Skip to content

Commit

Permalink
ci: add approvers based on github enterprise environments, update rel…
Browse files Browse the repository at this point in the history
…ease pipeline to follow new release/hotfix strategy. (#2119)

* ci: adjusted the pipeline for release to essentially only release if the approver condition is met. Removed the action way of doing approvers for github enterprise way of doing approvers.
  • Loading branch information
gzukel authored May 6, 2024
1 parent 6adfe6f commit 270be69
Show file tree
Hide file tree
Showing 2 changed files with 69 additions and 38 deletions.
106 changes: 68 additions & 38 deletions .github/workflows/publish-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,28 @@ on:
required: false
default: false
description: 'Use this to skip: gosec, gosec-cosmos, check-changelog, check-upgrade-uandler-updated, build-test, smoke-test and go straight to approval step.'
skip_release:
type: boolean
required: false
default: false
description: 'If this is true it will simply execute all the steps for a release prior to actually cutting the release, then stop'

concurrency:
group: publish-release
cancel-in-progress: false

jobs:
check_branch:
if: ${{ (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }}
runs-on: ubuntu-latest
steps:
- name: Branch
run: |
echo "${{ github.ref }}"
gosec:
needs:
- check_branch
runs-on: ubuntu-latest
env:
GO111MODULE: on
Expand All @@ -41,13 +56,15 @@ jobs:
with:
args: ./...

- name: Skip Checks Succeed for Needs.
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "Check Skipped, Mark Green for Pipeline Execution"
echo "continue"
gosec-cosmos:
needs:
- check_branch
runs-on: ubuntu-latest
env:
GO111MODULE: on
Expand All @@ -68,12 +85,15 @@ jobs:
if: ${{ github.event.inputs.skip_checks != 'true' }}
run: make lint-cosmos-gosec

- name: Skip Checks Succeed for Needs.
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "Check Skipped, Mark Green for Pipeline Execution"
echo "continue"
lint:
needs:
- check_branch
runs-on: ubuntu-latest
timeout-minutes: 15
env:
Expand All @@ -99,12 +119,15 @@ jobs:
skip-cache: true
args: --out-format=json

- name: Skip Checks Succeed for Needs.
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "Check Skipped, Mark Green for Pipeline Execution"
echo "continue"
check-changelog:
needs:
- check_branch
runs-on: ubuntu-latest
steps:

Expand All @@ -122,7 +145,6 @@ jobs:
https://api.github.com/repos/${{ github.repository }}/git/ref/heads/develop | jq -r '.object.sha')
echo "DEVELOP_SHA=${SHA}" >> ${GITHUB_ENV}
echo "CURRENT_BRANCH_SHA=${{ github.sha }}" >> ${GITHUB_ENV}
- name: Check for CHANGELOG.md changes
if: ${{ github.event.inputs.skip_checks != 'true' }}
Expand All @@ -139,12 +161,15 @@ jobs:
echo "CHANGELOG.md has been updated."
fi
- name: Skip Checks Succeed for Needs.
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "Check Skipped, Mark Green for Pipeline Execution"
echo "continue"
check-upgrade-handler-updated:
needs:
- check_branch
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
Expand All @@ -168,12 +193,15 @@ jobs:
fi
echo "The major version found in 'releaseVersion' in app/setup_handlers.go matches this tagged release - Moving Forward!"
- name: Skip Checks Succeed for Needs.
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "Check Skipped, Mark Green for Pipeline Execution"
echo "continue"
build-test:
needs:
- check_branch
runs-on: buildjet-4vcpu-ubuntu-2004
timeout-minutes: 15
concurrency:
Expand Down Expand Up @@ -242,12 +270,15 @@ jobs:
shell: bash
run: rm -rf *

- name: Skip Checks Succeed for Needs.
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "Check Skipped, Mark Green for Pipeline Execution"
echo "continue"
smoke-test:
needs:
- check_branch
runs-on: buildjet-4vcpu-ubuntu-2204
timeout-minutes: 25
steps:
Expand Down Expand Up @@ -317,15 +348,15 @@ jobs:
shell: bash
run: sudo rm -rf *

- name: Skip Checks Succeed for Needs.
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "Check Skipped, Mark Green for Pipeline Execution"
echo "continue"
e2e-admin-tests:
needs:
- check_branch
runs-on: buildjet-4vcpu-ubuntu-2204
timeout-minutes: 120
steps:
Expand All @@ -339,7 +370,15 @@ jobs:
run: |
make start-e2e-admin-test
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "continue"
e2e-upgrade-test:
needs:
- check_branch
runs-on: buildjet-4vcpu-ubuntu-2204
timeout-minutes: 120
steps:
Expand All @@ -353,9 +392,14 @@ jobs:
run: |
make start-upgrade-test
approval:
runs-on: ubuntu-latest
timeout-minutes: 10
- name: Mark Job Complete Skipped
if: ${{ github.event.inputs.skip_checks == 'true' }}
shell: bash
run: |
echo "continue"
publish-release:
if: ${{ github.event.inputs.skip_release == 'false' }}
needs:
- gosec
- gosec-cosmos
Expand All @@ -366,24 +410,10 @@ jobs:
- build-test
- e2e-admin-tests
- e2e-upgrade-test
steps:

- uses: trstringer/manual-approval@v1
with:
secret: ${{ github.TOKEN }}
approvers: kingpinXD,lumtis,brewmaster012,CharlieMc0
minimum-approvals: 1
issue-title: "[Release] Approval, version: ${{ github.event.inputs.version }}"
issue-body: "Once approved the release pipeline will continue."
exclude-workflow-initiator-as-approver: true
additional-approved-words: ''
additional-denied-words: ''
publish-release:
- check_branch
runs-on: buildjet-4vcpu-ubuntu-2004
timeout-minutes: 60
needs:
- approval

environment: release
steps:
- uses: actions/checkout@v3

Expand Down
1 change: 1 addition & 0 deletions changelog.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
### CI

* [2070](https://github.com/zeta-chain/node/pull/2070) - Added commands to build binaries from the working branch as a live full node rpc to test non-governance changes.
* [2119](https://github.com/zeta-chain/node/pull/2119) - Updated the release pipeline to only run on hotfix/ and release/ branches. Added option to only run pre-checks and not cut release as well. Switched approval steps to use environments.

## v16.0.0

Expand Down

0 comments on commit 270be69

Please sign in to comment.