-
Notifications
You must be signed in to change notification settings - Fork 3k
235 lines (196 loc) · 11.1 KB
/
preDeploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
name: Process new code merged to main
on:
push:
branches: [main]
jobs:
lint:
uses: Expensify/App/.github/workflows/lint.yml@main
test:
uses: Expensify/App/.github/workflows/test.yml@main
confirmPassingBuild:
runs-on: ubuntu-latest
needs: [lint, test]
if: ${{ always() }}
steps:
- if: ${{ needs.lint.result == 'failure' || needs.test.result == 'failure' }}
uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
- if: ${{ needs.lint.result == 'failure' || needs.test.result == 'failure' }}
run: exit 1
chooseDeployActions:
runs-on: ubuntu-latest
needs: confirmPassingBuild
outputs:
MERGED_PR: ${{ steps.getMergedPullRequest.outputs.number }}
IS_AUTOMATED_PR: ${{ steps.isAutomatedPullRequest.outputs.IS_AUTOMATED_PR }}
SHOULD_DEPLOY: ${{ steps.shouldDeploy.outputs.SHOULD_DEPLOY }}
SHOULD_CP: ${{ steps.isStagingDeployLocked.outputs.IS_LOCKED && steps.hasCherryPickLabel.outputs.HAS_CP_LABEL }}
steps:
- name: Get merged pull request
id: getMergedPullRequest
uses: actions-ecosystem/action-get-merged-pull-request@59afe90821bb0b555082ce8ff1e36b03f91553d9
with:
github_token: ${{ github.token }}
- name: Check if StagingDeployCash is locked
id: isStagingDeployLocked
uses: Expensify/App/.github/actions/javascript/isStagingDeployLocked@main
with:
GITHUB_TOKEN: ${{ github.token }}
- name: Check if merged pull request was an automated PR
id: isAutomatedPullRequest
run: echo "IS_AUTOMATED_PR=${{ github.actor == 'OSBotify' }}" >> "$GITHUB_OUTPUT"
- name: Check if merged pull request has `CP Staging` label
id: hasCherryPickLabel
run: echo "HAS_CP_LABEL=${{ contains(steps.getMergedPullRequest.outputs.labels, 'CP Staging') }}" >> "$GITHUB_OUTPUT"
- name: Check if merged pull request should trigger a deploy
id: shouldDeploy
run: echo "SHOULD_DEPLOY=${{ fromJSON(steps.hasCherryPickLabel.outputs.HAS_CP_LABEL) || (!fromJSON(steps.isStagingDeployLocked.outputs.IS_LOCKED) && !fromJSON(steps.isAutomatedPullRequest.outputs.IS_AUTOMATED_PR)) }}" >> "$GITHUB_OUTPUT"
skipDeploy:
runs-on: ubuntu-latest
needs: chooseDeployActions
if: ${{ !fromJSON(needs.chooseDeployActions.outputs.SHOULD_DEPLOY) && !fromJSON(needs.chooseDeployActions.outputs.IS_AUTOMATED_PR) }}
steps:
- name: Comment on deferred PR
uses: actions-ecosystem/action-create-comment@cd098164398331c50e7dfdd0dfa1b564a1873fac
with:
github_token: ${{ secrets.OS_BOTIFY_TOKEN }}
number: ${{ needs.chooseDeployActions.outputs.MERGED_PR }}
body: |
:hand: This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release.
createNewVersion:
needs: chooseDeployActions
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_DEPLOY) }}
uses: Expensify/App/.github/workflows/createNewVersion.yml@main
secrets: inherit
updateStaging:
needs: [chooseDeployActions, createNewVersion]
runs-on: ubuntu-latest
steps:
- uses: softprops/turnstyle@ca99add00ff0c9cbc697d22631d2992f377e5bd5
with:
poll-interval-seconds: 10
env:
GITHUB_TOKEN: ${{ github.token }}
- uses: actions/checkout@v3
with:
ref: main
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
- name: Update staging branch from main
if: ${{ !fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
run: |
# Re-create the staging branch from main
git switch -c staging
# Force-update the remote staging branch
git push --force origin staging
- name: Cherry-pick PR to staging
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
uses: Expensify/App/.github/actions/javascript/triggerWorkflowAndWait@main
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
WORKFLOW: cherryPick.yml
INPUTS: '{ "PULL_REQUEST_NUMBER": "${{ needs.chooseDeployActions.outputs.MERGED_PR }}", "NEW_VERSION": "${{ needs.createNewVersion.outputs.NEW_VERSION }}" }'
