pr-comment-build-dispatcher.yaml: dispatch SDK and OS image builds

This change updates dispatching of SDK and OS image builds from changes
to a PR to an explicit comment. PRs will only be built if that comment
was added by a member of the Flatcar maintainers team.

Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>
This commit is contained in:
Thilo Fromm 2023-05-09 14:28:38 +02:00
parent f5d1a3c2f0
commit 0e8cde89fe
4 changed files with 62 additions and 57 deletions

View File

@ -1,8 +1,5 @@
name: "Run build" name: "Run build"
on: on:
pull_request:
# Run when the PR is opened, reopened, or updated (synchronize)
types: [opened, ready_for_review, reopened, synchronize]
workflow_dispatch: workflow_dispatch:
inputs: inputs:
image_formats: image_formats:
@ -31,17 +28,11 @@ on:
description: | description: |
Custom SDK container version to use for this build. Custom SDK container version to use for this build.
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }}
cancel-in-progress: true
permissions: permissions:
pull-requests: write pull-requests: write
jobs: jobs:
packages: packages:
# Do not run when still in draft mode but a review was requested anyway
if: github.event.pull_request.draft == false
name: "Build Flatcar packages" name: "Build Flatcar packages"
runs-on: runs-on:
- self-hosted - self-hosted
@ -126,7 +117,7 @@ jobs:
version="alpha-$FLATCAR_VERSION_ID" version="alpha-$FLATCAR_VERSION_ID"
check_version_string "$version" check_version_string "$version"
sdk_version="${CUSTOM_SDK_VERSION:-FLATCAR_SDK_VERSION}" sdk_version="${CUSTOM_SDK_VERSION:-$FLATCAR_SDK_VERSION}"
sdk_name="flatcar-sdk-${arch}" sdk_name="flatcar-sdk-${arch}"
docker_sdk_vernum="$(vernum_to_docker_image_version "${sdk_version}")" docker_sdk_vernum="$(vernum_to_docker_image_version "${sdk_version}")"

View File

@ -1,23 +1,22 @@
name: "Dispatch SDK container rebuilds, OS image builds, and OS image tests from PR comments" name: "PR command build dispatcher"
on: on:
issue_comment: issue_comment:
types: [created] types: [created]
pull_request:
# This is temporary for testing the workflow.
# Comment events are only processed for workflows in the main branch
types: [opened, reopened, synchronize]
permissions: permissions:
pull-requests: write pull-requests: write
jobs: concurrency:
group: ${{ github.workflow }}-pr-command-${{ github.head_ref || github.ref_name }}
cancel-in-progress: true
jobs:
check_maintainer_membership: check_maintainer_membership:
# Only run if this is a PR comment that contains a valid command # Only run if this is a PR comment that contains a valid command
# if: | if: |
# ${{ github.event.issue.pull_request }} && ${{ github.event.issue.pull_request }} &&
# ( contains(github.event.comment.body, '/build-sdk') ( contains(github.event.comment.body, '/build-sdk')
# || contains(github.event.comment.body, '/build-image') ) || contains(github.event.comment.body, '/build-image') )
name: Check if commenter is in the Flatcar maintainers team name: Check if commenter is in the Flatcar maintainers team
outputs: outputs:
maintainers: steps.step1.output.maintainers maintainers: steps.step1.output.maintainers
@ -26,8 +25,7 @@ jobs:
steps: steps:
- name: Fetch members of the maintainers team - name: Fetch members of the maintainers team
env: env:
# - requester: ${{ github.event.comment.user.login }} requester: ${{ github.event.comment.user.login }}
requester: "t-lo"
shell: bash shell: bash
run: | run: |
curl -L --silent \ curl -L --silent \
@ -51,7 +49,22 @@ jobs:
$res $res
# name: "Build the OS image" build_sdk:
# uses: ./.github/workflows/ci.yaml needs: check_maintainer_membership
# with: if: ( always() && needs.check_maintainer_membership.result == 'success'
# custom_sdk_version: ${{ github.event.inputs.custom_sdk_version }} && contains(github.event.comment.body, '/build-sdk') )
name: "Build the SDK container"
# SDK build needs access to bincache ssh secret
secrets: inherit
uses: ./.github/workflows/update-sdk.yaml
build_image:
needs: [ check_maintainer_membership, build_sdk ]
if: ( always() && needs.check_maintainer_membership.result == 'success'
&& ( contains(github.event.comment.body, '/build-image')
|| needs.build_sdk.result == 'success' ) )
name: "Build the OS image"
uses: ./.github/workflows/ci.yaml
with:
custom_sdk_version: ${{ needs.update_sdk.outputs.sdk_version }}
image_formats: qemu_uefi

