Cut Release #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Cut Release | |
| on: workflow_dispatch | |
| jobs: | |
| check-requirements: | |
| name: Check Requirements | |
| runs-on: ubuntu-latest | |
| environment: release-check | |
| steps: | |
| - name: Check For Admin Permission | |
| uses: actions-cool/check-user-permission@v2 | |
| with: | |
| require: admin | |
| username: ${{ github.triggering_actor }} | |
| - name: Check Repository | |
| run: | | |
| if [ "${{ vars.RUN_RELEASE_BUILDS }}" = "1" ]; then | |
| MSG="Running workflow because RUN_RELEASE_BUILDS=1" | |
| echo "${MSG}" | |
| echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" | |
| exit 0 | |
| fi | |
| echo "Trying to run the release workflow from repository ${{ github.repository }}" | |
| if [ "${{ github.repository }}" != "saltstack/salt-vmtools" ]; then | |
| MSG="Running the release workflow from the ${{ github.repository }} repository is not allowed" | |
| echo "${MSG}" | |
| echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" | |
| MSG="Allowed repository: saltstack/salt-vmtools" | |
| echo "${MSG}" | |
| echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" | |
| exit 1 | |
| else | |
| MSG="Allowed to release from repository ${{ github.repository }}" | |
| echo "${MSG}" | |
| echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" | |
| fi | |
| - name: Check Branch | |
| run: | | |
| echo "Trying to run the release workflow from branch ${{ github.ref_name }}" | |
| if [ "${{ github.ref_name }}" != "main" ]; then | |
| echo "Running the release workflow from the ${{ github.ref_name }} branch is not allowed" | |
| echo "Allowed branches: main" | |
| exit 1 | |
| else | |
| echo "Allowed to release from branch ${{ github.ref_name }}" | |
| fi | |
| update-main: | |
| name: Update CHANGELOG.md and vmtools svtminion.sh svtminion.ps1 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write # To be able to publish the release | |
| environment: release | |
| needs: | |
| - check-requirements | |
| outputs: | |
| release-version: ${{ steps.update-repo.outputs.release-version }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| repository: ${{ github.repository }} | |
| ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
| - name: Install Requirements | |
| run: | | |
| python3 -m pip install -r requirements/release.txt | |
| pre-commit install --install-hooks | |
| - name: Configure Git | |
| shell: bash | |
| run: | | |
| git config --global --add safe.directory "$(pwd)" | |
| git config --global user.name "Salt Project Packaging" | |
| git config --global user.email [email protected] | |
| git config --global commit.gpgsign false | |
| - name: Update Repository | |
| id: update-repo | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| python3 .github/workflows/scripts/cut-release.py --repo ${{ github.repository }} | |
| - name: Show Changes | |
| run: | | |
| git status | |
| git diff | |
| - name: Commit Changes | |
| run: | | |
| git commit -am "Update main branch for the ${{ steps.update-repo.outputs.release-version }} release" || \ | |
| git commit -am "Update main branch for the ${{ steps.update-repo.outputs.release-version }} release" | |
| - name: Push Changes | |
| uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 | |
| with: | |
| ## ssh: true | |
| atomic: true | |
| branch: main | |
| repository: ${{ github.repository }} | |
| - name: Upload Release Details | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: release-details | |
| path: | | |
| .cut_release_version | |
| .cut_release_changes | |
| include-hidden-files: true | |
| ## merge-develop-into-stable: | |
| ## name: Merge develop into stable | |
| ## runs-on: ubuntu-latest | |
| ## needs: | |
| ## - update-main | |
| ## environment: release | |
| ## permissions: | |
| ## contents: write # To be able to publish the release | |
| ## steps: | |
| ## - uses: actions/checkout@v4 | |
| ## with: | |
| ## ref: stable | |
| ## repository: ${{ github.repository }} | |
| ## ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
| ## fetch-depth: 0 | |
| ## - name: Configure Git | |
| ## shell: bash | |
| ## run: | | |
| ## git config --global --add safe.directory "$(pwd)" | |
| ## git config --global user.name "Salt Project Packaging" | |
| ## git config --global user.email [email protected] | |
| ## git config --global commit.gpgsign false | |
| ## - name: Download Release Details | |
| ## uses: actions/download-artifact@v4 | |
| ## with: | |
| ## name: release-details | |
| ## - name: Merge develop into stable | |
| ## run: | | |
| ## git merge --no-ff -m "Merge develop into stable for ${{ needs.update-develop.outputs.release-version }} release" origin/develop || touch .git-conflicts | |
| ## if [ -f .git-conflicts ] | |
| ## then | |
| ## git diff | |
| ## for f in $(git status | grep 'both modified' | awk '{ print $3 }') | |
| ## do | |
| ## git checkout --theirs "$f" | |
| ## pre-commit run -av --files "$f" | |
| ## git add "$f" | |
| ## done | |
