From 0b215849e8bc1efcafe23a591c28d199b863f9d3 Mon Sep 17 00:00:00 2001 From: NSMBot Date: Mon, 25 Jul 2022 12:58:51 +0000 Subject: [PATCH] Sync files with networkservicemesh/cmd-template This PR syncs files with https://github.com/networkservicemesh/cmd-template Revision: https://github.com/networkservicemesh/cmd-template/commits/e8ed376ecfda3a4aad2f7ffab6098abba0515c8e commit e8ed376ecfda3a4aad2f7ffab6098abba0515c8e Author: Nikita Skrynnik <93182827+NikitaSkrynnik@users.noreply.github.com> Date: Mon Jul 25 21:22:30 2022 +1100 Add reusable workflows (#105) * reuse already existing workflows from .github Signed-off-by: Nikita Skrynnik * replace docker-push workflows Signed-off-by: Nikita Skrynnik * rework release workflow Signed-off-by: Nikita Skrynnik * rework update-deployments and ci workflows Signed-off-by: Nikita Skrynnik * finish reworking workflows Signed-off-by: Nikita Skrynnik * minor fixes Signed-off-by: Nikita Skrynnik * specify config_file path for yamllint job in CI workflow Signed-off-by: Nikita Skrynnik * fix automerge Signed-off-by: Nikita Skrynnik * fix yamllint issues Signed-off-by: Nikita Skrynnik * fix docker-build-and-test job in CI workflow Signed-off-by: Nikita Skrynnik * add print-debug-info job to automerge workflow Signed-off-by: Nikita Skrynnik Signed-off-by: NSMBot --- .github/workflows/automerge.yaml | 131 +++------------- .github/workflows/ci.yaml | 146 ++---------------- .github/workflows/codeql-analysis.yml | 54 +------ .github/workflows/docker-push-ghcr.yml | 36 +---- .github/workflows/docker-push.yaml | 32 +--- .github/workflows/pr-for-updates.yaml | 20 +-- .github/workflows/release.yml | 177 ++++------------------ .github/workflows/update-deployments.yaml | 65 +------- 8 files changed, 86 insertions(+), 575 deletions(-) diff --git a/.github/workflows/automerge.yaml b/.github/workflows/automerge.yaml index 070bf4d..29f554f 100644 --- a/.github/workflows/automerge.yaml +++ b/.github/workflows/automerge.yaml @@ -7,115 +7,28 @@ on: workflows: - "ci" jobs: - automerge: - name: Automerge + print-debug-info: + name: Print debug info runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot' }} - outputs: - pr_branch_ref: ${{ steps.check_mergeability.outputs.pr_branch_ref }} steps: - - name: Find current PR - uses: jwalton/gh-find-current-pr@v1.0.2 - id: findPr - with: - sha: ${{ github.event.workflow_run.head_sha }} - github-token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - name: Validate PR number - run: | - if [ -z ${{ steps.findPr.outputs.pr }} ]; then - echo "No opened PR was found for SHA ${{ github.event.workflow_run.head_sha }}" - exit 1 - fi - - name: Get PR Info - id: get_pull_request_info - uses: octokit/request-action@v2.x - with: - route: GET /repos/${{ github.repository }}/pulls/${{ steps.findPr.outputs.pr }} - env: - GITHUB_TOKEN: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - name: Check mergeability - id: check_mergeability - run: | - echo "Mergeable: ${{ fromJson(steps.get_pull_request_info.outputs.data).mergeable }}" - PR_BRANCH_REF=${{ fromJson(steps.get_pull_request_info.outputs.data).head.ref }} - echo "PR_BRANCH_REF: $PR_BRANCH_REF" - echo "::set-output name=pr_branch_ref::$PR_BRANCH_REF" - if [ "${{ fromJson(steps.get_pull_request_info.outputs.data).mergeable }}" != "true" ]; then - echo "PR has conflicts" - exit 1 - fi - - name: Check out the code - uses: actions/checkout@v2 - - name: Fetch main - run: | - git remote -v - git fetch --depth=1 origin main - - name: Only allow go.mod and go.sum changes - run: | - find . -type f ! -name 'go.mod' ! -name 'go.sum' ! -name '*.yaml' ! -name '*.yml' ! -name '*.txt' ! -name '*.md' ! -name '*.conf' -exec git