Skip to content

[FX-NULL] Add gh-runners-driver-opts option (#356) #328

[FX-NULL] Add gh-runners-driver-opts option (#356)

[FX-NULL] Add gh-runners-driver-opts option (#356) #328

Workflow file for this run

name: Release
on:
push:
branches:
- master
env:
GITHUB_WORKFLOW_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
jobs:
release:
name: Release
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
actions: write
pull-requests: write
issues: write
steps:
- name: Checkout Repo
uses: actions/[email protected]
with:
# This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits
fetch-depth: 0
# This forces changesets to use git user, provided by GITHUB_TOKEN env var
persist-credentials: false
- name: GSM Secrets
id: secrets_manager
uses: toptal/davinci-github-actions/gsm-secrets@master
with:
workload_identity_provider: ${{ secrets.IDENTITY_POOL }}
service_account: ${{ secrets.SA_IDENTITY_POOL }}
secrets_name: |-
JENKINS_URL:toptal-ci/JENKINS_URL
JENKINS_CLIENT_ID:toptal-ci/JENKINS_CLIENT_ID
JENKINS_SA_CREDENTIALS:toptal-ci/JENKINS_SA_CREDENTIALS
SLACK_BOT_TOKEN:toptal-ci/SLACK_BOT_TOKEN
TOPTAL_DEVBOT_TOKEN:toptal-ci/TOPTAL_DEVBOT_TOKEN
TOPTAL_REPOACCESSBOT_TOKEN:toptal-ci/TOPTAL_REPOACCESSBOT_TOKEN
TOPTAL_TRIGGERBOT_TOKEN:toptal-ci/TOPTAL_TRIGGERBOT_TOKEN
TOPTAL_TRIGGERBOT_USERNAME:toptal-ci/TOPTAL_TRIGGERBOT_USERNAME
- name: Parse secrets
id: parse_secrets
uses: toptal/davinci-github-actions/expose-json-outputs@master
with:
json: ${{ steps.secrets_manager.outputs.secrets }}
- name: Set ENV Variables
run: |-
echo "SLACK_BOT_TOKEN=${{ steps.parse_secrets.outputs.SLACK_BOT_TOKEN }}" >> $GITHUB_ENV
echo "DEVBOT_TOKEN=${{ steps.parse_secrets.outputs.TOPTAL_DEVBOT_TOKEN }}" >> $GITHUB_ENV
- name: Set up node
uses: actions/[email protected]
with:
node-version: 20
- uses: ./yarn-install
- name: Create Release Pull Request or Publish to npm
id: changesets
uses: changesets/[email protected]
with:
publish: yarn release
commit: 'chore: version packages'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Add no-jira label to "Version Package" PR
if: ${{ steps.changesets.outputs.published != 'true' }}
uses: actions/github-script@v7
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
// Get list of all open PRs with
// head branch "changeset-release/master"
// (there should be max 1 PR with such condition)
const { data } = await github.rest.pulls.list({
owner: 'toptal',
repo: 'davinci-github-actions',
state: 'open',
head: 'toptal:changeset-release/master'
})
// add to all of them label "no-jira"
for await (let pr of data) {
github.rest.issues.addLabels({
owner: 'toptal',
repo: 'davinci-github-actions',
issue_number: pr.number,
labels: [
'no-jira'
]
})
}
- name: Send a Slack notification on failure
if: ${{ failure() }}
uses: slackapi/[email protected]
with:
channel-id: '-frontend-exp-team-notifications'
slack-message: ":x: <!here> Current master version of davinci-github-actions is <${{ env.GITHUB_WORKFLOW_URL }}|broken>."
env:
SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
- name: Send a Slack notification on success release
if: ${{ success() && steps.changesets.outputs.published == 'true' }}
uses: slackapi/[email protected]
with:
channel-id: '-frontend-exp-team-notifications'
slack-message: "Current master version of davinci-github-actions successfully released :green_heart:"
env:
SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
- name: Send a Slack notification on success PR merge
if: ${{ success() && steps.changesets.outputs.published != 'true'}}
uses: slackapi/[email protected]
with:
channel-id: '-frontend-exp-team-notifications'
slack-message: "A new PR was merged to davinci-github-actions :parrotspin:"
env:
SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
- name: Get new tag version
id: tag-version
if: ${{ steps.changesets.outputs.published == 'true' }}
run: |
echo LATEST_TAG=$(git describe --tags --abbrev=0) >> $GITHUB_OUTPUT
- name: Get toptal/actions
uses: actions/checkout@v4
with:
repository: toptal/actions
token: ${{ steps.parse_secrets.outputs.TOPTAL_REPOACCESSBOT_TOKEN }}
path: ./.github/actions/
- name: Replace toptal/actions/get-job-url@main from trigger-jenkins-job/action.yml
shell: bash
run: |
sed -i 's|toptal/actions/get-job-url@main|./.github/actions/get-job-url|' ./.github/actions/trigger-jenkins-job/action.yml
sed -i 's|toptal/actions/trigger-jenkins-job@main|./.github/actions/trigger-jenkins-job|' ./.github/actions/create-jira-deployment/action.yml
- name: Create Jira Deployment
uses: ./.github/actions/create-jira-deployment/
if: ${{ always() && steps.changesets.outputs.published == 'true'}}
with:
jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_URL }}
jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_TOKEN }}
jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_CLIENT_ID }}
jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }}
token: ${{ env.DEVBOT_TOKEN }}
environment: production
environment-url: https://github.com/toptal/davinci-github-actions/releases/tag/${{ steps.tag-version.outputs.LATEST_TAG }}
transient-environment: false
auto-inactive: false