diff --git a/.github/workflows/helm-release.yaml b/.github/workflows/helm-release.yaml index d124183..ca61061 100644 --- a/.github/workflows/helm-release.yaml +++ b/.github/workflows/helm-release.yaml @@ -2,17 +2,22 @@ name: Release Prefect Operator Helm Chart "on": - workflow_dispatch: {} - workflow_call: {} + workflow_call: + inputs: + mode: + description: which CI/CD mode? + type: string + required: true permissions: {} jobs: release: + name: Release Helm Chart + runs-on: ubuntu-latest permissions: # GitHub considers creating releases and uploading assets as writing contents. contents: write - runs-on: ubuntu-latest outputs: releaseVersion: ${{ steps.output_versions.outputs.releaseVersion }} operatorVersion: ${{ steps.output_versions.outputs.operatorVersion }} @@ -29,15 +34,28 @@ jobs: - name: Get the version tags id: get_version run: | - # Enable pipefail so git command failures do not result in null versions downstream - set -x - echo "RELEASE_VERSION=$(date +'%Y.%-m.%-d%H%M%S')" >> $GITHUB_ENV + # Exit if any commands fail, so git command failures do not result in null versions downstream + set -e + if [ "${{ inputs.mode }}" == "main-merge" ]; then + # append "-dev" to the version so that it's clear that this is a development release + echo "RELEASE_VERSION=$(date +'%Y.%-m.%-d%H%M%S')-dev" >> $GITHUB_ENV + + # get the short sha of the latest commit for the operator image + short_sha="$(git rev-parse --short=7 HEAD)" + echo "SHORT_SHA=$short_sha" >> "$GITHUB_ENV" + + elif [[ "${{ inputs.mode }}" == "release" ]]; then + echo "RELEASE_VERSION=$(date +'%Y.%-m.%-d%H%M%S')" >> $GITHUB_ENV - # This ensures that the latest tag we grab will be of the operator image, and not the helm chart - echo "OPERATOR_VERSION=$(\ - git ls-remote --tags --refs --sort="v:refname" \ - origin 'v[0-9].[0-9].[0-9]' | tail -n1 | sed 's/.*\///' - )" >> $GITHUB_ENV + # This ensures that the latest tag we grab will be of the operator image, and not the helm chart + echo "OPERATOR_VERSION=$(\ + git ls-remote --tags --refs --sort="v:refname" \ + origin 'v[0-9].[0-9].[0-9]' | tail -n1 | sed 's/.*\///' + )" >> $GITHUB_ENV + else + echo "Invalid mode: ${{ inputs.mode }}" + exit 1 + fi - name: Output versions as GitHub Outputs id: output_versions @@ -63,11 +81,11 @@ jobs: passphrase_file="$gpg_dir/passphrase" # store passphrase in a file echo "$GPG_PASSPHRASE" > "$passphrase_file" - echo "SIGN_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" - echo "SIGN_KEYRING=$keyring" >> "$GITHUB_ENV" + echo "SIGN_PASSPHRASE_FILE=$passphrase_file" >> $GITHUB_ENV + echo "SIGN_KEYRING=$keyring" >> $GITHUB_ENV env: - GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" - GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" + GPG_KEYRING_BASE64: ${{ secrets.GPG_KEYRING_BASE64 }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} - name: Add dependency chart repos run: | @@ -119,11 +137,12 @@ jobs: steps: - name: Run workflow run: | - gh workflow run update-prefect-operator-versions.yaml \ + gh workflow run update-operator-versions.yaml \ --repo prefecthq/cloud2-cluster-deployment \ --ref main \ -f image_version=${{ needs.release.outputs.operatorVersion }} \ -f chart_version=${{ needs.release.outputs.releaseVersion }} \ - -f mode=release + -f mode=${{ inputs.mode }} \ + -f operator=prefect-operator env: GH_TOKEN: ${{ secrets.CLOUD2_CLUSTER_DEPLOYMENT_ACTIONS_RW }} diff --git a/.github/workflows/helm-unittest.yaml b/.github/workflows/helm-unittest.yaml index 09cfb11..5451b93 100644 --- a/.github/workflows/helm-unittest.yaml +++ b/.github/workflows/helm-unittest.yaml @@ -13,6 +13,7 @@ permissions: {} jobs: unittest: + name: Run Helm Unit Tests runs-on: ubuntu-latest permissions: # required to read from the repo diff --git a/.github/workflows/images-main.yaml b/.github/workflows/images-main.yaml index 9ab2fea..ab83684 100644 --- a/.github/workflows/images-main.yaml +++ b/.github/workflows/images-main.yaml @@ -2,12 +2,14 @@ name: Build and Push Images on Merge to Main "on": + workflow_dispatch: {} push: branches: - main paths: - api/** - cmd/** + - deploy/charts/** - internal/** - Dockerfile @@ -29,29 +31,14 @@ jobs: # this is required so that the workflow can read secrets rom the environment secrets: inherit - update_image_version_downstream: - name: Update dev/stg image versions in `cloud2-cluster-deployment` + create_helm_release: needs: build_and_push_image_for_main - runs-on: ubuntu-latest + uses: ./.github/workflows/helm-release.yaml permissions: - contents: read - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Get image version - run: | - short_sha="$(git rev-parse --short=7 HEAD)" - echo "SHORT_SHA=$short_sha" >> $GITHUB_ENV - - - name: Run workflow - run: | - gh workflow run update-prefect-operator-versions.yaml \ - --repo prefecthq/cloud2-cluster-deployment \ - --ref main \ - -f image_version=$SHORT_SHA \ - -f mode=main-merge - env: - GH_TOKEN: ${{ secrets.CLOUD2_CLUSTER_DEPLOYMENT_ACTIONS_RW }} + # required by downstream jobs + contents: write + with: + mode: main-merge + # this is required so that the workflow can read secrets + # from the environment + secrets: inherit diff --git a/.github/workflows/images-tags.yaml b/.github/workflows/images-tags.yaml index 9b8df5e..cf16ca7 100644 --- a/.github/workflows/images-tags.yaml +++ b/.github/workflows/images-tags.yaml @@ -67,5 +67,8 @@ jobs: permissions: # required by downstream jobs contents: write - # this is required so that the workflow can read secrets rom the environment + with: + mode: release + # this is required so that the workflow can read secrets + # from the environment secrets: inherit diff --git a/.github/workflows/labeler.yaml b/.github/workflows/labeler.yaml index e99cc2b..01948d1 100644 --- a/.github/workflows/labeler.yaml +++ b/.github/workflows/labeler.yaml @@ -8,6 +8,7 @@ name: Labeler jobs: apply_label: + name: Apply prefect-operator label to all issues runs-on: ubuntu-latest steps: - name: Apply prefect-operator label to all issues diff --git a/.github/workflows/operator-lint-and-test.yaml b/.github/workflows/operator-lint-and-test.yaml index dc09143..f988335 100644 --- a/.github/workflows/operator-lint-and-test.yaml +++ b/.github/workflows/operator-lint-and-test.yaml @@ -26,7 +26,6 @@ jobs: - "1.28.0" - "1.29.0" fail-fast: false - steps: - name: Checkout Code uses: actions/checkout@v4 diff --git a/.github/workflows/updatecli.yaml b/.github/workflows/updatecli.yaml index 2d8cdbe..af68b59 100644 --- a/.github/workflows/updatecli.yaml +++ b/.github/workflows/updatecli.yaml @@ -9,7 +9,8 @@ name: Updatecli Dependency Updates permissions: {} jobs: - updatecli_minor: + updatecli: + name: Updatecli Dependency Updates runs-on: ubuntu-latest permissions: # required to write to the repo diff --git a/.github/workflows/validate-updatecli-config.yaml b/.github/workflows/validate-updatecli-config.yaml index de6fa2c..fd1895d 100644 --- a/.github/workflows/validate-updatecli-config.yaml +++ b/.github/workflows/validate-updatecli-config.yaml @@ -12,6 +12,7 @@ permissions: {} jobs: validate_updatecli_configs: + name: Validate Updatecli Configs runs-on: ubuntu-latest permissions: # required to read from the repo