[RELEASE] build test releases

* forgejo & v*/forgejo branches are mirrored to the forgejo-integration repository on every commit
* re-build a test release every time that happens
  * forogejo => vforgejo-test
  * v1.21/forgejo => v1.21-test
  * v1.22/forgejo => v1.22-test
  * etc.
This commit is contained in:
Earl Warren 2024-02-16 20:21:18 +01:00
parent 7ea1ef2c2b
commit 03efa900ea
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 0579CB2928A78A00
3 changed files with 101 additions and 50 deletions

View file

@ -1,3 +1,4 @@
FROM public.ecr.aws/docker/library/alpine:3.18 FROM code.forgejo.org/oci/alpine:3.19
ARG RELEASE_VERSION=unkown
RUN mkdir -p /app/gitea RUN mkdir -p /app/gitea
RUN ( echo '#!/bin/sh' ; echo "echo forgejo v1.2.3" ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea RUN ( echo '#!/bin/sh' ; echo "echo forgejo v$RELEASE_VERSION" ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea

View file

@ -34,10 +34,10 @@ jobs:
lxc-ip-prefix: 10.0.9 lxc-ip-prefix: 10.0.9
- name: publish the forgejo release - name: publish the forgejo release
shell: bash
run: | run: |
set -x set -x
version=1.2.3
cat > /etc/docker/daemon.json <<EOF cat > /etc/docker/daemon.json <<EOF
{ {
"insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"] "insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"]
@ -53,38 +53,15 @@ jobs:
url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }} url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}" export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}"
function sanity_check() {
local url=$1 version=$2
# #
# Create a new project with a fake forgejo and the release workflow only # Minimal sanity checks. Since the binary
#
cp -a .forgejo/testdata/build-release/* $dir
mkdir -p $dir/.forgejo/workflows
cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows
cp $dir/Dockerfile $dir/Dockerfile.rootless
forgejo-test-helper.sh push $dir $url root forgejo
sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main)
#
# Push a tag to trigger the release workflow and wait for it to complete
#
forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"${{ steps.forgejo.outputs.token }}"}' $url/api/v1/repos/root/forgejo/actions/secrets/TOKEN
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"root"}' $url/api/v1/repos/root/forgejo/actions/secrets/DOER
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
#
# uncomment to see the logs even when everything is reported to be working ok
#
#cat $FORGEJO_RUNNER_LOGS
#
# Minimal sanity checks. e2e test is for the setup-forgejo
# action and the infrastructure playbook. Since the binary
# is a script shell it does not test the sanity of the cross # is a script shell it does not test the sanity of the cross
# build, only the sanity of the naming of the binaries. # build, only the sanity of the naming of the binaries.
# #
for arch in amd64 arm64 arm-6 ; do for arch in amd64 arm64 arm-6 ; do
binary=forgejo-$version-linux-$arch local binary=forgejo-$version-linux-$arch
for suffix in '' '.xz' ; do for suffix in '' '.xz' ; do
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix
if test "$suffix" = .xz ; then if test "$suffix" = .xz ; then
@ -98,10 +75,59 @@ jobs:
done done
done done
sources=forgejo-src-$version.tar.gz local sources=forgejo-src-$version.tar.gz
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256 curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256
shasum -a 256 --check $sources.sha256 shasum -a 256 --check $sources.sha256
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless
}
#
# Create a new project with a fake forgejo and the release workflow only
#
cp -a .forgejo/testdata/build-release/* $dir
mkdir -p $dir/.forgejo/workflows
cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows
cp $dir/Dockerfile $dir/Dockerfile.rootless
forgejo-test-helper.sh push $dir $url root forgejo
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"${{ steps.forgejo.outputs.token }}"}' $url/api/v1/repos/root/forgejo/actions/secrets/TOKEN
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"root"}' $url/api/v1/repos/root/forgejo/actions/secrets/DOER
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"true"}' $url/api/v1/repos/root/forgejo/actions/secrets/VERBOSE
#
# Push a tag to trigger the release workflow and wait for it to complete
#
version=1.2.3
sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main)
forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
sanity_check $url $version
#
# Push a commit to a branch that triggers the build of a test release
#
version=forgejo-test
(
git clone $url/root/forgejo /tmp/forgejo
cd /tmp/forgejo
date > DATE
git config user.email root@example.com
git config user.name username
git add .
git commit -m 'update'
git push $url/root/forgejo main:forgejo
)
sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo forgejo)
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
sanity_check $url $version
- name: full logs
if: always()
run: |
sed -e 's/^/[RUNNER LOGS] /' ${{ steps.forgejo.outputs.runner-logs }}
docker logs forgejo | sed -e 's/^/[FORGEJO LOGS]/'
sleep 5 # hack to avoid mixing outputs in Forgejo v1.21

