VARASYS/ZDDC
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ZDDC/.forgejo/workflows/notify-chart-dev.yml
ZDDC 1033d30ad9 fix(ci): notify-chart workflows push to Forgejo, not GitHub 
The chart repo (BMCD/tnd-zddc-chart) is mirrored Forgejo→GitHub
one-way (we set this up so the chart matches the same canonical-
on-Forgejo pattern as the public repos). When notify-chart-prod
and notify-chart-dev pushed directly to GitHub, the bump landed
on GitHub but Forgejo never got it — and the next time Forgejo's
push-mirror ran, it force-overwrote GitHub's bump with Forgejo's
older state. Symptom: prod stuck at v0.0.9 even after auto-bump
appeared to succeed; manual investigation showed Chart.yaml
appVersion was actually still 0.0.10 (the previous manual bump
that DID land on Forgejo).

Fix: clone+push to Forgejo (git.varasys.io/BMCD/tnd-zddc-chart)
instead of GitHub. Forgejo's mirror replicates to GitHub on the
next sync — going through the canonical-Forgejo path keeps both
sides in sync. Uses a new CHART_FORGEJO_TOKEN secret (separate
from CHART_GITHUB_TOKEN, which is no longer needed for these
workflows but kept for any future direct-GitHub use case).
2026-05-03 19:39:48 -05:00

105 lines
4.8 KiB
YAML
Raw Blame History

name: Notify chart dev on beta cut
# Mirrors deploy-release.yml's notify-chart-prod job, but for beta.
# Triggers when a push to ZDDC main touches zddc/internal/apps/embedded/*
# — i.e. a `./build beta` cut whose embedded artifacts the operator
# committed to main. Pushes a chart appVersion bump to the chart's
# develop branch, which fires BMCD's pipeline-dev → dev image rebuilt
# with the new beta-labeled bytes baked in.
#
# Stable cuts ALSO touch embedded/, but their workflow path is the
# tag-triggered notify-chart-prod in deploy-release.yml. To avoid
# double-firing when a stable cut pushes main + tags together, we
# check if HEAD has a zddc-server-v* tag and skip if so — the
# stable workflow handles the chart bump in that case.
on:
push:
branches: [main]
paths:
- 'zddc/internal/apps/embedded/**'
jobs:
notify-chart-dev:
runs-on: host
env:
# Push to Forgejo (BMCD/tnd-zddc-chart on git.varasys.io), NOT
# directly to GitHub. See notify-chart-prod's comment in
# deploy-release.yml for the full rationale (mirror is one-way
# Forgejo→GitHub; direct GitHub pushes get silently overwritten
# on the next mirror sync).
CHART_FORGEJO_TOKEN: ${{ secrets.CHART_FORGEJO_TOKEN }}
steps:
- name: Checkout (need tags to detect stable cut)
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Detect cut type (skip if HEAD has stable tag)
id: gate
run: |
set -eu
if git tag --points-at HEAD | grep -q '^zddc-server-v'; then
echo "is_beta=false" >> "$GITHUB_OUTPUT"
echo "HEAD has zddc-server-v* tag — stable workflow handles this; skipping dev notify"
else
echo "is_beta=true" >> "$GITHUB_OUTPUT"
echo "No stable tag at HEAD; treating as beta cut"
fi
- name: Auto-bump chart develop appVersion + push
if: steps.gate.outputs.is_beta == 'true'
run: |
set -eu
if [ -z "${CHART_FORGEJO_TOKEN:-}" ]; then
echo "::error::CHART_FORGEJO_TOKEN secret not set on this repo" >&2
exit 1
fi
# Compose a beta version string that's unique per ZDDC commit.
# Uses the next-stable target (max of latest tag + 1, mirrors
# ./build's _coordinated_next_stable) and the short SHA.
# Example: "0.0.11-beta-c099676". Always unique per push.
LATEST_STABLE=$(git tag --list 'zddc-server-v*' --sort=-v:refname | head -1)
MAJ=$(echo "${LATEST_STABLE#zddc-server-v}" | cut -d. -f1)
MIN=$(echo "${LATEST_STABLE#zddc-server-v}" | cut -d. -f2)
PAT=$(echo "${LATEST_STABLE#zddc-server-v}" | cut -d. -f3)
NEXT_STABLE="$MAJ.$MIN.$((PAT + 1))"
SHORT_SHA=$(git rev-parse --short=7 HEAD)
BETA_VERSION="${NEXT_STABLE}-beta-${SHORT_SHA}"
echo "ZDDC beta cut: $BETA_VERSION (HEAD=$(git rev-parse HEAD))"
TMP=$(mktemp -d)
cd "$TMP"
git clone --depth=20 --branch=develop \
"https://oauth2:${CHART_FORGEJO_TOKEN}@git.varasys.io/BMCD/tnd-zddc-chart.git"
cd tnd-zddc-chart
# Idempotent: same SHA ⇒ same version ⇒ no-op.
CURRENT=$(grep '^appVersion:' chart/Chart.yaml | sed -E 's/^appVersion: *"?([^"]*)"?.*/\1/')
if [ "$CURRENT" = "$BETA_VERSION" ]; then
echo "Chart develop already at $BETA_VERSION; nothing to do"
exit 0
fi
sed -i "s/^appVersion: .*/appVersion: \"$BETA_VERSION\"/" chart/Chart.yaml
OLD_CHART_VER=$(grep '^version:' chart/Chart.yaml | awk '{print $2}')
MAJC=$(echo "$OLD_CHART_VER" | cut -d. -f1)
MINC=$(echo "$OLD_CHART_VER" | cut -d. -f2)
PATC=$(echo "$OLD_CHART_VER" | cut -d. -f3)
NEW_CHART_VER="$MAJC.$MINC.$((PATC + 1))"
sed -i "s/^version: .*/version: $NEW_CHART_VER/" chart/Chart.yaml
echo " appVersion: $CURRENT → $BETA_VERSION"
echo " version: $OLD_CHART_VER → $NEW_CHART_VER"
git config user.name "ZDDC Release Bot"
git config user.email "noreply@zddc.varasys.io"
git add chart/Chart.yaml
git commit \
-m "chore(chart): auto-bump appVersion to $BETA_VERSION (ZDDC beta cut)" \
-m "Triggered by push to git.varasys.io/VARASYS/ZDDC main with embedded/* changes (a ./build beta cut). Bumps appVersion so the dev Docker image is tagged zddc:$BETA_VERSION, ensuring kubelet pulls a fresh image on the next helm upgrade." \
-m "Auto-generated by .forgejo/workflows/notify-chart-dev.yml. The next ZDDC beta or stable cut will overwrite this."
git push origin develop
echo "pushed chart develop bump to Forgejo - mirror replicates to GitHub - BMCD pipeline-dev will fire"
Reference in a new issue View git blame Copy permalink