-
Notifications
You must be signed in to change notification settings - Fork 3k
147 lines (128 loc) · 5.4 KB
/
finishReleaseCycle.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
name: Prepare production deploy
on:
issues:
types: [closed]
# The updateProduction and createNewStagingDeployCash jobs are executed when a StagingDeployCash is closed.
jobs:
validate:
runs-on: ubuntu-latest
if: contains(github.event.issue.labels.*.name, 'StagingDeployCash')
outputs:
isValid: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && !fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS) }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Setup git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
id: setupGitForOSBotify
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
- name: Validate actor is deployer
id: isDeployer
run: |
if gh api /orgs/Expensify/teams/mobile-deployers/memberships/${{ github.actor }} --silent; then
echo "IS_DEPLOYER=true" >> "$GITHUB_OUTPUT"
else
echo "IS_DEPLOYER=false" >> "$GITHUB_OUTPUT"
fi
env:
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}
- name: Reopen and comment on issue (not a team member)
if: ${{ !fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }}
uses: ./.github/actions/javascript/reopenIssueWithComment
with:
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
COMMENT: |
Sorry, only members of @Expensify/Mobile-Deployers can close deploy checklists.
Reopening!
- name: Check for any deploy blockers
if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }}
id: checkDeployBlockers
uses: ./.github/actions/javascript/checkDeployBlockers
with:
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
- name: Reopen and comment on issue (has blockers)
if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS || 'false') }}
uses: ./.github/actions/javascript/reopenIssueWithComment
with:
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
COMMENT: |
This issue either has unchecked items or has not yet been marked with the `:shipit:` emoji of approval.
Reopening!
- name: Announce failed workflow in Slack
if: ${{ failure() }}
uses: ./.github/actions/composite/announceFailedWorkflowInSlack
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Update the production branch to trigger the production deploy.
updateProduction:
runs-on: ubuntu-latest
needs: validate
if: ${{ fromJSON(needs.validate.outputs.isValid) }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: staging
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Setup git for OSBotify
id: setupGitForOSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
- name: Update production branch
run: |
# Re-create the production branch from staging
git switch -c production
# Force-update the remote production branch.
git push --force origin production
- name: Announce failed workflow in Slack
if: ${{ failure() }}
uses: ./.github/actions/composite/announceFailedWorkflowInSlack
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
# Create a new patch version to prep for next release cycle
createNewPatchVersion:
needs: validate
if: ${{ fromJSON(needs.validate.outputs.isValid) }}
uses: ./.github/workflows/createNewVersion.yml
secrets: inherit
with:
SEMVER_LEVEL: PATCH
# Update the staging branch to trigger a staging deploy
updateStaging:
runs-on: ubuntu-latest
needs: [updateProduction, createNewPatchVersion]
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.OS_BOTIFY_TOKEN }}
- name: Setup git for OSBotify
uses: ./.github/actions/composite/setupGitForOSBotifyApp
with:
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }}
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }}
- name: Update staging branch to trigger staging deploy
run: |
# Re-create the staging branch from main
git switch -c staging
# Force-update the remote staging branch
git push --force origin staging
- name: Announce failed workflow in Slack
if: ${{ failure() }}
uses: ./.github/actions/composite/announceFailedWorkflowInSlack
with:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}