Skip to content

Release Ansible package #54

Release Ansible package

Release Ansible package #54

---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
name: Release Ansible package
'on':
workflow_dispatch:
inputs:
ansible-version:
description: >-
Release Version. Example: 11.1.0
required: true
preserve-deps:
description: >-
Whether to preserve existing `.deps` files.
type: boolean
default: false
allow-reset-build-deps:
description: >-
Whether to allow resetting existing .build files during alpha and beta-1 releases.
Only set to false for special alpha or beta-1 releases if the deps and build files
have been prepared manually!
type: boolean
default: true
existing-branch:
description: >-
If provided, assumes that a branch of this name exists in the ansible-build-data
repository. Changes will be pushed to this branch, and the PR will be created from
it.
type: string
default: ''
env:
CI_COMMIT_MESSAGE: >-
Ansible ${{ inputs.ansible-version }}:
Dependencies, changelog and porting guide
ANSIBLE_VERSION: ${{ inputs.ansible-version }}
ANSIBLE_BRANCH_NAME: ${{ inputs.existing-branch || format('publish-{0}', inputs.ansible-version) }}
jobs:
build:
name: Build Ansible (${{ inputs.ansible-version }})
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: write
outputs:
pr_url: ${{ steps.create-pr.outputs.pr_url }}
steps:
- name: Check out antsibull-build
uses: actions/checkout@v4
with:
repository: ansible-community/antsibull-build
ref: main
path: antsibull-build
- name: Pre-create build directory
run: mkdir -p antsibull-build/build
- name: Check out ansible-build-data under antsibull-build build directory
uses: actions/checkout@v4
with:
# This is where the antsibull-build build-release role expects it by default
path: antsibull-build/build/ansible-build-data
ref: ${{ inputs.existing-branch || '' }}
- name: Set up Python 3.12
uses: actions/setup-python@v5
with:
python-version: 3.12
- name: Install dependencies
working-directory: antsibull-build
run: |
python3 -m pip install packaging ansible-core antsibull-build
ansible-galaxy install -r requirements.yml
- name: Validate version and extract major version
shell: python
id: extract-version
run: |
import os
import pathlib
import sys
from packaging.version import Version
FILE_APPEND_MODE = 'a'
OUTPUTS_FILE_PATH = pathlib.Path(os.environ['GITHUB_OUTPUT'])
VERSION = os.environ['ANSIBLE_VERSION']
def set_output(name, value):
with OUTPUTS_FILE_PATH.open(FILE_APPEND_MODE) as outputs_file:
outputs_file.writelines(f'{name}={value}{os.linesep}')
try:
version = Version(VERSION)
except Exception as exc:
sys.exit(
f'::error ::The version {VERSION!r} cannot be parsed: {exc}.'
)
set_output('major-version', version.major)
- name: Checking out to a new branch
if: inputs.existing-branch == ''
working-directory: antsibull-build/build/ansible-build-data
run: |
git checkout -b "${ANSIBLE_BRANCH_NAME}"
- name: Setting the user details
run: |
git config --global user.name "Github Actions"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
# Run the playbook according to the current release process
- name: Building a release with the defaults
working-directory: antsibull-build
env:
PRESERVE_DEPS: ${{ inputs.preserve-deps }}
ALLOW_RESET_BUILD_DEPS: ${{ inputs.allow-reset-build-deps }}
# Make result better readable
ANSIBLE_CALLBACK_RESULT_FORMAT: yaml
run: >-
ansible-playbook -vv playbooks/build-single-release.yaml
-e antsibull_data_reset=false
-e "antsibull_build_reset=${ALLOW_RESET_BUILD_DEPS}"
-e "antsibull_ansible_version=${ANSIBLE_VERSION}"
-e "antsibull_preserve_deps=${PRESERVE_DEPS}"
- name: Upload artifact
uses: actions/upload-artifact@v4
id: upload-artifact
with:
name: sdist-and-wheel
path: antsibull-build/build/ansible-*.*
- name: Commit ansible-build-data and push the changes to github
working-directory: >-
antsibull-build/build/ansible-build-data/${{ steps.extract-version.outputs.major-version }}
run: |
git add .
git commit -m "${CI_COMMIT_MESSAGE}"
git push origin "${ANSIBLE_BRANCH_NAME}"
- name: Create PR to the ansible-build-data
id: create-pr
working-directory: antsibull-build/build/ansible-build-data
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ARTIFACT_URL: ${{ steps.upload-artifact.outputs.artifact-url }}
run: |
body="$(echo -e "${CI_COMMIT_MESSAGE}\nRelease artifacts: <${ARTIFACT_URL}>")"
echo -n "pr_url=" >> "${GITHUB_OUTPUT}"
gh pr create \
--base main \
--head "${ANSIBLE_BRANCH_NAME}" \
--title "Release Ansible ${ANSIBLE_VERSION}" \
--body "${body}" | tee -a "$GITHUB_OUTPUT"
# publish job downloads the arifacts and publish it to PyPI
publish:
needs: build
name: Upload Ansible (${{ inputs.ansible-version }}) to PyPI
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/project/ansible/${{ inputs.ansible-version }}
permissions:
id-token: write
outputs:
pr_url: ${{ needs.build.outputs.pr_url }}
steps:
- name: Ensure that the PR was merged
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_URL: ${{ needs.build.outputs.pr_url }}
run: |
STATE="$(gh pr view "${PR_URL}" --json state --template "{{.state}}")"
if [ "${STATE}" != "MERGED" ]; then
echo "::error ::The state of PR ${PR_URL} must be MERGED, not ${STATE}"
exit 1
fi
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: sdist-and-wheel
path: dist/
- name: Upload Ansible sdist and wheel to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
# git-tag job creates the git tag
git-tag:
needs: publish
name: Creates git tag for Ansible (${{ inputs.ansible-version }})
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Figure out merge commit
id: merge-commit
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_URL: ${{ needs.publish.outputs.pr_url }}
run: |
MERGE_COMMIT="$(gh pr view "${PR_URL}" --json mergeCommit --template "{{.mergeCommit.oid}}")"
echo "merge_commit=${MERGE_COMMIT}" >> "${GITHUB_OUTPUT}"
- name: Check out ansible-build-data
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 0
- name: Create git tag
env:
MERGE_COMMIT: ${{steps.merge-commit.outputs.merge_commit}}
run: |
git config --global user.name "Github Actions"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git tag -a "${ANSIBLE_VERSION}" "${MERGE_COMMIT}" -m "Ansible ${ANSIBLE_VERSION}: Changelog, Porting Guide and Dependent Collection Details"
git push origin "${ANSIBLE_VERSION}"