len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2026-04-03 04:27:39 -04:00
Code Issues Projects Releases Packages Wiki Activity
FreeRTOS-Kernel/.github/workflows/auto-release.yml
Kody Stribrny fb2ab8d575
Provide a default token value (#1389)
2026-03-30 15:52:02 -07:00

224 lines
9.2 KiB
YAML
Raw Blame History

name: Kernel-Auto-Release
on:
workflow_dispatch:
inputs:
commit_id:
description: 'Commit ID'
required: true
default: 'HEAD'
version_number:
description: 'Version Number (Ex. 10.4.4)'
required: true
default: '10.4.4'
main_br_version:
description: "Version String for task.h on main branch (leave empty to leave as-is)."
required: false
default: ''
github_token:
description: 'GitHub token for creating releases and pushing changes'
required: true
default: ${{ github.token }}
jobs:
release-packager:
permissions:
contents: write
pull-requests: write
id-token: write
name: Release Packager
runs-on: ubuntu-latest
steps:
# Install python 3
- name: Tool Setup
uses: actions/setup-python@v2
with:
architecture: x64
env:
GITHUB_TOKEN: ${{ github.event.inputs.github_token }}
- name: Install GitHub CLI
run: |
command -v gh >/dev/null 2>&1 || {
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
sudo apt update
sudo apt install gh
}
# Currently FreeRTOS/.github/scripts houses the release script. Download it for upcoming usage
- name: Checkout FreeRTOS Release Tools
uses: actions/checkout@v4.1.1
with:
repository: FreeRTOS/FreeRTOS
path: tools
# Simpler git auth if we use checkout action and forward the repo to release script
- name: Checkout FreeRTOS Kernel
uses: actions/checkout@v4.1.1
with:
path: local_kernel
fetch-depth: 0
- name: Configure git identity
env:
ACTOR: ${{ github.actor }}
run: |
git config --global user.name "$ACTOR"
git config --global user.email "$ACTOR"@users.noreply.github.com
- name: Create version branch
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
COMMIT_ID: ${{ github.event.inputs.commit_id }}
working-directory: ./local_kernel
run: |
git checkout -b "$VERSION_NUMBER" "$COMMIT_ID"
git push -u origin "$VERSION_NUMBER"
echo "COMMIT_SHA_1=$(git rev-parse HEAD)" >> $GITHUB_ENV
- name: Create release preparation branch
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
working-directory: ./local_kernel
run: |
git checkout -b "release-prep-$VERSION_NUMBER"
- name: Update source files with version info
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
MAIN_BR_VERSION_NUMBER: ${{ github.event.inputs.main_br_version }}
COMMIT_SHA_1: ${{ env.COMMIT_SHA_1 }}
GITHUB_TOKEN: ${{ github.event.inputs.github_token }}
run: |
# Install deps and run
pip install -r ./tools/.github/scripts/release-requirements.txt
./tools/.github/scripts/update_src_version.py FreeRTOS --kernel-repo-path=local_kernel --kernel-commit="$COMMIT_SHA_1" --new-kernel-version="$VERSION_NUMBER" --new-kernel-main-br-version="$MAIN_BR_VERSION_NUMBER"
exit $?
- name: Update version number in manifest.yml
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
working-directory: ./local_kernel
run: |
./.github/scripts/manifest_updater.py -v "$VERSION_NUMBER"
exit $?
- name: Commit and push release preparation branch
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
working-directory: ./local_kernel
run: |
# The update_src_version.py script detaches HEAD by checking out a SHA.
# Re-attach HEAD to the release prep branch, keeping all commits.
git branch -f "release-prep-$VERSION_NUMBER" HEAD
git checkout "release-prep-$VERSION_NUMBER"
git add .
if git diff --cached --quiet; then
echo "No new changes to commit — source files and manifest already up to date."
else
git commit -m '[AUTO][RELEASE]: Update version number in manifest.yml and source files'
fi
git push -u origin "release-prep-$VERSION_NUMBER"
- name: Create pull request
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
GH_TOKEN: ${{ github.event.inputs.github_token }}
REPO_FULL_NAME: ${{ github.repository }}
working-directory: ./local_kernel
run: |
PR_URL=$(gh pr create \
--repo "$REPO_FULL_NAME" \
--base "$VERSION_NUMBER" \
--head "release-prep-$VERSION_NUMBER" \
--title "[AUTO][RELEASE]: Release $VERSION_NUMBER" \
--body "Automated release preparation for $VERSION_NUMBER. Updates version numbers in source files and manifest.yml.")
