InitiateRelease #72
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: InitiateRelease | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: 0 18 * * 1-5 | |
jobs: | |
GenerateConfig: | |
runs-on: ubuntu-latest | |
outputs: | |
stage_exit_code: ${{ steps.stage.outputs.stage_exit_code }} | |
push_exit_code: ${{ steps.push.outputs.push_exit_code }} | |
pr_exit_code: ${{ steps.pr.outputs.pr_exit_code }} | |
permissions: | |
id-token: write | |
contents: write | |
pull-requests: write | |
env: | |
IAM_INSTANCE_PROFILE_ARN: ${{ secrets.IAM_INSTANCE_PROFILE_ARN }} | |
GH_TOKEN: ${{ github.token }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Create Release Branch | |
run: | | |
date=$(date '+%Y%m%d') | |
git checkout -b release-${date} | |
- name: Install xmllint | |
run: | | |
# generate-release-vars.sh depends on these packages | |
sudo apt-get update && sudo apt-get install libxml2-utils | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.AMI_GENERATE_CONFIG_ROLE }} | |
aws-region: us-west-2 | |
- name: Configure Bot Alias | |
run: | | |
git config --global user.name "GenerateConfig Action" | |
git config --global user.email "[email protected]" | |
- name: Check AL1 Update | |
run: ./scripts/check-update.sh al1 | |
- name: Check AL2 Update | |
run: ./scripts/check-update.sh al2 | |
- name: Check AL2023 Update | |
run: ./scripts/check-update.sh al2023 | |
- name: Check for changes | |
id: stage | |
run: | | |
# Git diff returns exit code of 1 when there is a change staged | |
# We need the set statements to prevent erroring out | |
set +e | |
git diff --cached --quiet | |
echo "stage_exit_code=$?" >> "$GITHUB_OUTPUT" | |
set -e | |
- name: Commit and Push Changes | |
id: push | |
if: ${{ steps.stage.outputs.stage_exit_code == 1 }} | |
run: | | |
date=$(date '+%Y%m%d') | |
git commit -m "Release ${date}" | |
git status | |
git push --set-upstream origin release-${date} | |
echo "push_exit_code=$?" >> "$GITHUB_OUTPUT" | |
- name: Open PR for Branch | |
id: pr | |
if: ${{ steps.stage.outputs.stage_exit_code == 1 && steps.push.outputs.push_exit_code == 0 }} | |
run: | | |
date=$(date '+%Y%m%d') | |
gh pr create --base main --head release-${date} --title "Release ${date}" --body "Enhanced ECS Optimized AMI Release changes" | |
echo "pr_exit_code=$?" >> "$GITHUB_OUTPUT" | |
PushToCodeCommit: | |
needs: GenerateConfig | |
if: ${{ needs.GenerateConfig.outputs.stage_exit_code == 1 && needs.GenerateConfig.outputs.push_exit_code == 0 && needs.GenerateConfig.outputs.pr_exit_code == 0 }} | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{secrets.AMI_MIRROR_ROLE}} | |
aws-region: us-west-2 | |
- name: Delete shinkansen branch on codecommit repository | |
run: | | |
aws codecommit delete-branch --repository-name amazon-ecs-ami-mirror --branch-name shinkansen | |
- name: Configure prereqs | |
run: | | |
git config --global user.name "Github Action" | |
git config --global user.email "[email protected]" | |
pip install git-remote-codecommit | |
- name: Mirror to shinkansen branch on codecommit repository | |
run: | | |
date=$(date '+%Y%m%d') | |
git clone --single-branch --branch release-${date} https://github.com/aws/amazon-ecs-ami ecsAmiGithub | |
git clone codecommit::us-west-2://amazon-ecs-ami-mirror ecsAmiCodeCommit | |
cp ecsAmiCodeCommit/Config ecsAmiGithub/ | |
cd ecsAmiGithub | |
git add Config | |
git commit -m "Release ${date}" | |
git remote add codecommit codecommit::us-west-2://amazon-ecs-ami-mirror | |
git push codecommit release-${date}:shinkansen | |
MetricPublish: | |
needs: [GenerateConfig, PushToCodeCommit] | |
if: ${{ always() }} | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{secrets.AMI_MIRROR_ROLE}} | |
aws-region: us-west-2 | |
- name: Failure Scenario | |
if: ${{ needs.GenerateConfig.result == 'failure' || needs.PushToCodeCommit.result == 'failure' }} | |
run: aws cloudwatch put-metric-data --metric-name EcsAmiGithubActionStatus --namespace ECSAMIRelease --value "-1" | |
- name: Release Kickoff Scenario | |
if: ${{ needs.PushToCodeCommit.result == 'success'}} | |
run: aws cloudwatch put-metric-data --metric-name EcsAmiGithubActionStatus --namespace ECSAMIRelease --value 1 | |
- name: No Release Scenario | |
if: ${{ needs.GenerateConfig.result == 'success' && needs.PushToCodeCommit.result == 'skipped' }} | |
run: aws cloudwatch put-metric-data --metric-name EcsAmiGithubActionStatus --namespace ECSAMIRelease --value 0 |