diff --exit-code origin/main -- {} + - - name: Merge PR - uses: ridedott/merge-me-action@master - with: - GITHUB_LOGIN: nsmbot - ENABLED_FOR_MANUAL_CHANGES: true - GITHUB_TOKEN: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} + - uses: hmarr/debug-action@v2 + + check-mergeability: + if: ${{ github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot' }} + uses: networkservicemesh/.github/.github/workflows/check-mergeability.yaml@main + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} + + automerge: + needs: [check-mergeability] + if: ${{ needs.check-mergeability.result == 'success' }} + uses: networkservicemesh/.github/.github/workflows/automerge.yaml@main + resolve_conflicts: - name: Autoresolve Conflicts - needs: [automerge] - if: ${{ always() && needs.automerge.result == 'failure' && needs.automerge.outputs.pr_branch_ref != '' && github.actor == 'nsmbot' }} - runs-on: ubuntu-latest - steps: - - name: Checkout default branch - uses: actions/checkout@v2 - with: - fetch-depth: 0 - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - name: Checkout PR branch - uses: actions/checkout@v2 - with: - ref: ${{ needs.automerge.outputs.pr_branch_ref }} - fetch-depth: 0 - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - name: Verify conflicts only in go.mod/go.sum - run: | - CONFLICTING_FILES=$(git merge-tree $(git merge-base origin/main HEAD) origin/main HEAD | \ - awk 'BEGIN {is_conflict = 0} /changed in both/{is_conflict = 1; next} /base/{if (is_conflict) {print $4; is_conflict = 0} next }' | \ - { grep -vF "go.mod" || true; } | \ - { grep -vF "go.sum" || true; }) - if [[ -n $CONFLICTING_FILES ]]; then - echo "Conflicts can be resolved only in go.mod and go.sum files, but conflicts were found in other files: $CONFLICTING_FILES" - exit 1 - fi - - name: Check number of retries - run: | - if [ $(git log --oneline | head -n 10 | grep -Fc "Automatically resolving conflicts in go.mod") -ge 3 ]; then - echo "Couldn't automatically resolve conflicts (number of re-tries is >= 3). Please, resolve them manually." - exit 1 - fi - - name: Merge default branch - run: | - git config --global user.email "nsmbot@networkservicmesh.io" - git config --global user.name "NSMBot" - git config pull.rebase false - git pull -q origin main -s ort -X theirs - - name: Setup Go - uses: actions/setup-go@v1 - with: - go-version: 1.18.2 - - name: Update version manually - run: | - branch=${{ needs.automerge.outputs.pr_branch_ref }} - repository=${branch#update/networkservicemesh/} - echo Update ${repository} version in go.mod manually - go get -u github.com/networkservicemesh/${repository}@main - - name: Re-generate go.sum - run: go mod tidy - - name: Push changes - run: | - echo "Automatically resolving conflicts in go.mod and updating dependency versions to the latest" >> /tmp/commit-message - git config --global user.email "nsmbot@networkservicmesh.io" - git config --global user.name "NSMBot" - git add -- go.sum go.mod - git commit -s -F /tmp/commit-message - echo "Force-pushing changes to ${{ needs.automerge.outputs.pr_branch_ref }}" - git push -f origin ${{ needs.automerge.outputs.pr_branch_ref }} + needs: [check-mergeability] + if: ${{ always() && needs.check-mergeability.result == 'failure' && needs.check-mergeability.outputs.pr_branch_ref != '' }} + uses: networkservicemesh/.github/.github/workflows/resolve-conflicts.yaml@main + with: + pr_branch_ref: ${{ needs.check-mergeability.outputs.pr_branch_ref }} + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7ae7eee..2a6f1d6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -8,149 +8,35 @@ on: pull_request: jobs: yamllint: - name: yamllint - runs-on: ubuntu-latest - steps: - - name: Check out code into the Go module directory - uses: actions/checkout@v2 - - name: yaml-lint - uses: ibiqlik/action-yamllint@v1 - with: - config_file: .yamllint.yml - strict: true + uses: networkservicemesh/.github/.github/workflows/yamllint.yaml@main + with: + config_file: "./.yamllint.yml" shellcheck: - name: shellcheck - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: shellcheck - uses: fkautz/shell-linter@v1.0.1 - - build: - name: build - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, macos-latest, windows-latest] - steps: - - name: Check out code - uses: actions/checkout@v2 - - name: Setup Go - uses: actions/setup-go@v1 - with: - go-version: 1.18.2 - - name: Build - run: go build -race ./... + uses: networkservicemesh/.github/.github/workflows/shellcheck.yaml@main golangci-lint: - name: golangci-lint - runs-on: ubuntu-latest - if: github.repository != 'networkservicemesh/cmd-template' - steps: - - name: Check out code into the Go module directory - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Setup Go - uses: actions/setup-go@v1 - with: - go-version: 1.18.2 - - name: golangci-lint - uses: golangci/golangci-lint-action@v3 - with: - version: v1.45.2 + uses: networkservicemesh/.github/.github/workflows/golangci-lint.yaml@main excludeFmtErrorf: - name: exclude fmt.Errorf - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Exclude fmt.Errorf - run: | - if grep -r --include=*.go --exclude=*.pb.go fmt.Errorf . ; then - echo "Please use errors.Errorf (or errors.New or errors.Wrap or errors.Wrapf) as appropriate rather than fmt.Errorf" - exit 1 - fi + uses: networkservicemesh/.github/.github/workflows/exclude-fmt-errorf.yaml@main restrictNSMDeps: - name: Restrict dependencies on github.com/networkservicemesh/* - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Restrict dependencies on github.com/networkservicemesh/* - env: - ALLOWED_REPOSITORIES: "api, sdk, sdk-k8s, sdk-kernel, sdk-sriov, sdk-vpp" - run: | - for i in $(grep github.com/networkservicemesh/ go.mod | grep -v '^module' | sed 's;.*\(github.com\/networkservicemesh\/[^ ]*\).*;\1;g');do - if ! [ "$(echo ${ALLOWED_REPOSITORIES} | grep ${i#github.com/networkservicemesh/})" ]; then - echo Dependency on "${i}" is forbidden - exit 1 - fi; - done + uses: networkservicemesh/.github/.github/workflows/restrict-nsm-deps.yaml@main + with: + allowed_repositories: "api, sdk, sdk-k8s, sdk-kernel, sdk-sriov, sdk-vpp" checkgomod: - name: Check go.mod and go.sum - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-go@v1 - with: - go-version: 1.18.2 - - run: go mod tidy - - name: Check for changes - run: | - git diff --name-only --exit-code || ( echo "Run go mod tidy" && false ) + uses: networkservicemesh/.github/.github/workflows/checkgomod.yaml@main gogenerate: - name: Check generated files - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-go@v1 - with: - go-version: 1.18.2 - - run: go generate ./... - - name: Check for changes - run: | - git diff --name-only --exit-code || ( echo "Rerun go generate ./... locally and resubmit" && false ) + uses: networkservicemesh/.github/.github/workflows/cmd-gogenerate.yaml@main excludereplace: - name: Exclude Replace in go.mod - runs-on: ubuntu-latest - steps: - - name: Check out the code - uses: actions/checkout@v2 - - name: Exclude replace in go.mod - run: | - grep ^replace go.mod || exit 0 - exit 1 + uses: networkservicemesh/.github/.github/workflows/exclude-replace.yaml@main - docker: - name: Docker Build & Test - runs-on: ubuntu-latest + docker-build-and-test: if: github.repository != 'networkservicemesh/cmd-template' - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-go@v1 - with: - go-version: 