-
Notifications
You must be signed in to change notification settings - Fork 43
188 lines (157 loc) · 5.84 KB
/
ansible-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
name: Release Ansible package
on:
workflow_dispatch:
inputs:
ansible-version:
description: >-
Release Version. Example: 11.1.0
required: true
env:
CI_COMMIT_MESSAGE: >-
Ansible ${{ inputs.ansible-version }}:
Dependencies, changelog and porting guide
ANSIBLE_VERSION: ${{ inputs.ansible-version }}
jobs:
build:
name: Build Ansible (${{ inputs.ansible-version }})
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: write
outputs:
pr_url: ${{ steps.create-pr.outputs.pr_url }}
steps:
- name: Check out antsibull
uses: actions/checkout@v4
with:
repository: ansible-community/antsibull
ref: main
path: antsibull
- name: Pre-create build directory
run: mkdir -p antsibull/build
# This is where the antsibull build-release role expects it by default
- name: Check out ansible-build-data under antsibull build directory
uses: actions/checkout@v4
with:
path: antsibull/build/ansible-build-data
- name: Set up Python 3.11
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Install dependencies
working-directory: antsibull
run: |
python3 -m pip install packaging ansible-core antsibull
ansible-galaxy install -r requirements.yml
- name: Validate version and extract major version
shell: python
id: extract-version
run: |
import os
import pathlib
import sys
from packaging.version import Version
FILE_APPEND_MODE = 'a'
OUTPUTS_FILE_PATH = pathlib.Path(os.environ['GITHUB_OUTPUT'])
VERSION = os.environ['ANSIBLE_VERSION']
def set_output(name, value):
with OUTPUTS_FILE_PATH.open(FILE_APPEND_MODE) as outputs_file:
outputs_file.writelines(f'{name}={value}{os.linesep}')
try:
version = Version(VERSION)
except Exception as exc:
sys.exit(
f'::error ::The version {VERSION!r} cannot be parsed: {exc}.'
)
set_output('major-version', version.major)
- name: Checking out to a new branch
working-directory: antsibull/build/ansible-build-data
run: |
git checkout -b "publish-${ANSIBLE_VERSION}"
- name: Setting the user details
run: |
git config --global user.name "Github Actions"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
# Run the playbook according to the current release process
- name: Building a release with the defaults
working-directory: antsibull
run: >-
ansible-playbook -vv playbooks/build-single-release.yaml
-e antsibull_data_reset=false
-e "antsibull_ansible_version=${ANSIBLE_VERSION}"
env:
# Make result better readable
ANSIBLE_CALLBACK_RESULT_FORMAT: yaml
- name: Upload artifact
uses: actions/upload-artifact@v4
id: upload-artifact
with:
name: sdist-and-wheel
path: antsibull/build/ansible-*.*
- name: Commit ansible-build-data and push the changes to github
working-directory: >-
antsibull/build/ansible-build-data/${{ steps.extract-version.outputs.major-version }}
run: |
git add .
git commit -m "${CI_COMMIT_MESSAGE}"
git push origin "publish-${ANSIBLE_VERSION}"
- name: Create PR to the ansible-build-data
id: create-pr
working-directory: antsibull/build/ansible-build-data
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ARTIFACT_URL: ${{ steps.upload-artifact.outputs.artifact-url }}
run: |
body="$(echo -e "${CI_COMMIT_MESSAGE}\nRelease artifacts: <${ARTIFACT_URL}>")"
echo -n "pr_url=" >> "$GITHUB_OUTPUT"
gh pr create \
--base main \
--head "publish-${ANSIBLE_VERSION}" \
--title "Release Ansible ${ANSIBLE_VERSION}" \
--body "${body}" | tee -a "$GITHUB_OUTPUT"
# publish job downloads the arifacts and publish it to PyPI
publish:
needs: build
name: Upload Ansible (${{ inputs.ansible-version }}) to PyPI
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/project/ansible/${{ inputs.ansible-version }}
permissions:
id-token: write
steps:
- name: Ensure that the PR was merged
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_URL: ${{ needs.build.outputs.create-pr }}
run: |
STATE="$(gh pr view "${PR_URL}" --json state --template "{{.state}}")"
if [ "${STATE}" != "MERGED" ]; then
echo "::error ::The state of PR ${PR_URL} must be MERGED, not ${STATE}"
exit 1
fi
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: sdist-and-wheel
path: dist/
- name: Upload Ansible sdist and wheel to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
# git-tag job creates the git tag
git-tag:
needs: publish
name: Creates git tag for Ansible (${{ inputs.ansible-version }})
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Check out ansible-build-data
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
- name: Create git tag
run: |
git config --global user.name "Github Actions"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git tag -a "${ANSIBLE_VERSION}" -m "Ansible ${ANSIBLE_VERSION}: Changelog, Porting Guide and Dependent Collection Details"
git push origin "${ANSIBLE_VERSION}"