Skip to content
Release controller

feat: add diff and get command for the registry #736

Sign in to view logs

feat: add diff and get command for the registry

feat: add diff and get command for the registry #736

Workflow file for this run

.github/workflows/release-controller.yaml at 9f0ada5
name: Release controller
on:
push:
branches:
- "main"
paths:
- release-controller/**
- rs/cli/**
- requirements*.lock
- pyproject.toml
- "*.bazel"
- bazel/**
- tools/**
- images/**
- .github/**
pull_request:
paths:
- release-controller/**
- rs/cli/**
- requirements*.lock
- pyproject.toml
- "*.bazel"
- bazel/**
- tools/**
- images/**
- .github/**
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
bazel-release-controller:
name: Release controller pipeline
runs-on:
labels: dre-runner-custom
# This image is based on ubuntu:20.04
container: ghcr.io/dfinity/dre/actions-runner:6413f2909a49329ecbf5371ee7ddf07a9799b625
permissions:
contents: write
packages: write
pages: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2
# The GitHub App token is necessary for pushing changed files back to the repository
# If regular secrets.GITHUB_TOKEN is used instead, the push will not trigger any actions
# https://github.com/orgs/community/discussions/25702
- name: Create GitHub App Token
uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }}
private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }}
- name: "☁️ Setup runner"
uses: ./.github/workflows/manage-runner-pre
########################################
# Test
# Will run test as a local subprocess because for some tests
########################################
- name: "🚀 Building"
uses: ./.github/workflows/build
with:
# See above where the token is generated: we can't use regular secrets.GITHUB_TOKEN
# since the push needs to trigger actions again
GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}"
spec: //release-controller/... except attr(name, '.*oci_image.*', //release-controller/...)
- name: "🚀 Testing"
run: |
set -e
t=$(mktemp) ; t2=$(mktemp) ; trap 'rm -f "$t" "$t2"' EXIT
bazel query "tests(//release-controller/...) except attr(tags, 'manual', //...) except attr(name, '.*oci_image.*', //release-controller/...)" > "$t"
if [ "$(stat -c %s "$t")" = "0" ] ; then echo No testing targets found >&2 ; exit 0 ; fi
r=0
set -x
bazel test --target_pattern_file="$t" --config=ci --test_env=HOME=/home/runner --explain="$t2" --verbose_explanations || r=$?
#echo === Explanations === >&2
#cat "$t2" >&2
#echo == /Explanations === >&2
exit $r
########################################
# Upload container images
########################################
- name: "📦 Push images to GitHub Container Registry"
id: push-images
uses: ./.github/workflows/push
if: ${{ github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch' }}
with:
spec: kind("oci_push", ...) intersect //release-controller/...
push-token: ${{ secrets.GITHUB_TOKEN }}
########################################
# Update k8s deployments
########################################
- name: "🤖 Update k8s deployments for release controller"
if: ${{ github.ref == 'refs/heads/main' }}
uses: ./.github/workflows/update-k8s-deployments
with:
files-to-update: bases/apps/ic-release-controller/controller/controller.yaml
push-token: ${{ secrets.K8S_API_TOKEN }}
component: release controller
########################################
# Clean up runner
########################################
- uses: ./.github/workflows/manage-runner-post
name: "🪓 Tear down runner"
if: ${{ !startsWith(runner.name, 'dre-runner-custom') }}
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}