-
Notifications
You must be signed in to change notification settings - Fork 21
180 lines (161 loc) · 7.3 KB
/
promote-packages.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# This automation promotes 3p packages based on a merge to default branches
name: Promote 3P Packages
on:
# Allows you to run this workflow manually from the Actions screen
workflow_dispatch:
inputs:
PR-num:
type: string
required: false
description: PR number to pull from. Leave blank to pull from last successful run
Run-id-num:
type: string
required: false
description: Run id number (located in the build url) to pull from. Leave blank to pull from last successful run
push:
branches:
- main
- development
paths:
- 'package_build_list_host_*.json'
jobs:
deploy-dev:
name: Deploying to dev S3 bucket
runs-on: ubuntu-latest
environment: development
env:
PACKAGE_PATH: packages/
outputs:
filelist: "${{ steps.dev-upload.outputs.filelist }}"
steps:
- name: Download packages
uses: dawidd6/[email protected]
with:
workflow: build-pr-packages.yaml
pr: ${{ inputs.PR-num }}
run_id: ${{ inputs.Run-id-num }}
check_artifacts: true
path: ${{ env.PACKAGE_PATH }}
- name: Check if package already exists in prod
env:
PROD_CDN: ${{ vars.PROD_CDN }} # Change this to compare on your own endpoint
run: |
find ${{ env.PACKAGE_PATH }} -type f | while read file; do
filename=$(basename "$file")
url="${{ env.PROD_CDN }}/${filename}"
if curl --head --silent --fail ${url} > /dev/null 2>&1; then
echo ${filename} already exists in prod. Check the rev in the json file to ensure it is incremented
exit 1
else
echo ${filename} does not exist in CDN, continuing...
fi
done
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id : ${{ secrets.AWS_CREDS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_CREDS_SECRET_KEY }}
aws-region : ${{ secrets.AWS_CREDS_REGION_NAME }}
- name: Copy to S3
id: dev-upload
shell: bash
run: |
find ${{ env.PACKAGE_PATH }} -type f | while read file; do
filename=$(basename "$file")
aws s3 cp "$file" "s3://${{ secrets.AWS_PACKAGE_DEV_S3_BUCKET }}/$filename" --acl bucket-owner-full-control
FILELIST="$FILELIST$filename,"
echo "filelist=$( echo "$FILELIST" )" >> $GITHUB_OUTPUT
done
create-o3de-3p-pr:
name: Create PR in O3DE to update version
needs: deploy-dev
runs-on: ubuntu-latest
env:
O3DE_REPO_PATH: o3de
DEV_CDN: ${{ vars.DEV_CDN }} # Change this to use your own endpoint
UPLOADED_FILES: "${{ needs.deploy-dev.outputs.filelist }}"
steps:
- name: Checkout o3de repository
uses: actions/checkout@v4
with:
repository: o3de/o3de
token: ${{ secrets.GHA_TOKEN }}
path: o3de
- name: Copy dev package from S3
run: |
IFS=',' read -ra FILES <<< "$UPLOADED_FILES"
for filename in "${FILES[@]}"; do
if [[ $filename == *.tar.xz.SHA256SUMS ]]; then
wget "${{ env.DEV_CDN }}/$filename"
fi
done
- name: Update BuiltInPackages with new SHA256 and version
shell: bash
run: |
IFS=',' read -ra FILENAMES <<<"$UPLOADED_FILES"
for filename in "${FILENAMES[@]}"; do
if [[ $filename == *.tar.xz.SHA256SUMS ]]; then
content=$(cat "$filename")
file=$(echo "$content" | awk -F'*' '{print $2}' | sed 's/.tar.xz//g') # *<package_name>-<version>-o3de-<rev>-<platform>.tar.xz
hash=$(echo "$content" | awk '{print $1}')
PACKAGE_NAME=$(echo "$file" | cut -d'-' -f1-2) # Extract package name without platform
PARTIAL_PACKAGE_NAME=$(echo "$PACKAGE_NAME" | cut -d'-' -f1) # Extract the first part of the package name for matching
PLATFORM=$(echo "$file" | rev | cut -d'-' -f1 | rev)
# Determine x86 or aarch64 cmake file name based on file suffix
if [[ $file == *linux-aarch64 ]]; then
CMAKE_FILE=BuiltInPackages_linux_aarch64.cmake
PLATFORM=linux
elif [[ $file == *linux ]]; then
CMAKE_FILE=BuiltInPackages_linux_x86_64.cmake
else
CMAKE_FILE=BuiltInPackages_$PLATFORM.cmake
fi
FILE_PATH="${{ env.O3DE_REPO_PATH }}/cmake/3rdParty/Platform/${PLATFORM^}/$CMAKE_FILE"
# Sample the first line after the comment "# platform-specific" to detect width
sample_line=$(awk '/# platform-specific/{getline; print}' "$FILE_PATH")
# Detect the width of the line until TARGETS
width_before_targets=$(echo "$sample_line" | awk -F'TARGETS' '{print length($1 FS) - length("ly_associate_package(PACKAGE_NAME ") - length(" TARGETS")}')
# Construct the new line using printf with the detected width
new_line=$(printf "ly_associate_package(PACKAGE_NAME %-*s TARGETS %-27s PACKAGE_HASH %s" $width_before_targets "$file" "$PARTIAL_PACKAGE_NAME" "$hash")
grep -q "$PARTIAL_PACKAGE_NAME" "$FILE_PATH"
if [ $? -eq 0 ]; then
sed -i "s|ly_associate_package(PACKAGE_NAME $PARTIAL_PACKAGE_NAME-[^ ]* .*PACKAGE_HASH [a-f0-9]\{64\}|$new_line|g" "$FILE_PATH"
else
echo "$new_line" >> "$FILE_PATH"
fi
fi
done
echo "package_name=$PACKAGE_NAME" >> $GITHUB_ENV
- name: Commit and create PR
uses: peter-evans/create-pull-request@v5
with:
token: ${{ secrets.GHA_TOKEN }}
path: ${{ env.O3DE_REPO_PATH }}
base: development
branch: "update-3p-${{ env.package_name }}-cmake-file"
commit-message: "Update 3P version and SHA256 hash for ${{ env.package_name }}"
title: "Update 3P version and SHA256 hash for ${{ env.package_name }}"
body: "Automated PR to update 3P version and SHA256 for ${{ env.package_name }}"
draft: true
signoff: true
delete-branch: true
deploy-prod:
name: Deploying to prod S3 bucket
needs: [deploy-dev, create-o3de-3p-pr]
runs-on: ubuntu-latest
environment: production
env:
UPLOADED_FILES: "${{ needs.deploy-dev.outputs.filelist }}"
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id : ${{ secrets.AWS_CREDS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_CREDS_SECRET_KEY }}
aws-region : ${{ secrets.AWS_CREDS_REGION_NAME }}
- name: Promote dev package to prod
run: |
IFS=',' read -ra FILES <<< "$UPLOADED_FILES"
for filename in "${FILES[@]}"; do
aws s3 cp "s3://${{ secrets.AWS_PACKAGE_DEV_S3_BUCKET }}/$filename" "s3://${{ secrets.AWS_PACKAGE_PROD_S3_BUCKET }}/$filename" --acl bucket-owner-full-control
done