From b1e3b803c01632aa68f2fe51ef0527101ac8abe6 Mon Sep 17 00:00:00 2001 From: jakobmoellerdev Date: Mon, 11 Nov 2024 14:43:44 +0100 Subject: [PATCH 1/7] chore: extract release version workflow --- .github/workflows/release-version.yaml | 65 ++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 .github/workflows/release-version.yaml diff --git a/.github/workflows/release-version.yaml b/.github/workflows/release-version.yaml new file mode 100644 index 0000000000..480ea9d76e --- /dev/null +++ b/.github/workflows/release-version.yaml @@ -0,0 +1,65 @@ +name: Release Version + +on: + workflow_call: + inputs: + release_candidate: + type: boolean + description: "Release Candidate" + required: true + default: true + release_candidate_name: + type: string + description: "Release Candidate Name, adjust after every succinct release candidate (e.g. to rc.2, rc.3...)" + required: true + default: "rc.1" + outputs: + version: + description: "The release version to use" + value: ${{ jobs.get-release-version.outputs.release-version }} + version_no_prefix: + description: "The release version to use without the 'v' prefix" + value: ${{ jobs.get-release-version.outputs.release-version-no-prefix }} + +jobs: + get-release-version: + name: Get Release Version + runs-on: ubuntu-latest + permissions: + contents: read + outputs: + base-version: ${{ steps.set-base-version.outputs.BASE_VERSION }} + release-version: ${{ steps.export-version.outputs.RELEASE_VERSION }} + release-version-no-prefix: ${{ steps.export-version.outputs.RELEASE_VERSION_NO_PREFIX }} + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version-file: '${{ github.workspace }}/go.mod' + cache: false + + - name: Generate Base Version + id: set-base-version + run: | + BASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate print-version) + echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_ENV + echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_OUTPUT + + - name: Set Version for Release Candidate + if: inputs.release_candidate == true + run: | + RELEASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ inputs.release_candidate_name }}) + echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV + - name: Set Version + if: inputs.release_candidate == false + run: | + RELEASE_VERSION=${{env.BASE_VERSION}} + echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV + + - name: Export Version + id: export-version + run: | + echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_OUTPUT + echo "RELEASE_VERSION_NO_PREFIX=${RELEASE_VERSION#v}" >> $GITHUB_OUTPUT \ No newline at end of file From 8b92f11c7c8465585ae2d51f5c198f8ceec87942 Mon Sep 17 00:00:00 2001 From: jakobmoellerdev Date: Mon, 11 Nov 2024 14:57:49 +0100 Subject: [PATCH 2/7] chore: clean rel tag/branch/version mgmt Moves Version Generation into a separate workflow for readability reasons. Removes option to create release branch in release.yaml as it is a separate branch cut step. --- .github/workflows/release-version.yaml | 5 +- .github/workflows/release.yaml | 142 +++++-------------------- 2 files changed, 31 insertions(+), 116 deletions(-) diff --git a/.github/workflows/release-version.yaml b/.github/workflows/release-version.yaml index 480ea9d76e..ba6a8be075 100644 --- a/.github/workflows/release-version.yaml +++ b/.github/workflows/release-version.yaml @@ -1,4 +1,7 @@ -name: Release Version +# This workflow can be used to resolve the combination of the inputs candidate and candidate name +# to a release version. The release version is then used in the subsequent steps of the release workflow. +# The release version base is fetched from the VERSION file in the repository root. +name: Derive Release Version from VERSION file on: workflow_call: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7d6729a541..658f8e1e55 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -20,56 +20,32 @@ on: default: "rc.1" jobs: + release-version: + name: Release