-
Notifications
You must be signed in to change notification settings - Fork 3k
249 lines (212 loc) · 11.6 KB
/
preDeploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
name: Process new code merged to main
on:
push:
branches: [main]
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Run lint workflow
uses: Expensify/App/.github/workflows/lint.yml@main
test:
runs-on: ubuntu-latest
steps:
- name: Run test workflow
uses: Expensify/App/.github/workflows/test.yml@main
confirmPassingBuild:
runs-on: ubuntu-latest
needs: [lint, test]
if: ${{ always() }}
steps:
- name: Announce failed workflow in Slack
if: ${{ needs.lint.result == 'failure' || needs.test.result == 'failure' }}
uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
- name: Exit failed workflow
if: ${{ needs.lint.result == 'failure' || needs.test.result == 'failure' }}
run: exit 1
chooseDeployActions:
runs-on: ubuntu-latest
needs: confirmPassingBuild
outputs:
MERGED_PR: ${{ steps.getMergedPullRequest.outputs.number }}
IS_AUTOMATED_PR: ${{ fromJSON(steps.isAutomatedPullRequest.outputs.IS_AUTOMATED_PR) }}
SHOULD_DEPLOY: ${{ fromJSON(steps.shouldDeploy.outputs.SHOULD_DEPLOY) }}
SHOULD_CP: ${{ fromJSON(steps.isStagingDeployLocked.outputs.IS_LOCKED) && fromJSON(steps.hasCherryPickLabel.outputs.HAS_CP_LABEL) }}
steps:
- name: Get merged pull request
id: getMergedPullRequest
uses: actions-ecosystem/action-get-merged-pull-request@59afe90821bb0b555082ce8ff1e36b03f91553d9
with:
github_token: ${{ github.token }}
- name: Check if StagingDeployCash is locked
id: isStagingDeployLocked
uses: Expensify/App/.github/actions/javascript/isStagingDeployLocked@main
with:
GITHUB_TOKEN: ${{ github.token }}
- name: Check if merged pull request was an automated PR
id: isAutomatedPullRequest
run: echo "IS_AUTOMATED_PR=${{ github.actor == 'OSBotify' }}" >> "$GITHUB_OUTPUT"
- name: Check if merged pull request has `CP Staging` label
id: hasCherryPickLabel
run: echo "HAS_CP_LABEL=${{ contains(steps.getMergedPullRequest.outputs.labels, 'CP Staging') }}" >> "$GITHUB_OUTPUT"
- name: Check if merged pull request should trigger a deploy
id: shouldDeploy
run: echo "SHOULD_DEPLOY=${{ fromJSON(steps.hasCherryPickLabel.outputs.HAS_CP_LABEL) || (!fromJSON(steps.isStagingDeployLocked.outputs.IS_LOCKED) && !fromJSON(steps.isAutomatedPullRequest.outputs.IS_AUTOMATED_PR)) }}" >> "$GITHUB_OUTPUT"
skipDeploy:
runs-on: ubuntu-latest
needs: chooseDeployActions
if: ${{ !fromJSON(needs.chooseDeployActions.outputs.SHOULD_DEPLOY) && !fromJSON(needs.chooseDeployActions.outputs.IS_AUTOMATED_PR) }}
steps:
- name: Comment on deferred PR
uses: actions-ecosystem/action-create-comment@cd098164398331c50e7dfdd0dfa1b564a1873fac
with:
github_token: ${{ secrets.OS_BOTIFY_TOKEN }}
number: ${{ needs.chooseDeployActions.outputs.MERGED_PR }}
body: |
:hand: This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release.
createNewVersion:
runs-on: ubuntu-latest
needs: chooseDeployActions
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_DEPLOY) }}
secrets: inherit
outputs:
NEW_VERSION: ${{ steps.createNewVersion.outputs.NEW_VERSION }}
steps:
- name: Create new version
id: createNewVersion
uses: Expensify/App/.github/workflows/createNewVersion.yml@main
updateStaging:
needs: [chooseDeployActions, createNewVersion]
runs-on: ubuntu-latest
steps:
- name: Run turnstyle
uses: softprops/turnstyle@ca99add00ff0c9cbc697d22631d2992f377e5bd5
with:
poll-interval-seconds: 10
env:
GITHUB_TOKEN: ${{ github.token }}
- name: Update staging branch from main
if: ${{ !fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
uses: Expensify/App/.github/actions/composite/updateProtectedBranch@main
with:
TARGET_BRANCH: staging
OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
- name: Cherry-pick PR to staging
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
uses: Expensify/App/.github/actions/javascript/triggerWorkflowAndWait@main
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
WORKFLOW: cherryPick.yml
INPUTS: '{ "PULL_REQUEST_NUMBER": "${{ needs.chooseDeployActions.outputs.MERGED_PR }}", "NEW_VERSION": "${{ needs.createNewVersion.outputs.NEW_VERSION }}" }'
# Version: 3.0.2
- name: Checkout staging
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
with:
