From 72e982d2ca535f41e51bcaf2fe9f8d1ff4645b46 Mon Sep 17 00:00:00 2001 From: Amir Szekely Date: Thu, 19 May 2022 12:53:05 -0700 Subject: [PATCH] chore(ci): switch to auto-release Manual release requires a lot of local tooling --- .gitattributes | 1 + .github/workflows/manual-release.yml | 27 ---- .github/workflows/release.yml | 198 +++++++++++++++++++++++++++ .gitignore | 1 + .projen/files.json | 1 + .projen/tasks.json | 24 ---- .projenrc.js | 2 - package.json | 1 - 8 files changed, 201 insertions(+), 54 deletions(-) delete mode 100644 .github/workflows/manual-release.yml create mode 100644 .github/workflows/release.yml diff --git a/.gitattributes b/.gitattributes index a1fce199..829e37b2 100644 --- a/.gitattributes +++ b/.gitattributes @@ -6,6 +6,7 @@ /.github/pull_request_template.md linguist-generated /.github/workflows/build.yml linguist-generated /.github/workflows/pull-request-lint.yml linguist-generated +/.github/workflows/release.yml linguist-generated /.github/workflows/upgrade-main.yml linguist-generated /.gitignore linguist-generated /.mergify.yml linguist-generated diff --git a/.github/workflows/manual-release.yml b/.github/workflows/manual-release.yml deleted file mode 100644 index bb4aa538..00000000 --- a/.github/workflows/manual-release.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: manual-release -on: - workflow_dispatch: -jobs: - release: - if: github.actor == 'kichik' - runs-on: ubuntu-latest - permissions: - contents: write - env: - CI: "true" - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - - name: Install dependencies - run: yarn install --check-files - - name: Set git identity - run: |- - git config user.name "github-actions" - git config user.email "github-actions@github.com" - - name: release - run: npm run release - container: - image: jsii/superchain:1-buster-slim-node14 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..a9896c91 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,198 @@ +# ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". + +name: release +on: + push: + branches: + - main + workflow_dispatch: {} +jobs: + release: + runs-on: ubuntu-latest + permissions: + contents: write + outputs: + latest_commit: ${{ steps.git_remote.outputs.latest_commit }} + env: + CI: "true" + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set git identity + run: |- + git config user.name "github-actions" + git config user.email "github-actions@github.com" + - name: Install dependencies + run: yarn install --check-files --frozen-lockfile + - name: release + run: npx projen release + - name: Check for new commits + id: git_remote + run: echo ::set-output name=latest_commit::"$(git ls-remote origin -h ${{ github.ref }} | cut -f1)" + - name: Upload artifact + if: ${{ steps.git_remote.outputs.latest_commit == github.sha }} + uses: actions/upload-artifact@v2.1.1 + with: + name: build-artifact + path: dist + container: + image: jsii/superchain:1-buster-slim-node14 + release_github: + name: Publish to GitHub Releases + needs: release + runs-on: ubuntu-latest + permissions: + contents: write + if: needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x + - name: Download build artifacts + uses: actions/download-artifact@v2 + with: + name: build-artifact + path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Collect GitHub Metadata + run: mv .repo/dist dist + - name: Release + run: errout=$(mktemp); gh release create $(cat dist/releasetag.txt) -R $GITHUB_REPOSITORY -F dist/changelog.md -t $(cat dist/releasetag.txt) --target $GITHUB_REF 2> $errout && true; exitcode=$?; if [ $exitcode -ne 0 ] && ! grep -q "Release.tag_name already exists" $errout; then cat $errout; exit $exitcode; fi + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_REPOSITORY: ${{ github.repository }} + GITHUB_REF: ${{ github.ref }} + release_npm: + name: Publish to npm + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x + - name: Download build artifacts + uses: actions/download-artifact@v2 + with: + name: build-artifact + path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create js artifact + run: cd .repo && npx projen package:js + - name: Collect js Artifact + run: mv .repo/dist dist + - name: Release + run: npx -p publib@latest publib-npm + env: + NPM_DIST_TAG: latest + NPM_REGISTRY: registry.npmjs.org + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + release_maven: + name: Publish to Maven Central + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-java@v2 + with: + distribution: temurin + java-version: 11.x + - uses: actions/setup-node@v2 + with: + node-version: 14.x + - name: Download build artifacts + uses: actions/download-artifact@v2 + with: + name: build-artifact + path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create java artifact + run: cd .repo && npx projen package:java + - name: Collect java Artifact + run: mv .repo/dist dist + - name: Release + run: npx -p publib@latest publib-maven + env: + MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} + MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSPHRASE }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} + MAVEN_STAGING_PROFILE_ID: ${{ secrets.MAVEN_STAGING_PROFILE_ID }} + release_pypi: + name: Publish to PyPI + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x + - uses: actions/setup-python@v2 + with: + python-version: 3.x + - name: Download build artifacts + uses: actions/download-artifact@v2 + with: + name: build-artifact + path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create python artifact + run: cd .repo && npx projen package:python + - name: Collect python Artifact + run: mv .repo/dist dist + - name: Release + run: npx -p publib@latest publib-pypi + env: + TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} + TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} + release_golang: + name: Publish to GitHub Go Module Repository + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x + - uses: actions/setup-go@v2 + with: + go-version: ^1.16.0 + - name: Download build artifacts + uses: actions/download-artifact@v2 + with: + name: build-artifact + path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create go artifact + run: cd .repo && npx projen package:go + - name: Collect go Artifact + run: mv .repo/dist dist + - name: Release + run: npx -p publib@latest publib-golang + env: + GIT_USER_NAME: github-actions + GIT_USER_EMAIL: github-actions@github.com + GITHUB_TOKEN: ${{ secrets.GO_GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index 69fe0583..195ae399 100644 --- a/.gitignore +++ b/.gitignore @@ -41,6 +41,7 @@ junit.xml !/.github/workflows/build.yml /dist/changelog.md /dist/version.txt +!/.github/workflows/release.yml !/.mergify.yml !/.github/workflows/upgrade-main.yml !/.github/pull_request_template.md diff --git a/.projen/files.json b/.projen/files.json index 44677e8b..ffcd5fd1 100644 --- a/.projen/files.json +++ b/.projen/files.json @@ -5,6 +5,7 @@ ".github/pull_request_template.md", ".github/workflows/build.yml", ".github/workflows/pull-request-lint.yml", + ".github/workflows/release.yml", ".github/workflows/upgrade-main.yml", ".gitignore", ".mergify.yml", diff --git a/.projen/tasks.json b/.projen/tasks.json index 4c16c2b1..b1ca8b61 100644 --- a/.projen/tasks.json +++ b/.projen/tasks.json @@ -225,27 +225,6 @@ "name": "pre-compile", "description": "Prepare the project for compilation" }, - "publish:git": { - "name": "publish:git", - "description": "Prepends the release changelog onto the project changelog, creates a release commit, and tags the release", - "env": { - "CHANGELOG": "dist/changelog.md", - "RELEASE_TAG_FILE": "dist/releasetag.txt", - "PROJECT_CHANGELOG_FILE": "CHANGELOG.md", - "VERSION_FILE": "dist/version.txt" - }, - "steps": [ - { - "builtin": "release/update-changelog" - }, - { - "builtin": "release/tag-version" - }, - { - "exec": "git push --follow-tags origin main" - } - ] - }, "release": { "name": "release", "description": "Prepare a release from \"main\" branch", @@ -267,9 +246,6 @@ }, { "exec": "git diff --ignore-space-at-eol --exit-code" - }, - { - "spawn": "publish:git" } ] }, diff --git a/.projenrc.js b/.projenrc.js index f3c3b828..efd04a47 100644 --- a/.projenrc.js +++ b/.projenrc.js @@ -1,7 +1,6 @@ const fs = require('fs'); const { awscdk } = require('projen'); const { Stability } = require('projen/lib/cdk/jsii-project'); -const { ReleaseTrigger } = require('projen/lib/release'); const project = new awscdk.AwsCdkConstructLibrary({ author: 'Amir Szekely', @@ -28,7 +27,6 @@ const project = new awscdk.AwsCdkConstructLibrary({ // we build lambdas manually below 'src/lambdas', ], - releaseTrigger: ReleaseTrigger.manual(), releaseToNpm: true, publishToPypi: { distName: 'cloudsnorkel.cdk-github-runners', diff --git a/package.json b/package.json index 0dbd7496..d80cc59d 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,6 @@ "post-compile": "npx projen post-compile", "post-upgrade": "npx projen post-upgrade", "pre-compile": "npx projen pre-compile", - "publish:git": "npx projen publish:git", "release": "npx projen release", "test": "npx projen test", "test:update": "npx projen test:update",