Merge pull request #626 from github/enterprise-3.8-backport-568-543-workflow-build-release-part-2

Backport 568 for 3.8: Build and Release Workflow Part 2

Author: timreimherr

.github/linters/.yaml-lint.yml

@@ -0,0 +1,53 @@
+---
+###########################################
+# These are the rules used for            #
+# linting all the yaml files in the stack #
+# NOTE:                                   #
+# You can disable line with:              #
+# # yamllint disable-line                 #
+###########################################
+rules:
+  braces:
+    level: warning
+    min-spaces-inside: 0
+    max-spaces-inside: 0
+    min-spaces-inside-empty: 1
+    max-spaces-inside-empty: 5
+  brackets:
+    level: warning
+    min-spaces-inside: 0
+    max-spaces-inside: 0
+    min-spaces-inside-empty: 1
+    max-spaces-inside-empty: 5
+  colons:
+    level: warning
+    max-spaces-before: 0
+    max-spaces-after: 1
+  commas:
+    level: warning
+    max-spaces-before: 0
+    min-spaces-after: 1
+    max-spaces-after: 1
+  comments: disable
+  comments-indentation: disable
+  document-end: disable
+  document-start: disable
+  empty-lines:
+    level: warning
+    max: 2
+    max-start: 0
+    max-end: 0
+  hyphens:
+    level: warning
+    max-spaces-after: 1
+  indentation:
+    level: warning
+    spaces: consistent
+    indent-sequences: true
+    check-multi-line-strings: false
+  key-duplicates: enable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  trailing-spaces: disable

.github/workflows/build-and-release.yml

@@ -0,0 +1,139 @@
+---
+name: Build and Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      gh-token:
+        description: 'GitHub Token - used to create a commit in the backup-utils repo'
+        required: true
+        type: string
+      version:
+        description: 'Version - patch version of the release (e.g. x.y.z)'
+        required: true
+        type: string
+      draft:
+        description: 'Draft - true if the release should be a draft'
+        required: true
+        type: boolean
+        default: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      # resulting token still gets denied by the backup-utils repo
+      # see: https://github.com/actions/create-github-app-token/pull/46
+      # - uses: timreimherr/create-github-app-token@main
+      #   id: app-token
+      #   with:
+      #     # required
+      #     app_id: ${{ vars.RELEASE_CONTROLLER_APP_ID }}
+      #     private_key: ${{ secrets.RELEASE_CONTROLLER_APP_PRIVATE_KEY }}
+      #     owner: ${{ github.repository_owner }}
+      #     repositories: backup-utils,backup-utils-private
+      - name: Checkout backup-utils-private
+        uses: actions/checkout@v4
+        with:
+          token: ${{ github.event.inputs.gh-token }}
+          repository: github/backup-utils-private
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -y
+          sudo apt-get install -y moreutils debhelper help2man devscripts gzip
+      - name: Create tag # this is required for the build scripts
+        run: |
+          git config user.name "${{ github.actor }}"
+          git config user.email "[email protected]"
+          git tag -a "v${{ github.event.inputs.version }}" -m "v${{ github.event.inputs.version }}"
+          git push origin "v${{ github.event.inputs.version }}"
+      - name: Package deb
+        run: |
+          ./script/package-deb
+      # many need to remove this once release-notes compilation is automated
+      - name: Rename deb artifact
+        run: |
+            for file in dist/github-backup-utils_*_all.deb; do
+              if [[ -f "$file" ]]; then
+                mv "$file" "dist/github-backup-utils_${{ github.event.inputs.version }}_all.deb"
+              fi
+            done
+      - name: Upload deb artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: github-backup-utils_${{ github.event.inputs.version }}_all.deb
+          path: |
+            dist/github-backup-utils_${{ github.event.inputs.version }}_all.deb
+      - name: Package tarball
+        run: |
+          ./script/package-tarball
+      - name: Upload tarball artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: github-backup-utils-v${{ github.event.inputs.version }}.tar.gz
+          path: |
+            dist/github-backup-utils-v${{ github.event.inputs.version }}.tar.gz
+  release:
+    needs: build
+    runs-on: ubuntu-latest
+    outputs:
+      commit_hash: ${{ steps.empty-commit.outputs.commit_hash }}
+    steps:
+      # resulting token still gets denied by the backup-utils repo
+      # see: https://github.com/actions/create-github-app-token/pull/46
+      # - uses: timreimherr/create-github-app-token@main
+      #   id: app-token
+      #   with:
+      #     app_id: ${{ vars.RELEASE_CONTROLLER_APP_ID }}
+      #     private_key: ${{ secrets.RELEASE_CONTROLLER_APP_PRIVATE_KEY }}
+      #     owner: ${{ github.repository_owner }}
+      #     repositories: backup-utils,backup-utils-private
+      - name: Checkout backup-utils
+        uses: actions/checkout@v4
+        with:
+          token: ${{ github.event.inputs.gh-token }}
+          repository: github/backup-utils
+          ref: master
+      - name: Create empty commit
+        uses: stefanzweifel/git-auto-commit-action@v4
+        id: empty-commit
+        with:
+          branch: master
+          commit_message: "${{ github.event.inputs.version }} release"
+          commit_user_name: "${{ github.actor }}"
+          commit_user_email: "[email protected]"
+          commit_options: "--allow-empty"
+          skip_dirty_check: true
+      - name: Checkout backup-utils
+        uses: actions/checkout@v4
+        with:
+          token: ${{ github.event.inputs.gh-token }}
+          repository: github/backup-utils-private
+      - name: Download deb artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: github-backup-utils_${{ github.event.inputs.version }}_all.deb
+      - name: Download tarball artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: github-backup-utils-v${{ github.event.inputs.version }}.tar.gz
+      - name: Create Release
+        uses: ncipollo/release-action@v1
+        with:
+          token: ${{ github.event.inputs.gh-token }}
+          repo: backup-utils
+          name: |
+            GitHub Enterprise Server Backup Utilities v${{ github.event.inputs.version }}
+          artifacts: |
+            github-backup-utils-v${{ github.event.inputs.version }}.tar.gz, \
+            github-backup-utils_${{ github.event.inputs.version }}_all.deb
+          tag: v${{ github.event.inputs.version }}
+          commit: ${{ steps.empty-commit.outputs.commit_hash }}
+          bodyFile: release-notes/${{ github.event.inputs.version }}.md
+          draft: ${{ github.event.inputs.draft }}
+          allowUpdates: true
+          artifactContentType: "raw"
+
+
+
+

