len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2026-04-03 04:27:39 -04:00
Code Issues Projects Releases Packages Wiki Activity

Updating Auto-Release Workflow (#1388)

Browse source 
We no longer like the workflow writing to our repo
This commit is contained in:
Kody Stribrny 2026-03-30 14:50:31 -07:00 committed by GitHub
parent fcc665325c
commit caee8b6a94
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 101 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

115
.github/workflows/auto-release.yml vendored
View file

@ -15,10 +15,15 @@ on:
description: "Version String for task.h on main branch (leave empty to leave as-is)."
required: false
default: ''
github_token:
description: 'GitHub token for creating releases and pushing changes'
required: true
jobs:
release-packager:
permissions:
contents: write
pull-requests: write
id-token: write
name: Release Packager
runs-on: ubuntu-latest
@ -29,7 +34,17 @@ jobs:
with:
architecture: x64
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ github.event.inputs.github_token }}
- name: Install GitHub CLI
run: |
command -v gh >/dev/null 2>&1 || {
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
sudo apt update
sudo apt install gh
}
# Currently FreeRTOS/.github/scripts houses the release script. Download it for upcoming usage
- name: Checkout FreeRTOS Release Tools
@ -52,28 +67,36 @@ jobs:
git config --global user.name "$ACTOR"
git config --global user.email "$ACTOR"@users.noreply.github.com
- name: create a new branch that references commit id
- name: Create version branch
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
COMMIT_ID: ${{ github.event.inputs.commit_id }}
working-directory: ./local_kernel
run: |
git checkout -b "$VERSION_NUMBER" "$COMMIT_ID"
git push -u origin "$VERSION_NUMBER"
echo "COMMIT_SHA_1=$(git rev-parse HEAD)" >> $GITHUB_ENV
- name: Create release preparation branch
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
working-directory: ./local_kernel
run: |
git checkout -b "release-prep-$VERSION_NUMBER"
- name: Update source files with version info
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
MAIN_BR_VERSION_NUMBER: ${{ github.event.inputs.main_br_version }}
COMMIT_SHA_1: ${{ env.COMMIT_SHA_1 }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ github.event.inputs.github_token }}
run: |
# Install deps and run
pip install -r ./tools/.github/scripts/release-requirements.txt
./tools/.github/scripts/update_src_version.py FreeRTOS --kernel-repo-path=local_kernel --kernel-commit="$COMMIT_SHA_1" --new-kernel-version="$VERSION_NUMBER" --new-kernel-main-br-version="$MAIN_BR_VERSION_NUMBER"
exit $?
- name : Update version number in manifest.yml
- name: Update version number in manifest.yml
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
working-directory: ./local_kernel
@ -81,24 +104,81 @@ jobs:
./.github/scripts/manifest_updater.py -v "$VERSION_NUMBER"
exit $?
- name : Commit version number change in manifest.yml
- name: Commit and push release preparation branch
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
working-directory: ./local_kernel
run: |
# The update_src_version.py script detaches HEAD by checking out a SHA.
# Re-attach HEAD to the release prep branch, keeping all commits.
git branch -f "release-prep-$VERSION_NUMBER" HEAD
git checkout "release-prep-$VERSION_NUMBER"
git add .
git commit -m '[AUTO][RELEASE]: Update version number in manifest.yml'
git push -u origin "$VERSION_NUMBER"
if git diff --cached --quiet; then
echo "No new changes to commit — source files and manifest already up to date."
else
git commit -m '[AUTO][RELEASE]: Update version number in manifest.yml and source files'
fi
git push -u origin "release-prep-$VERSION_NUMBER"
- name: Create pull request
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
GH_TOKEN: ${{ github.event.inputs.github_token }}
REPO_FULL_NAME: ${{ github.repository }}
working-directory: ./local_kernel
run: |
PR_URL=$(gh pr create \
--repo "$REPO_FULL_NAME" \
--base "$VERSION_NUMBER" \
--head "release-prep-$VERSION_NUMBER" \
--title "[AUTO][RELEASE]: Release $VERSION_NUMBER" \
--body "Automated release preparation for $VERSION_NUMBER. Updates version numbers in source files and manifest.yml.")
echo "PR_URL=$PR_URL" >> $GITHUB_ENV
- name: Wait for PR to be merged
env:
GH_TOKEN: ${{ github.event.inputs.github_token }}
REPO_FULL_NAME: ${{ github.repository }}
working-directory: ./local_kernel
run: |
PR_NUMBER=$(echo "$PR_URL" | grep -oE '[0-9]+$')
while true; do
STATE=$(gh pr view "$PR_NUMBER" --repo "$REPO_FULL_NAME" --json state --jq .state)
if [ "$STATE" = "MERGED" ]; then
echo "PR merged successfully"
break
elif [ "$STATE" = "CLOSED" ]; then
echo "Error: PR was closed without merging"
exit 1
fi
echo "Waiting for PR to be merged... (current state: $STATE)"
sleep 30
done
- name: Re-checkout after merge
uses: actions/checkout@v4.1.1
with:
path: local_kernel
ref: ${{ github.event.inputs.version_number }}
fetch-depth: 0
- name: Generate SBOM
uses: FreeRTOS/CI-CD-Github-Actions/sbom-generator@main
with:
repo_path: ./local_kernel
source_path: ./
directory: ./local_kernel
distribution-type: repository
creator: Amazon Web Services, Inc.
download-location: git+https://github.com/${{ github.repository_owner }}/${{ github.event.repository.name }}.git@${{ github.event.inputs.version_number }}
homepage: https://github.com/${{ github.repository_owner }}/${{ github.event.repository.name }}
namespace-prefix: https://github.com/${{ github.repository_owner }}/${{ github.event.repository.name }}/releases/download/${{ github.event.inputs.version_number }}/
include-file-hashes: true
- name: commit SBOM file
- name: Commit SBOM file
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
GITHUB_TOKEN: ${{ github.event.inputs.github_token }}
working-directory: ./local_kernel
run: |
git add .
@ -112,7 +192,7 @@ jobs:
MAIN_BR_VERSION_NUMBER: ${{ github.event.inputs.main_br_version }}
COMMIT_SHA_2: ${{ env.COMMIT_SHA_2 }}
REPO_OWNER: ${{ github.repository_owner }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ github.event.inputs.github_token }}
run: |
# Install deps and run
pip install -r ./tools/.github/scripts/release-requirements.txt
@ -127,10 +207,17 @@ jobs:
artifact_path: ./FreeRTOS-KernelV${{ github.event.inputs.version_number }}.zip
release_tag: ${{ github.event.inputs.version_number }}
- name: Cleanup
- name: Delete release preparation branch
if: always()
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
GH_TOKEN: ${{ github.event.inputs.github_token }}
working-directory: ./local_kernel
run: |
# Delete the branch created for Tag by SBOM generator
git push -u origin --delete "$VERSION_NUMBER"
# Only delete release-prep branch if the PR was already merged
PR_STATE=$(gh pr list --repo "${{ github.repository }}" --head "release-prep-$VERSION_NUMBER" --json state --jq '.[0].state' 2>/dev/null || echo "")
if [ "$PR_STATE" = "MERGED" ] || [ -z "$PR_STATE" ]; then
git push origin --delete "release-prep-$VERSION_NUMBER" || true
else
echo "Skipping release-prep branch deletion — PR is still open (state: $PR_STATE)"
fi