From f1d8b21030b95eb1a3f3567a16438d5461bcfc6b Mon Sep 17 00:00:00 2001 From: Fatih Acar Date: Tue, 3 Dec 2024 19:01:39 +0100 Subject: [PATCH] fix(ci): update release workflow to use release events This fixes issues with pre-releases where the git tag may not match the previous filter we had. We now check if the github release is a "pre-release" and also check if the Poetry version is also a pre-release or dev-release one. If the github release is not pre-release, we ensure that the Poetry version is also not a pre-release one. We also fix a potential issue where the "latest" Docker tag would be added to older versions. Leverage the GitHub "latest" release flag to solve that. Signed-off-by: Fatih Acar --- .github/workflows/release-preview.yml | 48 --------------- .github/workflows/release.yml | 86 ++++++++++++++++++++++++--- 2 files changed, 78 insertions(+), 56 deletions(-) delete mode 100644 .github/workflows/release-preview.yml diff --git a/.github/workflows/release-preview.yml b/.github/workflows/release-preview.yml deleted file mode 100644 index 022b0254f8..0000000000 --- a/.github/workflows/release-preview.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# yamllint disable rule:truthy -name: New Preview Release - -on: - push: - tags: - - 'infrahub-v*-*' - -jobs: - meta_data: - runs-on: ubuntu-22.04 - outputs: - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - steps: - - name: Set docker image metadata - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ${{ vars.HARBOR_HOST }}/${{ github.repository }} - tags: | - type=match,pattern=infrahub-v(\d+\.\d+\.\d+-\w+),group=1 - type=match,pattern=infrahub-v(\d+\.\d+-\w+),group=1 - type=raw,value=preview - labels: | - org.opencontainers.image.source=${{ github.repository }} - flavor: | - latest=false - - publish-docker-image: - uses: ./.github/workflows/ci-docker-image.yml - secrets: inherit - needs: meta_data - with: - publish: true - version: ${{ github.ref_name }} - ref: ${{ github.sha }} - tags: ${{ needs.meta_data.outputs.tags }} - labels: ${{ needs.meta_data.outputs.labels }} - - publish-pypi: - uses: ./.github/workflows/publish-pypi.yml - secrets: inherit - with: - publish: true - version: ${{ github.ref_name }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 43b063dbf4..b77f9ae36d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,13 +3,79 @@ name: New Release on: - push: - tags: - - 'infrahub-v*' - - '!infrahub-v*-*' + release: + types: + - published jobs: + check_release: + runs-on: ubuntu-22.04 + outputs: + is_prerelease: ${{ steps.release.outputs.is_prerelease }} + is_devrelease: ${{ steps.release.outputs.is_devrelease }} + version: ${{ steps.release.outputs.version }} + major_minor_version: ${{ steps.release.outputs.major_minor_version }} + latest_tag: ${{ steps.release.outputs.latest_tag }} + steps: + - name: "Check out repository code" + uses: "actions/checkout@v4" + with: + submodules: true + + - name: "Set up Python" + uses: "actions/setup-python@v5" + with: + python-version: "3.12" + + - name: "Install Poetry" + uses: "snok/install-poetry@v1" + with: + virtualenvs-create: true + virtualenvs-in-project: true + installer-parallel: true + + - name: "Setup Python environment" + run: | + poetry config virtualenvs.create true --local + poetry env use 3.12 + - name: "Install dependencies" + run: "poetry install --no-interaction --no-ansi" + + - name: "Check prerelease type" + id: release + run: | + echo is_prerelease=$(poetry run python -c "from packaging.version import Version; print(int(Version('$(poetry version -s)').is_prerelease))") >> "$GITHUB_OUTPUT" + echo is_devrelease=$(poetry run python -c "from packaging.version import Version; print(int(Version('$(poetry version -s)').is_devrelease))") >> "$GITHUB_OUTPUT" + echo "version=$(poetry version -s)" >> "$GITHUB_OUTPUT" + echo major_minor_version=$(poetry run python -c "from packaging.version import Version; print(f\"{Version('$(poetry version -s)').major}.{Version('$(poetry version -s)').minor}\")") >> "$GITHUB_OUTPUT" + echo latest_tag=$(curl -L \ + -H "Accept: application/vnd.github+json" \ + -H "Authorization: Bearer ${{ github.token }}" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + https://api.github.com/repos/${{ github.repository }}/releases/latest \ + | jq -r '.tag_name') >> "$GITHUB_OUTPUT" + + - name: Check tag version + if: github.event.release.tag_name != format('infrahub-v{0}', steps.release.outputs.version) + run: | + echo "Tag version does not match python project version" + exit 1 + + - name: Check prerelease and project version + if: github.event.release.prerelease == true && steps.release.outputs.is_prerelease == 0 && steps.release.outputs.is_devrelease == 0 + run: | + echo "Cannot pre-release a non pre-release or non dev-release version (${{ steps.release.outputs.version }})" + exit 1 + + - name: Check release and project version + if: github.event.release.prerelease == false && (steps.release.outputs.is_prerelease == 1 || steps.release.outputs.is_devrelease == 1) + run: | + echo "Cannot release a pre-release or dev-release version (${{ steps.release.outputs.version }})" + exit 1 + + meta_data: + needs: check_release runs-on: ubuntu-22.04 outputs: tags: ${{ steps.meta.outputs.tags }} @@ -22,11 +88,13 @@ jobs: images: | ${{ vars.HARBOR_HOST }}/${{ github.repository }} tags: | - type=match,pattern=infrahub-v(\d+\.\d+\.\d+),group=1 - type=match,pattern=infrahub-v(\d+\.\d+),group=1 - type=raw,value=stable + type=raw,value=${{ needs.check_release.outputs.version }} + type=raw,value=${{ github.event.release.prerelease == false && needs.check_release.outputs.major_minor_version || '' }} + type=raw,value=${{ github.event.release.prerelease == true && 'preview' || 'stable' }} labels: | org.opencontainers.image.source=${{ github.repository }} + flavor: | + latest=${{ needs.check_release.outputs.latest_tag == github.event.release.tag_name }} publish-docker-image: uses: ./.github/workflows/ci-docker-image.yml @@ -40,14 +108,16 @@ jobs: labels: ${{ needs.meta_data.outputs.labels }} publish-helm-chart: + needs: check_release + if: github.event.release.prerelease == false uses: ./.github/workflows/publish-helm-chart.yml secrets: inherit with: publish: true publish-pypi: + needs: check_release uses: ./.github/workflows/publish-pypi.yml secrets: inherit with: publish: true - version: ${{ github.ref_name }}