-
Notifications
You must be signed in to change notification settings - Fork 96
194 lines (170 loc) · 7.69 KB
/
release_workspace_version.yml
File metadata and controls
194 lines (170 loc) · 7.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
name: Prior Version Release Workspace
on:
# ADDED: Only trigger on PR closed event on workspace/** branch.
# The assumption is that branch protection rules and CODEOWNERS are configured.
pull_request:
types:
- closed
branches:
- 'workspace/**'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
jobs:
# ADDED: Checks if PR is a Version Packages PR on workspace/** branch
# and validates PR title, author, branch and merged status.
check-merged-pr:
name: Check if PR is a Version Packages PR on workspace/** branch
runs-on: ubuntu-latest
outputs:
is_version_pr: ${{ steps.check_pr.outputs.is_version_pr }}
workspace_name: ${{ steps.extract_workspace.outputs.workspace_name }}
steps:
- name: Check PR title, author, branch and merged status
id: check_pr
env:
PR_TITLE: ${{ github.event.pull_request.title }}
HEAD_REF: ${{ github.event.pull_request.head.ref }}
USER_LOGIN: ${{ github.event.pull_request.user.login }}
PR_MERGED: ${{ github.event.pull_request.merged }}
run: |
if [[ "$PR_TITLE" == Version*Packages* \
&& "$USER_LOGIN" == "rhdh-bot" ]] \
&& [[ "$HEAD_REF" == maintenance-changesets-release/* ]] \
&& [[ "$PR_MERGED" == "true" ]]; then
echo "is_version_pr=true" >> $GITHUB_OUTPUT
else
echo "is_version_pr=false" >> $GITHUB_OUTPUT
fi
# ADDED: Extracts workspace name from branch, ensuring it is a workspace/** branch
- name: Extract Workspace name from branch
id: extract_workspace
env:
BASE_REF: ${{ github.event.pull_request.base.ref }}
run: |
WORKSPACE_NAME=$(echo "$BASE_REF" | cut -d'/' -f2)
echo "workspace_name=$WORKSPACE_NAME" >> $GITHUB_OUTPUT
changesets-pr:
name: Update Version Packages PR for ${{ needs.check-merged-pr.outputs.workspace_name }} on branch ${{ github.ref }}
runs-on: ubuntu-latest
needs: check-merged-pr
if: needs.check-merged-pr.outputs.is_version_pr == 'false'
defaults:
run:
working-directory: ./workspaces/${{ needs.check-merged-pr.outputs.workspace_name }}
env:
CI: true
NODE_OPTIONS: --max-old-space-size=4096
outputs:
needs_release: ${{ steps.release_check.outputs.needs_release }}
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
with:
ref: ${{ github.ref }}
- name: Verify maintenance-changesets-release branch does not exist
env:
WORKSPACE_NAME: ${{ needs.check-merged-pr.outputs.workspace_name }}
run: |
if git ls-remote --exit-code origin "refs/heads/maintenance-changesets-release/$WORKSPACE_NAME"; then
echo "Error: maintenance-changesets-release/$WORKSPACE_NAME branch already exists. Please clean up the branch before proceeding."
exit 1
fi
- name: Set up Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
with:
node-version: 24
registry-url: https://registry.npmjs.org/ # Needed for auth
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
- uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles(format('workspaces/${0}/**/yarn.lock', needs.check-merged-pr.outputs.workspace_name)) }}
restore-keys: |
${{ runner.os }}-yarn-
- name: yarn install
run: yarn install --immutable
- name: Fetch previous commit for release check
env:
BASE_SHA: ${{ github.event.pull_request.base.sha }}
run: git fetch origin "$BASE_SHA"
- name: Fetch the commit that triggered the workflow (used by backstage/changesets-action)
run: git fetch origin "$GITHUB_SHA"
continue-on-error: true
- name: Check if release
id: release_check
run: |
yarn install
node scripts/ci/check-if-release.js
working-directory: ./
env:
WORKSPACE_NAME: ${{ needs.check-merged-pr.outputs.workspace_name }}
COMMIT_SHA_BEFORE: '${{ github.event.pull_request.base.sha }}'
TARGET_BRANCH: ${{ github.ref }}
- name: Update Version Packages (${{ needs.check-merged-pr.outputs.workspace_name }}) PR
id: changesets-pr
if: steps.release_check.outputs.needs_release != 'true'
uses: backstage/changesets-action@a39baf18913e669734ffb00c2fd9900472cfa240 # v2.3.2
with:
title: Version Packages (${{ needs.check-merged-pr.outputs.workspace_name }})
cwd: workspaces/${{ needs.check-merged-pr.outputs.workspace_name }}
version: yarn changeset version
versionBranch: maintenance-changesets-release/${{ needs.check-merged-pr.outputs.workspace_name }}
skipRootChangelogUpdate: true
env:
GITHUB_TOKEN: ${{ secrets.RHDH_BOT_TOKEN }}
release:
name: Prior Version Release workspace ${{ needs.check-merged-pr.outputs.workspace_name }} on branch ${{ github.ref }}
runs-on: ubuntu-latest
needs: check-merged-pr
if: needs.check-merged-pr.outputs.is_version_pr == 'true'
defaults:
run:
working-directory: ./workspaces/${{ needs.check-merged-pr.outputs.workspace_name }}
env:
CI: true
NODE_OPTIONS: --max-old-space-size=4096
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
with:
ref: ${{ github.ref }}
- name: Set up Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
with:
node-version: 24
registry-url: https://registry.npmjs.org/ # Needed for auth
- name: Install root dependencies
run: yarn install --immutable
working-directory: ${{ github.workspace }}
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
- uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles(format('workspaces/${0}/**/yarn.lock', needs.check-merged-pr.outputs.workspace_name)) }}
restore-keys: |
${{ runner.os }}-yarn-
- name: yarn install
run: yarn install --immutable
- name: Compile TypeScript
run: yarn tsc:full
- name: Build all packages
run: yarn build:all
# CHANGED: Publish with tag "maintenance" to avoid overwriting the latest npm tag
- name: publish
run: |
yarn config set -H 'npmAuthToken' "$NODE_AUTH_TOKEN"
yarn workspaces foreach -A -v --no-private npm publish --access public --tolerate-republish --tag "maintenance"
env:
NODE_AUTH_TOKEN: ${{ secrets.RHDH_NPM_TOKEN }}
- name: Create tag
working-directory: ${{ github.workspace }}/scripts/ci
run: node create-tag.js
env:
WORKSPACE_NAME: ${{ needs.check-merged-pr.outputs.workspace_name }}
GITHUB_TOKEN: ${{ secrets.RHDH_BOT_TOKEN }}