-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d310d09
commit dfacddf
Showing
5 changed files
with
6 additions
and
60 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,4 @@ | ||
| name: _buildpacks-prepare-release | ||
|
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
|
|
@@ -41,17 +40,14 @@ on: | |
| app_private_key: | ||
| description: Private key of GitHub application (Linguist) | ||
| required: true | ||
|
|
||
| defaults: | ||
| run: | ||
| # Setting an explicit bash shell ensures GitHub Actions enables pipefail mode too, | ||
| # ratherthan only error on exit (improving failure UX when pipes are used). See: | ||
| # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell | ||
| shell: bash | ||
|
|
||
| env: | ||
| CARGO_TERM_COLOR: always | ||
|
|
||
| jobs: | ||
| prepare-release: | ||
| name: Prepare Release | ||
|
|
@@ -63,31 +59,26 @@ jobs: | |
| with: | ||
| app-id: ${{ inputs.app_id }} | ||
| private-key: ${{ secrets.app_private_key }} | ||
|
|
||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| # Using the GH application token here will configure the local git config for this repo with credentials | ||
| # that can be used to make signed commits that are attributed to the GH application user | ||
| token: ${{ steps.generate-token.outputs.token }} | ||
|
|
||
| - name: Install Languages CLI | ||
| uses: heroku/languages-github-actions/.github/actions/install-languages-cli@main | ||
| uses: heroku/languages-github-actions/.github/actions/install-languages-cli@v0.8.0 | ||
| with: | ||
| branch: ${{ inputs.languages_cli_branch }} | ||
|
|
||
| - name: Bump versions and update changelogs | ||
| id: prepare | ||
| run: | | ||
| actions prepare-release \ | ||
| --bump ${{ inputs.bump }} \ | ||
| --repository-url https://github.com/${{ github.repository }} \ | ||
| ${{ inputs.declarations_starting_version && format('--declarations-starting-version {0}', inputs.declarations_starting_version) }} | ||
| - name: Generate changelog | ||
| id: generate-changelog | ||
| run: actions generate-changelog --version ${{ steps.prepare.outputs.to_version }} | ||
|
|
||
| - name: Create pull request | ||
| id: pr | ||
| uses: peter-evans/[email protected] | ||
|
|
@@ -104,7 +95,6 @@ jobs: | |
| # This will ensure commits made from this workflow are attributed to the GH application user | ||
| committer: ${{ inputs.app_username }} <${{ inputs.app_email }}> | ||
| author: ${{ inputs.app_username }} <${{ inputs.app_email }}> | ||
|
|
||
| - name: Configure pull request | ||
| if: steps.pr.outputs.pull-request-operation == 'created' | ||
| run: gh pr merge --auto --squash "${{ steps.pr.outputs.pull-request-number }}" | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,4 @@ | ||
| name: _buildpacks-release | ||
|
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
|
|
@@ -45,18 +44,15 @@ on: | |
| docker_hub_token: | ||
| required: true | ||
| description: The token to login to Docker Hub with | ||
|
|
||
| defaults: | ||
| run: | ||
| # Setting an explicit bash shell ensures GitHub Actions enables pipefail mode too, | ||
| # ratherthan only error on exit (improving failure UX when pipes are used). See: | ||
| # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell | ||
| shell: bash | ||
|
|
||
| env: | ||
| CARGO_TERM_COLOR: always | ||
| PACKAGE_DIR: ./packaged | ||
|
|
||
| jobs: | ||
| compile: | ||
| name: Compile Buildpacks | ||
|
|
@@ -70,20 +66,16 @@ jobs: | |
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: true | ||
|
|
||
| - name: Install Languages CLI | ||
| uses: heroku/languages-github-actions/.github/actions/install-languages-cli@main | ||
| uses: heroku/languages-github-actions/.github/actions/install-languages-cli@v0.8.0 | ||
| with: | ||
| branch: ${{ inputs.languages_cli_branch }} | ||
| update_rust_toolchain: false | ||
|
|
||
| - name: Generate buildpack matrix | ||
| id: generate-buildpack-matrix | ||
| run: actions generate-buildpack-matrix --temporary-id "${{ github.run_id }}" --package-dir "${{ env.PACKAGE_DIR }}" | ||
|
|
||
