change release workflows to depend on ci workflow

armadaproject · Jun 28, 2023 · 45e1c9e · 45e1c9e
1 parent c70d4da
commit 45e1c9e
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 5 deletions.
diff --git a/.github/workflows/release-rc.yml b/.github/workflows/release-rc.yml
@@ -1,18 +1,48 @@
 name: Release Armada components - RC
 
 on:
-  push:
+  workflow_run:
+    types: [completed]
+    workflows: [CI]
     branches:
-      - main
       - master
 
 permissions:
   contents: write
 
 jobs:
+  validate:
+    if: github.event.workflow_run.event == 'push' && github.event.workflow_run.conclusion == 'success' && github.repository_owner == 'armadaproject'
+    name: "Validate revision"
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: "Checkout"
+        uses: "actions/checkout@v3"
+        with:
+          fetch-depth: 0
+
+      - name: Validate ref
+        run: |
+          ref=${{ github.event.workflow_run.head_branch }}
+          sha=${{ github.event.workflow_run.head_sha }}
+          case $ref in
+            v?*)
+              [ $(git rev-parse refs/tags/$ref) == $sha ] &&
+              [ $(git branch --contains=$sha main | wc -l) -eq 1 ]
+              ;;
+            *)
+              false
+              ;;
+          esac
+          if [ $? -ne 0 ]; then
+            echo "::error ::Invalid ref $ref $sha"
+            exit 1
+          fi
   release:
-    if: github.repository_owner == 'armadaproject'
+    if: github.event.workflow_run.event == 'push' && github.event.workflow_run.conclusion == 'success' && github.repository_owner == 'armadaproject'
     name: Release
+    needs: validate
     runs-on: "ubuntu-22.04"
     environment: armada-dockerhub
 

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -3,18 +3,47 @@ name: Release Armada components
 on:
   workflow_run:
     types: [completed]
-    workflows: [Validate Release]
+    workflows: [CI]
     branches:
-      - master
       - v*
 
 permissions:
   contents: write
 
 jobs:
+  validate:
+    if: github.event.workflow_run.event == 'push' && github.event.workflow_run.conclusion == 'success' && github.repository_owner == 'armadaproject'
+    name: "Validate revision"
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: "Checkout"
+        uses: "actions/checkout@v3"
+        with:
+          fetch-depth: 0
+
+      - name: Validate ref
+        run: |
+          ref=${{ github.event.workflow_run.head_branch }}
+          sha=${{ github.event.workflow_run.head_sha }}
+          case $ref in
+            v?*)
+              [ $(git rev-parse refs/tags/$ref) == $sha ] &&
+              [ $(git branch --contains=$sha main | wc -l) -eq 1 ]
+              ;;
+            *)
+              false
+              ;;
+          esac
+          if [ $? -ne 0 ]; then
+            echo "::error ::Invalid ref $ref $sha"
+            exit 1
+          fi
+
   release:
     if: github.event.workflow_run.event == 'push' && github.event.workflow_run.conclusion == 'success' && github.repository_owner == 'armadaproject'
     name: "Release"
+    needs: validate
     runs-on: ubuntu-22.04
     environment: armada-dockerhub