Changes to release workflow (#7711)

* Changes to release workflow

- Workflow environment variable changed to RELEASE_VERSION instead of RELEASE_NAME to make it more meaningful

- Workflows draft-release and docker-promote previously trigger workflow container-verify. This can result in trigger is successful but actual verification workflow fails. This will not be reflected in the draft-release and docker-promote workflows. Container verify code is embedded in the draft-release and docker-promote workflows to avoid this confusion

Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>

* PR comment improvements

Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>

* Match the only tags starting with word latest for latest check

Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>

---------

Signed-off-by: Chaminda Divitotawela <cdivitotawela@gmail.com>
Co-authored-by: Simon Dudley <simon.dudley@consensys.net>
pull/7745/head
Chaminda Divitotawela 2 months ago committed by GitHub
parent f4dc48d94d
commit 8cf20ed7f5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
  1. 2
      .github/workflows/BesuContainerVerify.sh
  2. 64
      .github/workflows/docker-promote.yml
  3. 160
      .github/workflows/draft-release.yml

@ -57,7 +57,7 @@ else
fi
# For the latest tag check the version match
if [[ ${TAG} == "latest" && ${CHECK_LATEST} == "true" ]]
if [[ ${TAG} =~ ^latest && ${CHECK_LATEST} == "true" ]]
then
_VERSION_IN_LOG=$(docker logs ${CONTAINER_NAME} | grep "#" | grep "Besu version" | cut -d " " -f 4 | sed 's/\s//g')
echo "Extracted version from logs [$_VERSION_IN_LOG]"

@ -14,25 +14,25 @@ jobs:
validate:
runs-on: ubuntu-22.04
env:
RELEASE_NAME: "${{ github.event.release.name }}"
RELEASE_VERSION: "${{ github.event.release.name }}"
steps:
- name: Pre-process Release Name
id: pre_process_release_name
id: pre_process_release_version
run: |
# strip all whitespace
RELEASE_NAME="${RELEASE_NAME//[[:space:]]/}"
if [[ ! "$RELEASE_NAME" =~ ^[0-9]+\.[0-9]+(\.[0-9]+)?(-.*)?$ ]]; then
RELEASE_VERSION="${RELEASE_VERSION//[[:space:]]/}"
if [[ ! "$RELEASE_VERSION" =~ ^[0-9]+\.[0-9]+(\.[0-9]+)?(-.*)?$ ]]; then
echo "Release name does not conform to a valid besu release format YY.M.v[-suffix], e.g. 24.8.0-RC1."
exit 1
fi
echo "release_name=$RELEASE_NAME" >> $GITHUB_OUTPUT # Set as output using the new syntax
echo "release_version=$RELEASE_VERSION" >> $GITHUB_OUTPUT # Set as output using the new syntax
outputs:
release_name: ${{ steps.pre_process_release_name.outputs.release_name }}
release_version: ${{ steps.pre_process_release_version.outputs.release_version }}
docker-promote:
needs: [validate]
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }}
runs-on: ubuntu-22.04
steps:
- name: Checkout
@ -58,24 +58,52 @@ jobs:
cache-disabled: true
- name: Docker upload
run: ./gradlew "-Prelease.releaseVersion=${{ env.RELEASE_NAME }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" dockerUploadRelease
run: ./gradlew "-Prelease.releaseVersion=${{ env.RELEASE_VERSION }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" dockerUploadRelease
- name: Docker manifest
run: ./gradlew "-Prelease.releaseVersion=${{ env.RELEASE_NAME }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" manifestDockerRelease
run: ./gradlew "-Prelease.releaseVersion=${{ env.RELEASE_VERSION }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" manifestDockerRelease
docker-verify:
needs: [validate, docker-promote]
needs: [validate,docker-promote]
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
runs-on: ubuntu-22.04
permissions:
contents: read
actions: write
CONTAINER_NAME: besu-check
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }}
runs-on: ${{ matrix.combination.runner }}
timeout-minutes: 4
strategy:
matrix:
combination:
- tag: latest-amd64
platform: 'linux/amd64'
runner: ubuntu-22.04
- tag: latest
platform: ''
runner: ubuntu-22.04
- tag: latest-arm64
platform: ''
runner: besu-arm64
- tag: latest
platform: ''
runner: besu-arm64
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
sparse-checkout: '.github/workflows/BesuContainerVerify.sh'
- name: Trigger container verify
run: echo '{"version":"${{ env.RELEASE_NAME }}","verify-latest-version":"true"}' | gh workflow run container-verify.yml --json
- name: Start container
run: |
PLATFORM_OPT=""
[[ x${{ matrix.combination.platform }} != 'x' ]] && PLATFORM_OPT="--platform ${{ matrix.combination.platform }}"
docker run -d $PLATFORM_OPT --name ${{ env.CONTAINER_NAME }} ${{ secrets.DOCKER_ORG }}/besu:${{ matrix.combination.tag }}
- name: Verify besu container
run: bash .github/workflows/BesuContainerVerify.sh
env:
GH_TOKEN: ${{ github.token }}
TAG: ${{ matrix.combination.tag }}
VERSION: ${{ env.RELEASE_VERSION }}
CHECK_LATEST: true
- name: Stop container
run: docker stop ${{ env.CONTAINER_NAME }}

