Skip to content

9c6c685e8b4b4a029aea45377404eb8c-a-partner-or-redhat-associate-submits-a-signed-chart-report-78e5987-redhat-redhat-vault-0.17.0 #101811

9c6c685e8b4b4a029aea45377404eb8c-a-partner-or-redhat-associate-submits-a-signed-chart-report-78e5987-redhat-redhat-vault-0.17.0

9c6c685e8b4b4a029aea45377404eb8c-a-partner-or-redhat-associate-submits-a-signed-chart-report-78e5987-redhat-redhat-vault-0.17.0 #101811

Workflow file for this run

name: Release-Workflow
on:
pull_request_target:
types: [opened, synchronize, reopened, edited, ready_for_review, labeled]
jobs:
check-contributor:
name: Check contributor
uses: ./.github/workflows/check-contributor.yml
with:
user: ${{ github.event.pull_request.user.login }}
chart-workflow-release:
name: Chart Workflow Release
needs: [check-contributor]
runs-on: ubuntu-22.04
if: |
github.event.pull_request.draft == false &&
needs.check-contributor.outputs.is-repo-owner == 'true'
steps:
- name: Checkout Base Branch
uses: actions/checkout@v4
- name: Checkout Pull Request
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
token: ${{ secrets.BOT_TOKEN }}
fetch-depth: 0
path: "pr-branch"
- name: Set up Python 3.x Part 1
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Set up Python scripts in pr-branch
working-directory: ./pr-branch
run: |
# set up python scripts
echo "set up python script in $PWD"
python3 -m venv ve1
cd scripts
../ve1/bin/pip3 install -r requirements.txt
../ve1/bin/pip3 install .
cd ..
- name: Check if dev repo is targetted, only release file is in PR and user is authorized
id: check_only_version_in_PR_and_authorized
working-directory: ./pr-branch
env:
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
run: |
# if dev repo is targetted check if release file only is included in PR and if so that user is authorized.
./ve1/bin/release-checker --api-url=${{ github.event.pull_request._links.self.href }} \
--sender=${{ github.event.sender.login }} \
--pr_base_repo='${{ github.event.pull_request.base.repo.full_name }}'
- name: Check if PR created as part of release process
id: check_created_release_pr
working-directory: ./pr-branch
if: ${{ steps.check_only_version_in_PR_and_authorized.outputs.PR_includes_release_only != 'true' }}
env:
BOT_NAME: ${{ secrets.BOT_NAME }}
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
run: |
# check if PR was created as part of release processing
./ve1/bin/release-checker --api-url=${{ github.event.pull_request._links.self.href }} \
--sender='${{ github.event.sender.login }}' \
--pr_branch='${{ github.event.pull_request.head.ref }}' \
--pr_body="${{ github.event.pull_request.body }}" \
--pr_base_repo='${{ github.event.pull_request.base.repo.full_name }}' \
--pr_head_repo='${{ github.event.pull_request.head.repo.full_name }}'
- name: Reflect on PR Content
id: reflect_on_pr_content
env:
RELEASE_INFO_ONLY: ${{ steps.check_only_version_in_PR_and_authorized.outputs.PR_includes_release_only }}
NOT_AUTHORIZED: ${{ steps.check_only_version_in_PR_and_authorized.outputs.sender_not_authorized }}
DEV_PR_FOR_RELEASE: ${{ steps.check_created_release_pr.outputs.dev_release_branch }}
run: |
# Determine if and how processing should continue'
if [ "${NOT_AUTHORIZED}" == 'true' ]; then
echo "Unauthorized Request"
exit 1
elif [ "${RELEASE_INFO_ONLY}" == 'true' ]; then
echo "PR contains only release_info file"
echo "create_pull_requests=true" >> $GITHUB_OUTPUT
elif [ "${DEV_PR_FOR_RELEASE}" != 'true' ]; then
echo "No release work to do"
exit
fi
- name: Run All Tests
if: ${{ steps.reflect_on_pr_content.outputs.create_pull_requests == 'true' }}
working-directory: ./pr-branch
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BOT_NAME: ${{ secrets.BOT_NAME }}
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
PR_NUMBER: ${{ github.event.pull_request.number }}
PR_BODY: "Test triggered by release PR ${{ github.event.pull_request.html_url }}."
run: |
ve1/bin/behave tests/functional/behave_features/ --tags=full --logging-level=WARNING --no-capture --no-color
- name: Checkout charts repo
if: ${{ steps.reflect_on_pr_content.outputs.create_pull_requests == 'true' }}
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.base.ref }}
repository: ${{ steps.check_only_version_in_PR_and_authorized.outputs.charts_repo }}
token: ${{ secrets.BOT_TOKEN }}
path: "charts-repo"
- name: Checkout development repo
if: ${{ steps.reflect_on_pr_content.outputs.create_pull_requests == 'true' }}
