Release Ansible package #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Ansible package | |
on: | |
workflow_dispatch: | |
inputs: | |
ansible-version: | |
description: >- | |
Release Version. Example: 11.1.0 | |
required: true | |
env: | |
CI_COMMIT_MESSAGE: >- | |
Ansible ${{ inputs.ansible-version }}: | |
Dependencies, changelog and porting guide | |
ANSIBLE_VERSION: ${{ inputs.ansible-version }} | |
jobs: | |
build: | |
name: Build Ansible (${{ inputs.ansible-version }}) | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
contents: write | |
outputs: | |
pr_url: ${{ steps.create-pr.outputs.pr_url }} | |
steps: | |
- name: Check out antsibull | |
uses: actions/checkout@v4 | |
with: | |
repository: ansible-community/antsibull | |
ref: main | |
path: antsibull | |
- name: Pre-create build directory | |
run: mkdir -p antsibull/build | |
# This is where the antsibull build-release role expects it by default | |
- name: Check out ansible-build-data under antsibull build directory | |
uses: actions/checkout@v4 | |
with: | |
path: antsibull/build/ansible-build-data | |
- name: Set up Python 3.11 | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.11 | |
- name: Install dependencies | |
working-directory: antsibull | |
run: | | |
python3 -m pip install packaging ansible-core antsibull | |
ansible-galaxy install -r requirements.yml | |
- name: Validate version and extract major version | |
shell: python | |
id: extract-version | |
run: | | |
import os | |
import pathlib | |
import sys | |
from packaging.version import Version | |
FILE_APPEND_MODE = 'a' | |
OUTPUTS_FILE_PATH = pathlib.Path(os.environ['GITHUB_OUTPUT']) | |
VERSION = os.environ['ANSIBLE_VERSION'] | |
def set_output(name, value): | |
with OUTPUTS_FILE_PATH.open(FILE_APPEND_MODE) as outputs_file: | |
outputs_file.writelines(f'{name}={value}{os.linesep}') | |
try: | |
version = Version(VERSION) | |
except Exception as exc: | |
sys.exit( | |
f'::error ::The version {VERSION!r} cannot be parsed: {exc}.' | |
) | |
set_output('major-version', version.major) | |
- name: Checking out to a new branch | |
working-directory: antsibull/build/ansible-build-data | |
run: | | |
git checkout -b "publish-${ANSIBLE_VERSION}" | |
- name: Setting the user details | |
run: | | |
git config --global user.name "Github Actions" | |
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
# Run the playbook according to the current release process | |
- name: Building a release with the defaults | |
working-directory: antsibull | |
run: >- | |
ansible-playbook -vv playbooks/build-single-release.yaml | |
-e antsibull_data_reset=false | |
-e "antsibull_ansible_version=${ANSIBLE_VERSION}" | |
env: | |
# Make result better readable | |
ANSIBLE_CALLBACK_RESULT_FORMAT: yaml | |
- name: Upload artifact | |
uses: actions/upload-artifact@v4 | |
id: upload-artifact | |
with: | |
name: sdist-and-wheel | |
path: antsibull/build/ansible-*.* | |
- name: Commit ansible-build-data and push the changes to github | |
working-directory: >- | |
antsibull/build/ansible-build-data/${{ steps.extract-version.outputs.major-version }} | |
run: | | |
git add . | |
git commit -m "${CI_COMMIT_MESSAGE}" | |
git push origin "publish-${ANSIBLE_VERSION}" | |
- name: Create PR to the ansible-build-data | |
id: create-pr | |
working-directory: antsibull/build/ansible-build-data | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
ARTIFACT_URL: ${{ steps.upload-artifact.outputs.artifact-url }} | |
run: | | |
body="$(echo -e "${CI_COMMIT_MESSAGE}\nRelease artifacts: <${ARTIFACT_URL}>")" | |
echo -n "pr_url=" >> "$GITHUB_OUTPUT" | |
gh pr create \ | |
--base main \ | |
--head "publish-${ANSIBLE_VERSION}" \ | |
--title "Release Ansible ${ANSIBLE_VERSION}" \ | |
--body "${body}" | tee -a "$GITHUB_OUTPUT" | |
# publish job downloads the arifacts and publish it to PyPI | |
publish: | |
needs: build | |
name: Upload Ansible (${{ inputs.ansible-version }}) to PyPI | |
runs-on: ubuntu-latest | |
environment: | |
name: pypi | |
url: https://pypi.org/project/ansible/${{ inputs.ansible-version }} | |
permissions: | |
id-token: write | |
steps: | |
- name: Ensure that the PR was merged | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PR_URL: ${{ needs.build.outputs.create-pr }} | |
run: | | |
STATE="$(gh pr view "${PR_URL}" --json state --template "{{.state}}")" | |
if [ "${STATE}" != "MERGED" ]; then | |
echo "::error ::The state of PR ${PR_URL} must be MERGED, not ${STATE}" | |
exit 1 | |
fi | |
- name: Download artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: sdist-and-wheel | |
path: dist/ | |
- name: Upload Ansible sdist and wheel to PyPI | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
# git-tag job creates the git tag | |
git-tag: | |
needs: publish | |
name: Creates git tag for Ansible (${{ inputs.ansible-version }}) | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- name: Check out ansible-build-data | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.repository.default_branch }} | |
- name: Create git tag | |
run: | | |
git config --global user.name "Github Actions" | |
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
git tag -a "${ANSIBLE_VERSION}" -m "Ansible ${ANSIBLE_VERSION}: Changelog, Porting Guide and Dependent Collection Details" | |
git push origin "${ANSIBLE_VERSION}" |