@ -16,7 +16,7 @@ jobs:
validate:
runs-on: ubuntu-22.04
env:
RELEASE_NAME: "${{ inputs.tag }}"
RELEASE_VERSION: "${{ inputs.tag }}"
steps:
- name: Check default branch
run: |
@ -24,36 +24,36 @@ jobs:
echo "Default Branch: ${{ github.event.repository.default_branch }}"
if [[ ${{ github.ref_name }} != ${{ github.event.repository.default_branch }} ]]
then
echo "This workflow can only be run on default branch"
echo "This workflow can only be run on default branch. This is not an issue for hot fixes as code is checked out from the tag"
exit 1
fi
- name: Pre-process Release Name
id: pre_process_release_name
id: validate_release_version
run: |
# strip all whitespace
RELEASE_NAME="${RELEASE_NAME//[[:space:]]/}"
if [[ ! "$RELEASE_NAME" =~ ^[0-9]+\.[0-9]+(\.[0-9]+)?(-.*)?$ ]]; then
RELEASE_VERSION="${RELEASE_VERSION//[[:space:]]/}"
if [[ ! "$RELEASE_VERSION" =~ ^[0-9]+\.[0-9]+(\.[0-9]+)?(-.*)?$ ]]; then
echo "Release name does not conform to a valid besu release format YY.M.v[-suffix], e.g. 24.8.0-RC1."
exit 1
fi
echo "release_name=$RELEASE_NAME" >> $GITHUB_OUTPUT # Set as output using the new syntax
echo "release_version=$RELEASE_VERSION" >> $GITHUB_OUTPUT # Set as output using the new syntax
# Perform a tag checkout to ensure tag is available
- name: Verify tag Exist
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
ref: ${{ steps.pre_process_release_name.outputs.release_name }}
with:
ref: ${{ steps.validate_release_version.outputs.release_version }}
fetch-depth: 1
outputs:
release_name: ${{ steps.pre_process_release_name.outputs.release_name }}
release_version: ${{ steps.validate_release_version.outputs.release_version }}
build:
runs-on: ubuntu-22.04
needs: validate
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }} # Use the output from the pre_process_release job
outputs:
tarSha: ${{steps.hashes.outputs.tarSha}}
zipSha: ${{steps.hashes.outputs.zipSha}}
@ -61,22 +61,22 @@ jobs:
- name: Checkout tag
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
ref: ${{ env.RELEASE_NAME }}
ref: ${{ env.RELEASE_VERSION }}
- name: Set up Java
uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
with:
distribution: temurin
java-version: 21
- name: Setup gradle
uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1
with:
cache-disabled: true
- name: Assemble release
run:
./gradlew -Prelease.releaseVersion=${{env.RELEASE_NAME}} -Pversion=${{env.RELEASE_NAME}} assemble
./gradlew -Prelease.releaseVersion=${{env.RELEASE_VERSION}} -Pversion=${{env.RELEASE_VERSION}} assemble
- name: Hashes
id: hashes
@ -86,35 +86,35 @@ jobs:
echo "tarSha=$(shasum -a 256 besu*.tar.gz)"
echo "zipSha=$(shasum -a 256 besu*.zip)" >> $GITHUB_OUTPUT
echo "tarSha=$(shasum -a 256 besu*.tar.gz)" >> $GITHUB_OUTPUT
shasum -a 256 besu-${{env.RELEASE_NAME}}.tar.gz > besu-${{env.RELEASE_NAME}}.tar.gz.sha256
shasum -a 256 besu-${{env.RELEASE_NAME}}.zip > besu-${{env.RELEASE_NAME}}.zip.sha256
shasum -a 256 besu-${{env.RELEASE_VERSION}}.tar.gz > besu-${{env.RELEASE_VERSION}}.tar.gz.sha256
