Merge remote-tracking branch 'upstream/main' #79
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create new experimental release | |
| on: | |
| # run when pushed to main is published, | |
| # which creates a new tag | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'v2/**' | |
| # no content, allows manual triggering | |
| workflow_dispatch: | |
| env: | |
| ARTIFACT_VERSION: experimental | |
| jobs: | |
| build-and-push: | |
| runs-on: [self-hosted, 1ES.Pool=aso-1es-pool] | |
| permissions: | |
| contents: write # Required to write a release | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 # required to access tags | |
| submodules: "true" | |
| - name: Force docker to SSD | |
| run: sudo scripts/v2/linux-docker-use-ssd.sh --containerd true | |
| - name: Build & run devcontainer image | |
| # this always builds a new image from scratch rather than from the build-devcontainer-image workflow output | |
| # so that we pick up the latest versions of everything | |
| # NB: if you update this also update live-validation.yml, pre-release-tests.yaml and create-release-official.yaml | |
| id: devcontainer | |
| run: | | |
| docker build --tag devcontainer:latest .devcontainer | |
| mkdir -p $HOME/.docker # in case it doesn't exist | |
| container_id=$(docker create -w /workspace -v $GITHUB_WORKSPACE:/workspace -v /var/run/docker.sock:/var/run/docker.sock devcontainer:latest) | |
| docker start "$container_id" | |
| echo "container_id=$container_id" >> $GITHUB_ENV | |
| - name: Build required release files | |
| run: | | |
| container_id=${{env.container_id}} | |
| docker exec "$container_id" task VERSION=${{ env.ARTIFACT_VERSION }} LATEST_VERSION_TAG=${{ env.ARTIFACT_VERSION }} make-release-artifacts | |
| # We delete the old release and re-create it because if we just use the overwrite argument to | |
| # upload-release-action it updates the release files but doesn't change the "date" of the release. | |
| # Over time this means that the release date diverges from the date the files were uploaded in a way that is | |
| # likely to confuse users. | |
| - name: Delete Release | |
| run: gh release delete "experimental" --cleanup-tag -y | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # See https://github.com/svenstaro/upload-release-action/issues/99, which describes a bug where (for some reason) | |
| # releases that are deleted and then immediately recreated can sometimes show up as draft rather than an official | |
| # release. This is a hack, but we don't have a better workaround at the moment. See https://github.com/cli/cli/issues/8458 | |
| # as well. | |
| - name: Wait 60s | |
| run: sleep 60s | |
| - name: Upload release assets | |
| uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # this is v2.7.0, but pinned | |
| with: | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| tag: refs/tags/${{ env.ARTIFACT_VERSION }} | |
| file: "v2/out/release/*" | |
| file_glob: true | |
| prerelease: true | |
| release_name: "Experimental" | |
| body: | | |
| This is an experimental release which containing the most recent commits from the main branch as of commit: ${{ github.sha }}. | |
| **This release might not be stable. Use at your own risk.** | |
| > ⚠️ The provided YAML manifest does not configure any CRDs to install by default, but is required. | |
| > You must specify the CRDs that you want to use as part of `crdPattern`, for example `'resources.azure.com/*;containerservice.azure.com/*;keyvault.azure.com/*;managedidentity.azure.com/*;apimanagement.azure.com/*'`. | |
| It is only intended for developers wishing to try out the latest feature, some of which may not be fully implemented. | |
| - name: Docker login | |
| run: | | |
| container_id=${{env.container_id}} | |
| docker exec -e AZURE_CLIENT_ID -e AZURE_CLIENT_SECRET -e DOCKER_REGISTRY "$container_id" task VERSION=${{ env.ARTIFACT_VERSION }} LATEST_VERSION_TAG=${{ env.ARTIFACT_VERSION }} docker-login | |
| env: | |
| DOCKER_REGISTRY: ${{ secrets.REGISTRY_LOGIN }} | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} | |
| - name: Build, tag and push docker image | |
| run: | | |
| container_id=${{env.container_id}} | |
| docker exec -e DOCKER_PUSH_TARGET "$container_id" task VERSION=${{ env.ARTIFACT_VERSION }} LATEST_VERSION_TAG=${{ env.ARTIFACT_VERSION }} controller:docker-push-multiarch | |
| env: | |
| DOCKER_PUSH_TARGET: ${{ secrets.REGISTRY_PUBLIC }} |