-
Notifications
You must be signed in to change notification settings - Fork 3.1k
149 lines (128 loc) · 5.61 KB
/
finishReleaseCycle.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: Prepare production deploy
on:
issues:
types: [closed]
# The updateProduction and createNewStagingDeployCash jobs are executed when a StagingDeployCash is closed.
jobs:
validate:
runs-on: ubuntu-latest
if: contains(github.event.issue.labels.*.name, 'StagingDeployCash')
outputs:
isValid: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && !fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS) }}
steps:
- name: Validate actor is deployer
id: isDeployer
run: |
if gh api /orgs/Expensify/teams/mobile-deployers/memberships/${{ github.actor }} --silent; then
echo "IS_DEPLOYER=true" >> "$GITHUB_OUTPUT"
else
echo "IS_DEPLOYER=false" >> "$GITHUB_OUTPUT"
fi
env:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Reopen and comment on issue
if: ${{ !fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }}
uses: Expensify/App/.github/actions/javascript/reopenIssueWithComment@main
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
COMMENT: |
Sorry, only members of @Expensify/Mobile-Deployers can close deploy checklists.
Reopening!
- name: Check for any deploy blockers
if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }}
id: checkDeployBlockers
uses: Expensify/App/.github/actions/javascript/checkDeployBlockers@main
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
- name: Reopen and comment on issue
if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS) }}
uses: Expensify/App/.github/actions/javascript/reopenIssueWithComment@main
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
COMMENT: |
This issue either has unchecked items or has not yet been marked with the `:shipit:` emoji of approval.
Reopening!
- if: ${{ failure() }}
uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Update the production branch to trigger the production deploy.
updateProduction:
runs-on: ubuntu-latest
needs: validate
if: ${{ fromJSON(needs.validate.outputs.isValid) }}
steps:
- uses: actions/checkout@v3
with:
ref: staging
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
- name: Update production branch
run: |
# Re-create the production branch from staging
git switch -c production
# Force-update the remote production branch.
git push --force origin production
- if: ${{ failure() }}
uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Create a new patch version to prep for next release cycle
createNewPatchVersion:
needs: validate
if: ${{ fromJSON(needs.validate.outputs.isValid) }}
uses: Expensify/App/.github/workflows/createNewVersion.yml@main
secrets: inherit
with:
SEMVER_LEVEL: PATCH
# Update the staging branch to trigger a staging deploy
updateStaging:
runs-on: ubuntu-latest
needs: [updateProduction, createNewPatchVersion]
steps:
- uses: actions/checkout@v3
with:
ref: main
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
- name: Update staging branch to trigger staging deploy
run: |
# Re-create the staging branch from main
git switch -c staging
# Force-update the remote staging branch
git push --force origin staging
- if: ${{ failure() }}
uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Create a new StagingDeployCash for the next release cycle.
createNewStagingDeployCash:
runs-on: ubuntu-latest
needs: [updateStaging, createNewPatchVersion]
steps:
- uses: actions/checkout@v3
with:
ref: staging
token: ${{ secrets.OS_BOTIFY_TOKEN }}
# Create a local git tag so that GitUtils.getPullRequestsMergedBetween can use `git log` to generate a
# list of pull requests that were merged between this version tag and another.
# NOTE: This tag is only used locally and shouldn't be pushed to the remote.
# If it was pushed, that would trigger the staging deploy which is handled in a separate workflow (deploy.yml)
- name: Tag version
run: git tag ${{ needs.createNewPatchVersion.outputs.NEW_VERSION }}
- name: Create new StagingDeployCash
uses: Expensify/App/.github/actions/javascript/createOrUpdateStagingDeploy@main
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
NPM_VERSION: ${{ needs.createNewPatchVersion.outputs.NEW_VERSION }}
- if: ${{ failure() }}
uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}