chore(release): 1.4.2 #2
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Release to Ansible repositories | |
| on: | |
| push: | |
| tags: | |
| - 'v[0-9]+.[0-9]+.[0-9]+' # Matches tags like v1.0.0, v2.1.5, etc. Note currently is not triggered by semantic release | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| issues: write | |
| pull-requests: write | |
| jobs: | |
| release: | |
| if: github.ref == 'refs/heads/master' | |
| runs-on: ubuntu-latest | |
| name: Release to AAP and Galaxy | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Python | |
| uses: actions/setup-python@7f4fc3e22c37d6ff65e88745f38bd3157c663f7c # v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Install Ansible | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install ansible ansible-lint | |
| - name: Update Ansible Galaxy file with the next version (from Tag Reference) | |
| run: | | |
| VERSION_NUMBER=`echo ${{ github.ref_name }} | cut -c 2-` | |
| sed -i 's/version\:.*/version: $VERSION_NUMBER/' galaxy.yml | |
| - name: Commit and push galaxy changes | |
| run: | | |
| git config --global user.name 'Github Actions Release Pipeline' | |
| git config --global user.email 'githubactions@users.noreply.github.com' | |
| git commit -am "chore: Update Ansible Galaxy file [skip ci]" | |
| git push | |
| # This can fail in cases where CI is being re-run but we've already bumped the version, so allow it to fail. | |
| continue-on-error: true | |
| - name: Build the ansible galaxy collection (verifies that everything works) | |
| id: build_tarball | |
| run: | | |
| ansible-galaxy collection build | |
| echo "TARBALL=`ls | grep panos_policy_automation`" >> "$GITHUB_OUTPUT" | |
| - name: Print the built collection tarball | |
| run: | | |
| echo "${{ steps.build_tarball.outputs.TARBALL }}" | |
| - name: Publish the collection to Galaxy | |
| env: | |
| ANSIBLE_GALAXY_TOKEN: ${{ secrets.ANSIBLE_GALAXY_TOKEN }} | |
| ANSIBLE_AAP_SERVER: https://console.redhat.com/api/automation-hub/content/validated/ | |
| run: | | |
| ansible-galaxy collection publish --token $ANSIBLE_GALAXY_TOKEN ${{ steps.build_tarball.outputs.TARBALL }} | |
| - name: Publish the collection to Automation Hub | |
| env: | |
| ANSIBLE_AAP_SERVER: rh_automation_hub | |
| ANSIBLE_AAP_TOKEN: ${{ secrets.ANSIBLE_AAP_TOKEN }} | |
| run: | | |
| echo " | |
| [galaxy] | |
| server_list = rh_automation_hub | |
| [galaxy_server.rh_automation_hub] | |
| url=https://cloud.redhat.com/api/automation-hub/ | |
| auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token | |
| token='$ANSIBLE_AAP_TOKEN' | |
| " > ansible.cfg | |
| ansible-galaxy collection publish -s $ANSIBLE_AAP_SERVER ${{ steps.build_tarball.outputs.TARBALL }} |