Skip to content

Card is showing RBR for suspicious transaction, when no suspicious transaction occurred or is shown in the inbox #18701

Card is showing RBR for suspicious transaction, when no suspicious transaction occurred or is shown in the inbox

Card is showing RBR for suspicious transaction, when no suspicious transaction occurred or is shown in the inbox #18701

name: Prepare production deploy
on:
issues:
types: [closed]
# The updateProduction and createNewStagingDeployCash jobs are executed when a StagingDeployCash is closed.
jobs:
validate:
runs-on: ubuntu-latest
if: contains(github.event.issue.labels.*.name, 'StagingDeployCash')
outputs:
isValid: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && !fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS) }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Setup git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
id: setupGitForOSBotify
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
- name: Validate actor is deployer
id: isDeployer
run: |
if gh api /orgs/Expensify/teams/mobile-deployers/memberships/${{ github.actor }} --silent; then
echo "IS_DEPLOYER=true" >> "$GITHUB_OUTPUT"
else
echo "IS_DEPLOYER=false" >> "$GITHUB_OUTPUT"
fi
env:
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}
- name: Reopen and comment on issue (not a team member)
if: ${{ !fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }}
uses: ./.github/actions/javascript/reopenIssueWithComment
with:
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
COMMENT: |
Sorry, only members of @Expensify/Mobile-Deployers can close deploy checklists.
Reopening!
- name: Check for any deploy blockers
if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }}
id: checkDeployBlockers
uses: ./.github/actions/javascript/checkDeployBlockers
with:
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
- name: Reopen and comment on issue (has blockers)
if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS || 'false') }}
uses: ./.github/actions/javascript/reopenIssueWithComment
with:
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
COMMENT: |
This issue either has unchecked items or has not yet been marked with the `:shipit:` emoji of approval.
Reopening!
- name: Announce failed workflow in Slack
if: ${{ failure() }}
uses: ./.github/actions/composite/announceFailedWorkflowInSlack
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Update the production branch to trigger the production deploy.
updateProduction:
runs-on: ubuntu-latest
needs: validate
if: ${{ fromJSON(needs.validate.outputs.isValid) }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: staging
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Setup git for OSBotify
id: setupGitForOSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
- name: Update production branch
run: |
# Re-create the production branch from staging
git switch -c production
# Force-update the remote production branch.
git push --force origin production
- name: Announce failed workflow in Slack
if: ${{ failure() }}
uses: ./.github/actions/composite/announceFailedWorkflowInSlack
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Create a new patch version to prep for next release cycle
createNewPatchVersion:
needs: validate
if: ${{ fromJSON(needs.validate.outputs.isValid) }}
uses: ./.github/workflows/createNewVersion.yml
secrets: inherit
with:
SEMVER_LEVEL: PATCH
# Update the staging branch to trigger a staging deploy
updateStaging:
runs-on: ubuntu-latest
needs: [updateProduction, createNewPatchVersion]
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Setup git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
- name: Update staging branch to trigger staging deploy
run: |
# Re-create the staging branch from main
git switch -c staging
# Force-update the remote staging branch
git push --force origin staging
- name: Announce failed workflow in Slack
if: ${{ failure() }}
uses: ./.github/actions/composite/announceFailedWorkflowInSlack
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}