Version + uses: ./.github/workflows/release-version.yaml + with: + release_candidate: ${{ inputs.release_candidate }} + release_candidate_name: ${{ inputs.release_candidate_name }} + permissions: + contents: read + repository-projects: read check: name: Check Release Preconditions runs-on: large_runner permissions: - contents: write - id-token: write + contents: read repository-projects: read + needs: release-version + env: + RELEASE_VERSION: ${{ steps.release-version.outputs.version }} + REF: ${{ github.ref }} + outputs: + draft-release-notes: ${{ steps.release-notes.outputs.body }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - - - name: Job Settings - run: | - echo "Release Job Arguments" - if ${{ github.event.inputs.release_candidate }}; then - v="v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }})" - if [ -n "${{ github.event.inputs.prerelease }}" ]; then - echo "Candidate: $v" - else - echo "Candidate: $v (taken from source)" - fi - else - v="v$(go run $GITHUB_WORKSPACE/api/version/generate print-version)" - echo "Final Release: $v" - if ${{ github.event.inputs.create_branch }}; then - echo "with release branch creation" - else - echo "without release branch creation" - fi - fi - - - name: Set Base Version - run: | - BASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate print-version) - echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_ENV - - - name: Set Pre-Release Version - if: inputs.release_candidate == true - run: | - RELEASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }}) - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - - - name: Set Version - if: inputs.release_candidate == false - run: | - RELEASE_VERSION=${{env.BASE_VERSION}} - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - - name: Check Tag run: | set -e @@ -77,24 +53,21 @@ jobs: >&2 echo "tag ${{ env.RELEASE_VERSION }} already exists" exit 1 fi - - - name: Check Branch - if: inputs.release_candidate == false && inputs.create_branch && github.ref == 'refs/heads/main' + - name: Check if release is running on release branch run: | - set -e - if git ls-remote --exit-code origin refs/heads/releases/${{ env.RELEASE_VERSION }} ; then - >&2 echo "branch releases/${{ env.RELEASE_VERSION }} already exists" - exit 1 + if [[ ${{ env.REF }} != *"releases/"* ]]; then + echo "The branch ${{ env.REF }} is not a valid release branch and cannot be used for a release" + exit 1 fi - - - name: Get Draft Release Notes + echo "Branch ${{ env.REF }} is a valid release branch" + - name: Ensure existing Draft Release Notes exist id: release-notes uses: cardinalby/git-get-release-action@v1 env: GITHUB_TOKEN: ${{ github.token }} with: draft: true - releaseName: ${{ env.BASE_VERSION }} + releaseName: ${{ env.RELEASE_VERSION }} lint-and-test: name: Lint and Unit Tests @@ -123,12 +96,16 @@ jobs: # run check before actual release to make sure we succeed # they will be skipped from the needs check - check + - release-version name: Release Build runs-on: large_runner permissions: contents: write id-token: write packages: write + env: + RELEASE_VERSION: ${{ steps.release-version.outputs.version }} + RELEASE_NOTES: ${{ needs.check.outputs.draft-release-notes }} steps: - name: Self Hosted Runner Post Job Cleanup Action uses: TooMuch4U/actions-clean@v2.2 @@ -144,30 +121,6 @@ jobs: fetch-depth: 0 token: ${{ steps.generate_token.outputs.token }} - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version-file: '${{ github.workspace }}/go.mod' - check-latest: false - cache: false - - - name: Get go environment for use with cache - run: | - echo "go_cache=$(go env GOCACHE)" >> $GITHUB_ENV - echo "go_modcache=$(go env GOMODCACHE)" >> $GITHUB_ENV - - name: Set up cache - # https://github.com/actions/setup-go/issues/358 - cache is not working with setup-go for multiple jobs - uses: actions/cache@v4 - with: - path: | - ${{ env.go_cache }} - ${{ env.go_modcache }} - key: ${{ env.cache_name }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-${{ hashFiles('**/go.mod') }} - restore-keys: | - ${{ env.cache_name }}-${{ runner.os }}-go- - env: - cache_name: release-go-cache - - name: Setup Syft uses: anchore/sbom-action/download-syft@1ca97d9028b51809cf6d3c934c3e160716e1b605 # v0.17.5 @@ -179,37 +132,8 @@ jobs: git config user.name "GitHub Actions Bot" git config user.email "<41898282+github-actions[bot]@users.noreply.github.com>" - - name: Set Base Version - run: | - BASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate print-version) - echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_ENV - - - name: Set Pre-Release Version - if: inputs.release_candidate == true - run: | - RELEASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate --no-dev print-rc-version ${{ github.event.inputs.prerelease }}) - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - echo "release name is $RELEASE_VERSION" - - - name: Set Version - if: inputs.release_candidate == false - run: | - RELEASE_VERSION=${{env.BASE_VERSION}} - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - echo "release name is $RELEASE_VERSION" - - - name: Get Draft Release Notes - id: release-notes - uses: cardinalby/git-get-release-action@v1 - env: - GITHUB_TOKEN: ${{ github.token }} - with: - draft: true - releaseName: ${{ env.BASE_VERSION }} - - name: Update Release Notes File env: - RELEASE_NOTES: ${{ steps.release-notes.outputs.body }} GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} run: | if git ls-remote --exit-code origin refs/tags/${{ env.RELEASE_VERSION }}; then @@ -255,7 +179,6 @@ jobs: env: GITHUBORG: ${{ github.repository_owner }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - HOMEBREW_TAP_GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} GORELEASER_CURRENT_TAG: ${{ env.RELEASE_VERSION }} NFPM_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} @@ -269,17 +192,6 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: make plain-push - - name: Create Release Branch - if: inputs.release_candidate == false && inputs.create_branch && github.ref == 'refs/heads/main' - run: | - n="releases/${{env.RELEASE_VERSION}}" - git checkout -b "$n" - v="$(go run ./api/version/generate bump-patch)" - echo "$v" > VERSION - git add VERSION - git commit -m "Prepare Development of v$v" - git push origin "$n" - - name: Bump Version File if: inputs.release_candidate == false run: | From dc47014f6b5579b35729b4e8aa0da9aa107213e6 Mon Sep 17 00:00:00 2001 From: jakobmoellerdev Date: Mon, 11 Nov 2024 16:57:42 +0100 Subject: [PATCH 3/7] chore: remove unneeded create branch option --- .github/workflows/release.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index bde0a834ef..4d605c2813 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -8,12 +8,7 @@ on: description: "Release Candidate" required: true default: true - create_branch: - type: boolean - description: "Create Release Branch (on failure or if already existing, set to false to ensure a successful run)" - required: true - default: false - prerelease: + release_candidate_name: type: string description: "Release Candidate Name, adjust after every succinct release candidate (e.g. to rc.2, rc.3...)" required: true From 31e6584b3dc47ff3804df5643c32c57943fb56d1 Mon Sep 17 00:00:00 2001 From: jakobmoellerdev Date: Mon, 11 Nov 2024 17:14:26 +0100 Subject: [PATCH 4/7] chore: use correct dependency --- .github/workflows/release-drafter.yaml | 23 +++++++++-------------- .github/workflows/release-version.yaml | 11 +++++++---- .github/workflows/release.yaml | 12 ++++++++---- 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/.github/workflows/release-drafter.yaml b/.github/workflows/release-drafter.yaml index 0b531836e7..9af67a2629 100644 --- a/.github/workflows/release-drafter.yaml +++ b/.github/workflows/release-drafter.yaml @@ -3,7 +3,6 @@ name: Release Drafter on: push: branches: - - main - releases/* permissions: @@ -11,26 +10,22 @@ permissions: # The release-drafter action adds PR titles to the release notes once these are merged to main. # A draft release is kept up-to-date listing the changes for the next minor release version. jobs: + release-version: + name: Release Version + uses: ./.github/workflows/release-version.yaml + permissions: + contents: read + repository-projects: read update_release_draft: + needs: release-version permissions: contents: write runs-on: ubuntu-latest + env: + RELEASE_VERSION: ${{ needs.release-version.outputs.version }} steps: - name: Checkout uses: actions/checkout@v4 - - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version-file: '${{ github.workspace }}/go.mod' - cache: false - - - name: Set Version - run: | - RELEASE_VERSION=v$(go run $GITHUB_WORKSPACE/api/version/generate print-version) - echo "release version is $RELEASE_VERSION" - echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - - name: Drafter uses: release-drafter/release-drafter@v6 env: diff --git a/.github/workflows/release-version.yaml b/.github/workflows/release-version.yaml index ba6a8be075..4bf084bece 100644 --- a/.github/workflows/release-version.yaml +++ b/.github/workflows/release-version.yaml @@ -9,20 +9,23 @@ on: release_candidate: type: boolean description: "Release Candidate" - required: true + required: false default: true release_candidate_name: type: string description: "Release Candidate Name, adjust after every succinct release candidate (e.g. to rc.2, rc.3...)" - required: true + required: false default: "rc.1" outputs: version: - description: "The release version to use" + description: "The release version to use, e.g. v0.18.0" value: ${{ jobs.get-release-version.outputs.release-version }} version_no_prefix: - description: "The release version to use without the 'v' prefix" + description: "The release version to use without the 'v' prefix, e.g. v0.18.0 => 0.18.0" value: ${{ jobs.get-release-version.outputs.release-version-no-prefix }} + version_no_suffix: + description: "The base version to use, without any suffix, e.g. v0.18.0-rc.1 => v0.18.0" + value: ${{ jobs.get-release-version.outputs.base-version }} jobs: get-release-version: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 4d605c2813..7a1c1eee21 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -26,13 +26,14 @@ jobs: repository-projects: read check: name: Check Release Preconditions - runs-on: large_runner + runs-on: ubuntu-latest permissions: contents: read repository-projects: read needs: release-version env: - RELEASE_VERSION: ${{ steps.release-version.outputs.version }} + RELEASE_VERSION: ${{ needs.release-version.outputs.version }} + RELEASE_VERSION_NO_SUFFIX: ${{ needs.release-version.outputs.version_no_suffix }} REF: ${{ github.ref }} outputs: draft-release-notes: ${{ steps.release-notes.outputs.body }} @@ -62,7 +63,10 @@ jobs: GITHUB_TOKEN: ${{ github.token }} with: draft: true - releaseName: ${{ env.RELEASE_VERSION }} + # here we do not use the full release version, like v0.18.0-rc.1, + # but only the base version, like 0.18.0 + # That is because potentially every release candidate should be based on the same release notes. + releaseName: ${{ env.RELEASE_VERSION_NO_SUFFIX }} components: name: Component CTF Builds @@ -86,7 +90,7 @@ jobs: id-token: write packages: write env: - RELEASE_VERSION: ${{ steps.release-version.outputs.version }} + RELEASE_VERSION: ${{ needs.release-version.outputs.version }} RELEASE_NOTES: ${{ needs.check.outputs.draft-release-notes }} steps: - name: Self Hosted Runner Post Job Cleanup Action From da3abd4c7b871dcf650265e31b3459fa3107a270 Mon Sep 17 00:00:00 2001 From: jakobmoellerdev Date: Mon, 11 Nov 2024 17:59:16 +0100 Subject: [PATCH 5/7] chore: dont use candidate for release drafter --- .github/workflows/release-drafter.yaml | 4 ++++ .github/workflows/release.yaml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release-drafter.yaml b/.github/workflows/release-drafter.yaml