diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 688135bf..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -defaults: - updatinator_container: &updatinator_container - working_directory: /updatinator - -version: 2 -jobs: - test: - <<: *updatinator_container - docker: - - image: quay.io/pantheon-public/docker-updatinator:3.x - - image: cimg/mysql:5.7.36 - steps: - - checkout - - run: composer install - - run: git config --global user.email "bot@getpantheon.com" - - run: git config --global user.name "Pantheon Automation" - - run: ./update-tool whoami - - run: composer phar:build - - persist_to_workspace: - root: /updatinator - paths: - - update-tool.phar - - run: composer test - publish_phar: - docker: - - image: cibuilds/github:0.10 - steps: - - attach_workspace: - at: ./artifacts - - run: - name: "Publish Release on GitHub" - command: | - VERSION=$CIRCLE_TAG - ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete ${VERSION} ./artifacts/update-tool.phar - -workflows: - version: 2 - push: - jobs: - - test: - filters: - tags: - only: /.*/ - - publish_phar: - requires: - - test - filters: - branches: - ignore: /.*/ - tags: - only: /.*/ diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 00000000..9d6dd84f --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,29 @@ +name: Deploy +on: + repository_dispatch: + types: [tests-passed] + +jobs: + publish: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '7.4' + - name: Get tag name + id: tag_name + run: echo ::set-output name=tag::${GITHUB_REF#refs/tags/} + - name: Build phar + run: | + composer install + composer phar:build + - name: Publish Release + uses: ncipollo/release-action@v1 + with: + artifacts: 'update-tool.phar' + artifactErrorsFailBuild: true + body: Version ${{ steps.tag_name.outputs.tag }} + generateReleaseNotes: true + makeLatest: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..ca512352 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,76 @@ +name: Test +on: + pull_request: + push: + tags: + - '*' + +permissions: write-all + +jobs: + test: + runs-on: ubuntu-latest + services: + mariadb: + image: mariadb:10.5 + steps: + - uses: actions/checkout@v3 + - name: Set PHP version + uses: shivammathur/setup-php@v2 + with: + php-version: 7.4 + - name: Setup MySQL + run: | + sudo systemctl start mysql + mysqladmin -h 127.0.0.1 -u root -proot status + echo "Setting the root password to empty" + mysql -h 127.0.0.1 -u root -proot -e "USE mysql; UPDATE user SET authentication_string='' WHERE User='root'; FLUSH PRIVILEGES;" + echo "Testing blank password" + mysqladmin -h 127.0.0.1 -u root status + - name: Install Composer Dependencies + run: composer install --prefer-dist --no-progress --no-suggest + - name: Install SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: ${{ secrets.PANTHEON_UPSTREAM_SSH_KEY }} + - name: Unset GitHub Tokens + shell: bash + run: | + unset GITHUB_TOKEN + unset GH_TOKEN + - name: Run Update Tool Whoami + shell: bash + env: + GITHUB_TOKEN: ${{ secrets.PANTHEON_UPSTREAM_AUTH_TOKEN }} + GH_TOKEN: ${{ secrets.PANTHEON_UPSTREAM_AUTH_TOKEN }} + run: | + echo "Set git config" + git config --global user.email "bot@getpantheon.com" + git config --global user.name "Pantheon Automation" + echo "Login with gh auth" + # gh auth login + gh auth status + ./update-tool whoami + - name: Install WP-CLI + run: | + curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar + chmod +x wp-cli.phar + sudo mv wp-cli.phar /usr/local/bin/wp + wp --info + - name: Run tests + env: + GITHUB_TOKEN: ${{ secrets.PANTHEON_UPSTREAM_AUTH_TOKEN }} + GH_TOKEN: ${{ secrets.PANTHEON_UPSTREAM_AUTH_TOKEN }} + DB_USER: root + DB_NAME: updatinate-wp-db + run: composer test + send-dispatch: + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-latest + steps: + - name: Send Dispatch + uses: peter-evans/repository-dispatch@v1 + with: + token: ${{ secrets.PANTHEON_UPSTREAM_AUTH_TOKEN }} + repository: pantheon-systems/update-tool + event-type: tests-passed diff --git a/README.md b/README.md index b42e4972..0a345808 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Fast and smart. Update Tool checks for available software updates and creates pull requests. -[![CircleCI](https://dl.circleci.com/status-badge/img/gh/pantheon-systems/update-tool/tree/master.svg?style=svg)](https://dl.circleci.com/status-badge/redirect/gh/pantheon-systems/update-tool/tree/master) +[![Test](https://github.com/pantheon-systems/update-tool/actions/workflows/test.yml/badge.svg)](https://github.com/pantheon-systems/update-tool/actions/workflows/test.yml) [![Actively Maintained](https://img.shields.io/badge/Pantheon-Actively_Maintained-yellow?logo=pantheon&color=FFDC28)](https://pantheon.io/docs/oss-support-levels#actively-maintained-support) [![License](https://img.shields.io/badge/license-MIT-408677.svg)](LICENSE) @@ -29,7 +29,7 @@ The authentication credentials you will need can be found in the production Vaul *Production:* In production, this tool uses the credentials defined in the [pantheon-systems/updatinator](https://github.com/pantheon-systems/updatinator) project. -*Testing:* CircleCI needs a GitHub token for a service account that has access to the projects in the [test-configurations.yml](tests/fixtures/home/test-configuration.yml) fixtures file. Currently, the github user pantheon-ci-bot is being used. Access it via: +*Testing:* GitHub Actions needs a GitHub token for a service account that has access to the projects in the [test-configurations.yml](tests/fixtures/home/test-configuration.yml) fixtures file. Currently, the GitHub user `pantheon-ci-bot` is being used. Access it via: ``` pvault production read secret/github/access-tokens/pantheon-ci-bot @@ -57,10 +57,10 @@ The test suite may be run locally by way of some simple composer scripts: ### Releasing -To release a new version of the Update Tool, run: +To release a new version of the Update Tool, create a new tag at the appropriate version. This will trigger the tests to run again. Assuming the tests pass, that sends a release dispatch that triggers another GitHub Action to publish the release and upload the `update-tool.phar` to the release. -- `composer release` +Rebuild [pantheon-systems/docker-updatinator](https://github.com/pantheon-systems/docker-updatinator) to deploy a new version of the tool to the automation processes. -This will release a stable version of whatever is indicated in the VERSION file. e.g. if VERSION contains `1.0.3-dev`, then version `1.0.3` will be tagged and released, and the VERSION file will be updated to `1.0.4-dev`. To release version `1.1.0` instead, manually edit the VERSION file to `1.1.0-dev` and then run `composer release`. +Alternately, you can use the Composer script `composer release`. -The update-tool.phar file will be uploaded to GitHub on every release. Rebuild [pantheon-systems/docker-updatinator](https://github.com/pantheon-systems/docker-updatinator) to deploy a new version of the tool to the automation processes. +This will release a stable version of whatever is indicated in the VERSION file. e.g. if VERSION contains `1.0.3-dev`, then version `1.0.3` will be tagged and released, and the VERSION file will be updated to `1.0.4-dev`. To release version `1.1.0` instead, manually edit the VERSION file to `1.1.0-dev` and then run `composer release`. This requires maintaining the `VERSION` file which historically has not been consistently updated, and simply creating the tag and allowing automation to handle the release is a more straightforward process. \ No newline at end of file