diff --git a/.github/actions/composite/updateProtectedBranch/action.yml b/.github/actions/composite/updateProtectedBranch/action.yml
new file mode 100644
index 000000000000..9c7b4ea0c8fb
--- /dev/null
+++ b/.github/actions/composite/updateProtectedBranch/action.yml
@@ -0,0 +1,132 @@
+name: Update Protected Branch
+description: Create, approve, and merge a pull request against a protected branch
+
+inputs:
+ TARGET_BRANCH:
+ description: The target branch to update. This becomes the base branch of the pull request.
+ required: true
+ SOURCE_BRANCH:
+ description: If updating main, you must also provide a head branch to update main with.
+ required: false
+ default: ''
+ OS_BOTIFY_TOKEN:
+ description: GitHub token for OSBotify
+ required: true
+ GPG_PASSPHRASE:
+ description: Passphrase used to decrypt GPG key for OSBotify
+ required: true
+
+runs:
+ using: composite
+ steps:
+ - name: Validate target branch
+ if: ${{ !contains(fromJSON('["main", "staging", "production"]'), inputs.TARGET_BRANCH) }}
+ shell: bash
+ run: |
+ echo "Target branch must be one of ['main', 'staging', 'production]"
+ exit 1
+
+ # If updating main, SOURCE_BRANCH must not be empty
+ - name: Validate source branch
+ if: inputs.TARGET_BRANCH == 'main' && inputs.SOURCE_BRANCH == ''
+ shell: bash
+ run: |
+ echo "Cannot update main branch without specifying a source branch"
+ exit 1
+
+ # If updating staging, the source branch will always be main
+ # If updating production, the source branch will always be staging
+ - name: Set source branch
+ shell: bash
+ run: |
+ if [[ ${{ inputs.TARGET_BRANCH }} == 'staging' ]]; then
+ echo "SOURCE_BRANCH=main" >> "$GITHUB_ENV"
+ elif [[ ${{ inputs.TARGET_BRANCH }} == 'production' ]]; then
+ echo "SOURCE_BRANCH=staging" >> "$GITHUB_ENV"
+ else
+ echo "SOURCE_BRANCH=${{ inputs.SOURCE_BRANCH }}" >> "$GITHUB_ENV"
+ fi
+
+ - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main
+ with:
+ GPG_PASSPHRASE: ${{ inputs.GPG_PASSPHRASE }}
+
+ - name: Checkout source branch
+ shell: bash
+ run: git checkout ${{ env.SOURCE_BRANCH }}
+
+ - name: Set New Version
+ shell: bash
+ run: echo "NEW_VERSION=$(npm run print-version --silent)" >> "$GITHUB_ENV"
+
+ - name: Create temporary branch to resolve conflicts
+ if: ${{ contains(fromJSON('["staging", "production"]'), inputs.TARGET_BRANCH) }}
+ shell: bash
+ run: |
+ git checkout ${{ inputs.TARGET_BRANCH }}
+ BRANCH_NAME=update-${{ inputs.TARGET_BRANCH }}-from-${{ env.SOURCE_BRANCH }}
+ git checkout -b "$BRANCH_NAME"
+ git merge -Xtheirs ${{ env.SOURCE_BRANCH }}
+ git push --set-upstream origin "$BRANCH_NAME"
+
+ - name: Create Pull Request
+ id: createPullRequest
+ shell: bash
+ run: |
+ gh pr create \
+ --title "Update version to ${{ env.NEW_VERSION }} on ${{ inputs.TARGET_BRANCH }}" \
+ --body "Update version to ${{ env.NEW_VERSION }}" \
+ --label "automerge" \
+ --base ${{ inputs.TARGET_BRANCH }}
+ sleep 5
+ echo "::set-output name=PR_NUMBER::$(gh pr view --json 'number' --jq '.number')"
+ env:
+ GITHUB_TOKEN: ${{ inputs.OS_BOTIFY_TOKEN }}
+
+ - name: Check changed files
+ if: ${{ inputs.TARGET_BRANCH == 'main' }}
+ id: changedFiles
+ # Version: 3.3.0
+ uses: umani/changed-files@1d252c611c64289d35243fc37ece7323ea5e93e1
+ with:
+ repo-token: ${{ github.token }}
+ pr-number: ${{ steps.createPullRequest.outputs.PR_NUMBER }}