View File

@ -1,4 +1,4 @@
name: "Build an updated SDK container and store it on bincache" name: "Build updated SDK container"
on: on:
workflow_dispatch: workflow_dispatch:
inputs: inputs:
@ -11,7 +11,7 @@ on:
type: string type: string
required: false required: false
description: | description: |
Custom SDK container version to build. Defaults to source SDK version w/ patch version bumped +1. Custom SDK container version to build. Defaults to source SDK w/ "-github-[DATE]" appended.
workflow_call: workflow_call:
inputs: inputs:
@ -24,11 +24,8 @@ on:
type: string type: string
required: false required: false
description: | description: |
Custom SDK container version to build. Defaults to source SDK w/ "-github-[DATE]" appended. Custom SDK container version to build. Defaults to source SDK w/ "-github-[DATE]" appended, or
'-github-pr-[PRNUM]-[DATE]' if the build was triggered from a PR.
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }}
cancel-in-progress: true
permissions: permissions:
pull-requests: write pull-requests: write
@ -43,6 +40,8 @@ jobs:
- x64 - x64
strategy: strategy:
fail-fast: false fail-fast: false
outputs:
sdk_version: ${{ steps.step4.outputs.sdk_version }}
defaults: defaults:
run: run:
working-directory: scripts working-directory: scripts
@ -54,7 +53,7 @@ jobs:
run: | run: |
sudo rm /bin/sh sudo rm /bin/sh
sudo ln -s /bin/bash /bin/sh sudo ln -s /bin/bash /bin/sh
sudo apt-get install -y ca-certificates curl gnupg lsb-release qemu-user-static git sudo apt-get install -y ca-certificates curl gnupg lsb-release qemu-user-static git jq openssh-client rsync
sudo mkdir -p /etc/apt/keyrings sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \ echo \
@ -88,15 +87,15 @@ jobs:
source ci-automation/ci_automation_common.sh source ci-automation/ci_automation_common.sh
source sdk_container/.repo/manifests/version.txt source sdk_container/.repo/manifests/version.txt
check_version_string "$version" version="alpha-$FLATCAR_VERSION_ID"
sdk_version="${SOURCE_SDK_VERSION:-FLATCAR_SDK_VERSION}" sdk_version="${SOURCE_SDK_VERSION:-$FLATCAR_SDK_VERSION}"
sdk_name="flatcar-sdk-amd64" sdk_name="flatcar-sdk-all"
docker_sdk_vernum="$(vernum_to_docker_image_version "${sdk_version}")" docker_sdk_vernum="$(vernum_to_docker_image_version "${sdk_version}")"
docker_image_from_registry_or_buildcache "${sdk_name}" "${docker_sdk_vernum}"
sdk_image="$(docker_image_fullname "${sdk_name}" "${docker_sdk_vernum}")"
echo "container_name=${container_name}" >> "$GITHUB_ENV" docker_image_from_registry_or_buildcache "${sdk_name}" "${docker_sdk_vernum}"
sdk_image="$(docker_image_fullname "${sdk_name}" "${docker_sdk_vernum}")"
# Create version file # Create version file
( (
@ -104,42 +103,43 @@ jobs:
create_versionfile "$sdk_version" "$version" create_versionfile "$sdk_version" "$version"
) )
target_version="github-$(date '+%Y_%m_%d__%H_%M_%S')" if [ -z "${CUSTOM_SDK_VERSION:-}" ] ; then
