Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test #2

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 21 additions & 0 deletions .github/workflows/approve-publish.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
name: PR Checks

on:
pull_request:
branches:
- main
- features/*
- release/*

jobs:
pr-checks:
name: "PR Checks"
runs-on: ubuntu-latest
environment: publish-bicep
steps:
- name: Checkout repository
uses: actions/checkout@v4

# Add your steps here that do not require secrets
- name: Run tests
run: echo "Running tests..."
220 changes: 100 additions & 120 deletions .github/workflows/publish-bicep.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,140 +21,120 @@ on:
- main
tags:
- v*
pull_request:
branches:
- main
workflow_dispatch:
inputs: {}
# pull_request:
# branches:
# - main
workflow_run:
workflows: ["PR Checks"]
types:
- completed

permissions:
id-token: write
contents: read
checks: write # Required for creating a check run

env:
# bicep-types ACR url for uploading AWS Bicep types
BICEP_TYPES_REGISTRY: 'biceptypes.azurecr.io'
BICEP_TYPES_REGISTRY: 'shruku.azurecr.io'
AWS_REGION: us-west-2
CI_PUBLISH_RELEASE: ${{ github.repository == 'radius-project/bicep-types-aws' && startsWith(github.ref, 'refs/tags/v') && github.event_name == 'push' }}
CI_PUBLISH_LATEST: ${{ github.repository == 'radius-project/bicep-types-aws' && github.ref == 'refs/heads/main' && github.event_name == 'push' }}
PUBLISH_BICEP_APP_ID: 1059859

jobs:
build-and-push-bicep-types:
name: Publish Radius bicep types to ACR
approve-publish:
name: "Approve Publish"
runs-on: ubuntu-latest
environment: publish-bicep
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Parse release version and set environment variables
run: python ./.github/scripts/get_release_version.py
- name: Set up Go ${{ env.GOVER }}
uses: actions/setup-go@v5
with:
go-version: ${{ env.GOVER }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: 'Build aws-type-downloader'
env:
GOPROXY: "https://proxy.golang.org"
working-directory: 'src/aws-type-downloader'
run: go build .
- name: Download AWS specs from CloudControl
run: |
cd src/aws-type-downloader && go run main.go --output ../../artifacts/types --clean
- name: 'Initialize submodule'
run: |
git submodule update --init --recursive
npm --prefix bicep-types/src/bicep-types ci && npm --prefix bicep-types/src/bicep-types run build; \
- name: Generate Bicep extensibility types for AWS
env:
VERSION: ${{ env.REL_CHANNEL == 'edge' && 'latest' || env.REL_CHANNEL }}
run: |
npm --prefix ./src/aws-type-generator install
npm run --prefix ./src/aws-type-generator start -- --input ../../artifacts/types --output ../../artifacts/bicep --release-version ${{ env.VERSION }}
- name: Upload AWS Bicep types artifacts
uses: actions/upload-artifact@v4
with:
name: aws-bicep-types
path: ./artifacts/bicep
if-no-files-found: error
- name: 'Login via Azure CLI'
if: ${{ env.CI_PUBLISH_LATEST == 'true' || env.CI_PUBLISH_RELEASE == 'true' }}
uses: azure/login@v2
with:
client-id: ${{ secrets.BICEPTYPES_CLIENT_ID }}
tenant-id: ${{ secrets.BICEPTYPES_TENANT_ID }}
subscription-id: ${{ secrets.BICEPTYPES_SUBSCRIPTION_ID }}
- name: Setup and verify bicep CLI
if: ${{ env.CI_PUBLISH_LATEST == 'true' || env.CI_PUBLISH_RELEASE == 'true' }}
run: |
curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64
chmod +x ./bicep
sudo mv ./bicep /usr/local/bin/bicep
bicep --version
- name: Publish bicep types
if: ${{ env.CI_PUBLISH_LATEST == 'true' || env.CI_PUBLISH_RELEASE == 'true' }}
env:
VERSION: ${{ env.REL_CHANNEL == 'edge' && 'latest' || env.REL_CHANNEL }}
run: |
bicep publish-extension ./artifacts/bicep/index.json --target br:${{ env.BICEP_TYPES_REGISTRY }}/aws:${{ env.VERSION }} --force
update-types:
if: github.event_name == 'pull_request' && github.base_ref == 'main'
name: Update Bicep extensibility provider types
runs-on: ubuntu-latest
timeout-minutes: 10
env:
GOVER: '^1.18'
GOPROXY: https://proxy.golang.org
if: ${{ github.event.workflow_run.conclusion == 'success' }}
steps:
- uses: actions/checkout@v4

- id: get_commit_hash
name: Get commit hash (radius-project/bicep-types-aws)
run: |
echo "commit_hash_short=$(git rev-parse HEAD --short)" >> $GITHUB_OUTPUT
echo "gh_uri=https://github.com/radius-project/bicep-types-aws/tree/$(git rev-parse HEAD)/artifacts/bicep" >> $GITHUB_OUTPUT

