Code Freeze #209
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Code Freeze | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: "New release version (calculated automatically if not provided)" | |
required: false | |
type: string | |
jobs: | |
create_release_branch: | |
name: Create Release Branch | |
runs-on: macos-15-xlarge | |
timeout-minutes: 10 | |
outputs: | |
release_branch_name: ${{ steps.make_release_branch.outputs.release_branch_name }} | |
asana_task_url: ${{ steps.make_release_branch.outputs.asana_task_url }} | |
steps: | |
- name: Assert main branch | |
run: | | |
if [ "${{ github.ref_name }}" != "main" ]; then | |
echo "👎 Not the main branch" | |
exit 1 | |
fi | |
- name: Check out the code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Fetch all history and tags in order to extract Asana task URLs from git log | |
submodules: recursive | |
- name: Prepare fastlane | |
run: bundle install | |
- name: Make release branch | |
id: make_release_branch | |
env: | |
ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} | |
GITHUB_TOKEN: ${{ github.token }} | |
run: | | |
bundle exec fastlane run start_new_release \ | |
platform:"macos" \ | |
version:"${{ inputs.version }}" \ | |
github_handle:"${{ github.actor }}" \ | |
target_section_id:"${{ vars.MACOS_APP_BOARD_VALIDATION_SECTION_ID }}" | |
run_tests: | |
name: Run Tests | |
needs: create_release_branch | |
uses: ./.github/workflows/pr.yml | |
with: | |
branch: ${{ needs.create_release_branch.outputs.release_branch_name }} | |
secrets: | |
APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }} | |
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} | |
APPLE_API_KEY_ISSUER: ${{ secrets.APPLE_API_KEY_ISSUER }} | |
ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} | |
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} | |
SSH_PRIVATE_KEY_FASTLANE_MATCH: ${{ secrets.SSH_PRIVATE_KEY_FASTLANE_MATCH }} | |
increment_build_number: | |
name: Increment Build Number | |
needs: [ create_release_branch, run_tests ] | |
runs-on: macos-15-xlarge | |
timeout-minutes: 10 | |
steps: | |
- name: Check out the code | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
ref: ${{ needs.create_release_branch.outputs.release_branch_name }} | |
- name: Prepare fastlane | |
run: bundle install | |
- name: Increment build number | |
env: | |
APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }} | |
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} | |
APPLE_API_KEY_ISSUER: ${{ secrets.APPLE_API_KEY_ISSUER }} | |
ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} | |
GITHUB_TOKEN: ${{ github.token }} | |
run: | | |
bundle exec fastlane run bump_build_number platform:"macos" | |
prepare_release: | |
name: Prepare Release | |
needs: [ create_release_branch, increment_build_number ] | |
uses: ./.github/workflows/release.yml | |
with: | |
asana-task-url: ${{ needs.create_release_branch.outputs.asana_task_url }} | |
branch: ${{ needs.create_release_branch.outputs.release_branch_name }} | |
secrets: | |
APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }} | |
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} | |
APPLE_API_KEY_ISSUER: ${{ secrets.APPLE_API_KEY_ISSUER }} | |
ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} | |
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} | |
MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} | |
MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} | |
SSH_PRIVATE_KEY_FASTLANE_MATCH: ${{ secrets.SSH_PRIVATE_KEY_FASTLANE_MATCH }} | |
tag_and_merge: | |
name: Tag and Merge Branch | |
needs: [ create_release_branch, prepare_release ] | |
uses: ./.github/workflows/tag_release.yml | |
with: | |
asana-task-url: ${{ needs.create_release_branch.outputs.asana_task_url }} | |
base-branch: ${{ github.ref_name }} | |
branch: ${{ needs.create_release_branch.outputs.release_branch_name }} | |
prerelease: true | |
secrets: | |
ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} | |
GHA_ELEVATED_PERMISSIONS_TOKEN: ${{ secrets.GHA_ELEVATED_PERMISSIONS_TOKEN }} |