shasum -a 256 besu-${{env.RELEASE_VERSION}}.zip > besu-${{env.RELEASE_VERSION}}.zip.sha256
- name: Upload tarball
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
with:
path: 'build/distributions/besu-${{ env.RELEASE_NAME }}.tar.gz'
name: besu-${{ env.RELEASE_NAME }}.tar.gz
path: 'build/distributions/besu-${{ env.RELEASE_VERSION }}.tar.gz'
name: besu-${{ env.RELEASE_VERSION }}.tar.gz
compression-level: 0
- name: upload zipfile
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
with:
path: 'build/distributions/besu-${{ env.RELEASE_NAME }}.zip'
name: besu-${{ env.RELEASE_NAME }}.zip
path: 'build/distributions/besu-${{ env.RELEASE_VERSION }}.zip'
name: besu-${{ env.RELEASE_VERSION }}.zip
compression-level: 0
- name: upload checksum zip
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
with:
path: 'build/distributions/besu-${{ env.RELEASE_NAME }}.zip.sha256'
name: besu-${{ env.RELEASE_NAME }}.zip.sha256
path: 'build/distributions/besu-${{ env.RELEASE_VERSION }}.zip.sha256'
name: besu-${{ env.RELEASE_VERSION }}.zip.sha256
compression-level: 0
- name: upload checksum tar.gz
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
with:
path: 'build/distributions/besu-${{ env.RELEASE_NAME }}.tar.gz.sha256'
name: besu-${{ env.RELEASE_NAME }}.tar.gz.sha256
path: 'build/distributions/besu-${{ env.RELEASE_VERSION }}.tar.gz.sha256'
name: besu-${{ env.RELEASE_VERSION }}.tar.gz.sha256
compression-level: 0
test-windows:
@ -127,7 +127,7 @@ jobs:
with:
distribution: temurin
java-version: 21
- name: Download zip
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe
with:
@ -153,7 +153,7 @@ jobs:
with:
distribution: temurin
java-version: 21
- name: Download tar.gz
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe
with:
@ -172,20 +172,20 @@ jobs:
runs-on: ubuntu-22.04
needs: [test-linux, test-windows]
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }} # Use the output from the pre_process_release job
steps:
- name: Checkout Repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
ref: ${{ env.RELEASE_NAME }}
ref: ${{ env.RELEASE_VERSION }}
- name: hadoLint
run: docker run --rm -i hadolint/hadolint < docker/Dockerfile
docker-publish:
needs: [validate, docker-lint]
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }} # Use the output from the pre_process_release job
strategy:
fail-fast: false
matrix:
@ -198,7 +198,7 @@ jobs:
id: prep
run: |
platform=${{ matrix.platform }}
if [ "$platform" = 'ubuntu-22.04' ]; then
if [ "$platform" = 'ubuntu-22.04' ]; then
echo "PLATFORM_PAIR=linux-amd64" >> $GITHUB_OUTPUT
echo "ARCH=amd64" >> $GITHUB_OUTPUT
else
@ -209,7 +209,7 @@ jobs:
- name: Checkout Repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
ref: ${{ env.RELEASE_NAME }}
ref: ${{ env.RELEASE_VERSION }}
- name: short sha
id: shortSha
@ -225,7 +225,7 @@ jobs:
uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1
with:
cache-disabled: true
- name: install goss
run: |