1.18.2 - - name: Build container - run: docker build . - - name: Run tests - run: docker run --privileged --rm $(docker build -q . --target test) - - name: Find merged PR - if: github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: jwalton/gh-find-current-pr@v1 - id: findPr - with: - github-token: ${{ github.token }} - - name: Publish Image - if: github.event_name == 'push' && github.ref == 'refs/heads/main' && success() && steps.findPr.outputs.number - uses: matootie/github-docker@v3.0.0 - with: - accessToken: ${{ github.token }} - tag: | - pr-${{ steps.findPr.outputs.pr }} - commit-${{ github.sha }} - latest + uses: networkservicemesh/.github/.github/workflows/docker-build-and-test.yaml@main + secrets: + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6d85c64..0d8199c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -17,56 +17,4 @@ on: jobs: analyze: - name: Analyze - runs-on: ubuntu-latest - - strategy: - fail-fast: false - matrix: - # Override automatic language detection by changing the below list - # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] - language: ['go'] - # Learn more... - # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - with: - # We must fetch at least the immediate parents so that if this is - # a pull request then we can checkout the head. - fetch-depth: 2 - - # If this run was triggered by a pull request event, then checkout - # the head of the pull request instead of the merge commit. - - run: git checkout HEAD^2 - if: ${{ github.event_name == 'pull_request' }} - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - # - run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: networkservicemesh/.github/.github/workflows/codeql-analysis.yaml@main diff --git a/.github/workflows/docker-push-ghcr.yml b/.github/workflows/docker-push-ghcr.yml index a3ac114..f585d2a 100644 --- a/.github/workflows/docker-push-ghcr.yml +++ b/.github/workflows/docker-push-ghcr.yml @@ -1,5 +1,5 @@ --- -name: docker-push-ghcr +name: Docker push ghcr on: push: @@ -10,36 +10,6 @@ on: workflows: - 'automerge' jobs: - docker: - runs-on: ubuntu-latest + push: if: ${{ github.repository != 'networkservicemesh/cmd-template' && (github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot' || github.event_name == 'push') }} - steps: - - name: "Checkout" - uses: actions/checkout@v2 - - - name: "Set up Docker Buildx" - uses: docker/setup-buildx-action@v1 - - - name: "Login to GitHub Container Registry" - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Docker meta - id: metaci - uses: docker/metadata-action@v3 - with: - images: ghcr.io/${{ github.repository_owner }}/ci/${{ github.event.repository.name }} - tags: | - type=ref,event=pr - type=sha,prefix= - - - name: "Build and push" - uses: docker/build-push-action@v2 - with: - file: Dockerfile - context: . - push: true - tags: ${{ steps.metaci.outputs.tags }} + uses: networkservicemesh/.github/.github/workflows/docker-push-ghcr.yaml@main diff --git a/.github/workflows/docker-push.yaml b/.github/workflows/docker-push.yaml index 0544d6b..0ebd305 100644 --- a/.github/workflows/docker-push.yaml +++ b/.github/workflows/docker-push.yaml @@ -1,5 +1,5 @@ --- -name: push +name: Docker push on: push: branches: @@ -10,29 +10,9 @@ on: workflows: - 'automerge' jobs: - pushImage: - name: Push docker image - runs-on: ubuntu-latest - env: - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - DOCKER_USER: ${{ secrets.DOCKER_LOGIN }} - ORG: networkservicemeshci - CGO_ENABLED: 0 - NAME: ${{ github.event.repository.name }} + push: if: ${{ github.repository != 'networkservicemesh/cmd-template' && (github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot' || github.event_name == 'push') }} - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-go@v1 - with: - go-version: 1.18.2 - - name: Build ${NAME}:${GITHUB_SHA::8} image - run: docker build . -t "${ORG}/${NAME}:${GITHUB_SHA::8}" --target runtime - - name: Build ${NAME}:latest image - run: docker build . -t "${ORG}/${NAME}" --target runtime - - name: Push ${NAME} images - run: | - docker login -u $DOCKER_USER -p $DOCKER_PASSWORD - docker push "${ORG}/${NAME}:${GITHUB_SHA::8}" - docker image rm "${ORG}/${NAME}:${GITHUB_SHA::8}" - docker push "${ORG}/${NAME}" - docker image rm "${ORG}/${NAME}" + uses: networkservicemesh/.github/.github/workflows/docker-push.yaml@main + secrets: + docker-login: ${{ secrets.DOCKER_LOGIN }} + docker-password: ${{ secrets.DOCKER_PASSWORD }} diff --git a/.github/workflows/pr-for-updates.yaml b/.github/workflows/pr-for-updates.yaml index c33831d..86c9ea9 100644 --- a/.github/workflows/pr-for-updates.yaml +++ b/.github/workflows/pr-for-updates.yaml @@ -6,20 +6,6 @@ on: - update/** jobs: auto-pull-request: - name: Pull Request on update/sync Branch Push - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Construct PR message - run: | - PULL_REQUEST_BODY=$(git log --pretty='format:%B' -1 | sed '/^$/d;$d' | sed 's/#/# /g') - echo "$PULL_REQUEST_BODY" - echo "PULL_REQUEST_BODY<> $GITHUB_ENV - echo "$PULL_REQUEST_BODY" >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - name: pull-request-action - uses: vsoch/pull-request-action@1.0.12 - env: - GITHUB_TOKEN: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - BRANCH_PREFIX: "update/" - PULL_REQUEST_BRANCH: "main" + uses: networkservicemesh/.github/.github/workflows/pr-for-updates.yaml@main + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fa9d724..ae9fe34 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,8 +8,8 @@ on: workflows: - "ci" jobs: - check-gomod-deps: - name: Check go.mod Dependencies + get-tag: + name: Get tag runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }} outputs: @@ -21,158 +21,43 @@ jobs: echo '::set-output name=tag::'${branch#release/} id: get-tag-step - - name: Check out code into the Go module directory - uses: actions/checkout@v2 - with: - ref: refs/heads/${{github.event.workflow_run.head_branch}} - - - name: Check go.mod deps - run: | - cat go.mod | - grep 'github.com/networkservicemesh/.* v' | - grep -v 'github.com/networkservicemesh/.* ${{ steps.get-tag-step.outputs.tag }}' || exit 0; - - exit 1; + check-gomod-deps: + needs: get-tag + uses: networkservicemesh/.github/.github/workflows/check-gomod-deps.yaml@main + with: + tag: ${{ needs.get-tag.outputs.tag }} create-release: - name: Create Release - needs: check-gomod-deps - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }} - outputs: - tag: ${{ needs.check-gomod-deps.outputs.tag }} - steps: - - name: Checkout repository - uses: actions/checkout@v2 - with: - ref: refs/heads/${{github.event.workflow_run.head_branch}} - - - name: Push tag ${{ needs.check-gomod-deps.outputs.tag }} - run: | - git status - git tag ${{ needs.check-gomod-deps.outputs.tag }} - git push origin ${{ needs.check-gomod-deps.outputs.tag }} -f - - - name: Create release ${{ needs.check-gomod-deps.outputs.tag }} - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - with: - tag_name: refs/tags/${{ needs.check-gomod-deps.outputs.tag }} - release_name: ${{ needs.check-gomod-deps.outputs.tag }} - draft: false - prerelease: false + needs: [get-tag, check-gomod-deps] + uses: networkservicemesh/.github/.github/workflows/release.yaml@main + with: + tag: ${{ needs.get-tag.outputs.tag }} + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} docker: - needs: check-gomod-deps - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }} - steps: - - name: "Checkout" - uses: actions/checkout@v2 - with: - ref: refs/heads/${{github.event.workflow_run.head_branch}} - - - name: "Set up Docker Buildx" - uses: docker/setup-buildx-action@v1 - - - name: "Login to GitHub Container Registry" - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: "Build and push" - uses: docker/build-push-action@v2 - with: - file: Dockerfile - context: . - push: true - tags: "ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}:${{ needs.check-gomod-deps.outputs.tag }}" + needs: [get-tag, check-gomod-deps] + uses: networkservicemesh/.github/.github/workflows/release.yaml@main + with: + tag: ${{ needs.get-tag.outputs.tag }} + secrets: + token: ${{ secrets.GITHUB_TOKEN }} check-branch: name: Check release branch in deployments-k8s - needs: create-release - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_branch, 'release/') }} - outputs: - tag: ${{ needs.create-release.outputs.tag }} - steps: - - name: Checkout networkservicemesh/deployments-k8s - uses: actions/checkout@v2 - with: - path: networkservicemesh/deployments-k8s - repository: networkservicemesh/deployments-k8s - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - - name: check-release-branch - working-directory: networkservicemesh/deployments-k8s - run: | - echo Starting to check release branch in deployments-k8s repository - branch=release/${{ needs.create-release.outputs.tag }} - echo branch to be checked - ${branch} - - if ! [ -z "$(git ls-remote --heads origin ${branch})" ]; then - echo Branch ${branch} is already presented in deployments-k8s repository - exit 0; - fi - - echo Branch ${branch} is not presented in repository - echo Starting to create ${branch} branch in deployments-k8s repository - - git config --global user.email "nsmbot@networkservicmesh.io" - git config --global user.name "NSMBot" - git checkout -b ${branch} - git push -u origin ${branch} || exit 0; + needs: [get-tag, create-release] + uses: networkservicemesh/.github/.github/workflows/check-release-branch.yaml@main + with: + tag: ${{ needs.get-tag.outputs.tag }} + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} update-deployments-k8s: name: Update deployments-k8s - needs: check-branch - runs-on: ubuntu-latest + needs: [get-tag, check-branch] if: ${{ github.repository != 'networkservicemesh/cmd-template' }} - steps: - - name: Checkout ${{ github.repository }} - uses: actions/checkout@v2 - with: - path: ${{ github.repository }} - repository: ${{ github.repository }} - - - name: Create commit message - working-directory: ${{ github.repository }} - run: | - echo "Update docker images to the latest tag ${{ needs.check-branch.outputs.tag }}" >> /tmp/commit-message - echo "" >> /tmp/commit-message - echo "Commit Message:" - cat /tmp/commit-message - - - name: Checkout networkservicemesh/deployments-k8s - uses: actions/checkout@v2 - with: - path: networkservicemesh/deployments-k8s - repository: networkservicemesh/deployments-k8s - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - ref: release/${{ needs.check-branch.outputs.tag }} - - - name: Find and Replace ci/${{ github.repository }} version - uses: jacobtomlinson/gha-find-replace@master - with: - find: "ci/${{ github.event.repository.name }}:.