-
Notifications
You must be signed in to change notification settings - Fork 0
196 lines (176 loc) · 7.69 KB
/
verify-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
# THIS CODE WAS AUTOGENERATED. DO NOT MODIFY THIS FILE DIRECTLY
# THE SOURCE CODE LIVES IN A DIFFERENT REPOSITORY:
# - centralized-templates
# FILE STEWARD: @pleo-io/devx
name: Verify Release
# This verifies that a given PR has the required labels before merge into the default branch.
on:
pull_request:
types:
- opened
- edited
- labeled
- unlabeled
- synchronize
- ready_for_review
jobs:
auto-version-pr:
name: Detect OpenAPI changes
if: ${{ (github.event.repository.language == 'Kotlin' || github.event.repository.language == 'Java') && github.event.pull_request.draft == false && false && github.event.action != 'unlabeled' }}
runs-on: ubuntu-latest
timeout-minutes: 30
concurrency: ci-${{ github.workflow }}-${{ github.ref }}
steps:
# Caches openapi docs
- name: Caches generated openapi docs
id: cache-docs
uses: actions/cache@v3
with:
path: |
generated.yaml
existing.yaml
key: OpenApiDocs-${{ github.workflow }}-${{ github.sha }}
# Checkout the default branch
- name: Checkout '${{ github.event.repository.default_branch }}'
if: steps.cache-docs.outputs.cache-hit != 'true'
uses: actions/checkout@v3
with:
ref: ${{ github.event.repository.default_branch }}
# Set up a JDK environment for building, testing and releasing.
- name: Setup JDK 17
if: steps.cache-docs.outputs.cache-hit != 'true'
uses: actions/[email protected]
with:
java-version: 17
distribution: temurin
# Allow caching Gradle executions to further speed up CI/CD steps invoking Gradle.
- name: Setup Gradle
if: steps.cache-docs.outputs.cache-hit != 'true'
uses: gradle/[email protected]
with:
gradle-executable: ./gradlew
gradle-version: wrapper
gradle-home-cache-cleanup: true
cache-read-only: true
# Generate the '${{ github.event.repository.default_branch }}' OpenAPI definition.
- name: Generate '${{ github.event.repository.default_branch }}' OpenAPI spec
if: steps.cache-docs.outputs.cache-hit != 'true'
run: |
./gradlew pleo-"$REPOSITORY_NAME"-rest:resolve --stacktrace
env:
GITHUB_TOKEN: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
REPOSITORY_NAME: ${{ github.event.repository.name }}
- name: Move OpenAPI schema
if: steps.cache-docs.outputs.cache-hit != 'true'
run: |
echo "Using OpenAPI spec path: 'pleo-$REPOSITORY_NAME-rest'"
FILE_PATH="$(find "pleo-$REPOSITORY_NAME-rest" -type f -name "$REPOSITORY_NAME-openapi.yaml" -not -path "pleo-$REPOSITORY_NAME-rest/build/*")"
mv "$FILE_PATH" "$NEW_PATH"
env:
REPOSITORY_NAME: ${{ github.event.repository.name }}
NEW_PATH: existing.yaml
- name: Checkout HEAD
if: steps.cache-docs.outputs.cache-hit != 'true'
uses: actions/checkout@v3
with:
ref: ${{ env.GITHUB_SHA }}
clean: false
# Generate modified OpenAPI definition from changes.
- name: Generate 'HEAD' OpenAPI spec
if: steps.cache-docs.outputs.cache-hit != 'true'
run: |
./gradlew pleo-"$REPOSITORY_NAME"-rest:resolve --stacktrace
env:
GITHUB_TOKEN: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
REPOSITORY_NAME: ${{ github.event.repository.name }}
- name: Move OpenAPI schema
if: steps.cache-docs.outputs.cache-hit != 'true'
run: |
echo "Using OpenAPI spec path: 'pleo-$REPOSITORY_NAME-rest'"
FILE_PATH="$(find "pleo-$REPOSITORY_NAME-rest" -type f -name "$REPOSITORY_NAME-openapi.yaml" -not -path "pleo-$REPOSITORY_NAME-rest/build/*")"
mv "$FILE_PATH" "$NEW_PATH"
env:
REPOSITORY_NAME: ${{ github.event.repository.name }}
NEW_PATH: generated.yaml
- name: Show spec contents
run: |
echo "::group::existing.yaml"
cat existing.yaml
echo "::group::generated.yaml"
cat generated.yaml
# Install OpenAPI diff tools.
- name: Install 'openapi-diff'
run: |
npm install openapi-diff yaml
# Diff OpenAPI specs.
- name: Diff OpenAPI specs
id: openapi-diff
uses: actions/github-script@v6
continue-on-error: true
with:
result-encoding: string
script: |
const fs = require('fs/promises')
const yaml = require('yaml')
const openapiDiff = require('openapi-diff')
const [existingContents, generatedContents] = await Promise.all([fs.readFile('existing.yaml', 'utf-8'), fs.readFile('generated.yaml', 'utf-8')])
const [existing, generated] = [yaml.parse(existingContents), yaml.parse(generatedContents)]
const {breakingDifferencesFound, nonBreakingDifferences} = await openapiDiff.diffSpecs({
sourceSpec: { content: JSON.stringify(existing), location: 'existing.yaml', format: 'openapi3' },
destinationSpec: { content: JSON.stringify(generated), location: 'generated.yaml', format: 'openapi3' }
})
core.info(`Saw breaking differences: ${breakingDifferencesFound}`)
core.info(`Saw non-breaking differences: ${JSON.stringify(nonBreakingDifferences)}`)
if (breakingDifferencesFound) {
core.info('Detected breaking changes (major).')
return 'major'
}
if (nonBreakingDifferences.length > 0) {
core.info('Detected non-breaking changes (minor).')
return 'minor'
}
core.info('Detected no changes (unknown).')
return 'unknown'
- name: Get all PR labels
id: pr-labels
uses: joerick/[email protected]
- name: Add labels for unlabelled PRs
if: ${{ steps.pr-labels.outputs.labels == '' && (steps.openapi-diff.outputs.result != 'unknown' || steps.openapi-diff.outputs.result != '') }}
uses: actions-ecosystem/action-add-labels@v1
with:
labels: ${{ steps.openapi-diff.outputs.result }}
- name: Add 'minor' label for non-breaking changes
if: contains(steps.pr-labels.outputs.labels, 'minor') != true && steps.openapi-diff.outputs.result == 'minor'
uses: actions-ecosystem/action-add-labels@v1
with:
labels: ${{ steps.openapi-diff.outputs.result }}
- name: Add 'major' label for breaking changes
if: contains(steps.pr-labels.outputs.labels, 'major') != true && steps.openapi-diff.outputs.result == 'major'
uses: actions-ecosystem/action-add-labels@v1
with:
labels: ${{ steps.openapi-diff.outputs.result }}
verify-release:
name: Verify Release
runs-on: ubuntu-latest
needs: auto-version-pr
timeout-minutes: 10
if: always()
steps:
- name: Checkout code
uses: actions/[email protected]
# Allow Renovate to pass this check on checks on branches where a PR isn't present yet.
- name: Determine author
id: determine_author
run: |
AUTHOR="$(git log -1 --pretty=format:'%an' | xargs -0)"
echo "$AUTHOR"
echo "author=$AUTHOR" >> "$GITHUB_OUTPUT"
- name: Verify PR labels
id: verify_pr_labels
if: steps.determine_author.outputs.author != 'Renovate (Pleo)'
uses: docker://agilepathway/pull-request-label-checker:latest
with:
any_of: major,minor,patch,internal
repo_token: ${{ secrets.GITHUB_TOKEN }}