| - name: Update Rust toolchain | ||
| run: rustup update | ||
|
|
||
| - name: Install cross-compile tooling | ||
| env: | ||
| RUST_TRIPLES: ${{ steps.generate-buildpack-matrix.outputs.rust_triples }} | ||
|
|
@@ -96,10 +88,8 @@ jobs: | |
| fi | ||
| rustup target add "$triple" | ||
| done | ||
| - name: Rust cache | ||
| uses: Swatinem/[email protected] | ||
|
|
||
| # the version of `libcnb-cargo` installed here is kept in sync with the version of `libcnb-package` | ||
| # that the release automation CLI tooling depends on | ||
| - name: Install libcnb-cargo | ||
|
|
@@ -110,7 +100,6 @@ jobs: | |
| | yq -ptoml -oyaml '.package[] | select(.name == "libcnb-package") | .version' \ | ||
| ) | ||
| cargo install --locked "libcnb-cargo@${LIBCNB_PACKAGE_VERSION}" | ||
| - name: Package buildpacks | ||
| id: libcnb-package | ||
| env: | ||
|
|
@@ -134,17 +123,14 @@ jobs: | |
| cargo libcnb package --release --package-dir "${package_dir}" --target "${triple}" | ||
| done | ||
| done | ||
| - name: Generate changelog | ||
| id: generate-changelog | ||
| run: actions generate-changelog --version ${{ steps.generate-buildpack-matrix.outputs.version }} | ||
|
|
||
| - name: Cache buildpacks | ||
| uses: actions/cache/save@v4 | ||
| with: | ||
| key: ${{ github.run_id }}-compiled-buildpacks | ||
| path: ${{ env.PACKAGE_DIR }} | ||
|
|
||
| publish-docker: | ||
| name: Publish → Docker - ${{ matrix.buildpack_id }} | ||
| needs: [compile] | ||
|
|
@@ -163,7 +149,6 @@ jobs: | |
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: true | ||
|
|
||
| - name: Restore buildpacks | ||
| uses: actions/cache/restore@v4 | ||
| with: | ||
|
|
@@ -172,20 +157,16 @@ jobs: | |
| path: ${{ env.PACKAGE_DIR }} | ||
| env: | ||
| SEGMENT_DOWNLOAD_TIMEOUT_MINS: 1 | ||
|
|
||
| - name: Install Pack CLI | ||
| uses: buildpacks/github-actions/[email protected] | ||
|
|
||
| - name: Install Crane | ||
| uses: buildpacks/github-actions/[email protected] | ||
|
|
||
| - name: Login to Docker Hub | ||
| uses: docker/[email protected] | ||
| with: | ||
| registry: docker.io | ||
| username: ${{ secrets.docker_hub_user }} | ||
| password: ${{ secrets.docker_hub_token }} | ||
|
|
||
| - name: Publish to temporary tags | ||
| env: | ||
| TARGETS: ${{ toJSON(matrix.targets) }} | ||
|
|
@@ -220,7 +201,6 @@ jobs: | |
| digest=$(crane digest "${{ matrix.temporary_tag }}") | ||
| echo -e "- \`${{ matrix.temporary_tag }}\`\n - \`${digest}\`" >> $GITHUB_STEP_SUMMARY | ||
| fi | ||
| - name: Promote temporary tags to stable tags | ||
| if: inputs.dry_run == false | ||
| env: | ||
|
|
@@ -237,7 +217,6 @@ jobs: | |
| # promote primary image manifest or manifest list to permanent tag | ||
| crane copy "${{ matrix.temporary_tag }}" "${{ matrix.stable_tag }}" | ||
| echo "- \`${{ matrix.stable_tag }}\`" >> $GITHUB_STEP_SUMMARY | ||
| - name: Unpublish temp tags from this run | ||
| if: always() | ||
| env: | ||
|
|
@@ -267,7 +246,6 @@ jobs: | |
| fi | ||
| done | ||
| exit $status | ||
| publish-github: | ||
| name: Publish → GitHub Release | ||
| needs: [compile] | ||
|
|
@@ -283,7 +261,6 @@ jobs: | |
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: true | ||
|
|
||
| - name: Restore buildpacks | ||
| uses: actions/cache/restore@v4 | ||
| with: | ||
|
|
@@ -292,10 +269,8 @@ jobs: | |
| path: ${{ env.PACKAGE_DIR }} | ||
| env: | ||
| SEGMENT_DOWNLOAD_TIMEOUT_MINS: 1 | ||
|
|
||
| - name: Install Pack CLI | ||
| uses: buildpacks/github-actions/[email protected] | ||
|
|
||
| - name: Generate CNB files | ||
| run: | | ||
| for buildpack in $(jq --exit-status -c '.[]' <<< '${{ needs.compile.outputs.buildpacks }}'); do | ||
|
|
@@ -305,20 +280,17 @@ jobs: | |
| pack buildpack package "$cnb_file" --config "${output_dir}/package.toml" --format file --verbose | ||
| done | ||
| done | ||
| - name: Get token for GitHub application (Linguist) | ||
| uses: actions/create-github-app-token@v1 | ||
| id: generate-token | ||
| with: | ||
| app-id: ${{ inputs.app_id }} | ||
| private-key: ${{ secrets.app_private_key }} | ||
|
|
||
| - name: Check if release exists | ||
