|
|
|
name: release-ci
|
|
|
|
|
|
|
|
on:
|
|
|
|
workflow_dispatch:
|
|
|
|
schedule:
|
|
|
|
- cron: '0 0 * * *'
|
|
|
|
|
|
|
|
# In case we change the some build scripts:
|
|
|
|
push:
|
|
|
|
branches:
|
|
|
|
- master
|
|
|
|
paths:
|
|
|
|
- 'utils/**'
|
|
|
|
- '.ci/release-ci/**'
|
|
|
|
- '.github/workflows/release-ci.yml'
|
|
|
|
pull_request:
|
|
|
|
paths:
|
|
|
|
- 'utils/**'
|
|
|
|
- '.ci/release-ci/**'
|
|
|
|
- '.github/workflows/release-ci.yml'
|
|
|
|
|
|
|
|
concurrency:
|
|
|
|
group: ${{ github.head_ref || github.run_id }}
|
|
|
|
cancel-in-progress: true
|
|
|
|
|
|
|
|
jobs:
|
|
|
|
existing:
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
strategy:
|
|
|
|
matrix:
|
|
|
|
include:
|
|
|
|
- release-type: deb
|
|
|
|
release-env: debian
|
|
|
|
- release-type: deb
|
|
|
|
release-env: ubuntu
|
|
|
|
- release-type: rpm
|
|
|
|
release-env: fedora
|
|
|
|
- release-type: rpm
|
|
|
|
release-env: rocky
|
|
|
|
- release-type: rpm
|
|
|
|
release-env: alma
|
|
|
|
- release-type: apk
|
|
|
|
release-env: alpine
|
|
|
|
|
|
|
|
steps:
|
|
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Run checks
|
|
|
|
run: |
|
|
|
|
SECRETS_RELEASE_ENV="${{ matrix.release-env }}" \
|
|
|
|
SECRETS_RELEASE_TYPE="${{ matrix.release-type }}" \
|
|
|
|
make release-ci
|
|
|
|
|
|
|
|
# Keep in sync with `release.yml`:
|
|
|
|
dryrun:
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
strategy:
|
|
|
|
matrix:
|
|
|
|
release-type:
|
|
|
|
- apk
|
|
|
|
- deb
|
|
|
|
- rpm
|
|
|
|
steps:
|
|
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Run dry run of the release process
|
|
|
|
run: |
|
|
|
|
SECRETS_RELEASE_TYPE="${{ matrix.release-type }}" \
|
|
|
|
SECRETS_DEPLOY_DRY_RUN=1 \
|
|
|
|
SECRETS_ARTIFACTORY_CREDENTIALS='fake' \
|
|
|
|
make release
|
|
|
|
|
|
|
|
# https://github.community/t/run-github-actions-job-only-if-previous-job-has-failed/174786/2
|
|
|
|
create-issue-on-failure:
|
|
|
|
name: Create an issue if release-ci cron failed
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
needs: [existing, dryrun]
|
|
|
|
if: ${{ github.event_name == 'schedule' && github.repository == 'sobolevn/git-secret' && always() && (needs.existing.result == 'failure' || needs.dryrun.result == 'failure') }}
|
|
|
|
permissions:
|
|
|
|
issues: write
|
|
|
|
steps:
|
|
|
|
- uses: actions/github-script@v6
|
|
|
|
with:
|
|
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
script: |
|
|
|
|
await github.rest.issues.create({
|
|
|
|
owner: "sobolevn",
|
|
|
|
repo: "git-secret",
|
|
|
|
title: `release-ci failure on ${new Date().toDateString()}`,
|
|
|
|
body: "Details: https://github.com/sobolevn/git-secret/actions/workflows/release-ci.yml",
|
|
|
|
})
|