mkdir -p docker/reports
@ -244,23 +244,23 @@ jobs:
architecture: ${{ steps.prep.outputs.ARCH }}
with:
cache-disabled: true
arguments: testDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_NAME}} -Prelease.releaseVersion=${{ env.RELEASE_NAME }}
arguments: testDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_VERSION}} -Prelease.releaseVersion=${{ env.RELEASE_VERSION }}
- name: publish
env:
architecture: ${{ steps.prep.outputs.ARCH }}
run: ./gradlew --no-daemon dockerUpload -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_NAME}} -Prelease.releaseVersion=${{ env.RELEASE_NAME }}
run: ./gradlew --no-daemon dockerUpload -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_VERSION}} -Prelease.releaseVersion=${{ env.RELEASE_VERSION }}
docker-manifest:
needs: [validate, docker-publish]
runs-on: ubuntu-22.04
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }}
steps:
- name: Checkout Repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
ref: ${{ env.RELEASE_NAME }}
ref: ${{ env.RELEASE_VERSION }}
- name: Set up Java
uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
@ -281,24 +281,48 @@ jobs:
password: ${{ secrets.DOCKER_PASSWORD_RW }}
- name: multi-arch docker
run: ./gradlew manifestDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_NAME}} -Prelease.releaseVersion=${{ env.RELEASE_NAME }}
run: ./gradlew manifestDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_VERSION}} -Prelease.releaseVersion=${{ env.RELEASE_VERSION }}
docker-verify:
needs: [validate,docker-manifest]
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }} # Use the output from the pre_process_release job
runs-on: ubuntu-22.04
permissions:
contents: read
actions: write
CONTAINER_NAME: besu-check
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }}
runs-on: ${{ matrix.combination.runner }}
timeout-minutes: 4
strategy:
matrix:
combination:
- tag: ${{ needs.validate.outputs.release_version }}
platform: ''
runner: ubuntu-22.04
- tag: ${{ needs.validate.outputs.release_version }}-amd64
platform: 'linux/amd64'
runner: ubuntu-22.04
- tag: ${{ needs.validate.outputs.release_version }}-arm64
platform: ''
runner: besu-arm64
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
sparse-checkout: '.github/workflows/BesuContainerVerify.sh'
- name: Start container
run: |
PLATFORM_OPT=""
[[ x${{ matrix.combination.platform }} != 'x' ]] && PLATFORM_OPT="--platform ${{ matrix.combination.platform }}"
docker run -d $PLATFORM_OPT --name ${{ env.CONTAINER_NAME }} ${{ secrets.DOCKER_ORG }}/besu:${{ matrix.combination.tag }}
- name: Trigger container verify
run: echo '{"version":"${{ env.RELEASE_NAME }}","verify-latest-version":"false"}' | gh workflow run container-verify.yml --json
- name: Verify besu container
run: bash .github/workflows/BesuContainerVerify.sh
env:
GH_TOKEN: ${{ github.token }}
TAG: ${{ matrix.combination.tag }}
VERSION: ${{ env.RELEASE_VERSION }}
CHECK_LATEST: false
- name: Stop container
