An automated stage / promotion release process

2026-01-10 15:32:07 -03:30 · 2021-11-19 02:22:45 +00:00 · 2021-11-19 02:22:45 +00:00 · ef1563283e
commit ef1563283e
parent a206d79851
5 changed files with 152 additions and 59 deletions
--- a/.github/workflows/promote.yml
+++ b/.github/workflows/promote.yml
@ -0,0 +1,26 @@
+---
+name: Promote Release
+on:
+  release:
+    types: [published]
+
+jobs:
+  promote:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Log in to GHCR
+        run: |
+          echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+
+      - name: Log in to Quay
+        run: |
+          echo ${{ secrets.QUAY_TOKEN }} | docker login quay.io -u ${{ secrets.QUAY_USER }} --password-stdin
+
+      - name: Re-tag and promote awx image
+        run: |
+          docker pull ghcr.io/${{ github.repository }}:${{ github.event.release.tag_name }}
+          docker tag ghcr.io/${{ github.repository }}:${{ github.event.release.tag_name }} quay.io/${{ github.repository }}:${{ github.event.release.tag_name }}
+          docker tag ghcr.io/${{ github.repository }}:${{ github.event.release.tag_name }} quay.io/${{ github.repository }}:latest
+          docker push quay.io/${{ github.repository }}:${{ github.event.release.tag_name }}
+          docker push quay.io/${{ github.repository }}:latest
+          
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -1,56 +0,0 @@
-name: Release AWX
-on:
-  workflow_dispatch:
-    inputs:
-      version:
-        description: 'Version'
-        required: true
-        default: ''
-      confirm:
-        description: 'Are you sure? Set this to yes.'
-        required: true
-        default: 'no'
-
-jobs:
-  release:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: "Verify inputs"
-        run: |
-          set -e
-
-          if [[ ${{ github.event.inputs.confirm }} != "yes" ]]; then
-            >&2 echo "Confirm must be 'yes'"
-            exit 1
-          fi
-
-          if [[ ${{ github.event.inputs.version }} == "" ]]; then
-            >&2 echo "Set version to continue."
-            exit 1
-          fi
-
-          exit 0
-
-      - name: Generate changelog
-        uses: shanemcd/simple-changelog-generator@v1
-        id: changelog
-        with:
-          repo: "${{ github.repository }}"
-
-      - name: Write changelog to file
-        run: |
-          cat << 'EOF' > /tmp/changelog
-          ${{ steps.changelog.outputs.changelog }}
-          EOF
-
-      - name: Release AWX
-        run: |
-          ansible-playbook -v tools/ansible/release.yml \
-            -e changelog_path=/tmp/changelog \
-            -e version=${{ github.event.inputs.version }} \
-            -e github_token=${{ secrets.GITHUB_TOKEN }} \
-            -e repo=${{ github.repository }}
-
-
--- a/.github/workflows/stage.yml
+++ b/.github/workflows/stage.yml
@ -0,0 +1,123 @@
+---
+name: Stage Release
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'AWX version.'
+        required: true
+        default: ''
+      operator_version:
+        description: 'Operator version. Leave blank to skip staging awx-operator.'
+        default: ''
+      confirm:
+        description: 'Are you sure? Set this to yes.'
+        required: true
+        default: 'no'
+
+jobs:
+  stage:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: write
+    steps:
+      - name: Verify inputs
+        run: |
+          set -e
+
+          if [[ ${{ github.event.inputs.confirm }} != "yes" ]]; then
+            >&2 echo "Confirm must be 'yes'"
+            exit 1
+          fi
+
+          if [[ ${{ github.event.inputs.version }} == "" ]]; then
+            >&2 echo "Set version to continue."
