From ca235716e56c8a7d6961f9dbdcfe1ef29b3f9379 Mon Sep 17 00:00:00 2001 From: Karl Rister Date: Fri, 27 Sep 2024 09:25:06 -0500 Subject: [PATCH 1/4] add the ability to call the crucible-release workflow --- .github/workflows/crucible-release.yaml | 39 +++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/.github/workflows/crucible-release.yaml b/.github/workflows/crucible-release.yaml index 1e83d91..220793f 100644 --- a/.github/workflows/crucible-release.yaml +++ b/.github/workflows/crucible-release.yaml @@ -29,6 +29,35 @@ on: # yamllint disable-line rule:truthy type: boolean description: FORCE push (override tag) default: false + workflow_call: + inputs: + dry_run: + required: false + type: boolean + description: Do NOT push/delete tag to/from the repositories + default: false + custom_tag: + required: false + type: string + description: Custom tag to push/delete + default: '' + action: + required: true + type: string + description: Action to perform with the custom-tag (push or delete) + default: 'push' + force_push: + required: false + type: boolean + description: FORCE push (override tag) + default: false + secrets: + PRIVATE_KEY__TAG_CRUCIBLE_RELEASE: + required: true + +concurrency: + group: crucible-release + cancel-in-progress: false jobs: release-tag: @@ -202,3 +231,13 @@ jobs: fi echo "Tags:" git ls-remote --tags origin + + crucible-release-complete: + runs-on: [ self-hosted, workflow-overhead ] + timeout-minutes: 10 + needs: + - projects-tag + steps: + - name: + run: | + echo "crucible-release-complete" From 8b545a055adaed5b534d684e758016e0053f2a44 Mon Sep 17 00:00:00 2001 From: Karl Rister Date: Fri, 27 Sep 2024 09:25:59 -0500 Subject: [PATCH 2/4] create a caller for the crucible-release workflow that is used to test it in CI --- .github/workflows/crucible-release-ci.yaml | 33 ++++++++++++++++++++++ crucible-install.sh | 2 +- 2 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/crucible-release-ci.yaml diff --git a/.github/workflows/crucible-release-ci.yaml b/.github/workflows/crucible-release-ci.yaml new file mode 100644 index 0000000..3fda3ca --- /dev/null +++ b/.github/workflows/crucible-release-ci.yaml @@ -0,0 +1,33 @@ +name: crucible-release-ci + +on: + pull_request: + branches: [ master ] + workflow_dispatch: + +jobs: + call-crucible-release-remove: + uses: ./.github/workflows/crucible-release.yaml + with: + custom_tag: "ci-version-test" + action: "delete" + force_push: true + secrets: + PRIVATE_KEY__TAG_CRUCIBLE_RELEASE: ${{ secrets.PRIVATE_KEY__TAG_CRUCIBLE_RELEASE }} + + call-crucible-release-create: + uses: ./.github/workflows/crucible-release.yaml + needs: call-crucible-release-remove + with: + custom_tag: "ci-version-test" + action: "push" + secrets: + PRIVATE_KEY__TAG_CRUCIBLE_RELEASE: ${{ secrets.PRIVATE_KEY__TAG_CRUCIBLE_RELEASE }} + + crucible-release-ci-complete: + runs-on: [ self-hosted, workflow-overhead ] + timeout-minutes: 10 + needs: call-crucible-release-create + steps: + - name: complete + run: echo "crucible-release-ci-complete" diff --git a/crucible-install.sh b/crucible-install.sh index 4e74bed..a0208f3 100755 --- a/crucible-install.sh +++ b/crucible-install.sh @@ -337,7 +337,7 @@ function update_repos_config() { fi fi fi - if echo "${BRANCH}" | grep -q "^\(20[0-9][0-9]\.[1234]\|version-test\)$"; then + if echo "${BRANCH}" | grep -q "^\(20[0-9][0-9]\.[1234]\|version-test\|ci-verstion-test\)$"; then # this is a version install so lock it down update_mode=1 MODE="locked" From ea3f528458611e97138d536294fb30b2b6c0ab70 Mon Sep 17 00:00:00 2001 From: Karl Rister Date: Mon, 30 Sep 2024 13:47:17 -0500 Subject: [PATCH 3/4] ensure that the crucible-release workflow always runs against the proper ref of the crucible repo - ${{ github.ref }} should resolve to 'master' when running as a schedule or workflow dispatch (ie. manually invoked) job and likewise it should resolve the PR branch when running as a result of a PR --- .github/workflows/crucible-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/crucible-release.yaml b/.github/workflows/crucible-release.yaml index 220793f..ad35198 100644 --- a/.github/workflows/crucible-release.yaml +++ b/.github/workflows/crucible-release.yaml @@ -106,7 +106,7 @@ jobs: uses: actions/checkout@v4 with: repository: perftool-incubator/crucible - ref: master + ref: ${{ github.ref }} path: crucible set-safe-directory: false fetch-tags: true From 8f4d446d5c627c8f542c3a877b74095af9c11f2f Mon Sep 17 00:00:00 2001 From: Karl Rister Date: Mon, 30 Sep 2024 13:49:11 -0500 Subject: [PATCH 4/4] add a verification job to the crucible-release workflow which does a test installation of crucible using the just created release --- .github/workflows/crucible-release.yaml | 34 ++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/.github/workflows/crucible-release.yaml b/.github/workflows/crucible-release.yaml index ad35198..754cb0c 100644 --- a/.github/workflows/crucible-release.yaml +++ b/.github/workflows/crucible-release.yaml @@ -232,11 +232,43 @@ jobs: echo "Tags:" git ls-remote --tags origin + crucible-release-verification: + if: ${{ inputs.action == 'push' }} + runs-on: ubuntu-latest + timeout-minutes: 10 + needs: + - release-tag + - projects-tag + steps: + - name: checkout crucible + uses: actions/checkout@v4 + with: + repository: perftool-incubator/crucible + ref: ${{ github.ref }} + path: crucible + fetch-tags: true + - name: prepare installation resources + run: | + touch /tmp/auth-file.json + cfgfile=$(grep SYSCONFIG= crucible/crucible-install.sh | cut -d '=' -f2 | sed 's/"//g') + sudo mkdir -p $(dirname $cfgfile) + - name: test release install + env: + TAG: ${{ needs.release-tag.outputs.tag }} + run: | + sudo ./crucible/crucible-install.sh \ + --release $TAG \ + --engine-registry myregistry.io/crucible \ + --engine-auth-file /tmp/auth-file.json \ + --name "Nobody" \ + --email "nobody@somewhere.com" \ + --verbose + crucible-release-complete: runs-on: [ self-hosted, workflow-overhead ] timeout-minutes: 10 needs: - - projects-tag + - crucible-release-verification steps: - name: run: |