run: docker stop ${{ env.CONTAINER_NAME }}
release-draft:
runs-on: ubuntu-22.04
@ -306,42 +330,42 @@ jobs:
permissions:
contents: write
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }}
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }}
steps:
- name: Checkout Repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
ref: ${{ env.RELEASE_NAME }}
ref: ${{ env.RELEASE_VERSION }}
- name: Download Besu artifacts
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe
with:
pattern: besu-${{env.RELEASE_NAME}}*
pattern: besu-${{env.RELEASE_VERSION}}*
merge-multiple: true
- name: Draft release notes
run: |
echo "## ${{env.RELEASE_NAME}}" > draft-release-notes.md
echo "## ${{env.RELEASE_VERSION}}" > draft-release-notes.md
echo "## Upcoming Breaking Changes" >> draft-release-notes.md
echo "## Breaking Changes" >> draft-release-notes.md
echo "## Additions and Improvements" >> draft-release-notes.md
echo "## Bug fixes" >> draft-release-notes.md
echo "`$(cat besu-${{env.RELEASE_NAME}}.zip.sha256)`" >> draft-release-notes.md
echo "`$(cat besu-${{env.RELEASE_NAME}}.tar.gz.sha256)`" >> draft-release-notes.md
cat besu-${{env.RELEASE_NAME}}.zip.sha256 >> draft-release-notes.md
cat besu-${{env.RELEASE_NAME}}.tar.gz.sha256 >> draft-release-notes.md
echo "`$(cat besu-${{env.RELEASE_VERSION}}.zip.sha256)`" >> draft-release-notes.md
echo "`$(cat besu-${{env.RELEASE_VERSION}}.tar.gz.sha256)`" >> draft-release-notes.md
cat besu-${{env.RELEASE_VERSION}}.zip.sha256 >> draft-release-notes.md
cat besu-${{env.RELEASE_VERSION}}.tar.gz.sha256 >> draft-release-notes.md
- name: Draft release
run: |
gh release create \
--draft \
--title=${{env.RELEASE_NAME}} \
--title=${{env.RELEASE_VERSION}} \
--notes-file draft-release-notes.md \
--verify-tag ${{env.RELEASE_NAME}} \
besu-${{env.RELEASE_NAME}}.tar.gz \
besu-${{env.RELEASE_NAME}}.zip \
besu-${{env.RELEASE_NAME}}.zip.sha256 \
besu-${{env.RELEASE_NAME}}.tar.gz.sha256
--verify-tag ${{env.RELEASE_VERSION}} \
besu-${{env.RELEASE_VERSION}}.tar.gz \
besu-${{env.RELEASE_VERSION}}.zip \
besu-${{env.RELEASE_VERSION}}.zip.sha256 \
besu-${{env.RELEASE_VERSION}}.tar.gz.sha256
env:
GH_TOKEN: ${{ github.token }}
@ -349,12 +373,12 @@ jobs:
runs-on: ubuntu-22.04
needs: [validate, test-linux, test-windows]
env:
RELEASE_NAME: ${{ needs.validate.outputs.release_name }}
RELEASE_VERSION: ${{ needs.validate.outputs.release_version }}
steps:
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
ref: ${{ env.RELEASE_NAME }}
ref: ${{ env.RELEASE_VERSION }}
- name: Set up Java
uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93
@ -371,4 +395,4 @@ jobs:
env:
ARTIFACTORY_USER: ${{ secrets.BESU_ARTIFACTORY_USER }}
ARTIFACTORY_KEY: ${{ secrets.BESU_ARTIFACTORY_TOKEN }}
run: ./gradlew -Prelease.releaseVersion=${{ env.RELEASE_NAME }} -Pversion=${{env.RELEASE_NAME}} artifactoryPublish
run: ./gradlew -Prelease.releaseVersion=${{ env.RELEASE_VERSION }} -Pversion=${{env.RELEASE_VERSION}} artifactoryPublish

Loading…
Cancel
Save