-
Notifications
You must be signed in to change notification settings - Fork 2
142 lines (131 loc) · 4.82 KB
/
publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
# reusable workflow for publishing all charms in this repo
name: Publish and Deploy
run-name: Publish to ${{ inputs.destination_channel}} and deploy
on:
workflow_call:
inputs:
source_branch:
description: Github branch from this repo to publish. If blank, will use the default branch
default: ''
required: false
type: string
secrets:
CHARMCRAFT_CREDENTIALS:
required: true
JIMM_DEV_CLIENT_ID:
required: true
JIMM_DEV_CLIENT_SECRET:
required: true
JIMM_STG_CLIENT_ID:
required: true
JIMM_STG_CLIENT_SECRET:
required: true
JIMM_URL:
required: true
workflow_dispatch:
inputs:
destination_channel:
description: CharmHub channel to publish to
required: false
default: 'latest/edge'
type: string
source_branch:
description: Github branch from this repo to publish. If blank, will use the default branch
required: false
default: ''
type: string
jobs:
publish-charm:
name: Publish Charm
runs-on: ubuntu-22.04
outputs:
channel: ${{ steps.parse-inputs.outputs.destination_channel }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
ref: ${{ inputs.source_branch }}
- name: Select charmhub channel
uses: canonical/charming-actions/channel@934193396735701141a1decc3613818e412da606 # 2.6.3
id: select-channel
if: ${{ inputs.destination_channel == '' }}
# Combine inputs from different sources to a single canonical value so later steps don't
# need logic for picking the right one
- name: Parse and combine inputs
id: parse-inputs
run: |
# destination_channel
destination_channel="${{ inputs.destination_channel || steps.select-channel.outputs.name }}"
echo "setting output of destination_channel=$destination_channel"
echo "::set-output name=destination_channel::$destination_channel"
- name: Setup lxd
uses: canonical/setup-lxd@v0.1.2
with:
channel: latest/stable
- name: Upload charm to charmhub
uses: canonical/charming-actions/upload-charm@934193396735701141a1decc3613818e412da606 # 2.6.3
with:
credentials: ${{ secrets.CHARMCRAFT_CREDENTIALS }}
github-token: ${{ secrets.GITHUB_TOKEN }}
channel: ${{ steps.parse-inputs.outputs.destination_channel }}
destructive-mode: false
revision:
concurrency:
group: ${{ inputs.source_branch }}-${{ needs.publish-charm.outputs.channel }}
cancel-in-progress: true
needs: publish-charm
outputs:
revision: ${{ steps.set-revision.outputs.revision }}
runs-on: ubuntu-24.04
if: ${{ inputs.source_branch == 'IAM-1233' }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
ref: ${{ inputs.source_branch }}
- name: Get revision
id: set-revision
run: |
sudo snap install charmcraft --classic --channel latest/stable
revision=$(charmcraft status ${{ env.CHARM_NAME }} --format json | jq '.[] | select(.track == "${{ env.TRACK }}") | .mappings[0].releases[] | select(.channel == "${{ needs.publish-charm.outputs.channel }}") | .revision')
echo "setting output of revision=$revision"
echo "revision=$revision" >> $GITHUB_OUTPUT
env:
CHARMCRAFT_AUTH: ${{ secrets.CHARMCRAFT_CREDENTIALS }}
CHARM_NAME: kratos
# only cater for latest track for now
TRACK: latest
dev-deploy:
concurrency:
group: ${{ inputs.source_branch }}-${{ needs.publish-charm.outputs.channel }}
cancel-in-progress: true
needs:
- publish-charm
- revision
if: ${{ (needs.publish-charm.outputs.channel == 'latest/edge') }}
uses: "./.github/workflows/_deploy.yaml"
secrets:
CLIENT_ID: ${{ secrets.JIMM_DEV_CLIENT_ID }}
CLIENT_SECRET: ${{ secrets.JIMM_DEV_CLIENT_SECRET }}
JIMM_URL: ${{ secrets.JIMM_URL }}
with:
model: dev-iam
revision: ${{ needs.revision.outputs.revision }}
stg-deploy:
concurrency:
group: ${{ inputs.source_branch }}-${{ needs.publish-charm.outputs.channel }}
cancel-in-progress: true
needs:
- publish-charm
- revision
if: ${{ (needs.publish-charm.outputs.channel == 'latest/stable') }}
uses: "./.github/workflows/_deploy.yaml"
secrets:
CLIENT_ID: ${{ secrets.JIMM_STG_CLIENT_ID }}
CLIENT_SECRET: ${{ secrets.JIMM_STG_CLIENT_SECRET }}
JIMM_URL: ${{ secrets.JIMM_URL }}
with:
model: stg-iam
revision: ${{ needs.revision.outputs.revision }}