Generates SBOM after source files are updated with release tag (#680)

* update source file with release version info before SBOM generation * delete tag branch during cleanup
FreeRTOS · May 31, 2023 · d436801 · d436801
1 parent 953c1ee
commit d436801
Showing 1 changed file with 20 additions and 4 deletions.
diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml
@@ -25,7 +25,6 @@ jobs:
       - name: Tool Setup
         uses: actions/setup-python@v2
         with:
-          python-version: 3.7.10
           architecture:   x64
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -51,7 +50,18 @@ jobs:
 
       - name: create a new branch that references commit id
         working-directory: ./local_kernel
-        run: git checkout -b ${{ github.event.inputs.version_number }} ${{ github.event.inputs.commit_id }}
+        run: |
+          git checkout -b ${{ github.event.inputs.version_number }} ${{ github.event.inputs.commit_id }}
+          echo "COMMIT_SHA_1=$(git rev-parse HEAD)" >> $GITHUB_ENV
+
+      - name: Update source files with version info
+        run: |
+          # Install deps and run
+          pip install -r ./tools/.github/scripts/release-requirements.txt
+          ./tools/.github/scripts/update_src_version.py FreeRTOS --kernel-repo-path=local_kernel --kernel-commit=${{ env.COMMIT_SHA_1 }} --new-kernel-version=${{ github.event.inputs.version_number }} --new-kernel-main-br-version=${{ github.event.inputs.main_br_version }}
+          exit $?
+        env:
+            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Generate SBOM
         uses: FreeRTOS/CI-CD-Github-Actions/sbom-generator@main
@@ -65,13 +75,19 @@ jobs:
           git add .
           git commit -m 'Update SBOM'
           git push -u origin ${{ github.event.inputs.version_number }}
-          echo "COMMIT_SHA=$(git rev-parse HEAD)" >> $GITHUB_ENV
+          echo "COMMIT_SHA_2=$(git rev-parse HEAD)" >> $GITHUB_ENV
 
       - name: Release
         run: |
           # Install deps and run
           pip install -r ./tools/.github/scripts/release-requirements.txt
-          ./tools/.github/scripts/release.py FreeRTOS --kernel-repo-path=local_kernel --kernel-commit=${{ env.COMMIT_SHA }} --new-kernel-version=${{ github.event.inputs.version_number }} --new-kernel-main-br-version=${{ github.event.inputs.main_br_version }}
+          ./tools/.github/scripts/release.py FreeRTOS --kernel-repo-path=local_kernel --kernel-commit=${{ env.COMMIT_SHA_2 }} --new-kernel-version=${{ github.event.inputs.version_number }} --new-kernel-main-br-version=${{ github.event.inputs.main_br_version }}
           exit $?
         env:
             GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Cleanup
+        working-directory: ./local_kernel
+        run: |
+          # Delete the branch created for Tag by SBOM generator
+          git push -u origin --delete ${{ github.event.inputs.version_number }}