-
Notifications
You must be signed in to change notification settings - Fork 17
153 lines (131 loc) · 6.31 KB
/
promote_to_module-manifests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
name: Promote to channel via module-manifests
# Workflow requires following variables to be defined
# DOC_URL - location of btp-manager documentation
# GIT_USER_NAME - user creating head branch and PR
# GIT_USER_EMAIL - this user email
# GH_TOOLS_HOST - tools host
# IMAGE_REPO - name of binary image of the btp-manager executable
# MODULE_MANIFESTS_REPO_NAME - repository of modules manifests
env:
# DO NOT CHANGE THIS VALUE - the change will cause inconsistency on landscapes
# since there would be "old-named" and "new-named" modules and LM would switch between those infinitely
FULL_MODULE_NAME: kyma-project.io/module/btp-operator
# GitHub repositories
MODULE_MANIFESTS_WITH_USER: "https://${{ vars.GIT_USER_NAME }}:${{ secrets.BOT_TOKEN_GITHUB_TOOLS }}@${{ vars.GH_TOOLS_HOST }}/kyma/${{ vars.MODULE_MANIFESTS_REPO_NAME }}.git"
BTP_MANAGER_API_URL: "https://api.github.com/repos/kyma-project/btp-manager"
BTP_MANAGER_RELEASES_URL: "https://github.com/kyma-project/btp-manager/releases"
# File names
TEMPLATE_FILENAME: moduletemplate-btp-operator.yaml
DEFAULT_CR_FILENAME: btp-operator-default-cr.yaml
MANIFEST_FILENAME: btp-manager.yaml
SCAN_CONFIG_FILENAME: sec-scanners-config.yaml
# needed by gh cli for GitHub enterprise
GH_ENTERPRISE_TOKEN: ${{ secrets.BOT_TOKEN_GITHUB_TOOLS }}
on:
workflow_dispatch:
inputs:
releaseTag:
description: "Release Tag"
default: 'use latest release'
required: true
channel:
description: "Channel"
type: choice
options:
- fast
- regular
required: true
default: fast
jobs:
promote:
runs-on: ubuntu-latest
steps:
- name: Validate required environment variables
shell: bash
run: |
[ -z "${{ vars.DOC_URL }}" ] && echo "DOC_URL is required" && exit 1
[ -z "${{ vars.GIT_USER_EMAIL }}" ] && echo "GIT_USER_EMAIL is required" && exit 1
[ -z "${{ vars.GIT_USER_NAME }}" ] && echo "GIT_USER_NAME is required" && exit 1
[ -z "${{ vars.GH_TOOLS_HOST }}" ] && echo "GH_TOOLS_HOST is required" && exit 1
[ -z "${{ vars.IMAGE_REPO }}" ] && echo "IMAGE_REPO is required" && exit 1
[ -z "${{ vars.MODULE_MANIFESTS_REPO_NAME }}" ] && echo "MODULE_MANIFESTS_REPO_NAME is required" && exit 1
echo "Validated"
- name: Use default (latest) Release Tag
if: inputs.releaseTag == 'use latest release'
shell: bash
run: |
latest=$(curl -s -H "Accept: application/vnd.github+json" ${BTP_MANAGER_API_URL}/releases/latest | jq -r '.tag_name')
echo "TAG=${latest}" >> $GITHUB_ENV
- name: Validate given release tag
if: inputs.releaseTag != 'use latest release'
shell: bash
run: |
tags=$(curl -s -H "Accept: application/vnd.github+json" ${BTP_MANAGER_API_URL}/tags | jq -r '.[] | .name')
if echo $tags | tr " " '\n' | grep -F -q -x ${{ inputs.releaseTag }}; then
echo "TAG=${{ inputs.releaseTag }}" >> $GITHUB_ENV
echo "tag found"
else
echo "tag not found: ${{ inputs.releaseTag }}"
exit 1
fi
- name: Set branch name
run: echo "BRANCH_NAME=btp-manager-${TAG}-${{ inputs.channel }}" >> $GITHUB_ENV
- name: Setup git and clone repo
run: |
git config --global user.email ${{ vars.GIT_USER_EMAIL }}
git config --global user.name ${{ vars.GIT_USER_NAME }}
git clone ${MODULE_MANIFESTS_WITH_USER}
env:
GH_TOKEN: ${{ secrets.BOT_TOKEN_GITHUB_TOOLS }}
- name: Sync Repo and create branch
working-directory: module-manifests
run: |
git remote add upstream ${MODULE_MANIFESTS_WITH_USER}
git fetch upstream
git merge upstream/main
git checkout -B ${BRANCH_NAME}
mkdir -p modules/btp-operator/${{ inputs.channel }}
- name: Download artifacts
working-directory: module-manifests/modules/btp-operator/${{ inputs.channel }}
run: |
curl -JL ${BTP_MANAGER_RELEASES_URL}/download/${TAG}/${MANIFEST_FILENAME} >${MANIFEST_FILENAME}
curl -JL ${BTP_MANAGER_RELEASES_URL}/download/${TAG}/${DEFAULT_CR_FILENAME} >${DEFAULT_CR_FILENAME}
- name: Create module configuration
env:
CHANNEL: ${{ inputs.channel }}
working-directory: module-manifests/modules/btp-operator/${{ inputs.channel }}
run: |
echo "Creating module configuration file:"
cat <<EOF | tee module-config.yaml
name: ${FULL_MODULE_NAME}
channel: ${CHANNEL}
version: ${TAG}
manifest: ${MANIFEST_FILENAME}
defaultCR: ${DEFAULT_CR_FILENAME}
annotations:
"operator.kyma-project.io/doc-url": "${{ vars.DOC_URL }}"
moduleRepo: https://github.com/kyma-project/btp-manager.git
moduleSecurityScanConfig: true
EOF
- name: Commit and push changes
working-directory: module-manifests
env:
FORK_ORIGIN: "https://${{ vars.GIT_USER_NAME }}:${{ secrets.BOT_TOKEN_GITHUB_TOOLS }}@${{ vars.GH_TOOLS_HOST }}/${{ vars.GIT_USER_NAME }}/${{ vars.MODULE_MANIFESTS_REPO_NAME }}.git"
run: |
git add .
git commit -m "Configuration files update"
git remote set-url origin ${FORK_ORIGIN}
git push --set-upstream origin ${BRANCH_NAME} -f
- name: Create PR if needed
working-directory: module-manifests
shell: bash
env:
CHANNEL: ${{ inputs.channel }}
MODULE_MANIFESTS_REPO_URL: "https://${{ vars.GH_TOOLS_HOST }}/kyma/${{ vars.MODULE_MANIFESTS_REPO_NAME }}"
run: |
prs=$(gh pr list -R "${MODULE_MANIFESTS_REPO_URL}" -A ${{ vars.GIT_USER_NAME }} --state open --json headRefName | jq -r '.[] | .headRefName')
if echo $prs | tr " " '\n' | grep -F -q -x ${BRANCH_NAME}; then
echo "opened PR already exists, no need to create new one, PR will be updated by push from previous step"
exit 0
fi
gh pr create -B main -H ${{ vars.GIT_USER_NAME }}:${BRANCH_NAME} -R https://github.tools.sap/kyma/module-manifests/ --title "Promote BTP Manager ${TAG} to ${CHANNEL} channel" --fill --body "${BTP_MANAGER_RELEASES_URL}/${TAG}"