From 893874a775ba71e165c9f627cf06fd57d1cb2214 Mon Sep 17 00:00:00 2001 From: Stephen Carter Date: Fri, 10 Jan 2025 10:44:38 -0500 Subject: [PATCH 1/2] NEW: @W-17576074@: Create github action to make rollback operation of latest tag easy to do (but hopefully we never need to do so) --- .../workflows/apply-npm-tag-to-version.yml | 60 +++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 .github/workflows/apply-npm-tag-to-version.yml diff --git a/.github/workflows/apply-npm-tag-to-version.yml b/.github/workflows/apply-npm-tag-to-version.yml new file mode 100644 index 000000000..f8e9042d4 --- /dev/null +++ b/.github/workflows/apply-npm-tag-to-version.yml @@ -0,0 +1,60 @@ +name: apply-npm-tag-to-version +on: + workflow_dispatch: + inputs: + package_name: + description: 'Select Package Name:' + required: true + type: choice + options: + - '@salesforce/plugin-code-analyzer' + - '@salesforce/sfdx-scanner' + tag_name: + description: 'Tag Name (ex: latest):' + required: true + type: string + version: + description: 'Version (ex: 4.8.0):' + required: true + type: string + confirm: + description: 'Check this box to confirm that you understand that applying a tag using this action is only recommended for emergency rollback situations and that you understand the consequences.' + required: true + type: boolean + +jobs: + publish_package: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 'lts/*' + + - name: Fail if not one of the permitted users + if: ${{ github.actor != 'stephen-carter-at-sf' && github.actor != 'jfeingold35' && github.actor != 'jag-j' }} + run: | + echo "::error::The user ${{ github.actor }} is not one of the permitted users that may perform this action." + exit 1 + + - name: Fail if not confirmed + if: ${{ github.event.inputs.confirm != 'true' }} + run: | + echo "::error::You did not confirm, so dist-tag not called." + exit 1 + + - name: Validate package name (sanity check) + if: ${{ github.event.inputs.package_name != '@salesforce/plugin-code-analyzer' && github.event.inputs.package_name != '@salesforce/sfdx-scanner' }} + run: | + echo "Invalid package name. Please choose one of the allowed package names." + exit 1 + + - name: Prepare NPM Credentials + run: echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc + + - name: Apply tag + run: | + echo "You have confirmed that using this action is only recommended for emergency rollback situations and that you are responsible for manually applying the ${{ github.event.inputs.tag_name }} tag to ${{ github.event.inputs.package_name }}@${{ github.event.inputs.version }}." + echo "Applying tag..." + npm dist-tag add ${{ github.event.inputs.package_name }}@${{ github.event.inputs.version }} ${{ github.event.inputs.tag_name }} From ef419e5b031d7d3b578af07b311901056609bf65 Mon Sep 17 00:00:00 2001 From: Stephen Carter Date: Fri, 10 Jan 2025 14:38:41 -0500 Subject: [PATCH 2/2] Remove unneeded check for users --- .github/workflows/apply-npm-tag-to-version.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/apply-npm-tag-to-version.yml b/.github/workflows/apply-npm-tag-to-version.yml index f8e9042d4..e5eb974d4 100644 --- a/.github/workflows/apply-npm-tag-to-version.yml +++ b/.github/workflows/apply-npm-tag-to-version.yml @@ -32,12 +32,6 @@ jobs: with: node-version: 'lts/*' - - name: Fail if not one of the permitted users - if: ${{ github.actor != 'stephen-carter-at-sf' && github.actor != 'jfeingold35' && github.actor != 'jag-j' }} - run: | - echo "::error::The user ${{ github.actor }} is not one of the permitted users that may perform this action." - exit 1 - - name: Fail if not confirmed if: ${{ github.event.inputs.confirm != 'true' }} run: |