- name: Clone https://github.com/radius-project/bicep
# - name: Get GitHub app token
# uses: tibdex/github-app-token@v2
# id: get_installation_token
# with:
# app_id: ${{ env.PUBLISH_BICEP_APP_ID }}
# private_key: ${{ secrets.PUBLISH_BICEP_APP_PRIVATE_KEY }}
# - name: Set up checkout target (pull_request)
# # if: github.event_name == 'pull_request'
# run: |
# echo "CHECKOUT_REPO=${{ github.repository }}" >> $GITHUB_ENV
# echo "CHECKOUT_REF=${{ github.ref }}" >> $GITHUB_ENV
# echo "PR_NUMBER=${{ github.event.pull_request.number }}" >> $GITHUB_ENV
- name: Checkout repository
uses: actions/checkout@v4
with:
token: ${{ secrets.GH_RAD_CI_BOT_PAT }}
repository: radius-project/bicep
path: workflow-temp/bicep
ref: bicep-extensibility

- name: Copy generated files to radius-project/bicep repo
# Steps that require secrets
- name: Verify Secret Availability
run: |
mkdir -p workflow-temp/bicep/src/Bicep.Types.Aws/generated
cp -R artifacts/bicep/* workflow-temp/bicep/src/Bicep.Types.Aws/generated

- name: Create Pull Request in radius-project/bicep repo
uses: peter-evans/create-pull-request@v7
with:
path: workflow-temp/bicep
token: ${{ secrets.GH_RAD_CI_BOT_PAT }}
committer: rad-ci-bot <[email protected]>
author: rad-ci-bot <[email protected]>
signoff: true
branch: aws-types/patch-${{ github.event.pull_request.number }}
delete-branch: true
title: |
Update AWS extensibility provider for Bicep
body: |
## Autogenerated Report
- Updates Bicep extensibility type definitions generated from [radius-project/bicep-types-aws](${{ steps.get_commit_hash.outputs.gh_uri }})
commit-message: |
update generated types from ${{ steps.get_commit_hash.outputs.gh_uri }}
labels: |
autogenerated
github_actions
aws-types
draft: false
if [ -z "${{ secrets.MY_SECRET }}" ]; then
echo "MY_SECRET is not set."
exit 1
else
echo "MY_SECRET is available."
fi
# build-and-push-bicep-types:
# name: Publish Radius bicep types to ACR
# runs-on: ubuntu-latest
# steps:
# - name: Check out code
# uses: actions/checkout@v4
# - name: Parse release version and set environment variables
# run: python ./.github/scripts/get_release_version.py
# - name: Set up Go ${{ env.GOVER }}
# uses: actions/setup-go@v5
# with:
# go-version: ${{ env.GOVER }}
# - name: Setup Node.js
# uses: actions/setup-node@v4
# with:
# node-version: '18'
# - name: Configure AWS Credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: ${{ env.AWS_REGION }}
# - name: 'Build aws-type-downloader'
# env:
# GOPROXY: "https://proxy.golang.org"
# working-directory: 'src/aws-type-downloader'
# run: go build .
# - name: Download AWS specs from CloudControl
# run: |
# cd src/aws-type-downloader && go run main.go --output ../../artifacts/types --clean
# - name: 'Initialize submodule'
# run: |
# git submodule update --init --recursive
# npm --prefix bicep-types/src/bicep-types ci && npm --prefix bicep-types/src/bicep-types run build; \
# - name: Generate Bicep extensibility types for AWS
# env:
# VERSION: ${{ env.REL_CHANNEL == 'edge' && 'latest' || env.REL_CHANNEL }}
# run: |
# npm --prefix ./src/aws-type-generator install
# npm run --prefix ./src/aws-type-generator start -- --input ../../artifacts/types --output ../../artifacts/bicep --release-version ${{ env.VERSION }}
# - name: Upload AWS Bicep types artifacts
# uses: actions/upload-artifact@v4
# with:
# name: aws-bicep-types
# path: ./artifacts/bicep
# if-no-files-found: error
# - name: 'Login via Azure CLI'
# if: ${{ env.CI_PUBLISH_LATEST == 'true' || env.CI_PUBLISH_RELEASE == 'true' }}
# uses: azure/login@v2
# with:
# client-id: ${{ secrets.BICEPTYPES_CLIENT_ID }}
# tenant-id: ${{ secrets.BICEPTYPES_TENANT_ID }}
# subscription-id: ${{ secrets.BICEPTYPES_SUBSCRIPTION_ID }}
# - name: Setup and verify bicep CLI
# if: ${{ env.CI_PUBLISH_LATEST == 'true' || env.CI_PUBLISH_RELEASE == 'true' }}
# run: |
# curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64
# chmod +x ./bicep
# sudo mv ./bicep /usr/local/bin/bicep
# bicep --version
# - name: Publish bicep types
# if: ${{ env.CI_PUBLISH_LATEST == 'true' || env.CI_PUBLISH_RELEASE == 'true' }}
# env:
# VERSION: ${{ env.REL_CHANNEL == 'edge' && 'latest' || env.REL_CHANNEL }}
# run: |
# bicep publish-extension ./artifacts/bicep/index.json --target br:${{ env.BICEP_TYPES_REGISTRY }}/aws:${{ env.VERSION }} --force
3 changes: 3 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,6 @@ Please refer to our guide on [Reporting security vulnerabilities](SECURITY.md)

Please refer to our [Radius community code of conduct](CODE_OF_CONDUCT.md)


---- testing changes

Loading