mirror of
https://github.com/saltstack/salt-bootstrap.git
synced 2025-04-07 04:51:39 +00:00
Remove automated PR against salt repo at release
This commit is contained in:
ScriptAutomate
parent
d6ed8ea269
commit
ec283baa3f
2 changed files with 4 additions and 99 deletions
92
.github/workflows/release.yml
vendored
92
.github/workflows/release.yml
vendored
|
|
@ -444,95 +444,3 @@ jobs:
|
|||
atomic: true
|
||||
branch: develop
|
||||
repository: ${{ github.repository }}
|
||||
|
||||
|
||||
salt:
|
||||
name: Update Release on Salt Repo
|
||||
runs-on:
|
||||
- self-hosted
|
||||
- linux
|
||||
- repo-release
|
||||
needs:
|
||||
- update-develop-checksums
|
||||
environment: release
|
||||
permissions:
|
||||
contents: write # For action peter-evans/create-pull-request
|
||||
pull-requests: write # For action peter-evans/create-pull-request
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
ref: stable
|
||||
repository: ${{ github.repository }}
|
||||
|
||||
- name: Get bootstrap version
|
||||
run: |
|
||||
echo "BS_VERSION=$(sh bootstrap-salt.sh -v | awk '{ print $4 }')" >> "$GITHUB_ENV"
|
||||
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
repository: saltstack/salt
|
||||
ref: master
|
||||
path: salt-checkout
|
||||
token: ${{ secrets.SALT_REPO_WRITE_TOKEN }}
|
||||
|
||||
- name: Setup GnuPG
|
||||
run: |
|
||||
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
|
||||
GNUPGHOME="$(mktemp -d -p /run/gpg)"
|
||||
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
|
||||
cat <<EOF > "${GNUPGHOME}/gpg.conf"
|
||||
batch
|
||||
no-tty
|
||||
pinentry-mode loopback
|
||||
EOF
|
||||
|
||||
- name: Get Secrets
|
||||
id: get-secrets
|
||||
env:
|
||||
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
|
||||
run: |
|
||||
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
|
||||
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
|
||||
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
|
||||
--query SecretString --output text | jq .default_key -r | base64 -d \
|
||||
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
|
||||
| gpg --import -
|
||||
sync
|
||||
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
|
||||
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
|
||||
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
|
||||
sync
|
||||
rm "$SECRETS_KEY_FILE"
|
||||
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
|
||||
|
||||
- name: Configure Git
|
||||
shell: bash
|
||||
run: |
|
||||
git config --global --add safe.directory "$(pwd)"
|
||||
git config --global user.name "Salt Project Packaging"
|
||||
git config --global user.email saltproject-packaging@vmware.com
|
||||
git config --global user.signingkey 64CBBC8173D76B3F
|
||||
git config --global commit.gpgsign true
|
||||
|
||||
- name: Update bootstrap script on Salt
|
||||
run: |
|
||||
cp bootstrap-salt.sh salt-checkout/salt/cloud/deploy/bootstrap-salt.sh
|
||||
|
||||
- name: Commit Changes
|
||||
working-directory: salt-checkout/
|
||||
run: |
|
||||
git commit -am "Update the bootstrap script to v${{ env.BS_VERSION }}"
|
||||
|
||||
- name: Create Pull Request Against Develop
|
||||
uses: peter-evans/create-pull-request@v5
|
||||
with:
|
||||
title: "Update the bootstrap script to v${{ env.BS_VERSION }}"
|
||||
path: salt-checkout
|
||||
base: master
|
||||
token: ${{ secrets.SALT_REPO_WRITE_TOKEN }}
|
||||
author: "Salt Project Packaging <saltproject-packaging@vmware.com>"
|
||||
committer: "Salt Project Packaging <saltproject-packaging@vmware.com>"
|
||||
commit-message: Update the bootstrap script to v${{ env.BS_VERSION }}
|
||||
signoff: true
|
||||
delete-branch: true
|
||||
|
|
|
|||
11
RELEASE.md
11
RELEASE.md
|
|
@ -3,13 +3,10 @@
|
|||
- See if there are any PRs worth squeezing into release.
|
||||
- Go through the changes since last release, add them to changelog.
|
||||
- Add any new authors to the AUTHORS file.
|
||||
- If there's a new Salt release(major), update the script to add support for it.
|
||||
- If there's a new Salt release (major), update the script to add support for it.
|
||||
- Bump version for release.
|
||||
- Open PR against develop with these changes.
|
||||
- Once the above PR is merged, open a PR against stable with the changes from develop.
|
||||
- Once the above PR is merged, wait until an automatic PR is opened against stable which updates the checksums.
|
||||
- Once the above PR is merged, tag the release `v{version-here}` and push the tag.
|
||||
- Wait until an automatic PR is opened against the develop branch updating the checksums in `README.rst`. Merge it.
|
||||
- Check that an automated PR was opened against the salt repo updating the bootstrap script, located in `salt/cloud/deploy/bootstrap-salt.sh`
|
||||
|
||||
- Once the above PR is merged, go to [Cut Release](https://github.com/saltstack/salt-bootstrap/actions/workflows/release.yml) and `Run workflow` against `develop` branch
|
||||
- Open a new PR against the branch of the oldest supported version of [the salt repo](https://github.com/saltstack/salt) (ex. `3006.x`), and replace `salt/cloud/deploy/bootstrap-salt.sh` with the latest `bootstrap-salt.sh` file
|
||||
- When that PR is merged into [the salt repo](https://github.com/saltstack/salt), merge-forwards into the latest branches and `master` will ensure that the latest bootstrap script is available
|
||||
- Victory!
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue