From dbdbf0e85fe145d59b426f367c0cc65cc990b50e Mon Sep 17 00:00:00 2001 From: Lexus Drumgold Date: Sun, 5 Nov 2023 22:08:06 -0500 Subject: [PATCH] ci(workflows): add `release-chore` - replaces `release-branch` Signed-off-by: Lexus Drumgold --- .commitlintrc.cts | 1 + .dictionary.txt | 1 - .github/workflows/auto-review.yml | 2 +- .github/workflows/ci.yml | 1 + .../{release-branch.yml => release-chore.yml} | 126 ++++++++++++------ .github/workflows/release.yml | 5 +- CONTRIBUTING.md | 8 +- scripts/release.sh | 12 +- 8 files changed, 100 insertions(+), 56 deletions(-) rename .github/workflows/{release-branch.yml => release-chore.yml} (61%) diff --git a/.commitlintrc.cts b/.commitlintrc.cts index 13016fe0..ab05d725 100644 --- a/.commitlintrc.cts +++ b/.commitlintrc.cts @@ -21,6 +21,7 @@ const config: UserConfig = { scopes([ 'bump', 'changelog', + 'chore', 'config', 'git', 'grease', diff --git a/.dictionary.txt b/.dictionary.txt index 87a8f4e4..71177dcf 100644 --- a/.dictionary.txt +++ b/.dictionary.txt @@ -38,7 +38,6 @@ sortbrk sortcmt sortgrp stringafiable -tohgarashi tryit tscu unstub diff --git a/.github/workflows/auto-review.yml b/.github/workflows/auto-review.yml index 5aa334fc..b4088e3f 100644 --- a/.github/workflows/auto-review.yml +++ b/.github/workflows/auto-review.yml @@ -46,7 +46,7 @@ jobs: run: | GITHUB_TOKEN= - if [[ $GITHUB_ACTOR == flex-development[bot] ]]; then + if [[ $GITHUB_ACTOR == 'flex-development[bot]' ]]; then GITHUB_TOKEN=${{ secrets.GH_REPO_TOKEN }} else GITHUB_TOKEN=${{ steps.bot-token.outputs.token }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2455ea2d..b9f97cef 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -53,6 +53,7 @@ jobs: github.event.head_commit.author.name != 'dependabot[bot]' && github.event.head_commit.author.username != 'flexdevelopment[bot]' && !startsWith(github.event.head_commit.message, 'release:') + && !startsWith(github.event.head_commit.message, 'release(chore):') runs-on: ubuntu-latest outputs: cache-key: ${{ steps.cache-key.outputs.result }} diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-chore.yml similarity index 61% rename from .github/workflows/release-branch.yml rename to .github/workflows/release-chore.yml index 8b82ada2..4765f288 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-chore.yml @@ -1,38 +1,39 @@ -# Release Branch +# Release Chore # -# Execute version bump, changelog, and pull request operations on release branch creation. +# Execute branch, version bump, changelog, and pull request operations on release chore commit. # # References: # -# - https://cli.github.com/manual/gh_auth_status # - https://cli.github.com/manual/gh_pr_create # - https://docs.github.com/actions/learn-github-actions/contexts # - https://docs.github.com/actions/learn-github-actions/expressions -# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#create +# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#push # - https://docs.github.com/actions/using-workflows/using-github-cli-in-workflows # - https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions -# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#create +# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#push # - https://github.com/actions/checkout # - https://github.com/actions/create-github-app-token +# - https://github.com/flex-development/gh-commit # - https://github.com/hmarr/debug-action # - https://github.com/kaisugi/action-regex-match -# - https://github.com/tohgarashi/verified-commit # - https://regex101.com/r/OwpOr2 +# - https://regex101.com/r/VIIVGd --- -name: release-branch -on: create +name: release-chore +on: + push: + branches: + - main concurrency: cancel-in-progress: true group: ${{ github.workflow }}-${{ github.ref }} jobs: preflight: - if: | - github.ref_type == 'branch' && - startsWith(github.ref_name, 'release/') && - contains(vars.MAINTAINERS, github.actor) + if: startsWith(github.event.head_commit.message, 'release(chore):') runs-on: ubuntu-latest outputs: + branch: ${{ steps.branch.outputs.result }} message: ${{ steps.message.outputs.result }} tag: ${{ steps.tag.outputs.result }} version: ${{ steps.version.outputs.match }} @@ -40,24 +41,46 @@ jobs: - id: debug name: Print environment variables and event payload uses: hmarr/debug-action@v2.1.0 + - id: fail-actor + if: contains(vars.MAINTAINERS, github.actor) == false + name: Fail on unauthorized actor + run: | + echo '**Unauthorized actor: ${{ github.actor }}**' >>$GITHUB_STEP_SUMMARY + exit 1 - id: checkout name: Checkout ${{ github.ref_name }} uses: actions/checkout@v4.1.1 with: persist-credentials: false ref: ${{ github.ref }} + - id: diff-tree + name: Get diff tree + run: echo "result=$(git diff-tree --name-only -r ${{ github.sha }})" >>$GITHUB_OUTPUT + - id: fail-diff-tree + if: steps.diff-tree.outputs.result != '' + name: Fail on invalid diff tree + run: | + ERR='**Invalid diff tree** + ```sh + ${{ steps.diff-tree.outputs.result }} + ```' + echo "$ERR" >>$GITHUB_STEP_SUMMARY + exit 1 - id: version name: Get release version uses: kaisugi/action-regex-match@v1.0.0 with: - regex: ${{ vars.RELEASE_BRANCH_REGEX }} - text: ${{ github.ref_name }} - - id: version-fail + regex: ${{ vars.RELEASE_CHORE_REGEX }} + text: ${{ github.event.head_commit.message }} + - id: fail-version if: steps.version.outputs.match == '' name: Fail on invalid release version run: | - ERR='**Invalid release branch: ${{ github.ref_name }}** - Branch must match [`${{ vars.RELEASE_BRANCH_REGEX }}`](https://regex101.com/r/OwpOr2)' + ERR='**Invalid release chore commit** + ```sh + ${{ github.event.head_commit.message }} + ``` + Message must match [`${{ vars.RELEASE_CHORE_REGEX }}`](https://regex101.com/r/OwpOr2)' echo "$ERR" >>$GITHUB_STEP_SUMMARY exit 1 - id: tag @@ -66,10 +89,35 @@ jobs: echo "result=$(jq .tagprefix grease.config.json -r)${{ steps.version.outputs.match }}" >>$GITHUB_OUTPUT - id: message name: Get release message + run: 'echo "result=release: ${{ steps.tag.outputs.result }}" >>$GITHUB_OUTPUT' + - id: branch + name: Get release branch name + run: echo "result=release/${{ steps.version.outputs.match }}" >>$GITHUB_OUTPUT + branch: + needs: preflight + runs-on: ubuntu-latest + steps: + - id: bot-token + name: Get bot token + uses: actions/create-github-app-token@v1.5.1 + with: + app-id: ${{ secrets.BOT_APP_ID }} + private-key: ${{ secrets.BOT_PRIVATE_KEY }} + - id: checkout + name: Checkout ${{ github.ref_name }} + uses: actions/checkout@v4.1.1 + with: + ref: ${{ github.ref }} + token: ${{ steps.bot-token.outputs.token }} + - id: branch + name: Create and push branch ${{ needs.preflight.outputs.branch }} run: | - echo "result=release: ${{ steps.tag.outputs.result }}" >>$GITHUB_OUTPUT + git branch ${{ needs.preflight.outputs.branch }} + git push origin --no-verify ${{ needs.preflight.outputs.branch }} prepare: - needs: preflight + needs: + - branch + - preflight permissions: packages: read runs-on: ubuntu-latest @@ -83,18 +131,18 @@ jobs: app-id: ${{ secrets.BOT_APP_ID }} private-key: ${{ secrets.BOT_PRIVATE_KEY }} - id: checkout - name: Checkout ${{ github.ref_name }} + name: Checkout ${{ needs.preflight.outputs.branch }} uses: actions/checkout@v4.1.1 with: fetch-depth: 0 persist-credentials: false - ref: ${{ github.ref }} + ref: ${{ needs.preflight.outputs.branch }} token: ${{ steps.bot-token.outputs.token }} - id: yarn name: Install dependencies env: HUSKY: 0 - run: yarn --immutable + run: yarn - id: build name: Build project env: @@ -111,20 +159,20 @@ jobs: echo "$(node ./dist/cli.mjs changelog)" >>$GITHUB_STEP_SUMMARY node ./dist/cli.mjs changelog -sw - id: commit - name: Commit release preparation - uses: tohgarashi/verified-commit@v2.1.0 - env: - GH_TOKEN: ${{ steps.bot-token.outputs.token }} + name: Commit and push release preparation + uses: flex-development/gh-commit@1.0.0 with: - commit-message: | - ${{ needs.preflight.outputs.message }} - - Signed-off-by: ${{ vars.BOT_NAME }} <${{ vars.BOT_EMAIL }}> - - detect-changed: true - ref: ${{ github.ref }} + message: ${{ needs.preflight.outputs.message }} + ref: ${{ needs.preflight.outputs.branch }} + token: ${{ steps.bot-token.outputs.token }} + trailers: 'Signed-off-by: ${{ vars.BOT_NAME }} <${{ vars.BOT_EMAIL }}>' + - id: commit-url + name: Print commit url + run: | + echo ${{ format('{0}/{1}/commit/{2}', github.server_url, github.repository, steps.commit.outputs.sha) }} pr: needs: + - branch - preflight - prepare runs-on: ubuntu-latest @@ -135,21 +183,17 @@ jobs: with: app-id: ${{ secrets.BOT_APP_ID }} private-key: ${{ secrets.BOT_PRIVATE_KEY }} - - id: github-token - name: Set env.GITHUB_TOKEN - run: echo "GITHUB_TOKEN=${{ steps.bot-token.outputs.token }}" >>$GITHUB_ENV - - id: gh-auth - name: Check gh authentication state - run: gh auth status - id: checkout - name: Checkout ${{ github.ref_name }} + name: Checkout ${{ needs.preflight.outputs.branch }} uses: actions/checkout@v4.1.1 with: persist-credentials: false - ref: ${{ github.ref }} + ref: ${{ needs.preflight.outputs.branch }} token: ${{ steps.bot-token.outputs.token }} - id: pr name: Create pull request + env: + GITHUB_TOKEN: ${{ steps.bot-token.outputs.token }} run: | gh pr create --title='${{ needs.preflight.outputs.message }}' --label=scope:release --assignee=${{ github.actor }} --reviewer=${{ github.actor }} --body='## Description diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3445cfed..3bde3002 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -80,9 +80,8 @@ jobs: runs-on: ubuntu-latest environment: name: release - url: - ${{ format('{0}/{1}/releases/tag/{2}', github.server_url, github.repository, - needs.preflight.outputs.tag) }} + url: | + ${{ format('{0}/{1}/releases/tag/{2}', github.server_url, github.repository, needs.preflight.outputs.tag) }} env: GITHUB_TOKEN: ${{ secrets.GH_REPO_TOKEN }} HUSKY: 0 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 4d773a84..2b319d28 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -348,7 +348,7 @@ e.g: 1. Get a version bump recommendation - `yarn bump:recommend` -2. Create release branch +2. Create release chore commit - `yarn release ` - `yarn release major` - `yarn release minor` @@ -357,8 +357,10 @@ e.g: - `yarn release preminor --preid ` - `yarn release prepatch --preid ` - `yarn release prerelease --preid ` -3. Monitor workflows - 1. [`release-branch`](.github/workflows/release-branch.yml) +3. Push release chore commit +4. Monitor workflows + 1. [`release-chore`](.github/workflows/release-chore.yml) + - create release branch - bump manifest version - add changelog entry for new release - create release pr diff --git a/scripts/release.sh b/scripts/release.sh index 78bae142..0a33980f 100644 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -11,14 +11,14 @@ set -e # 5. analyze types # 6. print package size report # 7. get release version data -# 8. get release branch name -# 9. create release branch -# 10. push release branch -# 11. cleanup +# 8. create release chore commit +# 9. cleanup # # References: # +# - https://git-scm.com/docs/git-commit # - https://github.com/arethetypeswrong/arethetypeswrong.github.io +# - https://jqlang.github.io yarn typecheck yarn test:cov @@ -27,7 +27,5 @@ yarn check:types:build attw package.tgz yarn pkg-size RELEASE_VERSION=$(node ./dist/cli.mjs bump -j $@) -RELEASE_BRANCH=release/$(jq .version -r <<<$RELEASE_VERSION) -git branch $RELEASE_BRANCH -git push origin --no-verify --set-upstream $RELEASE_BRANCH +git commit --allow-empty -S -s -m "release(chore): $(jq .version -r <<<$RELEASE_VERSION)" yarn clean:pack