From bf8ef3a7aafe8d9955d88fec8e34e8cf25bfb40f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Ma=C5=82ek?= Date: Tue, 23 Apr 2024 15:30:29 +0200 Subject: [PATCH] fix(ci): fix release CI to work with release branches (#206) * fix(ci): fix release CI to work with release branches * fix(ci): trigger a PR against main when a release on a release branch is created * chore: go mod tidy --- .github/workflows/__release-workflow.yaml | 59 ++++++++++++++++++----- .github/workflows/release-bot.yaml | 1 + .github/workflows/release.yaml | 8 ++- go.mod | 6 +++ 4 files changed, 60 insertions(+), 14 deletions(-) diff --git a/.github/workflows/__release-workflow.yaml b/.github/workflows/__release-workflow.yaml index 3dc4c13df..897da85b1 100644 --- a/.github/workflows/__release-workflow.yaml +++ b/.github/workflows/__release-workflow.yaml @@ -1,5 +1,5 @@ name: Reusable release -run-name: "Release ${{ format('{0} (type: {1})', inputs.tag, inputs.release-type) }} " +run-name: "Release ${{ format('{0} (type: {1}) (branch: {2})', inputs.tag, inputs.release-type, inputs.base) }} " on: workflow_call: @@ -28,6 +28,11 @@ on: description: The version to release (e.g. v1.2.3) type: string required: true + base: + description: The base branch from which to release and against which to create a release PR. + type: string + default: 'main' + required: false latest: description: Whether to mark this release latest type: boolean @@ -173,6 +178,11 @@ jobs: KONG_LICENSE_DATA: ${{ secrets.kong-license-data }} KONG_TEST_GATEWAY_OPERATOR_IMAGE_OVERRIDE: ${{ needs.build-push-images.outputs.full_tag }} + # NOTE: This job's steps are run when: + # - input.base is 'main': then 1 PR is created targeting 'main' + # - input.base is not 'main': then 2 PRs will be created: + # - 1 PR targeting 'main' to update VERSION and config/ + # - 1 PR targeting the release branch to update VERSION and config/ and trigger the release workflow create-release-pr: runs-on: ubuntu-latest needs: @@ -180,30 +190,39 @@ jobs: - build-push-images - test-integration-current-kubernetes - test-e2e-current-kubernetes + strategy: + matrix: + base: + - ${{ inputs.base }} + - main steps: - # Use the main branch as a base for the release. - # Any changes made on the branch that the workflow was triggered on will not be included - # in the release PR. If anything needs to be fixed before a release, it should be - # done on the main branch. + # Use the branch set via inputs as a base for the release. + # If anything needs to be fixed before the release, it should be done on the base branch + # before the release workflow is triggered. - name: Checkout repository + if: ${{ (inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main') }} uses: actions/checkout@v4 with: fetch-depth: 0 - ref: main + ref: ${{ matrix.base }} - name: Configure Git for private repositories (this is needed by repositories that include this workflow and have other private dependencies) + if: ${{ (inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main') }} run: git config --global url."https://${{ secrets.gh-pat }}@github.com".insteadOf "https://github.com" - name: Checkout KGO submodule + if: ${{ (inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main') }} run: git submodule update --init - name: Setup golang + if: ${{ (inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main') }} uses: actions/setup-go@v5 with: go-version-file: go.mod # The bumped version file is included in the release PR. - name: Ensure version is set + if: ${{ (inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main') }} env: VERSION: ${{ needs.semver.outputs.fullversion }} run: | @@ -216,17 +235,19 @@ jobs: # Generated manifests are part of the release PR. - name: Generate manifests - if: ${{ inputs.regenerate-manifests }} + if: ${{ inputs.regenerate-manifests && ((inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main')) }} run: make manifests # The generated bundle is part of the release