+            exit 1
+          fi
+
+          exit 0
+
+      - name: Checkout awx
+        uses: actions/checkout@v2
+        with:
+          path: awx
+
+      - name: Checkout awx-logos
+        uses: actions/checkout@v2
+        with:
+          repository: ansible/awx-logos
+          path: awx-logos
+
+      - name: Checkout awx-operator
+        uses: actions/checkout@v2
+        with:
+          repository: ${{ github.repository_owner }}/awx-operator
+          path: awx-operator
+
+      - name: Install playbook dependencies
+        run: |
+          python3 -m pip install docker
+
+      - name: Build and stage AWX
+        working-directory: awx
+        run: |
+          ansible-playbook -v tools/ansible/build.yml \
+            -e registry=ghcr.io \
+            -e registry_username=${{ github.actor }} \
+            -e registry_password=${{ secrets.GITHUB_TOKEN }} \
+            -e awx_image=${{ github.repository }} \
+            -e awx_version=${{ github.event.inputs.version }} \
+            -e ansible_python_interpreter=$(which python3) \
+            -e push=yes \
+            -e awx_official=yes
+
+      - name: Build and stage awx-operator
+        working-directory: awx-operator
+        run: |
+          BUILD_ARGS="--build-arg DEFAULT_AWX_VERSION=${{ github.event.inputs.version }}" \
+          IMAGE_TAG_BASE=ghcr.io/${{ github.repository_owner }}/awx-operator \
+          VERSION=${{ github.event.inputs.operator_version }} make docker-build docker-push
+
+      - name: Run test deployment with awx-operator
+        working-directory: awx-operator
+        run: |
+          python3 -m pip install -r molecule/requirements.txt
+          ansible-galaxy collection install -r molecule/requirements.yml
+          sudo rm -f $(which kustomize)
+          make kustomize
+          KUSTOMIZE_PATH=$(readlink -f bin/kustomize) molecule test -s kind
+        env:
+          AWX_TEST_IMAGE: ${{ github.repository }}
+          AWX_TEST_VERSION: ${{ github.event.inputs.version }}
+
+      - name: Generate changelog
+        uses: shanemcd/simple-changelog-generator@v1
+        id: changelog
+        with:
+          repo: "${{ github.repository }}"
+
+      - name: Write changelog to file
+        run: |
+          cat << 'EOF' > /tmp/awx-changelog
+          ${{ steps.changelog.outputs.changelog }}
+          EOF
+
+      - name: Create draft release for AWX
+        working-directory: awx
+        run: |
+          ansible-playbook -v tools/ansible/stage.yml \
+            -e changelog_path=/tmp/awx-changelog \
+            -e repo=${{ github.repository }} \
+            -e awx_image=ghcr.io/${{ github.repository }} \
+            -e version=${{ github.event.inputs.version }} \
+            -e github_token=${{ secrets.GITHUB_TOKEN }}
+
+      - name: Create draft release for awx-operator
+        if: ${{ github.event.inputs.operator_version != '' }}
+        working-directory: awx
+        run: |
+          ansible-playbook tools/ansible/stage.yml \
+            -e version=${{ github.event.inputs.operator_version }} \
+            -e repo=${{ github.repository_owner }}/awx-operator \
+            -e github_token=${{ secrets.AWX_OPERATOR_RELEASE_TOKEN }}
--- a/tools/ansible/roles/dockerfile/tasks/main.yml
+++ b/tools/ansible/roles/dockerfile/tasks/main.yml
@ -1,5 +1,4 @@
 ---
-
 - name: Create _build directory
  file:
    path: "{{ dockerfile_dest }}/{{ template_dest }}"
--- a/tools/ansible/release.yml
+++ b/tools/ansible/release.yml
@ -2,13 +2,14 @@
 - hosts: localhost
  connection: local
  vars:
+    changelog_path: ''
    payload:
-      body: "{{ lookup('file', changelog_path) | replace('\\n', '\n') }}"
+      body: "{{ (lookup('file', changelog_path) | replace('\\n', '\n')) if changelog_path else '' }}"
      name: "{{ version }}"
      tag_name: "{{ version }}"
      draft: true
  tasks:
-    - name: Publish Release
+    - name: Publish draft Release
      uri:
        url: "https://api.github.com/repos/{{ repo }}/releases"
        method: "POST"