*\n" - replace: "${{ github.event.repository.name }}:${{ needs.check-branch.outputs.tag }}\n" - - - name: Push update to the deployments-k8s - working-directory: networkservicemesh/deployments-k8s - run: | - echo Starting to update repositotry deployments-k8s - git add -- . - if ! [ -n "$(git diff --cached --exit-code)" ]; then - echo Repository already up to date - exit 0; - fi - - branch=release/${{ github.repository }}/${{ needs.check-branch.outputs.tag }} - git config --global user.email "nsmbot@networkservicmesh.io" - git config --global user.name "NSMBot" - git commit -s -F /tmp/commit-message - git checkout -b ${branch} - git push -f origin ${branch} + uses: networkservicemesh/.github/.github/workflows/release-deployments.yaml@main + with: + tag: ${{ needs.get-tag.outputs.tag }} + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/update-deployments.yaml b/.github/workflows/update-deployments.yaml index a127a61..de1d4a1 100644 --- a/.github/workflows/update-deployments.yaml +++ b/.github/workflows/update-deployments.yaml @@ -1,5 +1,5 @@ --- -name: Update deployments-k8s reposiotry +name: Update deployments-k8s repository on: push: branches: @@ -11,64 +11,7 @@ on: - 'automerge' jobs: update-deployments-k8s: - name: Update deployments-k8s - runs-on: ubuntu-latest if: ${{ github.repository != 'networkservicemesh/cmd-template' && (github.event.workflow_run.conclusion == 'success' && github.actor == 'nsmbot' || github.event_name == 'push') }} - steps: - - name: Checkout ${{ github.repository }} - uses: actions/checkout@v2 - with: - path: ${{ github.repository }} - repository: ${{ github.repository }} - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - name: Find merged PR - uses: jwalton/gh-find-current-pr@v1.0.2 - id: findPr - with: - sha: ${{ github.sha }} - github-token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - name: Create commit message - working-directory: ${{ github.repository }} - run: | - echo "Update go.mod and go.sum to latest version from ${{ github.repository }}@main" >> /tmp/commit-message - echo "PR link: https://github.com/${{ github.repository }}/pull/${{ steps.findPr.outputs.pr }}" >> /tmp/commit-message - echo "" >> /tmp/commit-message - LOG_MSG=$(git log --date=iso --pretty='format:Commit: %h%nAuthor: %an%nDate: %ad%nMessage:%n - %B%n' -1 | sed '/^$/d;$d') - for((i=2;i<=18;i+=2)); do n=$(printf '%*s' $((i+2))) m=$(printf '%*s' $i) LOG_MSG=$(echo "$LOG_MSG" | tr '\n' '|' | sed "s/${m}-/${n}-/2g" | tr '|' '\n'); done - echo "$LOG_MSG" >> /tmp/commit-message - echo "Commit Message:" - cat /tmp/commit-message - - uses: benjlevesque/short-sha@v1.2 - id: short-sha - with: - length: 7 - - name: Checkout networkservicemesh/deployments-k8s - uses: actions/checkout@v2 - with: - path: networkservicemesh/deployments-k8s - repository: networkservicemesh/deployments-k8s - token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} - - name: Find and Replace version - uses: jacobtomlinson/gha-find-replace@v2 - with: - find: "${{ github.event.repository.name }}:.*\n" - replace: "${{ github.event.repository.name }}:${{ steps.short-sha.outputs.sha }}\n" - - name: Find and Replace ci/${{ github.event.repository.name }} version - uses: jacobtomlinson/gha-find-replace@v2 - with: - find: "ci/${{ github.event.repository.name }}:.*\n" - replace: "ci/${{ github.event.repository.name }}:${{ steps.short-sha.outputs.sha }}\n" - - name: Push update to the deployments-k8s - working-directory: networkservicemesh/deployments-k8s - run: | - echo Starting to update repositotry deployments-k8s - git add -- . - if ! [ -n "$(git diff --cached --exit-code)" ]; then - echo Repository already up to date - exit 0; - fi - git config --global user.email "nsmbot@networkservicmesh.io" - git config --global user.name "NSMBot" - git commit -s -F /tmp/commit-message - git checkout -b update/${{ github.repository }} - git push -f origin update/${{ github.repository }} + uses: networkservicemesh/.github/.github/workflows/update-deployments.yaml@main + secrets: + token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }}