Merge pull request #165 from opsmill/bkr-new-release-cicd

New release CICD

Author: BeArchiTek

.github/workflows/ci.yml

@@ -112,7 +112,7 @@ jobs:
           ./actionlint -color
         shell: bash
         env:
-          SHELLCHECK_OPTS: --exclude=SC2086 --exclude=SC2046 --exclude=SC2004
+          SHELLCHECK_OPTS: --exclude=SC2086 --exclude=SC2046 --exclude=SC2004 --exclude=SC2129
 
 
   unit-tests:

.github/workflows/publish-python-sdk.yml renamed to .github/workflows/publish-pypi.yml

@@ -1,10 +1,32 @@
 ---
-name: Publish Infrahub Python SDK
+# yamllint disable rule:truthy
+name: Publish Infrahub SDK Package
 
-on:  # yamllint disable rule:truthy
-  push:
-    tags:
-      - "v*"
+on:
+  workflow_dispatch:
+    inputs:
+      runs-on:
+        description: "The OS to run the job on"
+        required: false
+        default: "ubuntu-22.04"
+        type: string
+      publish:
+        type: boolean
+        description: Whether to publish the package to Pypi
+        required: false
+        default: false
+  workflow_call:
+    inputs:
+      runs-on:
+        description: "The OS to run the job on"
+        required: false
+        default: "ubuntu-22.04"
+        type: string
+      publish:
+        type: boolean
+        description: Whether to publish the package to Pypi
+        required: false
+        default: false
 
 jobs:
   publish_to_pypi:
@@ -25,6 +47,8 @@ jobs:
 
       - name: "Check out repository code"
         uses: "actions/checkout@v4"
+        with:
+          submodules: true
 
       - name: "Cache poetry venv"
         uses: "actions/cache@v4"
@@ -47,4 +71,5 @@ jobs:
         run: "ls -la dist/"
 
       - name: "Poetry push PyPI"
+        if: ${{ inputs.publish }}
         run: "poetry publish"

.github/workflows/release.yml

@@ -0,0 +1,88 @@
+---
+# yamllint disable rule:truthy rule:line-length
+name: New Release
+
+on:
+  release:
+    types:
+      - published
+
+jobs:
+  check_release:
+    runs-on: ubuntu-22.04
+    outputs:
+      is_prerelease: ${{ steps.release.outputs.is_prerelease }}
+      is_devrelease: ${{ steps.release.outputs.is_devrelease }}
+      version: ${{ steps.release.outputs.version }}
+      major_minor_version: ${{ steps.release.outputs.major_minor_version }}
+      latest_tag: ${{ steps.release.outputs.latest_tag }}
+    steps:
+      - name: "Check out repository code"
+        uses: "actions/checkout@v4"
+        with:
+          submodules: true
+
+      - name: "Set up Python"
+        uses: "actions/setup-python@v5"
+        with:
+          python-version: "3.12"
+
+      - name: "Install Poetry"
+        uses: "snok/install-poetry@v1"
+        with:
+          virtualenvs-create: true
+          virtualenvs-in-project: true
+          installer-parallel: true
+
+      - name: "Setup Python environment"
+        run: |
+          poetry config virtualenvs.create true --local
+          poetry env use 3.12
+      - name: "Install dependencies"
+        run: "poetry install --no-interaction --no-ansi"
+
+      - name: "Check prerelease type"
+        id: release
+        run: |
+          echo is_prerelease=$(poetry run python -c "from packaging.version import Version; print(int(Version('$(poetry version -s)').is_prerelease))") >> "$GITHUB_OUTPUT"
+          echo is_devrelease=$(poetry run python -c "from packaging.version import Version; print(int(Version('$(poetry version -s)').is_devrelease))") >> "$GITHUB_OUTPUT"
+          echo "version=$(poetry version -s)" >> "$GITHUB_OUTPUT"
+          echo major_minor_version=$(poetry run python -c "from packaging.version import Version; print(f\"{Version('$(poetry version -s)').major}.{Version('$(poetry version -s)').minor}\")") >> "$GITHUB_OUTPUT"
+          echo latest_tag=$(curl -L \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ github.token }}" \
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              https://api.github.com/repos/${{ github.repository }}/releases/latest \
+              | jq -r '.tag_name') >> "$GITHUB_OUTPUT"
+
+      - name: Check tag version
+        if: github.event.release.tag_name != format('infrahub-v{0}', steps.release.outputs.version)
+        run: |
+          echo "Tag version does not match python project version"
+          exit 1
+
+      - name: Check prerelease and project version
+        if: github.event.release.prerelease == true && steps.release.outputs.is_prerelease == 0 && steps.release.outputs.is_devrelease == 0
+        run: |
+          echo "Cannot pre-release a non pre-release or non dev-release version (${{ steps.release.outputs.version }})"
+          exit 1
+
+      - name: Check release and project version
+        if: github.event.release.prerelease == false && (steps.release.outputs.is_prerelease == 1 || steps.release.outputs.is_devrelease == 1)
+        run: |
+          echo "Cannot release a pre-release or dev-release version (${{ steps.release.outputs.version }})"
+          exit 1
+
+  publish-pypi:
+    needs: check_release
+    uses: ./.github/workflows/publish-pypi.yml
+    secrets: inherit
+    with:
+      publish: true
+
+  update-submodule:
+    needs: check_release
+    uses: ./.github/workflows/update-submodule.yml
+    secrets: inherit
+    with:
+      version: ${{ github.ref_name }}

.github/workflows/trigger.yml

@@ -0,0 +1,45 @@
+---
+# yamllint disable rule:truthy
+name: Trigger Submodule update
+
+on:
+  workflow_dispatch:
+    inputs:
+      runs-on:
+        description: "The OS to run the job on"
+        required: false
+        default: "ubuntu-22.04"
+        type: string
+      version:
+        type: string
+        required: false
+        description: The string to extract semver from.
+        default: ''
+  workflow_call:
+    inputs:
+      runs-on:
+        description: "The OS to run the job on"
+        required: false
+        default: "ubuntu-22.04"
+        type: string
+      version:
+        type: string
+        required: false
+        description: The string to extract semver from.
+        default: ''
+
+jobs:
+  trigger-submodule:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Trigger submodule update
+        run: |
+          echo "${{ inputs.version }}"
+          curl -X POST \
+              -H "Authorization: token ${{ secrets.GH_UPDATE_PACKAGE_OTTO }}" \
+              -H "Accept: application/vnd.github.v3+json" \
+              https://api.github.com/repos/opsmill/infrahub/dispatches \
+              -d "{\"event_type\":\"trigger-submodule-update\", \"client_payload\": {\"version\": \"${{ inputs.version }}\"}}"