index 9af67a2629..1901afcea0 100644 --- a/.github/workflows/release-drafter.yaml +++ b/.github/workflows/release-drafter.yaml @@ -13,6 +13,10 @@ jobs: release-version: name: Release Version uses: ./.github/workflows/release-version.yaml + with: + # the draft release notes do not need to be done by release candidate + # instead we can continously maintain them throughout the candidates + release_candidate: false permissions: contents: read repository-projects: read diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7a1c1eee21..fd19c9a98c 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -58,7 +58,7 @@ jobs: echo "Branch ${{ env.REF }} is a valid release branch" - name: Ensure existing Draft Release Notes exist id: release-notes - uses: cardinalby/git-get-release-action@v1 + uses: cardinalby/git-get-release-action@cf4593dd18e51a1ecfbfb1c68abac9910a8b1e0c env: GITHUB_TOKEN: ${{ github.token }} with: From ecb8fadc441ea62fff8d5f4880218388cd5dbaa0 Mon Sep 17 00:00:00 2001 From: jakobmoellerdev Date: Mon, 11 Nov 2024 18:34:57 +0100 Subject: [PATCH 6/7] chore: use gh for release note fetching --- .github/workflows/release.yaml | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index fd19c9a98c..ba8a01573f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -36,7 +36,7 @@ jobs: RELEASE_VERSION_NO_SUFFIX: ${{ needs.release-version.outputs.version_no_suffix }} REF: ${{ github.ref }} outputs: - draft-release-notes: ${{ steps.release-notes.outputs.body }} + draft-release-notes: ${{ steps.release-notes.outputs.json }} steps: - name: Checkout uses: actions/checkout@v4 @@ -56,18 +56,28 @@ jobs: exit 1 fi echo "Branch ${{ env.REF }} is a valid release branch" + - name: Generate token + id: generate_token + uses: tibdex/github-app-token@v2 + with: + app_id: ${{ secrets.OCMBOT_APP_ID }} + private_key: ${{ secrets.OCMBOT_PRIV_KEY }} - name: Ensure existing Draft Release Notes exist id: release-notes - uses: cardinalby/git-get-release-action@cf4593dd18e51a1ecfbfb1c68abac9910a8b1e0c + shell: bash env: - GITHUB_TOKEN: ${{ github.token }} - with: - draft: true - # here we do not use the full release version, like v0.18.0-rc.1, - # but only the base version, like 0.18.0 - # That is because potentially every release candidate should be based on the same release notes. - releaseName: ${{ env.RELEASE_VERSION_NO_SUFFIX }} - + GH_TOKEN: ${{ steps.generate_token.outputs.token }} + run: | + RELEASE_JSON=$( \ + gh api /repos/open-component-model/ocm-cicd-playground/releases \ + -q '.[] | select(.name == "${{ env.RELEASE_VERSION_NO_SUFFIX }}" and .draft == true)' \ + ) + echo "json=${RELEASE_JSON}" >> $GITHUB_OUTPUT + # if no draft release notes are found, we cannot continue + if [ -z "${RELEASE_JSON}" ]; then + echo "No draft release notes found for ${{ env.RELEASE_VERSION_NO_SUFFIX }}" + exit 1 + fi components: name: Component CTF Builds uses: ./.github/workflows/components.yaml @@ -91,7 +101,7 @@ jobs: packages: write env: RELEASE_VERSION: ${{ needs.release-version.outputs.version }} - RELEASE_NOTES: ${{ needs.check.outputs.draft-release-notes }} + RELEASE_NOTES: ${{ fromJSON(needs.check.outputs.draft-release-notes).body }} steps: - name: Self Hosted Runner Post Job Cleanup Action uses: TooMuch4U/actions-clean@v2.2 From 7a9dd134ba1cf03a1f9ffdf1b4c57dc7926192d4 Mon Sep 17 00:00:00 2001 From: jakobmoellerdev Date: Tue, 12 Nov 2024 10:30:21 +0100 Subject: [PATCH 7/7] chore: move gh call to dynamic repo --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ba8a01573f..06d7ec63fd 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -69,7 +69,7 @@ jobs: GH_TOKEN: ${{ steps.generate_token.outputs.token }} run: | RELEASE_JSON=$( \ - gh api /repos/open-component-model/ocm-cicd-playground/releases \ + gh api /repos/${{ github.repository }}/releases \ -q '.[] | select(.name == "${{ env.RELEASE_VERSION_NO_SUFFIX }}" and .draft == true)' \ ) echo "json=${RELEASE_JSON}" >> $GITHUB_OUTPUT