# Create a local git tag on staging so that GitUtils.getPullRequestsMergedBetween can use `git log` to generate a
# list of pull requests that were merged between this version tag and another.
# NOTE: This tag is only used locally and shouldn't be pushed to the remote.
# If it was pushed, that would trigger the staging deploy which is handled in a separate workflow (deploy.yml)
- name: Tag staging
run: git tag ${{ needs.createNewVersion.outputs.NEW_VERSION }}
- name: Update StagingDeployCash
uses: Expensify/App/.github/actions/javascript/createOrUpdateStagingDeploy@main
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
NPM_VERSION: ${{ needs.createNewVersion.outputs.NEW_VERSION }}
- name: Find open StagingDeployCash
id: getStagingDeployCash
run: echo "STAGING_DEPLOY_CASH=$(gh issue list --label StagingDeployCash --json number --jq '.[0].number')" >> "$GITHUB_OUTPUT"
env:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Comment in StagingDeployCash to alert Applause that a new pull request has been cherry-picked
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
run: |
PR_URL="https://github.com/Expensify/App/pull/${{ needs.chooseDeployActions.outputs.MERGED_PR }}"
printf -v COMMENT ":clap: Heads up @Expensify/applauseleads :clap:\nA [new pull request](%s) has been :cherries: cherry-picked :cherries: to staging, and will be deployed to staging in version \`%s\` :rocket:" "$PR_URL" ${{ needs.createNewVersion.outputs.NEW_VERSION }}
gh issue comment \
${{ steps.getStagingDeployCash.outputs.STAGING_DEPLOY_CASH }} \
--body "$COMMENT"
env:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Wait for staging deploys to finish
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
uses: Expensify/App/.github/actions/javascript/awaitStagingDeploys@main
with:
GITHUB_TOKEN: ${{ github.token }}
TAG: ${{ needs.createNewVersion.outputs.NEW_VERSION }}
- name: Comment in StagingDeployCash to alert Applause that cherry-picked pull request has been deployed.
if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_CP) }}
run: |
gh issue comment \
${{ steps.getStagingDeployCash.outputs.STAGING_DEPLOY_CASH }} \
--body ":tada: All set?…You bet! @Expensify/applauseleads https://github.com/Expensify/App/releases/tag/${{ needs.createNewVersion.outputs.NEW_VERSION }} has been deployed to staging :tada:"
env:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
- if: ${{ failure() }}
uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Check if actor is member of Expensify organization by looking for Expensify/expensify team
isExpensifyEmployee:
runs-on: ubuntu-latest
outputs:
IS_EXPENSIFY_EMPLOYEE: ${{ fromJSON(steps.checkActor.outputs.isTeamMember) }}
steps:
- name: Get merged pull request
id: getMergedPullRequest
uses: roryabraham/action-get-merged-pull-request@7a7a194f6ff8f3eef58c822083695a97314ebec1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Check whether the actor is member of Expensify/expensify team
id: checkActor
uses: tspascoal/get-user-teams-membership@baf2e6adf4c3b897bd65a7e3184305c165aec872
with:
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
username: ${{ steps.getMergedPullRequest.outputs.author }}
team: Expensify/expensify
newContributorWelcomeMessage:
runs-on: ubuntu-latest
needs: isExpensifyEmployee
if: ${{ github.actor != 'OSBotify' && !fromJSON(needs.isExpensifyEmployee.outputs.IS_EXPENSIFY_EMPLOYEE) }}
steps:
# Version: 2.3.4
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
with:
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Get merged pull request
id: getMergedPullRequest
# TODO: Point back action actions-ecosystem after https://github.com/actions-ecosystem/action-get-merged-pull-request/pull/223 is merged
uses: roryabraham/action-get-merged-pull-request@7a7a194f6ff8f3eef58c822083695a97314ebec1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Get PR count for ${{ steps.getMergedPullRequest.outputs.author }}
run: echo "PR_COUNT=$(gh pr list --author ${{ steps.getMergedPullRequest.outputs.author }} --state any | grep -c '')" >> "$GITHUB_ENV"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Comment on ${{ steps.getMergedPullRequest.outputs.author }}\'s first pull request!
if: ${{ fromJSON(env.PR_COUNT) == 1 }}
uses: actions-ecosystem/action-create-comment@cd098164398331c50e7dfdd0dfa1b564a1873fac
with:
github_token: ${{ secrets.OS_BOTIFY_TOKEN }}
number: ${{ steps.getMergedPullRequest.outputs.number }}
body: |
@${{ steps.getMergedPullRequest.outputs.author }}, Great job getting your first Expensify/App pull request over the finish line! :tada:
I know there's a lot of information in our [contributing guidelines](https://github.com/Expensify/App/blob/main/contributingGuides/CONTRIBUTING.md), so here are some points to take note of :memo::
1. Now that your first PR has been merged, you can be hired for another issue. Once you've completed a few issues, you may be eligible to work on more than one job at a time.
2. Once your PR is deployed to our staging servers, it will undergo quality assurance (QA) testing. If we find that it doesn't work as expected or causes a regression, you'll be responsible for fixing it. Typically, we would revert this PR and give you another chance to create a similar PR without causing a regression.
3. Once your PR is deployed to _production_, we start a 7-day timer :alarm_clock:. After it has been on production for 7 days without causing any regressions, then we pay out the Upwork job. :moneybag:
So it might take a while before you're paid for your work, but we typically post multiple new jobs every day, so there's plenty of opportunity. I hope you've had a positive experience contributing to this repo! :blush:
e2ePerformanceTests:
needs: [chooseDeployActions]
if: ${{ needs.chooseDeployActions.outputs.SHOULD_DEPLOY }}
uses: Expensify/App/.github/workflows/e2ePerformanceTests.yml@main
secrets: inherit
with:
PR_NUMBER: ${{ needs.chooseDeployActions.outputs.MERGED_PR }}