echo "PR_URL=$PR_URL" >> $GITHUB_ENV
- name: Wait for PR to be merged
env:
GH_TOKEN: ${{ github.event.inputs.github_token }}
REPO_FULL_NAME: ${{ github.repository }}
working-directory: ./local_kernel
run: |
PR_NUMBER=$(echo "$PR_URL" | grep -oE '[0-9]+$')
while true; do
STATE=$(gh pr view "$PR_NUMBER" --repo "$REPO_FULL_NAME" --json state --jq .state)
if [ "$STATE" = "MERGED" ]; then
echo "PR merged successfully"
break
elif [ "$STATE" = "CLOSED" ]; then
echo "Error: PR was closed without merging"
exit 1
fi
echo "Waiting for PR to be merged... (current state: $STATE)"
sleep 30
done
- name: Re-checkout after merge
uses: actions/checkout@v4.1.1
with:
path: local_kernel
ref: ${{ github.event.inputs.version_number }}
fetch-depth: 0
- name: Generate SBOM
uses: FreeRTOS/CI-CD-Github-Actions/sbom-generator@main
with:
directory: ./local_kernel
distribution-type: repository
creator: Amazon Web Services, Inc.
download-location: git+https://github.com/${{ github.repository_owner }}/${{ github.event.repository.name }}.git@${{ github.event.inputs.version_number }}
homepage: https://github.com/${{ github.repository_owner }}/${{ github.event.repository.name }}
namespace-prefix: https://github.com/${{ github.repository_owner }}/${{ github.event.repository.name }}/releases/download/${{ github.event.inputs.version_number }}/
include-file-hashes: true
- name: Commit SBOM file
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
GITHUB_TOKEN: ${{ github.event.inputs.github_token }}
working-directory: ./local_kernel
run: |
git add .
git commit -m '[AUTO][RELEASE]: Update SBOM'
git push -u origin "$VERSION_NUMBER"
echo "COMMIT_SHA_2=$(git rev-parse HEAD)" >> $GITHUB_ENV
- name: Release
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
MAIN_BR_VERSION_NUMBER: ${{ github.event.inputs.main_br_version }}
COMMIT_SHA_2: ${{ env.COMMIT_SHA_2 }}
REPO_OWNER: ${{ github.repository_owner }}
GITHUB_TOKEN: ${{ github.event.inputs.github_token }}
run: |
# Install deps and run
pip install -r ./tools/.github/scripts/release-requirements.txt
./tools/.github/scripts/release.py "$REPO_OWNER" --kernel-repo-path=local_kernel --kernel-commit="$COMMIT_SHA_2" --new-kernel-version="$VERSION_NUMBER" --new-kernel-main-br-version="$MAIN_BR_VERSION_NUMBER"
exit $?
- name: Backup Release Asset
uses: FreeRTOS/CI-CD-Github-Actions/artifact-backup@main
with:
# This is dependent on the release script putting this zip file
# in this exact location.
artifact_path: ./FreeRTOS-KernelV${{ github.event.inputs.version_number }}.zip
release_tag: ${{ github.event.inputs.version_number }}
- name: Delete release preparation branch
if: always()
env:
VERSION_NUMBER: ${{ github.event.inputs.version_number }}
GH_TOKEN: ${{ github.event.inputs.github_token }}
working-directory: ./local_kernel
run: |
# Only delete release-prep branch if the PR was already merged
PR_STATE=$(gh pr list --repo "${{ github.repository }}" --head "release-prep-$VERSION_NUMBER" --json state --jq '.[0].state' 2>/dev/null || echo "")
if [ "$PR_STATE" = "MERGED" ] || [ -z "$PR_STATE" ]; then
git push origin --delete "release-prep-$VERSION_NUMBER" || true
else
echo "Skipping release-prep branch deletion — PR is still open (state: $PR_STATE)"
fi
Reference in a new issue View git blame Copy permalink