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.base.ref }}
repository: ${{ github.event.pull_request.base.repo.full_name }}
token: ${{ secrets.BOT_TOKEN }}
path: "dev-repo"
- name: Checkout stage repo
if: ${{ steps.reflect_on_pr_content.outputs.create_pull_requests == 'true' }}
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.base.ref }}
repository: ${{ steps.check_only_version_in_PR_and_authorized.outputs.stage_repo }}
token: ${{ secrets.BOT_TOKEN }}
path: "stage-repo"
- name: Set up Python 3.x Part 1
if: ${{ steps.reflect_on_pr_content.outputs.create_pull_requests == 'true' }}
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Set up Python scripts on dev branch
run: |
# set up python scripts
echo "set up python script in $PWD"
python3 -m venv ve1
cd scripts
../ve1/bin/pip3 install -r requirements.txt
../ve1/bin/pip3 install .
cd ..
- name: Check if version updated
id: check_version_updated
if: ${{ steps.reflect_on_pr_content.outputs.create_pull_requests == 'true' }}
env:
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
run: |
# check if version file was changed
./ve1/bin/release-checker --version=${{ steps.check_only_version_in_PR_and_authorized.outputs.PR_version }}
- name: Sync the repositories
id: sync_repositories
if: ${{ steps.check_version_updated.outputs.release_updated == 'true' }}
env:
BOT_NAME: ${{ secrets.BOT_NAME }}
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
run: |
./ve1/bin/releaser --version=${{ steps.check_only_version_in_PR_and_authorized.outputs.PR_version }}\
--pr_dir="./pr-branch" \
--development_dir="./dev-repo" \
--charts_dir="./charts-repo" \
--stage_dir="./stage-repo" \
--dev_pr_body="${{ steps.check_only_version_in_PR_and_authorized.outputs.PR_release_body }}" \
--target_branch="${{ github.event.pull_request.base.ref }}" \
--target_repository="${{ github.event.pull_request.base.repo.full_name }}"
- name: Determine if merge and release are needed
id: check_merge_and_release
env:
REPOSITORIES_SYNCED: ${{ steps.check_version_updated.outputs.release_updated }}
CHART_PR_ERROR: ${{ steps.sync_repositories.outputs.charts_pr_error }}
DEV_PR_ERROR: ${{ steps.sync_repositories.outputs.dev_pr_error }}
STAGE_PR_ERROR: ${{ steps.sync_repositories.outputs.stage_pr_error }}
DEV_PR_NOT_NEEDED: ${{ steps.sync_repositories.outputs.dev_pr_not_needed }}
DEV_PR_FOR_RELEASE: ${{ steps.check_created_release_pr.outputs.dev_release_branch }}
run: |
# determine what should be done next
# mitigate unmatched quote error in bash
if [ "${REPOSITORIES_SYNCED}" == 'true' ]; then
if [ "${CHART_PR_ERROR}" == 'true' ]; then
echo "Error creating charts pull request"
exit 1
elif [ "${DEV_PR_ERROR}" == 'true' ]; then
echo "Error creating development pull request"
exit 1
elif [ "${STAGE_PR_ERROR}" == 'true' ]; then
echo "Error creating stage pull request"
exit 1
else
echo "At least one PR was created - merge this one"
echo "merge=true" >> $GITHUB_OUTPUT
fi
if [ "${DEV_PR_NOT_NEEDED}" == 'true' ]; then
echo "No dev PR so create release"
echo "release_body=${{ steps.check_only_version_in_PR_and_authorized.outputs.PR_release_body }}" >> $GITHUB_OUTPUT
echo "release_tag=${{ steps.check_only_version_in_PR_and_authorized.outputs.PR_version }}" >> $GITHUB_OUTPUT
fi
elif [ "${DEV_PR_FOR_RELEASE}" == 'true' ]; then
echo "Dev PR so create release"
echo "merge=true" >> $GITHUB_OUTPUT
echo "release_body=${{ github.event.pull_request.body }}" >> $GITHUB_OUTPUT
echo "release_tag=${{ steps.check_created_release_pr.outputs.PR_version }}" >> $GITHUB_OUTPUT
fi
- name: Approve PR
id: approve_pr
if: ${{ steps.check_merge_and_release.outputs.merge == 'true' }}
uses: hmarr/auto-approve-action@v4
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Merge PR
id: merge_pr
if: ${{ steps.check_merge_and_release.outputs.merge == 'true' }}
uses: pascalgn/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MERGE_METHOD: squash
MERGE_LABELS: ""
- name: Check for PR merge
if: ${{ steps.check_merge_and_release.outputs.merge == 'true' }}
env:
BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
run: |
./ve1/bin/check-auto-merge --api-url=${{ github.event.pull_request._links.self.href }}
- name: Create the the release
id: create_release
if: ${{ steps.check_merge_and_release.outputs.release_tag != '' }}
uses: softprops/action-gh-release@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
tag_name: ${{ steps.check_merge_and_release.outputs.release_tag }}
body: ${{ steps.check_merge_and_release.outputs.release_body }}