Overview
This document provides an overview of the current SIMP RELENG ecosystem as of 10/28/2021 as it supports the upcoming 6.6.0 release.
RELENG Ecosystem
SIMP CE code is managed by repositories under the GitHub http://github.com/simp organization. Contributors fork repositories and contribute changes using Pull Requests (PRs). Each contribution’s PR encapsulates its own reviews, CI/CD workflows, and any discussion or patches until it is approved and merged into the upstream repository.
GitHub Actions
GitHub Actions (GHA) automates the CI/CD for most repositories that are included in/support the SIMP super-release. This generally includes:
On PRs and merges:
Running automated checks, linting, and tests
On PRs:
Triggering GLCI pipelines
(merging will auto-trigger GLCI as the new commits are mirrored)
On annotated Tags:
Creating a GitHub release
Building/publishing packages (e.g., Puppet modules, Ruby Gems) to upstream repositories
Building/signing/attaching RPMs, either a.) as a follow-on to a tag-driven GitHub Release, OR b.) from a manual GHA trigger.
RPMs are attached to the relevant GitHub release as downloadable assets
Each repository’s GHA workflow configurations are kept under .github/workflows/.
Common workflows are managed by Puppetsync as standardized assets and should not be edited directly. Puppetsync-managed workflows identify themselves in their header comments.
Some repositories have their own unique workflows. These files are maintained directly and are not managed by Puppetsync. Puppetsync-managed workflows identify themselves in their header comments.
SIMP Puppet modules
GHA workflows are identical across all SIMP Puppet modules, managed by Puppetsync (as type pupmod).
SIMP RubyGems
Most GHA workflows for RubyGems are managed by Puppetsync (as type rubygem)
RubyGem workflows may have several variations, particularly the tag-to-release workflows: depending on the gems, it may need to publish to rubygems.org, build an RPM, or just release to GitHub.
Unique workflows are managed per-repository.
Other SIMP assets
Other SIMP assets (e.g., simp-utils, pkg-r10k) may share common GHA workflows managed by Puppetsync (as type simp-unknown) and/or unique workflows that are managed per-repository.
Notable edge cases
Using GHA workflows to build RPMs for non-SIMP forked repo mirrors
Forked repo mirrors don’t use SIMP GHA workflows, so new tags to don’t trigger relases and RPM builds.
However, the release_rpms.yml workflow (a standardized asset in every repo that builds its own RPMs) is designed to work as a manual action that can release/build RPMs for any other SIMP repository (when provided a token with sufficient scope).
simp-core
simp-core currently has no GHA workflows.
As a result, PRs and merges do not automatically trigger GLCI pipelines for acceptance/integration tests.
TODO GitLab CI
TODO SIMP RELENG Tools
TODO Rake tasks
TODO Puppetsync
TODO bolt-pulp3
TODO releng-misc Bolt project
TODO Lifecycles
el8 modularity
TODO RPM lifecycle
GitHub (UNSTABLE-2) → UNSTABLE → STABLE
TODO RPMs, GPG keys, and Yum repositories
TODO Building and Signing RPMs
TODO Repositories
Manually triggering GHA RPM builds
In situations where GHA should
The release_rpms.yml workflow is a standardized asset in every repo that builds its own RPMs. It is automatically triggered as part of a repo’s tag_deploy*.yml workflow, but it can also be manual triggered manually to release/build/sign/attach RPMs for any other repository under the simp/ org. This requires a token with sufficient scope.
From a repo’s GitHub actions UI, select the RELENG: Build + attach RPMs to GitHub Release action
Click the “Run workflow” drop-down in the upper right
Fill out the relevant inputs, including an API token
Click “Run workflow”
