Skip to content

Commit

Permalink
Update release process (hyperledger#7707)
Browse files Browse the repository at this point in the history
Previously GitHub release will be created which triggers building and publishing the artifacts. Release engineers found workflow could fail after the GitHub release created. Community may subscribed to GitHub releases but if the workflow failed, artifacts for the release would not available.

Proposed solution requires release engineer to run a GitHub workflow manually by providing the Git tag which creates a draft GitHub release. During this workflow, release artifacts binary distribution, docker images (not latest), Artifactory jars created and published. Release engineer can update the release notes in draft release and publish the release. At the time when the release is published, release engineer is confident all the artifacts are ready. Upon publishing the release, another workflow is triggered to promote the release version of docker images to latest

Signed-off-by: Chaminda Divitotawela <[email protected]>
Co-authored-by: Simon Dudley <[email protected]>
  • Loading branch information
cdivitotawela and siladu authored Oct 2, 2024
1 parent db1899c commit fbec990
Show file tree
Hide file tree
Showing 2 changed files with 267 additions and 128 deletions.
81 changes: 81 additions & 0 deletions .github/workflows/docker-promote.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
name: Docker Promote

run-name: "Docker Promote ${{ github.event.release.name }}"

on:
release:
types: [released]

env:
registry: docker.io
GRADLE_OPTS: "-Dorg.gradle.parallel=true -Dorg.gradle.caching=true"

jobs:
validate:
runs-on: ubuntu-22.04
env:
RELEASE_NAME: "${{ github.event.release.name }}"
steps:
- name: Pre-process Release Name
id: pre_process_release_name
run: |
# strip all whitespace
RELEASE_NAME="${RELEASE_NAME//[[:space:]]/}"
if [[ ! "$RELEASE_NAME" =~ ^[0-9]+\.[0-9]+(\.[0-9]+)?(-.*)?$ ]]; then
echo "Release name does not conform to a valid besu release format YY.M.v[-suffix], e.g. 24.8.0-RC1."
exit 1
fi
echo "release_name=$RELEASE_NAME" >> $GITHUB_OUTPUT # Set as output using the new syntax
outputs:
release_name: ${{ steps.pre_process_release_name.outputs.release_name }}

docker-promote:
needs: [validate]
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11

- name: Setup Java
uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
with:
distribution: temurin
java-version: 21
cache: gradle

- name: Login to ${{ env.registry }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
with:
registry: ${{ env.registry }}
username: ${{ secrets.DOCKER_USER_RW }}
password: ${{ secrets.DOCKER_PASSWORD_RW }}

- name: Setup Gradle
uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1
with:
cache-disabled: true

- name: Docker upload
run: ./gradlew "-Prelease.releaseVersion=${{ env.RELEASE_NAME }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" dockerUploadRelease

- name: Docker manifest
run: ./gradlew "-Prelease.releaseVersion=${{ env.RELEASE_NAME }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" manifestDockerRelease

docker-verify:
needs: [validate, docker-promote]
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
runs-on: ubuntu-22.04
permissions:
contents: read
actions: write
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11

- name: Trigger container verify
run: echo '{"version":"${{ env.RELEASE_NAME }}","verify-latest-version":"true"}' | gh workflow run container-verify.yml --json
env:
GH_TOKEN: ${{ github.token }}
Loading

0 comments on commit fbec990

Please sign in to comment.