inteligr8/alfresco-content-app
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-content-app.git synced 2025-05-12 17:04:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

[ACA-4653] fix release actions (#3029)

Browse Source 
* fix publish libs action

* push tags only for master

* fix publishing only for master

* fix leaking sensitive info in the echo

* fix publish script and passing branch name to action

* fix incorrect travis branch

* consistent input naming

* npm tag as input

* Update .github/workflows/release.yml

Co-authored-by: Giovanni Toraldo <me@gionn.net>

* Update .github/workflows/release.yml

Co-authored-by: Giovanni Toraldo <me@gionn.net>

* remove not really necessary workflow_call triggers

* fixup job conditionals with ref_name

* setup job is not really doing anything useful

* add setup node to npm publish step

* add missing npm install to publish libs

* Update scripts/travis/deploy/publish.sh

Co-authored-by: Alex Chapellon <alxgomz@gmail.com>

* Update scripts/travis/deploy/publish.sh

Co-authored-by: Alex Chapellon <alxgomz@gmail.com>

* Update .github/actions/git-tag/action.yml

Co-authored-by: Alex Chapellon <alxgomz@gmail.com>

---------

Co-authored-by: Giovanni Toraldo <me@gionn.net>
Co-authored-by: Giovanni Toraldo <giovanni.toraldo@hyland.com>
Co-authored-by: Alex Chapellon <alxgomz@gmail.com>
This commit is contained in:
Denys Vuika 2023-03-06 08:05:14 -05:00 committed by GitHub
parent b3b9a2dc09
commit 3fb91eeafc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 73 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/actions/git-tag/action.yml vendored
View File

@ -22,8 +22,7 @@ runs:
shell: bash
run: |
if [[ ${{ inputs.branch_name }} == "master" ]]; then
VERSION=$(grep -m1 version package.json | awk '{ print $2 }' | sed 's/[", ]//g')
fi;
VERSION=$(jq -cr '.version' < package.json)
echo "git tag -a ${VERSION} -m ${VERSION}"
if [[ ${{ inputs.dry-run }} == false ]]; then
@ -33,3 +32,6 @@ runs:
git remote add origin $GITHUB_REPO
git push origin --tags
fi;
fi;

10
.github/actions/publish-image/action.yml vendored
View File

@ -14,6 +14,10 @@ inputs:
description: 'login password'
required: true
type: string
branch_name:
description: 'Name of the branch the workflow runs on'
required: true
type: string
dry-run:
description: dry run flag
required: true
@ -25,12 +29,12 @@ runs:
- name: Get docker image tag name
shell: bash
run: |
if [[ $BRANCH_NAME == "master" ]]; then
if [[ ${{ inputs.branch_name }} == "master" ]]; then
TAG_VERSION=$(grep -m1 version package.json | awk '{ print $2 }' | sed 's/[", ]//g')
else
TAG_VERSION=$BRANCH_NAME-${{ github.run_id }}
TAG_VERSION=${{ inputs.branch_name }}-${{ github.run_id }}
fi
echo "TAG_VERSION=$TAG_VERSION" >> $GITHUB_ENV
- name: Publish image
shell: bash
run: ./scripts/travis/deploy/publish.sh ${{ inputs.domain }} ${{ inputs.username }} ${{ inputs.password }} $TAG_VERSION $BRANCH_NAME ${{ inputs.dry-run }}
run: ./scripts/travis/deploy/publish.sh ${{ inputs.domain }} ${{ inputs.username }} ${{ inputs.password }} $TAG_VERSION ${{ inputs.branch_name }} ${{ inputs.dry-run }}

