mirror of
https://github.com/neondatabase/neon.git
synced 2025-12-22 21:59:59 +00:00
f006879fb7
## Problem https://github.com/neondatabase/neon/actions/runs/14537161022/job/40787763965 failed to find the correct RC PR run, preventing artifact re-use. This broke in https://github.com/neondatabase/neon/pull/11547. There's a hotfix release containing this in https://github.com/neondatabase/neon/pull/11645. ## Summary of changes Make the regex for finding the RC PR run less strict, it was needlessly precise.
170 lines
7.5 KiB
YAML
170 lines
7.5 KiB
YAML
name: Generate run metadata
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
github-event-name:
|
|
type: string
|
|
required: true
|
|
github-event-json:
|
|
type: string
|
|
required: true
|
|
outputs:
|
|
build-tag:
|
|
description: "Tag for the current workflow run"
|
|
value: ${{ jobs.tags.outputs.build-tag }}
|
|
release-tag:
|
|
description: "Tag for the release if this is an RC PR run"
|
|
value: ${{ jobs.tags.outputs.release-tag }}
|
|
previous-storage-release:
|
|
description: "Tag of the last storage release"
|
|
value: ${{ jobs.tags.outputs.storage }}
|
|
previous-proxy-release:
|
|
description: "Tag of the last proxy release"
|
|
value: ${{ jobs.tags.outputs.proxy }}
|
|
previous-compute-release:
|
|
description: "Tag of the last compute release"
|
|
value: ${{ jobs.tags.outputs.compute }}
|
|
run-kind:
|
|
description: "The kind of run we're currently in. Will be one of `push-main`, `storage-release`, `compute-release`, `proxy-release`, `storage-rc-pr`, `compute-rc-pr`, `proxy-rc-pr`, `pr`, or `workflow-dispatch`"
|
|
value: ${{ jobs.tags.outputs.run-kind }}
|
|
release-pr-run-id:
|
|
description: "Only available if `run-kind in [storage-release, proxy-release, compute-release]`. Contains the run ID of the `Build and Test` workflow, assuming one with the current commit can be found."
|
|
value: ${{ jobs.tags.outputs.release-pr-run-id }}
|
|
sha:
|
|
description: "github.event.pull_request.head.sha on release PRs, github.sha otherwise"
|
|
value: ${{ jobs.tags.outputs.sha }}
|
|
|
|
permissions: {}
|
|
|
|
defaults:
|
|
run:
|
|
shell: bash -euo pipefail {0}
|
|
|
|
jobs:
|
|
tags:
|
|
runs-on: ubuntu-22.04
|
|
outputs:
|
|
build-tag: ${{ steps.build-tag.outputs.build-tag }}
|
|
release-tag: ${{ steps.build-tag.outputs.release-tag }}
|
|
compute: ${{ steps.previous-releases.outputs.compute }}
|
|
proxy: ${{ steps.previous-releases.outputs.proxy }}
|
|
storage: ${{ steps.previous-releases.outputs.storage }}
|
|
run-kind: ${{ steps.run-kind.outputs.run-kind }}
|
|
release-pr-run-id: ${{ steps.release-pr-run-id.outputs.release-pr-run-id }}
|
|
sha: ${{ steps.sha.outputs.sha }}
|
|
permissions:
|
|
contents: read
|
|
steps:
|
|
# Need `fetch-depth: 0` to count the number of commits in the branch
|
|
- name: Harden the runner (Audit all outbound calls)
|
|
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Get run kind
|
|
id: run-kind
|
|
env:
|
|
RUN_KIND: >-
|
|
${{
|
|
false
|
|
|| (inputs.github-event-name == 'push' && github.ref_name == 'main') && 'push-main'
|
|
|| (inputs.github-event-name == 'push' && github.ref_name == 'release') && 'storage-release'
|
|
|| (inputs.github-event-name == 'push' && github.ref_name == 'release-compute') && 'compute-release'
|
|
|| (inputs.github-event-name == 'push' && github.ref_name == 'release-proxy') && 'proxy-release'
|
|
|| (inputs.github-event-name == 'pull_request' && github.base_ref == 'release') && 'storage-rc-pr'
|
|
|| (inputs.github-event-name == 'pull_request' && github.base_ref == 'release-compute') && 'compute-rc-pr'
|
|