target_version="${CUSTOM_SDK_VERSION:-target_version}" if [ -n "${{ github.event.issue.pull_request }}" ] ; then
target_version="${sdk_version}-github-PR-${{ github.event.issue.number }}-$(date '+%Y_%m_%d__%H_%M_%S')"
else
target_version="${sdk_version}-github-$(date '+%Y_%m_%d__%H_%M_%S')"
fi
else
target_version="${CUSTOM_SDK_VERSION}"
fi
# This updates sdk_container/.repo/manifests/version.txt with the new SDK version. echo "sdk_version=${target_version}" >> "$GITHUB_OUTPUT"
# This also updates sdk_container/.repo/manifests/version.txt with the new SDK version.
./update_sdk_container_image "${target_version}" ./update_sdk_container_image "${target_version}"
- name: Upload the SDK container and binary packages to bincache - name: Upload the SDK container and binary packages to bincache
with:
bincache_ssh: ${{ secrets.bincacheSSH }}
shell: bash shell: bash
run: | run: |
set -euo pipefail set -euo pipefail
source ci-automation/ci_automation_common.sh
mkdir -p ~/.ssh mkdir -p ~/.ssh
trap 'rm -f ~/.ssh/bincache' EXIT trap 'rm -f ~/.ssh/bincache' EXIT
echo "${{ github.event.inputs.bincacheSSH }}" > ~/.ssh/bincache echo "${{ secrets.BINCACHESSH }}" > ~/.ssh/bincache
chmod 600 ~/.ssh/bincache chmod 600 ~/.ssh/bincache
echo "Host ${BUILDCACHE_SERVER}" >> ~/.ssh/config echo "Host ${BUILDCACHE_SERVER}" >> ~/.ssh/config
echo " User ${BUILDCACHE_USER}" >> ~/.ssh/config echo " User ${BUILDCACHE_USER}" >> ~/.ssh/config
echo " IdentityFile ~/.ssh/bincache" >> ~/.ssh/config echo " IdentityFile ~/.ssh/bincache" >> ~/.ssh/config
source ci-automation/ci_automation_common.sh
source sdk_container/.repo/manifests/version.txt source sdk_container/.repo/manifests/version.txt
local vernum="${FLATCAR_SDK_VERSION}" vernum="${FLATCAR_SDK_VERSION}"
docker_vernum="$(vernum_to_docker_image_version "${vernum}")"
local docker_vernum="$(vernum_to_docker_image_version "${vernum}")"
docker_image_to_buildcache "${CONTAINER_REGISTRY}/flatcar-sdk-all" "${docker_vernum}" docker_image_to_buildcache "${CONTAINER_REGISTRY}/flatcar-sdk-all" "${docker_vernum}"
docker_image_to_buildcache "${CONTAINER_REGISTRY}/flatcar-sdk-amd64" "${docker_vernum}" docker_image_to_buildcache "${CONTAINER_REGISTRY}/flatcar-sdk-amd64" "${docker_vernum}"
docker_image_to_buildcache "${CONTAINER_REGISTRY}/flatcar-sdk-arm64" "${docker_vernum}" docker_image_to_buildcache "${CONTAINER_REGISTRY}/flatcar-sdk-arm64" "${docker_vernum}"
rm -f ~/.ssh/bincache rm -f ~/.ssh/bincache
build_image:
needs: update_sdk
name: "Build the OS image"
uses: ./.github/workflows/ci.yaml
with:
custom_sdk_version: ${{ github.event.inputs.custom_sdk_version }}

View File

@ -14,6 +14,7 @@ source sdk_lib/sdk_container_common.sh
os_version="$(get_version_from_versionfile)" os_version="$(get_version_from_versionfile)"
base_sdk_version="$(get_sdk_version_from_versionfile)" base_sdk_version="$(get_sdk_version_from_versionfile)"
base_sdk_version="$(vernum_to_docker_image_version "${base_sdk_version}")"
new_sdk_version="" new_sdk_version=""
keep="false" keep="false"