46
.github/actions/publish-libs/action.yml vendored
View File

@ -2,18 +2,26 @@ name: "Publish ACA libs to NPM and GH registry"
description: "Publish ACA libs to NPM and GH registry"
inputs:
branch_name:
description: 'Name of the branch the workflow runs on'
required: true
type: string
github_token:
description: 'Github token'
required: true
type: string
npm-registry-address:
npm_registry_address:
description: 'NPM registry address'
required: true
type: string
npm-registry-token:
npm_registry_token:
description: 'NPM registry token'
required: true
type: string
npm_tag:
description: 'NPM tag'
required: true
type: string
dry-run:
description: dry run flag
required: true
@ -22,21 +30,22 @@ inputs:
runs:
using: "composite"
steps:
- run: npm ci
shell: bash
- name: update libs version
shell: bash
run: |
ROOT_DIR=./../../..
export DIST_DIR=./dist/@alfresco
PROJECTS_DIR=./projects
VERSION_IN_PACKAGE_JSON=$(node -p "require('$ROOT_DIR/package.json').version;")
VERSION_IN_PACKAGE_JSON=$(node -p "require('./package.json').version;")
if [[ $TRAVIS_BRANCH =~ ^master.*?$ ]] ; then
if [[ ${{ inputs.branch_name }} =~ ^master.*?$ ]] ; then
NEW_LIBRARY_VERSION=VERSION_IN_PACKAGE_JSON
else
NEW_LIBRARY_VERSION="${VERSION_IN_PACKAGE_JSON}-${{ github.run_id }}"
fi
echo -e "Branch is '$BRANCH_NAME', therefore publish with '$TAG_NPM' tag\n"
echo -e "Branch is '${{ inputs.branch_name }}, therefore publish with '${{ inputs.npm_tag }}' tag\n"
export PROJECTS=(
'aca-shared'
@ -50,15 +59,12 @@ runs:
for PROJECT in "${PROJECTS[@]}"; do
echo "Update ${PROJECT} version to ${NEW_LIBRARY_VERSION}"
cd $PROJECTS_DIR/${PROJECT}
if [[ ${{ inputs.dry-run }} == false ]]; then
npm version ${NEW_LIBRARY_VERSION}
(cd cd $PROJECTS_DIR/${PROJECT} && npm version --allow-same-version --no-git-tag-version --force ${NEW_LIBRARY_VERSION})
fi
done
echo -e "\n\nBuild projects"
cd ${ROOT_DIR}
npm run build-libs
- uses: actions/setup-node@v3
name: setup GH registry
@ -75,12 +81,12 @@ runs:
if [[ ${{ inputs.dry-run }} == false ]]; then
echo -e "Publish with dry mode for project to GH registry: $PROJECT\n"
echo -e "npm publish --dry-run --tag $TAG_NPM \n"
npm publish --dry-run --tag $TAG_NPM
echo -e "npm publish --dry-run --tag ${{ inputs.npm_tag }} \n"
npm publish --dry-run --tag ${{ inputs.npm_tag }}
else
echo -e "======== Publishing project to GH registry: $PROJECT ========\n"
echo -e "npm publish --tag $TAG_NPM\n"
npm publish --tag $TAG_NPM
echo -e "npm publish --tag ${{ inputs.npm_tag }}\n"
npm publish --tag ${{ inputs.npm_tag }}
fi
done
env:
@ -89,7 +95,7 @@ runs:
name: setup NPM registry
with:
node-version-file: '.nvmrc'
registry-url: ${{ inputs.npm-registry-address }}
registry-url: ${{ inputs.npm_registry_address }}
scope: '@alfresco'
- name: publish tag to NPM registry
shell: bash
@ -100,13 +106,13 @@ runs:
if [[ ${{ inputs.dry-run }} == false ]]; then
echo -e "Publish with dry mode for project to NPM registry: $PROJECT\n"
echo -e "npm publish --dry-run --tag $TAG_NPM \n"
npm publish --dry-run --tag $TAG_NPM
echo -e "npm publish --dry-run --tag ${{ inputs.npm_tag }} \n"
npm publish --dry-run --tag ${{ inputs.npm_tag }}
else
echo -e "======== Publishing project to NPM registry: $PROJECT ========\n"
echo -e "npm publish --tag $TAG_NPM\n"
npm publish --tag $TAG_NPM
echo -e "npm publish --tag ${{ inputs.npm_tag }}\n"
npm publish --tag ${{ inputs.npm_tag }}
fi
done
env:
NODE_AUTH_TOKEN: ${{ inputs.npm-registry-token }}
NODE_AUTH_TOKEN: ${{ inputs.npm_registry_token }}

1
.github/workflows/aca-upstream.yml vendored
View File

@ -3,7 +3,6 @@ name: "ACA upstream"
on:
schedule:
- cron: "0 12 * * *"
workflow_call:
workflow_dispatch:
inputs:
repo_to_update:

50
.github/workflows/release.yml vendored
View File

@ -2,7 +2,6 @@ name: "Release"
on:
workflow_dispatch:
workflow_call:
inputs:
dry-run-release:
description: 'enable dry-run'
@ -40,24 +39,8 @@ env:
APP_CONFIG_OAUTH2_REDIRECT_SILENT_IFRAME_URI: "{protocol}//{hostname}{:port}/assets/silent-refresh.html"
jobs:
setup:
if: github.event.pull_request.merged || ${{ inputs.dry-run-release }}
name: "Setup"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: node
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'
- uses: ./.github/actions/setup
publish-docker-registry:
needs: [setup]
if: github.event.pull_request.merged || ${{ inputs.dry-run-release }}
if: github.event.pull_request.merged || inputs.dry-run-release
name: "Publish to registry"
runs-on: ubuntu-latest
steps:
@ -65,7 +48,7 @@ jobs:
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: node
- name: Setup node
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
@ -74,13 +57,14 @@ jobs:
- name: publish
uses: ./.github/actions/publish-image
with:
branch_name: ${{ env.BRANCH_NAME }}
domain: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
dry-run: ${{ inputs.dry-run-release }}
publish-to-dockerhub:
needs: [setup]
if: github.event.pull_request.merged || ${{ inputs.dry-run-release }}
if: github.event.pull_request.merged || inputs.dry-run-release
name: "Publish to Dockerhub"
runs-on: ubuntu-latest
steps:
@ -88,7 +72,7 @@ jobs:
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: node
- name: Setup node
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
@ -97,13 +81,14 @@ jobs:
- name: publish
uses: ./.github/actions/publish-image
with:
branch_name: ${{ env.BRANCH_NAME }}
domain: docker.io
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
dry-run: ${{ inputs.dry-run-release }}
publish-git-tag:
needs: [setup]
if: (github.event.pull_request.merged && $BRANCH_NAME == "master")|| ${{ inputs.dry-run-release }}
if: (github.event.pull_request.merged && github.ref_name == 'master') || inputs.dry-run-release
name: "Publish git tag"
runs-on: ubuntu-latest
steps:
@ -111,7 +96,7 @@ jobs:
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: node
- name: Setup node
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
@ -128,9 +113,9 @@ jobs:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch_name: ${{ env.BRANCH_NAME }}
dry-run: ${{ inputs.dry-run-release }}
publish-libs:
needs: [setup]
if: github.event.pull_request.merged || ${{ inputs.dry-run-release }}
if: (github.event.pull_request.merged && github.ref_name == 'master') || inputs.dry-run-release
name: "Publish libs to npm and gh registry"
runs-on: ubuntu-latest
steps:
@ -138,11 +123,18 @@ jobs:
uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Setup node
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'
- uses: ./.github/actions/setup
- name: publish
uses: ./.github/actions/publish-libs
with:
branch_name: ${{ env.BRANCH_NAME }}
github_token: ${{ secrets.GITHUB_TOKEN }}
npm-registry-address: ${{ vars.NPM_REGISTRY_ADDRESS }}
npm-registry-token: ${{ secrets.NPM_REGISTRY_TOKEN }}
npm_registry_address: ${{ vars.NPM_REGISTRY_ADDRESS }}
npm_registry_token: ${{ secrets.NPM_REGISTRY_TOKEN }}
npm_tag: ${{ env.TAG_NPM }}
dry-run: ${{ inputs.dry-run-release }}

8
scripts/travis/deploy/publish.sh
View File

@ -14,14 +14,12 @@ DOCKER_PROJECT_ARGS="PROJECT_NAME=content-ce"
DOCKER_REPOSITORY="$DOMAIN/$REPO_SLUG"
# Publish Image to quay.io or dockerhub or another domain - only publish the version on master - elsewhere version and branch
if [[ $TRAVIS_BRANCH == "master" ]]; then
echo "npx @alfresco/adf-cli docker-publish --loginCheck --loginUsername '$USERNAME' --loginPassword '$PASSWORD' --loginRepo '$DOMAIN' --dockerRepo '$DOCKER_REPOSITORY' --buildArgs $DOCKER_PROJECT_ARGS --dockerTags '$TAG_VERSION' "
if [[ $DRY_RUN == false ]]; then
if [[ "$BRANCH_NAME" == "master" ]]; then
if [[ "$DRY_RUN" == "false" ]]; then
npx @alfresco/adf-cli docker-publish --loginCheck --loginUsername "$USERNAME" --loginPassword "$PASSWORD" --loginRepo "$DOMAIN" --dockerRepo "$DOCKER_REPOSITORY" --buildArgs "$DOCKER_PROJECT_ARGS" --dockerTags "$TAG_VERSION" --pathProject "$(pwd)"
fi;
else
echo "npx @alfresco/adf-cli docker-publish --loginCheck --loginUsername '$USERNAME' --loginPassword '$PASSWORD' --loginRepo '$DOMAIN' --dockerRepo '$DOCKER_REPOSITORY' --buildArgs $DOCKER_PROJECT_ARGS --dockerTags '$TAG_VERSION,$BRANCH_NAME' "
if [[ $DRY_RUN == false ]]; then
if [[ "$DRY_RUN "== "false" ]]; then
npx @alfresco/adf-cli docker-publish --loginCheck --loginUsername "$USERNAME" --loginPassword "$PASSWORD" --loginRepo "$DOMAIN" --dockerRepo "$DOCKER_REPOSITORY" --buildArgs "$DOCKER_PROJECT_ARGS" --dockerTags "$TAG_VERSION,$BRANCH_NAME" --pathProject "$(pwd)"
fi;
fi;