.github/workflows/lint.yml

@@ -1,3 +1,4 @@
+---
 name: Lint Code Base
 
 on:
@@ -21,3 +22,4 @@ jobs:
         env:
           VALIDATE_ALL_CODEBASE: false
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          FILTER_REGEX_EXCLUDE: .*release-notes/.*

.releaseignore

@@ -0,0 +1,2 @@
+ownership.yaml
+.github

script/package-deb

@@ -8,6 +8,9 @@ set -e
 # Change into project root
 cd "$(dirname "$0")"/..
 
+# Fetch tags from remote repository
+git fetch --tags
+
 # Basic package name and version.
 PKG_BASE="github-backup-utils"
 PKG_VERS="$(git describe --tags)"
@@ -22,6 +25,14 @@ mkdir -p dist/debuild
 distdir="$(pwd)/dist/debuild/$PKG_NAME"
 git clone -q . "$distdir"
 cd "$distdir"
+
+echo "Removing files listed in .releaseignore ..."
+while IFS= read -r line; do
+    rm -rf "$line"
+done < .releaseignore
+
+echo "Removing .releaseignore ..."
+rm -f .releaseignore
 git checkout -q "$PKG_HEAD"
 
 debuild -uc -us 1>&2

script/package-tarball

@@ -8,11 +8,24 @@ set -e
 # Change into project root
 cd "$(dirname "$0")"/..
 
+# Fetch tags from remote repository
+git fetch --tags
+
 # Basic package name and version.
 PKG_BASE="github-backup-utils"
 PKG_VERS="$(git describe --tags)"
 PKG_NAME="${PKG_BASE}-${PKG_VERS}"
 
+# Remove all files or directories listed in .releaseignore
+echo "Removing files listed in .releaseignore ..."
+while IFS= read -r line; do
+    rm -rf "$line"
+done < .releaseignore
+
+# Remove the .releaseignore file itself
+echo "Removing .releaseignore ..."
+rm -f .releaseignore
+
 # Run git-archive to generate tarball
 echo "Creating ${PKG_NAME}.tar.gz ..."
 mkdir -p dist