| id: check | ||
| env: | ||
| GH_TOKEN: ${{ steps.generate-token.outputs.token }} | ||
| run: echo "published_to_github=$(gh release view v${{ needs.compile.outputs.version }} -R ${{ github.repository }} &> /dev/null && echo "true" || echo "false")" >> $GITHUB_OUTPUT | ||
|
|
||
| - name: Create GitHub Release | ||
| if: inputs.dry_run == false && steps.check.outputs.published_to_github == 'false' | ||
| uses: softprops/[email protected] | ||
|
|
@@ -328,7 +300,6 @@ jobs: | |
| body: ${{ needs.compile.outputs.changelog }} | ||
| files: "*.cnb" | ||
| fail_on_unmatched_files: true | ||
|
|
||
| publish-cnb-registry: | ||
| name: Publish → CNB Registry - ${{ matrix.buildpack_id }} | ||
| needs: [compile, publish-docker] | ||
|
|
@@ -340,7 +311,6 @@ jobs: | |
| steps: | ||
| - name: Install crane | ||
| uses: buildpacks/github-actions/[email protected] | ||
|
|
||
| - name: Check if version is already in the registry | ||
| id: check | ||
| run: | | ||
|
|
@@ -350,11 +320,9 @@ jobs: | |
| else | ||
| echo "published_to_cnb_registry=false" >> $GITHUB_OUTPUT | ||
| fi | ||
| - name: Calculate the buildpack image digest | ||
| id: digest | ||
| run: echo "value=$(crane digest ${{ matrix.stable_tag }})" >> "$GITHUB_OUTPUT" | ||
|
|
||
| - name: Register the new version with the CNB Buildpack Registry | ||
| if: inputs.dry_run == false && steps.check.outputs.published_to_cnb_registry == 'false' | ||
| uses: docker://ghcr.io/buildpacks/actions/registry/request-add-entry:5.7.2 | ||
|
|
@@ -363,7 +331,6 @@ jobs: | |
| id: ${{ matrix.buildpack_id }} | ||
| version: ${{ matrix.buildpack_version }} | ||
| address: ${{ matrix.image_repository }}@${{ steps.digest.outputs.value }} | ||
|
|
||
| update-builder: | ||
| name: Update Builder | ||
| needs: [compile, publish-docker, publish-cnb-registry, publish-github] | ||
|
|
@@ -376,12 +343,10 @@ jobs: | |
| app-id: ${{ inputs.app_id }} | ||
| private-key: ${{ secrets.app_private_key }} | ||
| repositories: heroku/cnb-builder-images | ||
|
|
||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| path: ./buildpacks | ||
|
|
||
| - name: Checkout cnb-builder-images repository | ||
| uses: actions/checkout@v4 | ||
| with: | ||
|
|
@@ -390,22 +355,18 @@ jobs: | |
| # Using the GH application token here will configure the local git config for this repo with credentials | ||
| # that can be used to make signed commits that are attributed to the GH application user | ||
| token: ${{ steps.generate-token.outputs.token }} | ||
|
|
||
| - name: Install crane | ||
| uses: buildpacks/github-actions/[email protected] | ||
|
|
||
| - name: Install Languages CLI | ||
| uses: heroku/languages-github-actions/.github/actions/install-languages-cli@main | ||
| uses: heroku/languages-github-actions/.github/actions/install-languages-cli@v0.8.0 | ||
| with: | ||
| branch: ${{ inputs.languages_cli_branch }} | ||
|
|
||
| - name: Update Builder | ||
| # The dry run check is performed here because the update process requires a published | ||
| # image to exist in order to calculate a digest with `crane`. Adding the check here | ||
| # means no files will be modified and so no PR will be created later. | ||
| if: inputs.dry_run == false | ||
| run: actions update-builder --repository-path ./buildpacks --builder-repository-path ./cnb-builder-images --builders builder-20,builder-22,builder-24,salesforce-functions | ||
|
|
||
| - name: Create Pull Request | ||
| id: pr | ||
| uses: peter-evans/[email protected] | ||
|
|
@@ -423,7 +384,6 @@ jobs: | |
| # This will ensure commits made from this workflow are attributed to the GH application user | ||
| committer: ${{ inputs.app_username }} <${{ inputs.app_email }}> | ||
| author: ${{ inputs.app_username }} <${{ inputs.app_email }}> | ||
|
|
||
| - name: Configure PR | ||
| if: steps.pr.outputs.pull-request-operation == 'created' | ||
| run: gh pr merge --auto --squash --repo heroku/cnb-builder-images "${{ steps.pr.outputs.pull-request-number }}" | ||
|
|
||
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters