Update bicep to push to ghcr #897
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Radius Build | ||
| on: | ||
| push: | ||
| branches: [bicep-extensibility] | ||
| tags: | ||
| - v* | ||
| pull_request: | ||
| branches: [bicep-extensibility] | ||
| workflow_dispatch: | ||
| env: | ||
| CI: true | ||
| # don't print dotnet logo | ||
| DOTNET_NOLOGO: true | ||
| # disable telemetry (reduces dotnet tool output in logs) | ||
| DOTNET_CLI_TELEMETRY_OPTOUT: true | ||
| RELEASE_PATH: ./release | ||
| # ORAS (OCI Registry As Storage) CLI version | ||
| ORAS_VERSION: 1.1.0 | ||
| # GitHub Actor for pushing images to GHCR | ||
| GHCR_ACTOR: rad-ci-bot | ||
| # Container registry url for GitHub container registry. | ||
| CONTAINER_REGISTRY: ${{ github.event_name == 'push' && 'ghcr.io/radius-project/dev' || 'ghcr.io/radius-project/radius' }} | ||
| # Version tag | ||
| VERSION_TAG: ${{ env.UPDATE_RELEASE == 'true' && env.REL_VERSION || 'latest' }} | ||
|
Check failure on line 26 in .github/workflows/radius-build.yml
|
||
| # URL to get source code for building the image | ||
| IMAGE_SRC: https://github.com/radius-project/bicep | ||
| jobs: | ||
| build: | ||
| name: Build Bicep - ${{ matrix.rid }} | ||
| runs-on: ${{ matrix.os }} | ||
| strategy: | ||
| fail-fast: false | ||
| # should be the full list of RIDs that we support in the CLI | ||
| matrix: | ||
| include: | ||
| - os: windows-latest | ||
| rid: win-x64 | ||
| name: windows-x64 | ||
| ext: '.exe' | ||
| - os: windows-latest | ||
| rid: win-arm64 | ||
| name: windows-arm64 | ||
| ext: '.exe' | ||
| - os: ubuntu-latest | ||
| rid: linux-x64 | ||
| name: linux-x64 | ||
| ext: '' | ||
| - os: ubuntu-latest | ||
| rid: linux-arm | ||
| name: linux-arm | ||
| ext: '' | ||
| - os: ubuntu-latest | ||
| rid: linux-arm64 | ||
| name: linux-arm64 | ||
| ext: '' | ||
| - os: macos-latest | ||
| rid: osx-x64 | ||
| name: macos-x64 | ||
| ext: '' | ||
| - os: macos-latest | ||
| rid: osx-arm64 | ||
| name: macos-arm64 | ||
| ext: '' | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 # avoid shallow clone so nbgv can do its work. | ||
| submodules: true | ||
| - name: Parse release version and set environment variables | ||
| run: python ./.github/scripts/get_release_version.py | ||
| - name: Setup .NET Core | ||
| uses: actions/setup-dotnet@v3 | ||
| - uses: actions/cache@v3 | ||
| with: | ||
| path: ~/.nuget/packages | ||
| # Look to see if there is a cache hit for the corresponding requirements file | ||
| key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-nuget | ||
| - name: Publish Bicep ${{ matrix.name }} | ||
| run: > | ||
| dotnet publish ./src/Bicep.Cli/Bicep.Cli.csproj | ||
| --configuration Release | ||
| --self-contained true | ||
| -p:PublishTrimmed=true | ||
| -p:PublishSingleFile=true | ||
| -p:TrimmerDefaultAction=copyused | ||
| -p:SuppressTrimAnalysisWarnings=true | ||
| -r ${{ matrix.rid }} | ||
| -o ./artifacts/bicep/${{ matrix.name }} | ||
| - name: Test | ||
| if: ${{ matrix.name == 'linux-x64' }} | ||
| run: dotnet test --configuration release --blame --collect:"XPlat Code Coverage" --settings ./.github/workflows/codecov.runsettings --results-directory ./TestResults/ | ||
| - name: Upload Test Results | ||
| if: ${{ matrix.name == 'linux-x64' }} | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: Bicep.TestResults | ||
| path: ./TestResults/**/*.trx | ||
| - name: Upload artifacts | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: artifacts | ||
| path: ./artifacts | ||
| if-no-files-found: error | ||
| - name: Move rad-bicep to release directory | ||
| shell: bash | ||
| run: | | ||
| mkdir ${{ env.RELEASE_PATH }} | ||
| cp ./artifacts/bicep/${{ matrix.name }}/rad-bicep${{ matrix.ext }} ./release/$release_file | ||
| env: | ||
| release_file: rad-bicep-${{ matrix.name }}${{ matrix.ext }} | ||
| - name: Upload rad-bicep | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: release | ||
| path: ${{ env.RELEASE_PATH }} | ||
| if-no-files-found: error | ||
| vscode-bicep-build: | ||
| name: Build Bicep vscode extension | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 # avoid shallow clone so nbgv can do its work. | ||
| submodules: true | ||
| - name: Parse release version and set environment variables | ||
| run: python ./.github/scripts/get_release_version.py | ||
| - name: Setup Node | ||
| uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: 16 | ||
| - uses: actions/cache@v3 | ||
| with: | ||
| path: ~/.nuget/packages | ||
| # Look to see if there is a cache hit for the corresponding requirements file | ||
| key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-nuget | ||
| - name: Publish Language Server | ||
| run: > | ||
| dotnet publish --configuration release | ||
| ./src/Bicep.LangServer/Bicep.LangServer.csproj | ||
| -o "./src/vscode-bicep/bicepLanguageServer" | ||
| - name: npm ci | ||
| run: npm ci | ||
| working-directory: ./src/vscode-bicep | ||
| - name: Enable params | ||
| run: npm run params | ||
| working-directory: ./src/vscode-bicep | ||
| - name: Run lint | ||
| run: npm run lint | ||
| working-directory: ./src/vscode-bicep | ||
| - name: Run unit tests | ||
| run: npm run test:unit | ||
| working-directory: ./src/vscode-bicep | ||
| - name: Run snapshot tests | ||
| run: npm run test:snapshot | ||
| working-directory: ./src/vscode-bicep | ||
| - name: Build prod | ||
| run: npm run build:prod | ||
| working-directory: ./src/vscode-bicep | ||
| # Comment out while we troubleshoot the root cause of e2e errors | ||
| # - name: Build E2E tests | ||
| # run: npm run build:e2e | ||
| # working-directory: ./src/vscode-bicep | ||
| # - name: Run E2E tests | ||
| # run: xvfb-run -a npm run test:e2e | ||
| # working-directory: ./src/vscode-bicep | ||
| # - name: Show extension logs of E2E tests | ||
| # run: cat ./bicep.log | ||
| # if: always() | ||
| # working-directory: ./src/vscode-bicep | ||
| - name: Create VSIX | ||
| run: npm run package | ||
| working-directory: ./src/vscode-bicep | ||
| - name: Copy VSIX | ||
| run: > | ||
| mkdir -p ./artifacts/vscode && | ||
| cp ./src/vscode-bicep/vscode-bicep.vsix ./artifacts/vscode/rad-vscode-bicep.vsix | ||
| - name: Upload artifacts | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: artifacts | ||
| path: ./artifacts | ||
| if-no-files-found: error | ||
| - name: Copy VSIX to release | ||
| run: > | ||
| mkdir -p ${{ env.RELEASE_PATH }}/vscode && | ||
| cp ./src/vscode-bicep/vscode-bicep.vsix ${{ env.RELEASE_PATH }}/rad-vscode-bicep.vsix | ||
| - name: Upload VSIX to release | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: release | ||
| path: ${{ env.RELEASE_PATH }} | ||
| if-no-files-found: error | ||
| publish_release: | ||
| if: startsWith(github.ref, 'refs/tags/v') | ||
| name: Publish to GitHub Release | ||
| needs: ["build", "vscode-bicep-build"] | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v2 | ||
| with: | ||
| fetch-depth: 0 # avoid shallow clone so nbgv can do its work. | ||
| submodules: true | ||
| - name: Parse release version and set environment variables | ||
| run: python ./.github/scripts/get_release_version.py | ||
| - name: Download releases | ||
| uses: actions/download-artifact@v2 | ||
| with: | ||
| name: release | ||
| path: ${{ env.RELEASE_PATH }} | ||
| - name: generate checksum files | ||
| run: cd ${{ env.RELEASE_PATH }} && for i in *; do sha256sum -b $i > "$i.sha256"; done && cd - | ||
| - name: Display release | ||
| run: ls -R | ||
| working-directory: ./release | ||
| - name: Pre-release | ||
| if: ${{ contains(env.REL_VERSION, '-rc') }} | ||
| run: | | ||
| gh release create v${{ env.REL_VERSION }} \ | ||
| ${{ env.RELEASE_PATH }}/* \ | ||
| --generate-notes \ | ||
| --prerelease \ | ||
| --verify-tag \ | ||
| --title "Radius Bicep v${{ env.REL_VERSION }}" | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GH_RAD_CI_BOT_PAT }} | ||
| - name: Official release | ||
| if: ${{ !contains(env.REL_VERSION, '-rc') }} | ||
| run: | | ||
| gh release create v${{ env.REL_VERSION }} \ | ||
| ${{ env.RELEASE_PATH }}/* \ | ||
| --generate-notes \ | ||
| --verify-tag \ | ||
| --title "Radius Bicep v${{ env.REL_VERSION }}" | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GH_RAD_CI_BOT_PAT }} | ||
| # TODO once tested: if: ${{ github.event_name == 'push' }} | ||
| publish_ghcr: | ||
| name: Publish to GHCR | ||
| needs: ["build", "vscode-bicep-build"] | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| runtime: | ||
| - name: windows-x64 | ||
| id: win-x64 | ||
| extension: .exe | ||
| - name: windows-x64 | ||
| id: win-arm64 | ||
| extension: .exe | ||
| - name: linux-x64 | ||
| id: linux-x64 | ||
| - name: linux-arm | ||
| id: linux-arm | ||
| - name: linux-arm64 | ||
| id: linux-arm64 | ||
| - name: macos-x64 | ||
| id: osx-x64 | ||
| - name: macos-arm64 | ||
| id: osx-arm64 | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v2 | ||
| with: | ||
| fetch-depth: 0 # avoid shallow clone so nbgv can do its work. | ||
| submodules: true | ||
| - name: Parse release version and set environment variables | ||
| run: python ./.github/scripts/get_release_version.py | ||
| - name: Download artifacts | ||
| uses: actions/download-artifact@v2 | ||
| with: | ||
| name: artifacts | ||
| path: artifacts | ||
| - name: Display artifacts | ||
| run: ls -R | ||
| working-directory: ./artifacts | ||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ env.GHCR_ACTOR }} | ||
| password: ${{ secrets.GH_RAD_CI_BOT_PAT }} | ||
| - uses: oras-project/setup-oras@v1 | ||
| with: | ||
| version: ${{ env.ORAS_VERSION }} | ||
| - run: oras version | ||
| - name: Push rad bicep binaries to GHCR (${{ matrix.runtime.name }}) | ||
| run: | | ||
| oras push --annotation "org.opencontainers.image.source=${{ env.IMAGE_SRC }}" ${{ env.CONTAINER_REGISTRY }}/bicep/rad-bicep/${{ matrix.runtime.name }}:${{ env.VERSION_TAG }} ./artifacts/bicep/${{ matrix.runtime.name }}/ | ||
| - name: Check uploaded | ||
| run: curl --fail ${{ env.CONTAINER_REGISTRY }}/bicep/rad-bicep/${{ matrix.runtime.name }}:latest -v > out | ||
| # TODO: remove upload to blob storage once GHCR is tested and working | ||
| - uses: bacongobbler/[email protected] | ||
| name: Upload rad-bicep (${{ matrix.runtime.name }}) | ||
| id: upload-rad-bicep | ||
| with: | ||
| container_name: ${{ secrets.ASSETS_STORAGE_CONTAINER }} | ||
| connection_string: ${{ secrets.ASSETS_STORAGE_CONNECTION_STRING }} | ||
| source_dir: ./artifacts/bicep/${{ matrix.runtime.name }}/ | ||
| extra_args: "--destination-path ./bicep-extensibility/${{ env.REL_CHANNEL }}/${{ matrix.runtime.name }}/ --pattern rad-bicep${{ matrix.runtime.extension }} --overwrite true" | ||
| sync: true | ||
| - name: Check uploaded | ||
| run: curl --fail https://radiuspublic.blob.core.windows.net/tools/bicep-extensibility/${{ env.REL_CHANNEL }}/${{ matrix.runtime.name }}/rad-bicep${{ matrix.runtime.extension }} -v > out | ||
| # Only upload it once | ||
| - uses: bacongobbler/[email protected] | ||
| if: ${{ matrix.runtime.name == 'linux-x64' }} | ||
| name: Upload VS Code (channel) | ||
| with: | ||
| container_name: ${{ secrets.ASSETS_STORAGE_CONTAINER }} | ||
| connection_string: ${{ secrets.ASSETS_STORAGE_CONNECTION_STRING }} | ||
| source_dir: ./artifacts/vscode/ | ||
| extra_args: "--destination-path ./vscode-extensibility/${{ env.REL_CHANNEL }}/ --overwrite true" | ||
| sync: true | ||
| # Logic: If this is a real release (tagged, non-rc) then compare to our existing full | ||
| # release and see if it's newer. This prevents a patch release of an older vintage from overwriting | ||
| # a newer release | ||
| - name: Download version marker file | ||
| run: | | ||
| curl https://radiuspublic.blob.core.windows.net/version/stable.txt -o current-stable.txt | ||
| if: ${{ success() && env.UPDATE_RELEASE == 'true' }} | ||
| - name: Get version | ||
| id: setcurrentversion | ||
| if: ${{ success() && env.UPDATE_RELEASE == 'true' }} | ||
| run: echo ::set-output name=version::$(cat current-stable.txt) | ||
| - name: Compare versions | ||
| uses: madhead/semver-utils@latest | ||
| if: ${{ success() && env.UPDATE_RELEASE == 'true' }} | ||
| id: compare | ||
| with: | ||
| version: ${{ env.REL_VERSION }} | ||
| compare-to: ${{ steps.setcurrentversion.outputs.version }}.0 | ||
| - name: Print info (for sanity) | ||
| if: ${{ success() && env.UPDATE_RELEASE == 'true' }} | ||
| run: | | ||
| echo "current stable channel: ${{ steps.setcurrentversion.outputs.version }}" | ||
| echo "this build channel: ${{ env.REL_CHANNEL }}" | ||
| echo "this build version: ${{ env.REL_VERSION }}" | ||
| echo "comparison: ${{ steps.compare.outputs.comparison-result }}" | ||
| - uses: bacongobbler/[email protected] | ||
| name: Upload VS Code (stable) | ||
| if: ${{ success() && (steps.compare.outputs.comparison-result == '>' || steps.compare.outputs.comparison-result == '=')}} | ||
| with: | ||
| container_name: ${{ secrets.ASSETS_STORAGE_CONTAINER }} | ||
| connection_string: ${{ secrets.ASSETS_STORAGE_CONNECTION_STRING }} | ||
| source_dir: ./artifacts/vscode/ | ||
| extra_args: "--destination-path ./vscode-extensibility/stable/ --overwrite true" | ||
| sync: true | ||
| delete_artifacts: | ||
| name: Delete artifacts | ||
| if: success() | ||
| needs: [ 'publish_ghcr' ] | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Delete release artifacts | ||
| uses: geekyeggo/delete-artifact@v2 | ||
| with: | ||
| name: | | ||
| artifacts | ||
| failOnError: false | ||
