From 77fc336c9647deff9e1b69785d85502914847ba2 Mon Sep 17 00:00:00 2001 From: ilya Date: Tue, 31 Dec 2024 11:38:07 +0000 Subject: [PATCH] Hotfix CI job (#3186) # Description This job creates a hotfix release once a PR with the corresponding(`hotfix`) label is merged into `main`. I had to create a new github token with `workflow` permissions, so the deployment job can be triggered. A test run: https://github.com/cowprotocol/services/actions/runs/12546315481?pr=3194 A deployment was triggered: https://github.com/cowprotocol/services/actions/runs/12546317827 ~~A release was created: https://github.com/cowprotocol/services/releases/tag/v2.291.2~~ I removed the release to avoid confusions, here is a screenshot: image --- .github/workflows/hotfix.yml | 87 ++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 .github/workflows/hotfix.yml diff --git a/.github/workflows/hotfix.yml b/.github/workflows/hotfix.yml new file mode 100644 index 0000000000..5a71a19b07 --- /dev/null +++ b/.github/workflows/hotfix.yml @@ -0,0 +1,87 @@ +name: Hotfix Release + +permissions: + contents: write + +on: + pull_request_target: + types: [closed] + branches: + - main + +jobs: + hotfix_release: + if: ${{ github.event.pull_request.merged == true && contains(github.event.pull_request.labels.*.name, 'hotfix') }} + runs-on: ubuntu-latest + steps: + - name: Check out + uses: actions/checkout@v4 + with: + token: "${{ secrets.HOTFIX_ACTION_JOB }}" + fetch-depth: 0 + + - name: Configure git + run: | + git config user.name 'github-actions-bot' + git config user.email 'dev@cow.fi' + git fetch --tags + + - name: Get latest release version tag + id: fetch_tag + run: | + LATEST_VERSION=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r '.tag_name') + if ! [[ "$LATEST_VERSION" =~ ^v[0-9]+\.[0-9]+\..* ]]; then + echo "Invalid tag format, cannot bump version of: $LATEST_VERSION" + exit 1 + fi + echo "latest=$LATEST_VERSION" >> $GITHUB_OUTPUT + + - name: Determine next patch version + id: bump + run: | + VERSION="${{ steps.fetch_tag.outputs.latest }}" + VERSION_NO_PREFIX="${VERSION#v}" + IFS='.' read -r MAJOR MINOR PATCH <<< "$VERSION_NO_PREFIX" + NEW_PATCH=$((PATCH + 1)) + NEW_TAG="v$MAJOR.$MINOR.$NEW_PATCH" + echo "tag=$NEW_TAG" >> $GITHUB_OUTPUT + + - name: Create and switch to hotfix branch + run: | + git checkout "${{ steps.fetch_tag.outputs.latest }}" + git checkout -b "hotfix/${{ steps.bump.outputs.tag }}" + + - name: Cherry-pick merged commit + run: | + MERGE_COMMIT_SHA="${{ github.event.pull_request.merge_commit_sha }}" + if ! git cherry-pick "$MERGE_COMMIT_SHA"; then + echo "Cherry-pick failed. Please resolve conflicts manually." + exit 1 + fi + + - name: Create and push tag + id: tag_version + run: | + git tag "${{ steps.bump.outputs.tag }}" + git push origin "${{ steps.bump.outputs.tag }}" + + - name: "Create hotfix release" + uses: actions/github-script@v6 + with: + github-token: "${{ secrets.HOTFIX_ACTION_TOKEN }}" + script: | + try { + const response = await github.rest.repos.createRelease({ + draft: false, + generate_release_notes: true, + name: "Hotfix ${{ steps.bump.outputs.tag }}", + owner: context.repo.owner, + prerelease: false, + repo: context.repo.repo, + tag_name: "${{ steps.bump.outputs.tag }}", + }); + core.exportVariable('RELEASE_ID', response.data.id); + core.exportVariable('RELEASE_UPLOAD_URL', response.data.upload_url); + } catch (error) { + core.setFailed(error.message); + }