forked from mongodb/terraform-provider-mongodbatlas
-
Notifications
You must be signed in to change notification settings - Fork 0
166 lines (156 loc) · 6.77 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
name: 'New Release'
run-name: 'Release ${{ inputs.version_number }} (skip tests: ${{ inputs.skip_tests }}, use existing tag: ${{ inputs.use_existing_tag}})'
# Used for creating a new release. This workflow will run qa acceptance tests, create a new tag, and generate the release with GoReleaser.
on:
workflow_dispatch:
inputs:
version_number:
description: 'Version number (e.g., v1.0.0, v1.0.0-pre, v1.0.0-pre1)'
required: true
skip_tests:
description: 'Set value to `true` to skip QA acceptance tests, default is `false`'
default: 'false'
use_existing_tag:
description: 'Set value to `true` to use an existing tag for the release process, default is `false`'
default: 'false'
jobs:
release-config:
runs-on: ubuntu-latest
permissions: {}
outputs:
creates_new_tag: ${{ steps.evaluate_inputs.outputs.creates_new_tag }}
is_official_release: ${{ steps.evaluate_inputs.outputs.is_official_release }}
runs_tests: ${{ steps.evaluate_inputs.outputs.runs_tests }}
steps:
- id: evaluate_inputs
run: |
{
echo "creates_new_tag=$(if [ '${{ inputs.use_existing_tag }}' = 'true' ]; then echo 'false'; else echo 'true'; fi)"
echo "is_official_release=$(if echo '${{ inputs.version_number }}' | grep -q 'pre'; then echo 'false'; else echo 'true'; fi)"
echo "runs_tests=$(if [ '${{ inputs.skip_tests }}' = 'true' ]; then echo 'false'; else echo 'true'; fi)"
} >> "$GITHUB_OUTPUT"
validate-inputs:
runs-on: ubuntu-latest
permissions: {}
steps:
- name: Validation of version format
run: |
echo "${{ inputs.version_number }}" | grep -P '^v\d+\.\d+\.\d+(-pre[A-Za-z0-9-]*)?$'
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
with:
ref: ${{ inputs.use_existing_tag == 'true' && inputs.version_number || 'master' }}
- name: Check for Upgrade Guide
run: './scripts/check-upgrade-guide-exists.sh ${{inputs.version_number}}'
update-examples-reference-in-docs:
needs: [ release-config, validate-inputs ]
if: >-
!cancelled()
&& !contains(needs.*.result, 'failure')
&& needs.release-config.outputs.creates_new_tag == 'true'
&& needs.release-config.outputs.is_official_release == 'true'
uses: ./.github/workflows/run-script-and-commit.yml
with:
script_call: './scripts/update-examples-reference-in-docs.sh ${{inputs.version_number}}'
file_to_commit: 'docs/index.md'
commit_message: 'chore: Updates examples link in index.md for ${{ github.event.inputs.version_number }} release'
secrets:
apix_bot_pat: ${{ secrets.APIX_BOT_PAT }}
remote: https://svc-apix-bot:${{ secrets.APIX_BOT_PAT }}@github.com/${{ github.repository }}
gpg_private_key: ${{ secrets.APIX_BOT_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.APIX_BOT_PASSPHRASE }}
update-changelog-header:
needs: [ release-config, validate-inputs, update-examples-reference-in-docs ]
if: >-
!cancelled()
&& !contains(needs.*.result, 'failure')
&& needs.release-config.outputs.creates_new_tag == 'true'
&& needs.release-config.outputs.is_official_release == 'true'
uses: ./.github/workflows/run-script-and-commit.yml
with:
script_call: './scripts/update-changelog-header-for-release.sh ${{inputs.version_number}}'
file_to_commit: 'CHANGELOG.md'
commit_message: 'chore: Updates CHANGELOG.md header for ${{ github.event.inputs.version_number }} release'
secrets:
apix_bot_pat: ${{ secrets.APIX_BOT_PAT }}
remote: https://svc-apix-bot:${{ secrets.APIX_BOT_PAT }}@github.com/${{ github.repository }}
gpg_private_key: ${{ secrets.APIX_BOT_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.APIX_BOT_PASSPHRASE }}
create-tag:
runs-on: ubuntu-latest
permissions:
contents: write
needs: [ release-config, validate-inputs, update-examples-reference-in-docs, update-changelog-header ]
if: >-
!cancelled()
&& !contains(needs.*.result, 'failure')
&& needs.release-config.outputs.creates_new_tag == 'true'
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
with:
ref: 'master'
- name: Get the latest commit SHA
id: get-sha
run: echo "sha=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT"
- name: Create release tag
uses: rickstaa/action-create-tag@a1c7777fcb2fee4f19b0f283ba888afa11678b72
with:
tag: ${{ inputs.version_number }}
commit_sha: ${{ steps.get-sha.outputs.sha }}
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg_passphrase: ${{ secrets.PASSPHRASE }}
run-qa-acceptance-tests:
needs: [ release-config, validate-inputs, update-examples-reference-in-docs, update-changelog-header, create-tag ]
if: >-
!cancelled()
&& !contains(needs.*.result, 'failure')
&& needs.release-config.outputs.runs_tests == 'true'
secrets: inherit
uses: ./.github/workflows/acceptance-tests.yml
with:
atlas_cloud_env: "qa"
ref: ${{ inputs.version_number }}
release:
runs-on: ubuntu-latest
permissions:
contents: write
needs: [ validate-inputs, update-examples-reference-in-docs, update-changelog-header, create-tag, run-qa-acceptance-tests ]
# Release is skipped if there are failures in previous steps
if: >-
!cancelled()
&& !contains(needs.*.result, 'failure')
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
with:
ref: ${{ inputs.version_number }}
- name: Set up Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version-file: 'go.mod'
- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200
with:
version: '~> v2'
args: release --clean
env:
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jira-release-version:
needs: [ release-config, release ]
# if release job is skipped, cancelled, or failed we do not run this job
if: >-
!cancelled()
&& needs.release.result == 'success'
&& needs.release-config.outputs.is_official_release == 'true'
secrets: inherit
uses: ./.github/workflows/jira-release-version.yml
with:
version_number: ${{ inputs.version_number }}