From 8f85d5f96a7c987b1ef796cc8039756fb9116d04 Mon Sep 17 00:00:00 2001 From: amercader Date: Mon, 9 Dec 2024 11:38:25 +0100 Subject: [PATCH] Create GitHub workflows for building and publishing There are two separate workflows: * `build.yml` builds the deb packages (based on the versions i supplied in `VERSIONS.json`) and stores them as artifacfts in the workflow run page. This is triggered on every push. * Additionally, when a tag is pushed, `publish.yml` also builds the packages and: 1. Uploads them to the S3 bucket powering https://packaging.ckan.org 2. Creates a new GitHub release with the packages attached as asset --- .github/workflows/build.yml | 12 ++++ .github/workflows/publish.yml | 71 +++++++++++++++++++ ...package.yml => reusable-build-package.yml} | 9 ++- Dockerfile | 1 - README.md | 17 +++++ 5 files changed, 104 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/publish.yml rename .github/workflows/{build-deb-package.yml => reusable-build-package.yml} (93%) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..1b75842 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,12 @@ +name: CKAN deb packages build workflow + +on: + push: + branches: + - '**' + tags-ignore: + - v* + +jobs: + call-build-workflow: + uses: ./.github/workflows/reusable-build-package.yml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..12b8100 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,71 @@ +name: CKAN deb packages publish workflow + +on: + push: + tags: + - v* + +jobs: + call-build-workflow: + uses: ./.github/workflows/reusable-build-package.yml + + upload-to-s3: + needs: call-build-workflow + runs-on: ubuntu-latest + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }} + steps: + - uses: actions/download-artifact@v4 + with: + pattern: python-ckan* + merge-multiple: true + - name: Generate hash and upload + run: | + # Download current md5sum file + aws s3 cp s3://${{ secrets.AWS_BUCKET }}/md5sum . + + for file in python-ckan*; do + # Remove current md5sum entry + sed -i "/$file/d" md5sum + + # Add updated entry to md5sum file + md5sum $file >> md5sum + + # Upload deb file + aws s3 cp $file s3://${{ secrets.AWS_BUCKET }}/staging/$file + done + + # Upload updated md5sum file + aws s3 cp md5sum s3://${{ secrets.AWS_BUCKET }}/staging/md5sum + + upload-to-release: + needs: call-build-workflow + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - uses: actions/download-artifact@v4 + with: + pattern: python-ckan* + merge-multiple: true + - name: Create release and upload the deb files + env: + GH_TOKEN: ${{ github.token }} + run: | + VERSIONS=$(cat "VERSIONS.json") + + LIST=$(echo $VERSIONS | jq -r ' + (.[] | ["* \(.ckan_ref) on Ubuntu \(.ubuntu_version)"]) | + .[] + ') + + NOTES="This release includes deb packages for the following versions. + + $LIST + + Please check the relevant file in the Assets section below. + Packages are also available at https://packaging.ckan.org." + + gh release create ${{ github.ref_name }} ./python-ckan* --verify-tag --notes "$NOTES" diff --git a/.github/workflows/build-deb-package.yml b/.github/workflows/reusable-build-package.yml similarity index 93% rename from .github/workflows/build-deb-package.yml rename to .github/workflows/reusable-build-package.yml index 45690d5..9f2b62d 100644 --- a/.github/workflows/build-deb-package.yml +++ b/.github/workflows/reusable-build-package.yml @@ -1,9 +1,7 @@ -name: CKAN deb packages build workflow +name: Reusable CKAN deb packages build workflow on: - push: - paths-ignore: - - 'README.md' + workflow_call: jobs: get-build-versions: @@ -21,7 +19,7 @@ jobs: VERSIONS=$(cat "VERSIONS.json" | tr -d '[:space:]\n') echo "versions=$VERSIONS" >> $GITHUB_OUTPUT - build: + build-package: needs: get-build-versions runs-on: ubuntu-latest strategy: @@ -54,6 +52,7 @@ jobs: OUTPUT_FILE=$(basename python-ckan*) echo "OUTPUT_FILE=$OUTPUT_FILE" >> $GITHUB_ENV echo "Generated file: $OUTPUT_FILE" + dpkg --info $OUTPUT_FILE - name: Upload deb file uses: actions/upload-artifact@v4 diff --git a/Dockerfile b/Dockerfile index d2e1f2a..dab82a5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -104,6 +104,5 @@ RUN DISTRIBUTION=$(lsb_release -c -s) && \ RUN ls -la /output - FROM scratch AS export COPY --from=builder /output . diff --git a/README.md b/README.md index 38006c0..5985ace 100644 --- a/README.md +++ b/README.md @@ -58,3 +58,20 @@ docker buildx build \ --build-arg UBUNTU_VERSION=24.04 \ . ``` + +# Release process + +There are two separate workflows: + +* `build.yml` builds the deb packages (based on the versions supplied in `VERSIONS.json`) and stores them as artifacfts in the workflow run page. This is triggered on every push. + + +* Additionally, when a tag is pushed, `publish.yml` also builds the packages and: + 1. Uploads them to the S3 bucket powering https://packaging.ckan.org + 2. Creates a new GitHub release with the packages attached as assets. + +With this, the suggested release process is the following: + +* Whenever there is a new CKAN release in the works, or fixes need to be applied to the packages, a new branch and pull request is created. This will trigger the workflows that will create the packages for that version of the code. The `ckan_ref` should be the relvant development branch (e.g. `dev-v2.11`). +* The packages can be downloded from the workflow page to test locally. Once everthing looks fine the PR is merged. +* A new tag in the form `vYYYYMMDD` is pushed to trigger the publication of the packages and the creation of the release.