View file

@ -18,7 +18,10 @@ name: Build release
on: on:
push: push:
tags: 'v*' tags: 'v[0-9]+.[0-9]+.*'
branches:
- 'forgejo'
- 'v*/forgejo'
jobs: jobs:
release: release:
@ -43,17 +46,34 @@ jobs:
go-version: "1.21" go-version: "1.21"
check-latest: true check-latest: true
- name: version from ref_name - name: version from ref
id: tag-version id: release-info
shell: bash
run: | run: |
version="${{ github.ref_name }}" set -x
version=${version##*v} ref="${{ github.ref }}"
echo "value=$version" >> "$GITHUB_OUTPUT" if [[ $ref =~ ^refs/heads/ ]] ; then
version=${ref#refs/heads/}
version=${version%/forgejo}-test
override=true
fi
if [[ $ref =~ ^refs/tags/ ]] ; then
version=${ref#refs/tags/}
override=false
fi
if test -z "$version" ; then
echo failed to figure out the release version from the reference=$ref
exit 1
fi
version=${version#v}
echo "sha=${{ github.sha }}" >> "$GITHUB_OUTPUT"
echo "version=$version" >> "$GITHUB_OUTPUT"
echo "override=$override" >> "$GITHUB_OUTPUT"
- name: release notes - name: release notes
id: release-notes id: release-notes
run: | run: |
anchor=${{ steps.tag-version.outputs.value }} anchor=${{ steps.release-info.outputs.version }}
anchor=${anchor//./-} anchor=${anchor//./-}
cat >> "$GITHUB_OUTPUT" <<EOF cat >> "$GITHUB_OUTPUT" <<EOF
value<<ENDVAR value<<ENDVAR
@ -65,7 +85,7 @@ jobs:
run: | run: |
set -x set -x
apt-get -qq install -y make apt-get -qq install -y make
version=${{ steps.tag-version.outputs.value }} version=${{ steps.release-info.outputs.version }}
# #
# Make sure all files are owned by the current user. # Make sure all files are owned by the current user.
# When run as root `npx webpack` will assume the identity # When run as root `npx webpack` will assume the identity
@ -122,34 +142,38 @@ jobs:
- name: build container & release - name: build container & release
if: ${{ secrets.TOKEN != '' }} if: ${{ secrets.TOKEN != '' }}
uses: https://code.forgejo.org/forgejo/forgejo-build-publish/build@v1 uses: https://code.forgejo.org/forgejo/forgejo-build-publish/build@v3
with: with:
forgejo: "${{ env.GITHUB_SERVER_URL }}" forgejo: "${{ env.GITHUB_SERVER_URL }}"
owner: "${{ env.GITHUB_REPOSITORY_OWNER }}" owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
repository: "${{ steps.repository.outputs.value }}" repository: "${{ steps.repository.outputs.value }}"
doer: "${{ secrets.DOER }}" doer: "${{ secrets.DOER }}"
tag-version: "${{ steps.tag-version.outputs.value }}" release-version: "${{ steps.release-info.outputs.version }}"
sha: "${{ steps.release-info.outputs.sha }}"
token: "${{ secrets.TOKEN }}" token: "${{ secrets.TOKEN }}"
platforms: linux/amd64,linux/arm64,linux/arm/v6 platforms: linux/amd64,linux/arm64,linux/arm/v6
release-notes: "${{ steps.release-notes.outputs.value }}" release-notes: "${{ steps.release-notes.outputs.value }}"
binary-name: forgejo binary-name: forgejo
binary-path: /app/gitea/gitea binary-path: /app/gitea/gitea
verbose: ${{ vars.VERBOSE || 'false' }} override: "${{ steps.release-info.outputs.override }}"
verbose: ${{ vars.VERBOSE || secrets.VERBOSE || 'false' }}
- name: build rootless container - name: build rootless container
if: ${{ secrets.TOKEN != '' }} if: ${{ secrets.TOKEN != '' }}
uses: https://code.forgejo.org/forgejo/forgejo-build-publish/build@v1 uses: https://code.forgejo.org/forgejo/forgejo-build-publish/build@v3
with: with:
forgejo: "${{ env.GITHUB_SERVER_URL }}" forgejo: "${{ env.GITHUB_SERVER_URL }}"
owner: "${{ env.GITHUB_REPOSITORY_OWNER }}" owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
repository: "${{ steps.repository.outputs.value }}" repository: "${{ steps.repository.outputs.value }}"
doer: "${{ secrets.DOER }}" doer: "${{ secrets.DOER }}"
tag-version: "${{ steps.tag-version.outputs.value }}" release-version: "${{ steps.release-info.outputs.version }}"
sha: "${{ steps.release-info.outputs.sha }}"
token: "${{ secrets.TOKEN }}" token: "${{ secrets.TOKEN }}"
platforms: linux/amd64,linux/arm64,linux/arm/v6 platforms: linux/amd64,linux/arm64,linux/arm/v6
suffix: -rootless suffix: -rootless
dockerfile: Dockerfile.rootless dockerfile: Dockerfile.rootless
verbose: ${{ vars.VERBOSE || 'false' }} override: "${{ steps.release-info.outputs.override }}"
verbose: ${{ vars.VERBOSE || secrets.VERBOSE || 'false' }}
- name: end-to-end tests - name: end-to-end tests
if: ${{ secrets.TOKEN != '' && vars.ROLE == 'forgejo-integration' }} if: ${{ secrets.TOKEN != '' && vars.ROLE == 'forgejo-integration' }}