-
Notifications
You must be signed in to change notification settings - Fork 37
204 lines (195 loc) · 8.35 KB
/
master_release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
name: Master/Release branch workflow
on:
push:
branches:
- master
- release/**
schedule:
- cron: '0 5 * * 3'
env:
AWS_REGION: eu-west-1
GIT_USERNAME: ${{ secrets.BOT_GITHUB_USERNAME }}
GIT_EMAIL: ${{ secrets.BOT_GITHUB_EMAIL }}
GIT_PASSWORD: ${{ secrets.BOT_GITHUB_TOKEN }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
MAVEN_USERNAME: ${{ secrets.NEXUS_USERNAME }}
QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }}
QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }}
GITHUB_ACTIONS_DEPLOY_TIMEOUT: 60
BASE_BUILD_NUMBER: 10000
# Release version has to start with real version (23.2.0-....) for the docker image to build successfully.
RELEASE_VERSION: 23.3.0-A23
DEVELOPMENT_VERSION: 23.3.0-A24-SNAPSHOT
jobs:
run_ci:
uses: ./.github/workflows/ci.yml
secrets: inherit
docker_latest:
name: "Update latest and Single Pipeline <acs>-<build> images"
runs-on: ubuntu-latest
needs: [run_ci]
if: >
!(failure() || cancelled()) &&
!contains(github.event.head_commit.message, '[skip docker_latest]') &&
github.ref_name == 'master' && github.event_name != 'pull_request'
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: linux/amd64,linux/arm64
- name: "Build"
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
run: |
bash ./scripts/ci/init.sh
bash ./scripts/ci/build.sh -m
- name: Compute final build number
run: |
echo "COMPUTED_BUILD_NUMBER=$(( $BASE_BUILD_NUMBER + $BUILD_NUMBER ))" >> $GITHUB_ENV
- name: "Update images"
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
run: mvn -B -V clean install -ntp -DskipTests -Dmaven.javadoc.skip=true -Dbuild-number=${COMPUTED_BUILD_NUMBER} -Pags -Ppush-docker-images,pipeline
- name: "Clean Maven cache"
run: bash ./scripts/ci/cleanup_cache.sh
release:
name: "Release and Copy to S3 Staging Bucket"
runs-on: ubuntu-latest
needs: [docker_latest]
if: >
!(failure() || cancelled()) &&
contains(github.event.head_commit.message, '[release]') &&
github.event_name != 'pull_request'
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: actions/setup-python@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: linux/amd64,linux/arm64
- name: "Build"
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
run: |
bash ./scripts/ci/init.sh
bash ./scripts/ci/build.sh -m
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
with:
username: ${{ env.GIT_USERNAME }}
email: ${{ env.GIT_EMAIL }}
global: true
- name: Compute final build number
run: |
echo "COMPUTED_BUILD_NUMBER=$(( $BASE_BUILD_NUMBER + $BUILD_NUMBER ))" >> $GITHUB_ENV
- name: "Release"
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
run: |
bash scripts/ci/verify_release_tag.sh
bash scripts/ci/maven_release.sh $COMPUTED_BUILD_NUMBER
bash scripts/ci/prepare_staging_deploy.sh
- name: "Clean Maven cache"
run: bash ./scripts/ci/cleanup_cache.sh
- name: "Configure AWS credentials"
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_S3_STAGING_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_S3_STAGING_SECRET_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: "Deploy to S3 Staging Bucket"
run: |
aws s3 cp --acl private --recursive ./deploy_dir s3://alfresco-artefacts-staging/alfresco-content-services/release/${BRANCH_NAME}/${COMPUTED_BUILD_NUMBER}
aws s3 cp --acl private --recursive ./deploy_dir_share s3://alfresco-artefacts-staging/share/${RELEASE_VERSION}
aws s3 cp --acl private --recursive ./deploy_dir_ags s3://alfresco-artefacts-staging/enterprise/RM/${RELEASE_VERSION}
bash scripts/ci/copy_share_image_to_docker_hub.sh
echo "Finished release and deployed to https://s3.console.aws.amazon.com/s3/buckets/alfresco-artefacts-staging/alfresco-content-services/release/${BRANCH_NAME}/${COMPUTED_BUILD_NUMBER}"
publish:
name: "Copy to S3 Release Bucket"
runs-on: ubuntu-latest
needs: [release]
if: >
!(failure() || cancelled()) &&
contains(github.event.head_commit.message, '[publish]') &&
github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
fetch-depth: 0
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- name: "Init"
run: bash ./scripts/ci/init.sh
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
with:
username: ${{ env.GIT_USERNAME }}
email: ${{ env.GIT_EMAIL }}
global: true
- name: "Rebuild the artifacts and publish them to enterprise-releases"
timeout-minutes: ${{ fromJSON(env.GITHUB_ACTIONS_DEPLOY_TIMEOUT) }}
run: bash scripts/ci/maven_publish.sh
- name: "Configure AWS credentials"
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_S3_RELEASE_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_S3_RELEASE_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Compute final build number
run: |
echo "COMPUTED_BUILD_NUMBER=$(( $BASE_BUILD_NUMBER + $BUILD_NUMBER ))" >> $GITHUB_ENV
- name: "Deploy to S3 Release Bucket"
run: |
bash scripts/ci/copy_to_release_bucket.sh $COMPUTED_BUILD_NUMBER
bash scripts/ci/copy_share_to_release_bucket.sh
bash scripts/ci/copy_ags_to_release_bucket.sh
- name: "Clean Maven cache"
run: bash ./scripts/ci/cleanup_cache.sh
update_downstream:
name: "Update acs-community-packaging (after release)"
runs-on: ubuntu-latest
needs: [publish]
if: >
!(failure() || cancelled()) &&
(contains(github.event.head_commit.message, '[downstream]') || (contains(github.event.head_commit.message, '[release]') &&
!contains(github.event.head_commit.message, '[no downstream]'))) &&
github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
- name: "Init"
run: bash ./scripts/ci/init.sh
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
with:
username: ${{ env.GIT_USERNAME }}
email: ${{ env.GIT_EMAIL }}
global: true
- name: "Update downstream"
run: bash ./scripts/ci/update_downstream.sh
env:
COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
- name: "Clean Maven cache"
run: bash ./scripts/ci/cleanup_cache.sh