Move from Travis to GH Actions and from BinTray to GH Releases (#726)

* Adapt build to GH actions first steps * Remove monitor cmd for snyk * Publish snyk reports on snyk.io * Add tests & sonar to GH actions * Fix typo * Check installed go version * Add org name for sonar * Add build of Yorc distrib * remove travis * Add missing make tools * Add missing doc requirements * Update for python3 * Fix some build issues * Fix jfrog cli path * Allow unbound vars in build_docker.sh * Fix deprecation on jfrog cli * Prepare release workflow Also remove travis scripts * Fix copy/paste typo * Describe release process
ystia · Apr 30, 2021 · b005225 · b005225
1 parent 91684f0
commit b005225
Show file tree

Hide file tree

Showing 15 changed files with 332 additions and 250 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,119 @@
+name: "Yorc GH Actions Build"
+
+on: [push, pull_request]
+
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+
+  security:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v1
+    - name: Run Snyk to check for vulnerabilities
+      uses: snyk/actions/golang@master
+      continue-on-error: true # To make sure that SARIF upload gets called
+      env:
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      with:
+        args: --sarif-file-output=snyk.sarif
+    - name: Upload result to GitHub Code Scanning
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: snyk.sarif
+    - name: Run Snyk to check for vulnerabilities and send it to Snyk.io
+      uses: snyk/actions/golang@master
+      env:
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      with:
+        command: monitor
+
+  tests:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v1
+      with:
+        # Disabling shallow clone is recommended for improving relevancy of reporting (for sonar)
+        fetch-depth: 0
+    - name: Setup go
+      uses: actions/setup-go@v1
+      with:
+        go-version: "1"
+    - name: Test
+      run: |
+        go version
+        go env
+        echo "YORC_VERSION=$(grep "yorc_version" versions.yaml | awk '{print $2}')" >> $GITHUB_ENV
+        make tools
+        TESTARGS='-coverprofile coverage-sonar.out -coverpkg=./...' make json-test
+    - name: SonarCloud Scan
+      uses: sonarsource/sonarcloud-github-action@master
+      # Do this only on push commit do not need to be re-analyzed on PR
+      if: github.event_name == 'push'
+      with:
+        args: >
+          -Dsonar.projectVersion=${{ env.YORC_VERSION }}
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Setup jfrog CLI
+        uses: jfrog/setup-jfrog-cli@v1
+        env:
+          JF_ARTIFACTORY_1: ${{ secrets.JF_ARTIFACTORY_SERVER_1 }}
+
+      - name: Ping Artifactory with jfrog CLI
+        run: |
+          # Ping the server
+          jfrog rt ping
+
+      - name: Setup Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.x'
+
+      - name: Install sphinx dependencies
+        run: |
+          pip install --user --upgrade sphinx==1.8.1 semantic-version requests urllib3[secure]==1.23 Pygments>=2.7.1
+          pip install -r doc/requirements.txt
+          sudo apt-get install -y jq \
+                                  latexmk \
+                                  texlive-binaries \
+                                  texlive-fonts-recommended \
+                                  texlive-latex-base \
+                                  texlive-latex-extra \
+                                  texlive-latex-recommended
+
+      - name: Setup go
+        uses: actions/setup-go@v1
+        with:
+          go-version: "1"
+
+      - name: Make distribution
+        run: |
+          set -euo pipefail
+          make tools
+          SKIP_TESTS=1 make dist
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Make Docker container
+        run: |
+          ./docker_build.sh
+
+      - name: Deploy artifacts to Artifactory
+        run: |
+          ./build/deploy_artifactory.sh
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,103 @@
+name: Release
+on:
+  workflow_dispatch:
+    inputs:
+      release_version:
+        description: 'version to be released'
+        required: true
+        default: ''
+
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  release:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Configure Git user
+      run: |
+        git config user.email "actions@github.com"
+        git config user.name "GitHub Actions"
+    - name: Setup Python
+      uses: actions/setup-python@v2
+      with:
+        python-version: '3.x'
+
+    - name: Install dependencies
+      run: pip install semantic_version
+
+    - name: Tag and push a release
+      id: release
+      run: |
+        ./build/release.sh -v "${{ github.event.inputs.release_version }}"
+        read -r major minor patch prerelease build <<< $(python -c "import semantic_version; v = semantic_version.Version('${{ github.event.inputs.release_version }}'); print(v.major, v.minor, v.patch, '.'.join(v.prerelease), '.'.join(v.build));")
+        if [[ -z "${prerelease}" ]] ; then
+            echo "PRERELEASE=false" >> $GITHUB_ENV
+        else
+            echo "PRERELEASE=true" >> $GITHUB_ENV
+        fi
+        tagName="v${{ github.event.inputs.release_version }}"
+        echo "TAG_NAME=${tagName}" >> $GITHUB_ENV
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Checkout tag
+      uses: actions/checkout@v2
+      with:
+        ref: ${{ env.TAG_NAME }}
+
+    - name: Setup Python
+      uses: actions/setup-python@v2
+      with:
+        python-version: '3.x'
+
+    - name: Install sphinx dependencies
+      run: |
+        pip install --user --upgrade sphinx==1.8.1 semantic-version requests urllib3[secure]==1.23 Pygments>=2.7.1
+        pip install -r doc/requirements.txt
+        sudo apt-get install -y jq \
+                                latexmk \
+                                texlive-binaries \
+                                texlive-fonts-recommended \
+                                texlive-latex-base \
+                                texlive-latex-extra \
+                                texlive-latex-recommended
+
+    - name: Setup go
+      uses: actions/setup-go@v1
+      with:
+        go-version: "1"
+
+    - name: Generate distribution and changelog
+      run: |
+        set -euo pipefail
+        make tools
+        SKIP_TESTS=1 make dist
+        # Generate changelog
+        awk '{f=1} f{ if (/^## / && i++>=1) exit; else print $0}' CHANGELOG.md | tee CHANGELOG-for-version.md
+
+
+    - name: Create or Update Github Release draft
+      id: update_release
+      uses: loicalbertin/action-gh-release@080e2e752ac77817dcfd2e8809873bdc24817584
+      with:
+        tag_name: ${{ env.TAG_NAME }}
+        body_path: CHANGELOG-for-version.md
+        name: ${{ env.TAG_NAME }}
+        prerelease: ${{ env.PRERELEASE }}
+        draft: true
+        files: build/csars/*.zip
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Publish Github Release
+      uses: eregon/publish-release@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        release_id: ${{ steps.update_release.outputs.id }}
diff --git a/.travis.yml b/.travis.yml
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -96,3 +96,17 @@ If you are having trouble getting into the mood of idiomatic Go, we recommend
 reading through [Effective Go](https://golang.org/doc/effective_go.html). The
 [Go Blog](https://blog.golang.org) is also a great resource. Drinking the
 kool-aid is a lot easier than going thirsty.
+
+## Release Yorc
+
+Releases are now handled by a [GitHub Action Workflow](https://github.com/ystia/yorc/actions/workflows/release.yml).
+Contributors with `members` role on this project can trigger this workflow. it requires as an input the release version
+in semver format (leading 'v' should be omitted).
+
+This workflow will:
+
+1. call the `build/release.sh` script
+2. checkout the generated tag
+3. generate the distribution and a changelog for this version
+4. create a GH Release and upload assets
+5. publish the GH Release
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # Ystia Orchestrator
 
-[![Download](https://api.bintray.com/packages/ystia/yorc-engine/distributions/images/download.svg?version=4.0.0)](https://bintray.com/ystia/yorc-engine/distributions/4.0.0/link) [![Build Status](https://travis-ci.org/ystia/yorc.svg?branch=release/4.0)](https://travis-ci.org/ystia/yorc) [![Documentation Status](https://readthedocs.org/projects/yorc/badge/?version=latest)](http://yorc.readthedocs.io/en/latest/?badge=latest) [![Go Report Card](https://goreportcard.com/badge/github.com/ystia/yorc)](https://goreportcard.com/report/github.com/ystia/yorc) [![license](https://img.shields.io/github/license/ystia/yorc.svg)](https://github.com/ystia/yorc/blob/develop/LICENSE) [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com) [![Docker Pulls](https://img.shields.io/docker/pulls/ystia/yorc.svg?style=flat)](https://hub.docker.com/r/ystia/yorc) [![Join the chat at https://gitter.im/ystia/yorc](https://badges.gitter.im/ystia/yorc.svg)](https://gitter.im/ystia/yorc?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![Download](https://img.shields.io/badge/download-v4.1.0-blue)](https://github.com/ystia/yorc/releases/tag/v4.1.0) [![Build Status](https://github.com/ystia/yorc/actions/workflows/build.yml/badge.svg?branch=develop)](https://github.com/ystia/yorc/actions) [![Documentation Status](https://readthedocs.org/projects/yorc/badge/?version=latest)](http://yorc.readthedocs.io/en/latest/?badge=latest) [![Go Report Card](https://goreportcard.com/badge/github.com/ystia/yorc)](https://goreportcard.com/report/github.com/ystia/yorc) [![license](https://img.shields.io/github/license/ystia/yorc.svg)](https://github.com/ystia/yorc/blob/develop/LICENSE) [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com) [![Docker Pulls](https://img.shields.io/docker/pulls/ystia/yorc.svg?style=flat)](https://hub.docker.com/r/ystia/yorc) [![Join the chat at https://gitter.im/ystia/yorc](https://badges.gitter.im/ystia/yorc.svg)](https://gitter.im/ystia/yorc?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 
 <p align="center">
   <img src="https://raw.githubusercontent.com/ystia/yorc/develop/doc/_static/logo/github-repository-open-graph-template.png" width="50%" height="50%" title="Yorc Logo">
@@ -24,9 +24,9 @@ Yorc is now the official orchestrator for Alien4Cloud and Alien4Cloud distributi
 
 ## How to download the Ystia Orchestrator
 
-Yorc releases can be downloaded from our [BinTray account](https://bintray.com/ystia/yorc-engine/distributions).
+Yorc releases can be downloaded from our [GitHub Release](https://github.com/ystia/yorc/releases).
 
-Grab the [latest release here](https://bintray.com/ystia/yorc-engine/distributions/_latestVersion).
+Grab the [latest release here](https://github.com/ystia/yorc/releases/latest).
 
 Docker images could be found on [Docker Hub](https://hub.docker.com/r/ystia/yorc).
 

diff --git a/build/bintray_release.json.tpl b/build/bintray_release.json.tpl