| ## git commit -a -m "Merge develop into stable for ${{ needs.update-develop.outputs.release-version }} release(auto resolving conflicts to the develop version)" | |
| ## fi | |
| ## - name: Tag The ${{ needs.update-develop.outputs.release-version }} Release | |
| ## run: | | |
| ## git tag --no-sign -m "Release ${{ needs.update-develop.outputs.release-version }}" -a ${{ needs.update-develop.outputs.release-version }} | |
| ## ## - name: Update vmtools-salt.sh sha256sum's | |
| ## ## run: | | |
| ## ## sha256sum vmtools-salt.sh | awk '{ print $1 }' > vmtools-salt.sh.sha256 | |
| ## ## sha256sum vmtools-salt.ps1 | awk '{ print $1 }' > vmtools-salt.ps1.sha256 | |
| ## ## git commit -a -m "Update sha256 checksums" || git commit -a -m "Update sha256 checksums" | |
| ## ## - name: Push Changes | |
| ## ## uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 | |
| ## ## with: | |
| ## ## ssh: true | |
| ## ## tags: true | |
| ## ## atomic: true | |
| ## ## branch: stable | |
| ## ## repository: ${{ github.repository }} | |
| publish-release: | |
| name: Create GitHub Release | |
| runs-on: ubuntu-latest | |
| needs: | |
| - update-main | |
| environment: release | |
| permissions: | |
| contents: write # To be able to publish the release | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| repository: ${{ github.repository }} | |
| ## ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
| - name: Download Release Details | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-details | |
| - name: Update Environment | |
| run: | | |
| CUT_RELEASE_VERSION=$(cat .cut_release_version) | |
| echo "CUT_RELEASE_VERSION=${CUT_RELEASE_VERSION}" >> "$GITHUB_ENV" | |
| - name: Tag The ${{ needs.update-main.outputs.release-version }} Release | |
| run: | | |
| ## DGM git tag --no-sign -m "Release ${{ needs.update-main.outputs.release-version }}" -a ${{ needs.update-main.outputs.release-version }} | |
| git tag -f --no-sign -m "Release ${{ needs.update-main.outputs.release-version }}" -a ${{ needs.update-main.outputs.release-version }} | |
| - name: Create Github Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| name: ${{ env.CUT_RELEASE_VERSION }} | |
| tag_name: ${{ env.CUT_RELEASE_VERSION }} | |
| body_path: .cut_release_changes | |
| target_commitish: main | |
| draft: false | |
| prerelease: false | |
| generate_release_notes: false | |
| files: | | |
| linux/svtminion.sh | |
| windows/svtminion.ps1 | |
| LICENSE | |
| - name: Delete Release Details Artifact | |
| uses: geekyeggo/delete-artifact@v5 | |
| with: | |
| name: release-details | |
| failOnError: false | |
| update-main-checksums: | |
| name: Update Release Checksums on Main | |
| runs-on: ubuntu-latest | |
| needs: | |
| - publish-release | |
| environment: release | |
| permissions: | |
| contents: write # For action peter-evans/create-pull-request | |
| pull-requests: write # For action peter-evans/create-pull-request | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| repository: ${{ github.repository }} | |
| ## ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
| - name: Get vmtools-salt.sh on main branch sha256sum | |
| run: | | |
| echo "SH=$(sha256sum linux/vmtools-salt.sh | awk '{ print $1 }')" >> "$GITHUB_ENV" | |
| echo "VMTS_VERSION=$(sh linux/vmtools-salt.sh --version | awk '{ print $4 }')" >> "$GITHUB_ENV" | |
| echo "DGM SH ,${SH}, and VMTS_VERSION ,${VMTS_VERSION}," | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| repository: ${{ github.repository }} | |
| ## ssh-key: ${{ secrets.SALT_VMTOOLS_RELEASE_KEY }} | |
| - name: Configure Git | |
| shell: bash | |
| run: | | |
| git config --global --add safe.directory "$(pwd)" | |
| git config --global user.name "Salt Project Packaging" | |
| git config --global user.email [email protected] | |
| git config --global commit.gpgsign false | |
| - name: Update Latest Release on README | |
| run: | | |
| python3 .github/workflows/scripts/update-release-shasum.py ${{ env.VMTS_VERSION }} ${{ env.SH }} | |
| - name: Show Changes | |
| run: | | |
| git status | |
| git diff | |
| - name: Commit Changes | |
| run: | | |
| git commit -am "Update README.md with ${{ env.VMTS_VERSION }} release sha256sum" || \ | |
| git commit -am "Update README.md with ${{ env.VMTS_VERSION }} release sha256sum" | |
| - name: Push Changes | |
| uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 | |
| with: | |
| ## ssh: true | |
| atomic: true | |
| branch: main | |
| repository: ${{ github.repository }} | |
| - name: Update vmtools-salt.sh sha256sum's | |
| run: | | |
| sha256sum linux/svtminion.sh | awk '{ print $1 }' > svtminion.sh.sha256 | |
| sha256sum windows/svtminion.ps1 | awk '{ print $1 }' > svtminion.ps1.sha256 | |
| git commit -a -m "Update sha256 checksums" || git commit -a -m "Update sha256 checksums" | |
| - name: Push Changes | |
| uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 | |
| with: | |
| ## ssh: true | |
| tags: true | |
| atomic: true | |
| branch: main | |
| repository: ${{ github.repository }} |