PR. # This is done locally in this job, to avoid including unintended changes. - # If anything needs to be fixed before a release, it should be done on the main branch. + # If anything needs to be fixed before the release, it should be done on the base branch + # before the release workflow is triggered. - name: Generate bundle - if: ${{ inputs.regenerate-bundle }} + if: ${{ inputs.regenerate-bundle && ((inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main')) }} run: make bundle - name: GPG sign the commits + if: ${{ (inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main') }} uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 with: gpg_private_key: ${{ secrets.gpg-private-key }} @@ -234,19 +255,31 @@ jobs: git_user_signingkey: true git_commit_gpgsign: true - # PRs to the main branch will update the version file and manifests + - name: Commit message + if: ${{ (inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main') }} + env: + # NOTE: If the base branch set for workflow is not main (it's a release branch) + # then create a commit message which will not trigger the release workflow + # (via release-bot.yaml) but which will only update VERSION and config/. + MSG: "${{ inputs.base != 'main' && matrix.base == 'main' && format('chore( {0} ): [main] {1}', inputs.release-type, env.VERSION) || format('chore( {0} ): [bot] {1}', inputs.release-type, env.VERSION) }}" + run: | + echo "MSG=${MSG}" >> $GITHUB_ENV + + # PRs to the base branch will update the version file and manifests - name: Create a release PR uses: peter-evans/create-pull-request@9153d834b60caba6d51c9b9510b087acf9f33f83 + if: ${{ (inputs.base == 'main' && matrix.base == 'main') || (inputs.base != 'main') }} with: token: ${{ secrets.gh-pat }} path: . + base: ${{ matrix.base }} add-paths: | VERSION config - commit-message: "chore(${{ inputs.release-type }}): [bot] ${{ env.VERSION }}" + commit-message: "${{ env.MSG }}" committer: Kong's Team k8s bot author: Kong's Team k8s bot signoff: true delete-branch: true - title: "chore(${{ inputs.release-type }}): [bot] ${{ env.VERSION }}" - body: "chore(${{ inputs.release-type }}): [bot] ${{ env.VERSION }}" + title: "${{ env.MSG }}" + body: "${{ env.MSG }}" diff --git a/.github/workflows/release-bot.yaml b/.github/workflows/release-bot.yaml index c48929dcf..f13f6520e 100644 --- a/.github/workflows/release-bot.yaml +++ b/.github/workflows/release-bot.yaml @@ -7,6 +7,7 @@ on: push: branches: - 'main' + - 'release/*' jobs: look_for_release: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f69f87756..0961b6037 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,5 +1,5 @@ name: release -run-name: "Release ${{ format('{0} (type: {1})', inputs.tag, inputs.release_type) }} " +run-name: "Release ${{ format('{0} (type: {1}) (branch: {2})', inputs.tag, inputs.release-type, inputs.base) }} " on: workflow_dispatch: @@ -7,6 +7,11 @@ on: tag: description: The version to release (e.g. v1.2.3) required: true + base: + description: The base branch from which to release and against which to create a release PR. + type: string + default: 'main' + required: false latest: description: Whether to tag this build latest type: boolean @@ -33,5 +38,6 @@ jobs: image-name: ${{ vars.DOCKERHUB_IMAGE_NAME }} latest: ${{ inputs.latest }} tag: ${{ inputs.tag }} + base: ${{ inputs.base }} release-type: ${{ inputs.release_type }} regenerate-manifests: true diff --git a/go.mod b/go.mod index e44675d1b..916a4f3fd 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,12 @@ go 1.22 toolchain go1.22.0 +// 1.2.2 was released on main branch with a breaking change that was not +// intended to be released in 1.2.x: +// https://github.com/Kong/gateway-operator/commit/3876430e09e61edce58bd8464989e33236bd1872 +// This retraction is to prevent it from being used and from breaking builds of dependent projects. +retract v1.2.2 + require ( github.com/Masterminds/semver v1.5.0 github.com/cert-manager/cert-manager v1.14.4