From f9e24f6caac5a123aff5fa530ebb9cb3a8e40bc3 Mon Sep 17 00:00:00 2001 From: Pedro Algarvio Date: Sat, 11 Feb 2023 09:39:08 +0000 Subject: [PATCH] Validate the passed salt version to the release workflow Signed-off-by: Pedro Algarvio --- .github/workflows/release.yml | 62 +++++++++++-- .github/workflows/templates/release.yml.jinja | 88 +++++++++++++++---- tools/pre_commit.py | 1 - 3 files changed, 124 insertions(+), 27 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4601b7413d0..7f4ca548cc4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -45,6 +45,48 @@ jobs: echo "Allowed" fi + prepare-workflow: + name: Prepare Workflow Run + runs-on: ubuntu-latest + needs: + - check-requirements + outputs: + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + validate-version: true + + release: + name: Release v${{ needs.prepare-workflow.outputs.salt-version }} + runs-on: + - self-hosted + - linux + - repo-release + needs: + - prepare-workflow + environment: release + + steps: - name: Clone The Salt Repository uses: actions/checkout@v3 with: @@ -89,19 +131,19 @@ jobs: git config --global user.signingkey 64CBBC8173D76B3F git config --global commit.gpgsign true - - name: Release Salt ${{ inputs.salt-version }} + - name: Setup Salt Release id: release run: | - tools pkg repo publish release ${{ inputs.salt-version }} + tools pkg repo publish release ${{ needs.prepare-workflow.outputs.salt-version }} - name: Apply The Release Patch run: | - git am --committer-date-is-author-date release-artifacts/salt-${{ inputs.salt-version }}.patch - rm release-artifacts/salt-${{ inputs.salt-version }}.patch + git am --committer-date-is-author-date release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + rm release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch - - name: Tag The v${{ inputs.salt-version }} Release + - name: Tag The v${{ needs.prepare-workflow.outputs.salt-version }} Release run: | - git tag -m "Release v${{ inputs.salt-version }}" -as v${{ inputs.salt-version }} + git tag -m "Release v${{ needs.prepare-workflow.outputs.salt-version }}" -as v${{ needs.prepare-workflow.outputs.salt-version }} - name: Push Changes uses: ad-m/github-push-action@v0.6.0 @@ -119,11 +161,11 @@ jobs: draft: false generateReleaseNotes: false makeLatest: ${{ steps.release.outputs.make-latest }} - name: v${{ inputs.salt-version }} - prerelease: ${{ contains(inputs.salt-version, 'rc') }} + name: v${{ needs.prepare-workflow.outputs.salt-version }} + prerelease: ${{ contains(needs.prepare-workflow.outputs.salt-version, 'rc') }} removeArtifacts: true replacesArtifacts: true - tag: v${{ inputs.salt-version }} + tag: v${{ needs.prepare-workflow.outputs.salt-version }} set-pipeline-exit-status: # This step is just so we can make github require this step, to pass checks @@ -133,6 +175,8 @@ jobs: runs-on: ubuntu-latest needs: - check-requirements + - prepare-workflow + - release steps: - name: Get workflow information id: get-workflow-info diff --git a/.github/workflows/templates/release.yml.jinja b/.github/workflows/templates/release.yml.jinja index aca8f08ab69..a6ad24615e4 100644 --- a/.github/workflows/templates/release.yml.jinja +++ b/.github/workflows/templates/release.yml.jinja @@ -34,7 +34,7 @@ permissions: <%- set job_name = "check-requirements" %> <{ job_name }>: - <%- do conclusion_needs.append(job_name) %> + <%- do prepare_workflow_needs.append(job_name) %> name: Check Requirements runs-on: ubuntu-latest steps: @@ -58,6 +58,66 @@ permissions: echo "Allowed" fi + +<%- endblock pre_jobs %> + +<%- if includes.get("prepare-workflow", True) %> +<%- block prepare_workflow_job %> +<%- do conclusion_needs.append("prepare-workflow") %> + + prepare-workflow: + name: Prepare Workflow Run + runs-on: ubuntu-latest + <%- if prepare_workflow_needs %> + needs: + <%- for need in prepare_workflow_needs.iter(consume=False) %> + - <{ need }> + <%- endfor %> + <%- endif %> + outputs: + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "<{ prepare_workflow_salt_version_input }>" + validate-version: true + + <%- endblock prepare_workflow_job %> + <%- endif %> + +<%- block jobs %> + <{- super() }> + + release: + <%- do conclusion_needs.append('release') %> + name: Release v${{ needs.prepare-workflow.outputs.salt-version }} + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + needs: + - prepare-workflow + environment: <{ gh_environment }> + + steps: - name: Clone The Salt Repository uses: actions/checkout@v3 with: @@ -102,19 +162,19 @@ permissions: git config --global user.signingkey 64CBBC8173D76B3F git config --global commit.gpgsign true - - name: Release Salt ${{ inputs.salt-version }} + - name: Setup Salt Release id: release run: | - tools pkg repo publish release ${{ inputs.salt-version }} + tools pkg repo publish release ${{ needs.prepare-workflow.outputs.salt-version }} - name: Apply The Release Patch run: | - git am --committer-date-is-author-date release-artifacts/salt-${{ inputs.salt-version }}.patch - rm release-artifacts/salt-${{ inputs.salt-version }}.patch + git am --committer-date-is-author-date release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + rm release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch - - name: Tag The v${{ inputs.salt-version }} Release + - name: Tag The v${{ needs.prepare-workflow.outputs.salt-version }} Release run: | - git tag -m "Release v${{ inputs.salt-version }}" -as v${{ inputs.salt-version }} + git tag -m "Release v${{ needs.prepare-workflow.outputs.salt-version }}" -as v${{ needs.prepare-workflow.outputs.salt-version }} - name: Push Changes uses: ad-m/github-push-action@v0.6.0 @@ -132,18 +192,12 @@ permissions: draft: false generateReleaseNotes: false makeLatest: ${{ steps.release.outputs.make-latest }} - name: v${{ inputs.salt-version }} - prerelease: ${{ contains(inputs.salt-version, 'rc') }} + name: v${{ needs.prepare-workflow.outputs.salt-version }} + prerelease: ${{ contains(needs.prepare-workflow.outputs.salt-version, 'rc') }} removeArtifacts: true replacesArtifacts: true - tag: v${{ inputs.salt-version }} + tag: v${{ needs.prepare-workflow.outputs.salt-version }} + {#- We need the pypi.org upload job added here #} -<%- endblock pre_jobs %> - - -<%- block jobs %> - <{- super() }> - {#- We need the test.pypi.org upload job added here #} - {#- We need the package upload tests against staging added here #} <%- endblock jobs %> diff --git a/tools/pre_commit.py b/tools/pre_commit.py index 86a403ea69a..84c9b84eb10 100644 --- a/tools/pre_commit.py +++ b/tools/pre_commit.py @@ -71,7 +71,6 @@ def generate_workflows(ctx: Context): "Release": { "template": "release.yml", "includes": { - "prepare-workflow": False, "pre-commit": False, "lint": False, "salt-tests": False,