ref: staging
fetch-depth: 0
# Create a local git tag on staging so that GitUtils.getPullRequestsMergedBetween can use `git log` to generate a
# list of pull requests that were merged between this version tag and another.
# NOTE: This tag is only used locally and shouldn't be pushed to the remote.
# If it was pushed, that would trigger the staging deploy which is handled in a separate workflow (deploy.yml)
- name: Tag staging
run: git tag ${{ needs.createNewVersion.outputs.NEW_VERSION }}
- name: Update StagingDeployCash
uses: Expensify/App/.github/actions/javascript/createOrUpdateStagingDeploy@main
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
NPM_VERSION: ${{ needs.createNewVersion.outputs.NEW_VERSION }}
- name: Find open StagingDeployCash
id: getStagingDeployCash
run: echo "STAGING_DEPLOY_CASH=$(gh issue list --label StagingDeployCash --json number --jq '.[0].number')" >> "$GITHUB_OUTPUT"
env:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Comment in StagingDeployCash to alert Applause that a new pull request has been cherry-picked
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
run: |
PR_URL="https://github.com/Expensify/App/pull/${{ needs.chooseDeployActions.outputs.MERGED_PR }}"
printf -v COMMENT ":clap: Heads up @Expensify/applauseleads :clap:\nA [new pull request](%s) has been :cherries: cherry-picked :cherries: to staging, and will be deployed to staging in version \`%s\` :rocket:" "$PR_URL" ${{ needs.createNewVersion.outputs.NEW_VERSION }}
gh issue comment \
${{ steps.getStagingDeployCash.outputs.STAGING_DEPLOY_CASH }} \
--body "$COMMENT"
env:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Wait for staging deploys to finish
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
uses: Expensify/App/.github/actions/javascript/awaitStagingDeploys@main
with:
GITHUB_TOKEN: ${{ github.token }}
TAG: ${{ needs.createNewVersion.outputs.NEW_VERSION }}
- name: Comment in StagingDeployCash to alert Applause that cherry-picked pull request has been deployed.
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
run: |
gh issue comment \
${{ steps.getStagingDeployCash.outputs.STAGING_DEPLOY_CASH }} \
--body ":tada: All set?…You bet! @Expensify/applauseleads https://github.com/Expensify/App/releases/tag/${{ needs.createNewVersion.outputs.NEW_VERSION }} has been deployed to staging :tada:"
env:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Announce failed workflow in Slack
if: ${{ failure() }}
uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Check if actor is member of Expensify organization by looking for Expensify/expensify team
isExpensifyEmployee:
runs-on: ubuntu-latest
outputs:
IS_EXPENSIFY_EMPLOYEE: ${{ fromJSON(steps.checkActor.outputs.isTeamMember) }}
steps:
- name: Get merged pull request
id: getMergedPullRequest
uses: roryabraham/action-get-merged-pull-request@7a7a194f6ff8f3eef58c822083695a97314ebec1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Check whether the actor is member of Expensify/expensify team
id: checkActor
uses: tspascoal/get-user-teams-membership@baf2e6adf4c3b897bd65a7e3184305c165aec872
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
username: ${{ steps.getMergedPullRequest.outputs.author }}
team: Expensify/expensify
newContributorWelcomeMessage:
runs-on: ubuntu-latest
needs: isExpensifyEmployee
if: ${{ github.actor != 'OSBotify' && !fromJSON(needs.isExpensifyEmployee.outputs.IS_EXPENSIFY_EMPLOYEE) }}
steps:
# Version: 2.3.4
- name: Checkout
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
with:
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Get merged pull request
id: getMergedPullRequest
# TODO: Point back action actions-ecosystem after https://github.com/actions-ecosystem/action-get-merged-pull-request/pull/223 is merged
uses: roryabraham/action-get-merged-pull-request@7a7a194f6ff8f3eef58c822083695a97314ebec1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Get PR count for ${{ steps.getMergedPullRequest.outputs.author }}
run: echo "PR_COUNT=$(gh pr list --author ${{ steps.getMergedPullRequest.outputs.author }} --state any | grep -c '')" >> "$GITHUB_ENV"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Comment on ${{ steps.getMergedPullRequest.outputs.author }}\'s first pull request!
if: ${{ fromJSON(env.PR_COUNT) == 1 }}
uses: actions-ecosystem/action-create-comment@cd098164398331c50e7dfdd0dfa1b564a1873fac
with:
github_token: ${{ secrets.OS_BOTIFY_TOKEN }}
number: ${{ steps.getMergedPullRequest.outputs.number }}
body: |
@${{ steps.getMergedPullRequest.outputs.author }}, Great job getting your first Expensify/App pull request over the finish line! :tada:
I know there's a lot of information in our [contributing guidelines](https://github.com/Expensify/App/blob/main/contributingGuides/CONTRIBUTING.md), so here are some points to take note of :memo::
1. Now that your first PR has been merged, you can be hired for another issue. Once you've completed a few issues, you may be eligible to work on more than one job at a time.
2. Once your PR is deployed to our staging servers, it will undergo quality assurance (QA) testing. If we find that it doesn't work as expected or causes a regression, you'll be responsible for fixing it. Typically, we would revert this PR and give you another chance to create a similar PR without causing a regression.
3. Once your PR is deployed to _production_, we start a 7-day timer :alarm_clock:. After it has been on production for 7 days without causing any regressions, then we pay out the Upwork job. :moneybag:
So it might take a while before you're paid for your work, but we typically post multiple new jobs every day, so there's plenty of opportunity. I hope you've had a positive experience contributing to this repo! :blush:
e2ePerformanceTests:
needs: [chooseDeployActions]
if: ${{ needs.chooseDeployActions.outputs.SHOULD_DEPLOY }}
uses: Expensify/App/.github/workflows/e2ePerformanceTests.yml@main
secrets: inherit
with:
PR_NUMBER: ${{ needs.chooseDeployActions.outputs.MERGED_PR }}