+
+ - name: Validate changed files
+ if: ${{ inputs.TARGET_BRANCH == 'main' && (steps.changedFiles.outputs.files_updated != 'android/app/build.gradle ios/NewExpensify/Info.plist ios/NewExpensifyTests/Info.plist package-lock.json package.json' || steps.changedFiles.outputs.files_created != '' || steps.changedFiles.outputs.files_deleted != '') }}
+ shell: bash
+ run: exit 1
+
+ - name: Auto-approve the PR
+ shell: bash
+ run: gh pr review --approve
+ env:
+ GITHUB_TOKEN: ${{ github.token }}
+
+ - name: Check if pull request is mergeable
+ id: isPullRequestMergeable
+ uses: Expensify/App/.github/actions/javascript/isPullRequestMergeable@main
+ with:
+ GITHUB_TOKEN: ${{ github.token }}
+ PULL_REQUEST_NUMBER: ${{ steps.createPullRequest.outputs.PR_NUMBER }}
+
+ - name: Leave comment if PR is not mergeable
+ if: ${{ !fromJSON(steps.isPullRequestMergeable.outputs.IS_MERGEABLE) }}
+ shell: bash
+ run: |
+ gh pr comment --body \
+ ":bell: @Expensify/mobile-deployers :bell: - The Update Protected Branch workflow has failed because this PR was not mergable.
+ If you are the deployer this week, please resolve the error and merge this PR to continue the deploy process."
+ env:
+ GITHUB_TOKEN: ${{ inputs.OS_BOTIFY_TOKEN }}
+
+ - name: Fail workflow if PR is not mergeable
+ if: ${{ steps.isPullRequestMergeable.outputs.IS_MERGEABLE == 'false' }}
+ shell: bash
+ run: exit 1
+
+ - name: Auto-merge the PR
+ shell: bash
+ run: gh pr merge ${{ steps.createPullRequest.outputs.PR_NUMBER }} --merge --delete-branch
+ env:
+ GITHUB_TOKEN: ${{ inputs.OS_BOTIFY_TOKEN }}
diff --git a/.github/workflows/createNewVersion.yml b/.github/workflows/createNewVersion.yml
index 55ae46c8044c..0ef0f325a701 100644
--- a/.github/workflows/createNewVersion.yml
+++ b/.github/workflows/createNewVersion.yml
@@ -57,9 +57,16 @@ jobs:
- name: Update main branch
uses: Expensify/App/.github/actions/triggerWorkflowAndWait@main
with:
+<<<<<<< HEAD
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
WORKFLOW: updateProtectedBranch.yml
INPUTS: '{ "TARGET_BRANCH": "main", "SOURCE_BRANCH": "${{ env.VERSION_BRANCH }}" }'
+=======
+ TARGET_BRANCH: main
+ SOURCE_BRANCH: ${{ env.VERSION_BRANCH }}
+ OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
+ GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
+>>>>>>> b7479ad53 (Merge pull request #9729 from Expensify/Rory-FixUpdateProtectedBranch)
# This Slack step is duplicated in all workflows, if you make a change to this step, make sure to update all
# the other workflows with the same change
diff --git a/.github/workflows/finishReleaseCycle.yml b/.github/workflows/finishReleaseCycle.yml
index 8553f9b63fbb..31ba619d3c13 100644
--- a/.github/workflows/finishReleaseCycle.yml
+++ b/.github/workflows/finishReleaseCycle.yml
@@ -64,9 +64,15 @@ jobs:
- name: Update production branch
uses: Expensify/App/.github/actions/triggerWorkflowAndWait@main
with:
+<<<<<<< HEAD
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
WORKFLOW: updateProtectedBranch.yml
INPUTS: '{ "TARGET_BRANCH": "production" }'
+=======
+ TARGET_BRANCH: production
+ OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
+ GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
+>>>>>>> b7479ad53 (Merge pull request #9729 from Expensify/Rory-FixUpdateProtectedBranch)
# Deploy deferred PRs to staging and create a new StagingDeployCash for the next release cycle.
createNewStagingDeployCash:
@@ -97,9 +103,15 @@ jobs:
- name: Update staging branch to trigger staging deploy
uses: Expensify/App/.github/actions/triggerWorkflowAndWait@main
with:
+<<<<<<< HEAD
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
WORKFLOW: updateProtectedBranch.yml
INPUTS: '{ "TARGET_BRANCH": "staging" }'
+=======
+ TARGET_BRANCH: staging
+ OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
+ GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
+>>>>>>> b7479ad53 (Merge pull request #9729 from Expensify/Rory-FixUpdateProtectedBranch)
- name: Pull staging to get the new version
run: |
diff --git a/.github/workflows/preDeploy.yml b/.github/workflows/preDeploy.yml
index 266f998d4f03..1165936383b6 100644
--- a/.github/workflows/preDeploy.yml
+++ b/.github/workflows/preDeploy.yml
@@ -129,9 +129,15 @@ jobs:
if: ${{ !fromJSON(needs.chooseDeployActions.outputs.isStagingDeployLocked) }}
uses: Expensify/App/.github/actions/triggerWorkflowAndWait@main
with:
+<<<<<<< HEAD
GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
WORKFLOW: updateProtectedBranch.yml
INPUTS: '{ "TARGET_BRANCH": "staging" }'
+=======
+ TARGET_BRANCH: staging
+ OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
+ GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
+>>>>>>> b7479ad53 (Merge pull request #9729 from Expensify/Rory-FixUpdateProtectedBranch)
- name: Determine if this pull request will be cherry-picked
run: echo "DO_CHERRY_PICK=${{ fromJSON(needs.chooseDeployActions.outputs.isStagingDeployLocked) && fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) }}" >> "$GITHUB_ENV"
diff --git a/android/app/build.gradle b/android/app/build.gradle
index 10ad34fca9df..8775958431a8 100644
--- a/android/app/build.gradle
+++ b/android/app/build.gradle
@@ -152,8 +152,8 @@ android {
minSdkVersion rootProject.ext.minSdkVersion
targetSdkVersion rootProject.ext.targetSdkVersion
multiDexEnabled rootProject.ext.multiDexEnabled
- versionCode 1001017917
- versionName "1.1.79-17"
+ versionCode 1001017918
+ versionName "1.1.79-18"
}
splits {
abi {
diff --git a/ios/NewExpensify/Info.plist b/ios/NewExpensify/Info.plist
index 8f8a10a5c834..ee4ee4b9b73c 100644
--- a/ios/NewExpensify/Info.plist
+++ b/ios/NewExpensify/Info.plist
@@ -30,7 +30,7 @@
CFBundleVersion
- 1.1.79.17
+ 1.1.79.18
ITSAppUsesNonExemptEncryption
LSApplicationQueriesSchemes
diff --git a/ios/NewExpensifyTests/Info.plist b/ios/NewExpensifyTests/Info.plist
index fd5b56d833a5..3a7e61c8c5f7 100644
--- a/ios/NewExpensifyTests/Info.plist
+++ b/ios/NewExpensifyTests/Info.plist
@@ -19,6 +19,6 @@
CFBundleSignature
????
CFBundleVersion
- 1.1.79.17
+ 1.1.79.18
diff --git a/package-lock.json b/package-lock.json
index 51500dd78871..8de068d437e6 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
{
"name": "new.expensify",
- "version": "1.1.79-17",
+ "version": "1.1.79-18",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
diff --git a/package.json b/package.json
index b586f0d9b8d4..168beba8a747 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "new.expensify",
- "version": "1.1.79-17",
+ "version": "1.1.79-18",
"author": "Expensify, Inc.",
"homepage": "https://new.expensify.com",
"description": "New Expensify is the next generation of Expensify: a reimagination of payments based atop a foundation of chat.",