|| (inputs.github-event-name == 'pull_request' && github.base_ref == 'release-proxy') && 'proxy-rc-pr'
|
|
|| (inputs.github-event-name == 'pull_request') && 'pr'
|
|
|| (inputs.github-event-name == 'workflow_dispatch') && 'workflow-dispatch'
|
|
|| 'unknown'
|
|
}}
|
|
run: |
|
|
echo "run-kind=$RUN_KIND" | tee -a $GITHUB_OUTPUT
|
|
|
|
- name: Get the right SHA
|
|
id: sha
|
|
env:
|
|
SHA: >
|
|
${{
|
|
contains(fromJSON('["storage-rc-pr", "proxy-rc-pr", "compute-rc-pr"]'), steps.run-kind.outputs.run-kind)
|
|
&& fromJSON(inputs.github-event-json).pull_request.head.sha
|
|
|| github.sha
|
|
}}
|
|
run: |
|
|
echo "sha=$SHA" | tee -a $GITHUB_OUTPUT
|
|
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
with:
|
|
fetch-depth: 0
|
|
ref: ${{ steps.sha.outputs.sha }}
|
|
|
|
- name: Get build tag
|
|
id: build-tag
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
CURRENT_BRANCH: ${{ github.head_ref || github.ref_name }}
|
|
CURRENT_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
|
|
RUN_KIND: ${{ steps.run-kind.outputs.run-kind }}
|
|
run: |
|
|
case $RUN_KIND in
|
|
push-main)
|
|
echo "build-tag=$(git rev-list --count HEAD)" | tee -a $GITHUB_OUTPUT
|
|
;;
|
|
storage-release)
|
|
echo "build-tag=release-$(git rev-list --count HEAD)" | tee -a $GITHUB_OUTPUT
|
|
;;
|
|
proxy-release)
|
|
echo "build-tag=release-proxy-$(git rev-list --count HEAD)" | tee -a $GITHUB_OUTPUT
|
|
;;
|
|
compute-release)
|
|
echo "build-tag=release-compute-$(git rev-list --count HEAD)" | tee -a $GITHUB_OUTPUT
|
|
;;
|
|
pr|storage-rc-pr|compute-rc-pr|proxy-rc-pr)
|
|
BUILD_AND_TEST_RUN_ID=$(gh api --paginate \
|
|
-H "Accept: application/vnd.github+json" \
|
|
-H "X-GitHub-Api-Version: 2022-11-28" \
|
|
"/repos/${GITHUB_REPOSITORY}/actions/runs?head_sha=${CURRENT_SHA}&branch=${CURRENT_BRANCH}" \
|
|
| jq '[.workflow_runs[] | select(.name == "Build and Test")][0].id // ("Error: No matching workflow run found." | halt_error(1))')
|
|
echo "build-tag=$BUILD_AND_TEST_RUN_ID" | tee -a $GITHUB_OUTPUT
|
|
case $RUN_KIND in
|
|
storage-rc-pr)
|
|
echo "release-tag=release-$(git rev-list --count HEAD)" | tee -a $GITHUB_OUTPUT
|
|
;;
|
|
proxy-rc-pr)
|
|
echo "release-tag=release-proxy-$(git rev-list --count HEAD)" | tee -a $GITHUB_OUTPUT
|
|
;;
|
|
compute-rc-pr)
|
|
echo "release-tag=release-compute-$(git rev-list --count HEAD)" | tee -a $GITHUB_OUTPUT
|
|
;;
|
|
esac
|
|
;;
|
|
workflow-dispatch)
|
|
echo "build-tag=$GITHUB_RUN_ID" | tee -a $GITHUB_OUTPUT
|
|
;;
|
|
*)
|
|
echo "Unexpected RUN_KIND ('${RUN_KIND}'), failing to assign build-tag!"
|
|
exit 1
|
|
esac
|
|
|
|
- name: Get the previous release-tags
|
|
id: previous-releases
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: |
|
|
gh api --paginate \
|
|
-H "Accept: application/vnd.github+json" \
|
|
-H "X-GitHub-Api-Version: 2022-11-28" \
|
|
"/repos/${GITHUB_REPOSITORY}/releases" \
|
|
| jq -f .github/scripts/previous-releases.jq -r \
|
|
| tee -a "${GITHUB_OUTPUT}"
|
|
|
|
- name: Get the release PR run ID
|
|
id: release-pr-run-id
|
|
if: ${{ contains(fromJSON('["storage-release", "compute-release", "proxy-release"]'), steps.run-kind.outputs.run-kind) }}
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
CURRENT_SHA: ${{ github.sha }}
|
|
run: |
|
|
RELEASE_PR_RUN_ID=$(gh api "/repos/${GITHUB_REPOSITORY}/actions/runs?head_sha=$CURRENT_SHA" | jq '[.workflow_runs[] | select(.name == "Build and Test") | select(.head_branch | test("^rc/release.*$"; "s"))] | first | .id // ("Failed to find Build and Test run from RC PR!" | halt_error(1))')
|
|
echo "release-pr-run-id=$RELEASE_PR_RUN_ID" | tee -a $GITHUB_OUTPUT
|