outputs.runner }}" \
-f "runner-container-hooks-version=${{ needs.versions.outputs.hooks }}" \
-f "dry-run-enabled=false"
7 changes: 5 additions & 2 deletions scaleset/runner/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Source: https://github.com/dotnet/dotnet-docker
FROM mcr.microsoft.com/dotnet/runtime:6.0-jammy as build
FROM mcr.microsoft.com/dotnet/runtime-deps:6.0-jammy as build

ARG TARGETOS
ARG TARGETARCH
Expand Down Expand Up @@ -32,7 +32,7 @@ RUN export RUNNER_ARCH=${TARGETARCH} \
"https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION}/buildx-v${BUILDX_VERSION}.linux-${TARGETARCH}" \
&& chmod +x /usr/local/lib/docker/cli-plugins/docker-buildx

FROM mcr.microsoft.com/dotnet/runtime-deps:6.0-jammy
FROM mcr.microsoft.com/dotnet/runtime:6.0-jammy

ENV DEBIAN_FRONTEND=noninteractive
ENV RUNNER_MANUALLY_TRAP_SIG=1
Expand Down Expand Up @@ -85,6 +85,7 @@ RUN apt-get update -y \
zip \
gzip \
jq \
skopeo \
python3-pip \
htop \
psmisc \
Expand Down Expand Up @@ -113,6 +114,8 @@ RUN export RUNNER_ARCH=${TARGETARCH} \
&& curl -fLo /usr/local/lib/docker/cli-plugins/docker-compose \
"https://github.com/docker/compose/releases/download/v${COMPOSE_VERSION}/docker-compose-linux-${DOCKER_ARCH}" \
&& chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

RUN pip3 install ansible
#########################################
## End OS Software Customizations ##
#########################################
Expand Down

0 comments on commit 41959d0

Please sign in to comment.