diff --git a/.github/workflows/cherryPick.yml b/.github/workflows/cherryPick.yml index f8a52143e985..b0945f4e0920 100644 --- a/.github/workflows/cherryPick.yml +++ b/.github/workflows/cherryPick.yml @@ -26,36 +26,9 @@ jobs: createNewVersion: needs: validateActor - runs-on: ubuntu-latest if: ${{ fromJSON(needs.validateActor.outputs.IS_DEPLOYER) && github.event.inputs.NEW_VERSION == '' }} - outputs: - NEW_VERSION: ${{ steps.getNewVersion.outputs.NEW_VERSION }} - steps: - - name: Checkout main branch - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - with: - ref: main - token: ${{ secrets.OS_BOTIFY_TOKEN }} - - - uses: softprops/turnstyle@8db075d65b19bf94e6e8687b504db69938dc3c65 - with: - poll-interval-seconds: 10 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Create new BUILD version - uses: Expensify/App/.github/actions/javascript/triggerWorkflowAndWait@main - with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - WORKFLOW: createNewVersion.yml - INPUTS: '{ "SEMVER_LEVEL": "BUILD" }' - - - name: Pull main to get the new version - id: getNewVersion - run: | - git pull origin main - echo "New version is $(npm run print-version --silent)" - echo "::set-output name=NEW_VERSION::$(npm run print-version --silent)" + uses: Expensify/App/.github/workflows/createNewVersion.yml@main + secrets: inherit cherryPick: needs: [validateActor, createNewVersion] diff --git a/.github/workflows/createNewVersion.yml b/.github/workflows/createNewVersion.yml index 1b6970a43d95..2fa033dedd30 100644 --- a/.github/workflows/createNewVersion.yml +++ b/.github/workflows/createNewVersion.yml @@ -1,29 +1,43 @@ -name: Create a new version +name: Create new version on: - workflow_dispatch: + workflow_call: inputs: SEMVER_LEVEL: description: One of {BUILD, PATCH, MINOR, MAJOR} + required: false + default: BUILD + type: string + + outputs: + NEW_VERSION: + description: The new version string + value: ${{ jobs.createNewVersion.outputs.NEW_VERSION }} + + secrets: + LARGE_SECRET_PASSPHRASE: + description: Passphrase used to decrypt GPG key + required: true + OS_BOTIFY_TOKEN: + description: Token for the OSBotify user + required: true + SLACK_WEBHOOK: + description: Webhook used to comment in slack required: true jobs: createNewVersion: if: github.actor == 'OSBotify' - runs-on: macos-11 + runs-on: macos-latest + + outputs: + NEW_VERSION: ${{ steps.bumpVersion.outputs.NEW_VERSION }} steps: - # Version: 2.3.4 - - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f + # Version: 3.0.2 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b with: fetch-depth: 0 - token: ${{ secrets.OS_BOTIFY_TOKEN }} - - - uses: softprops/turnstyle@8db075d65b19bf94e6e8687b504db69938dc3c65 - with: - poll-interval-seconds: 10 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: Expensify/App/.github/actions/composite/setupGitForOSBotify@main with: @@ -31,17 +45,23 @@ jobs: - name: Create new branch run: | - BRANCH_NAME="version-${{ github.event.inputs.SEMVER_LEVEL }}-$(uuidgen)" + BRANCH_NAME="version-${{ inputs.SEMVER_LEVEL }}-$(uuidgen)" git checkout -b "$BRANCH_NAME" git push --set-upstream origin "$BRANCH_NAME" echo "VERSION_BRANCH=$BRANCH_NAME" >> "$GITHUB_ENV" + - uses: softprops/turnstyle@8db075d65b19bf94e6e8687b504db69938dc3c65 + with: + poll-interval-seconds: 10 + env: + GITHUB_TOKEN: ${{ github.token }} + - name: Generate version id: bumpVersion uses: Expensify/App/.github/actions/javascript/bumpVersion@main with: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - SEMVER_LEVEL: ${{ github.event.inputs.SEMVER_LEVEL }} + SEMVER_LEVEL: ${{ inputs.SEMVER_LEVEL }} - name: Commit new version run: | diff --git a/.github/workflows/finishReleaseCycle.yml b/.github/workflows/finishReleaseCycle.yml index 8c3d6b6f1dc5..88187d7a4355 100644 --- a/.github/workflows/finishReleaseCycle.yml +++ b/.github/workflows/finishReleaseCycle.yml @@ -56,11 +56,6 @@ jobs: needs: validate if: ${{ fromJSON(needs.validate.outputs.isValid) }} steps: - - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - with: - ref: main - token: ${{ secrets.OS_BOTIFY_TOKEN }} - - name: Update production branch uses: Expensify/App/.github/actions/composite/updateProtectedBranch@main with: @@ -68,32 +63,20 @@ jobs: OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} - # Deploy deferred PRs to staging and create a new StagingDeployCash for the next release cycle. - createNewStagingDeployCash: - runs-on: macos-11 + # Create a new patch version to prep for next release cycle + createNewPatchVersion: needs: validate if: ${{ fromJSON(needs.validate.outputs.isValid) }} - steps: - # Version: 2.3.4 - - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - with: - ref: main - fetch-depth: 0 - token: ${{ secrets.OS_BOTIFY_TOKEN }} - - - uses: softprops/turnstyle@8db075d65b19bf94e6e8687b504db69938dc3c65 - with: - poll-interval-seconds: 10 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Create new PATCH version - uses: Expensify/App/.github/actions/javascript/triggerWorkflowAndWait@main - with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - WORKFLOW: createNewVersion.yml - INPUTS: '{ "SEMVER_LEVEL": "PATCH" }' + uses: Expensify/App/.github/workflows/createNewVersion.yml@main + secrets: inherit + with: + SEMVER_LEVEL: PATCH + # Deploy deferred PRs to staging and create a new StagingDeployCash for the next release cycle. + createNewStagingDeployCash: + runs-on: ubuntu-latest + needs: createNewPatchVersion + steps: - name: Update staging branch to trigger staging deploy uses: Expensify/App/.github/actions/composite/updateProtectedBranch@main with: @@ -101,25 +84,18 @@ jobs: OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} - - name: Pull staging to get the new version - run: | - git checkout staging - git pull origin staging - echo "NEW_VERSION=$(npm run print-version --silent)" >> "$GITHUB_ENV" - echo "New version is ${{ env.NEW_VERSION }}" - # Create a local git tag so that GitUtils.getPullRequestsMergedBetween can use `git log` to generate a # list of pull requests that were merged between this version tag and another. # NOTE: This tag is only used locally and shouldn't be pushed to the remote. # If it was pushed, that would trigger the staging deploy which is handled in a separate workflow (deploy.yml) - name: Tag version - run: git tag ${{ env.NEW_VERSION }} + run: git tag ${{ needs.createNewPatchVersion.outputs.NEW_VERSION }} - name: Create new StagingDeployCash uses: Expensify/App/.github/actions/javascript/createOrUpdateStagingDeploy@main with: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - NPM_VERSION: ${{ env.NEW_VERSION }} + NPM_VERSION: ${{ needs.createNewPatchVersion.outputs.NEW_VERSION }} - if: ${{ failure() }} uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main diff --git a/.github/workflows/preDeploy.yml b/.github/workflows/preDeploy.yml index d4f0561c8450..c7347766a68f 100644 --- a/.github/workflows/preDeploy.yml +++ b/.github/workflows/preDeploy.yml @@ -6,10 +6,10 @@ on: jobs: lint: - uses: ./.github/workflows/lint.yml + uses: Expensify/App/.github/workflows/lint.yml@main test: - uses: ./.github/workflows/test.yml + uses: Expensify/App/.github/workflows/test.yml@main confirmPassingBuild: runs-on: ubuntu-latest @@ -30,42 +30,39 @@ jobs: needs: confirmPassingBuild outputs: mergedPullRequest: ${{ steps.getMergedPullRequest.outputs.number }} - isStagingDeployLocked: ${{ steps.isStagingDeployLocked.outputs.IS_LOCKED }} - isAutomatedPullRequest: ${{ steps.isAutomatedPullRequest.outputs.IS_VERSION_BUMP_PR }} - shouldCherryPick: ${{ steps.shouldCherryPick.outputs.SHOULD_CHERRY_PICK }} + isAutomatedPullRequest: ${{ steps.isAutomatedPullRequest.outputs.IS_AUTOMATED_PR }} + shouldDeploy: ${{ steps.shouldDeploy.outputs.SHOULD_DEPLOY }} + shouldCherryPick: ${{ steps.isStagingDeployLocked.outputs.IS_LOCKED && steps.hasCherryPickLabel.outputs.HAS_CP_LABEL }} steps: - # Version: 2.3.4 - - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - with: - fetch-depth: 0 - token: ${{ secrets.OS_BOTIFY_TOKEN }} - - name: Get merged pull request id: getMergedPullRequest uses: actions-ecosystem/action-get-merged-pull-request@59afe90821bb0b555082ce8ff1e36b03f91553d9 with: - github_token: ${{ secrets.GITHUB_TOKEN }} + github_token: ${{ github.token }} - name: Check if StagingDeployCash is locked id: isStagingDeployLocked uses: Expensify/App/.github/actions/javascript/isStagingDeployLocked@main with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} + GITHUB_TOKEN: ${{ github.token }} - - name: Check if merged pull request was an automatic version bump PR + - name: Check if merged pull request was an automated PR id: isAutomatedPullRequest - run: echo "::set-output name=IS_VERSION_BUMP_PR::${{ github.actor == 'OSBotify' }}" + run: echo "::set-output name=IS_AUTOMATED_PR::${{ github.actor == 'OSBotify' }}" - name: Check if merged pull request has `CP Staging` label - id: shouldCherryPick - run: echo "::set-output name=SHOULD_CHERRY_PICK::${{ contains(steps.getMergedPullRequest.outputs.labels, 'CP Staging') }}" + id: hasCherryPickLabel + run: echo "::set-output name=HAS_CP_LABEL::${{ contains(steps.getMergedPullRequest.outputs.labels, 'CP Staging') }}" + + - name: Check if merged pull request should trigger a deploy + id: shouldDeploy + run: echo "::set-output name=SHOULD_DEPLOY::${{ fromJSON(steps.hasCherryPickLabel.outputs.HAS_CP_LABEL) || (!fromJSON(steps.isStagingDeployLocked.outputs.IS_LOCKED) && !fromJSON(steps.isAutomatedPullRequest.outputs.IS_AUTOMATED_PR)) }}" skipDeploy: runs-on: ubuntu-latest needs: chooseDeployActions - if: ${{ fromJSON(needs.chooseDeployActions.outputs.isStagingDeployLocked) && !fromJSON(needs.chooseDeployActions.outputs.isAutomatedPullRequest) && !fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) }} - + if: ${{ !fromJSON(needs.chooseDeployActions.outputs.shouldDeploy) && !fromJSON(needs.chooseDeployActions.outputs.isAutomatedPullRequest) }} steps: - name: Comment on deferred PR uses: actions-ecosystem/action-create-comment@cd098164398331c50e7dfdd0dfa1b564a1873fac @@ -75,96 +72,86 @@ jobs: body: | :hand: This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release. - version: - runs-on: ubuntu-latest + createNewVersion: needs: chooseDeployActions - if: ${{ fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) || (!fromJSON(needs.chooseDeployActions.outputs.isStagingDeployLocked) && !fromJSON(needs.chooseDeployActions.outputs.isAutomatedPullRequest)) }} + if: ${{ fromJSON(needs.chooseDeployActions.outputs.shouldDeploy) }} + uses: Expensify/App/.github/workflows/createNewVersion.yml@main + secrets: inherit + updateStaging: + needs: [chooseDeployActions, createNewVersion] + runs-on: ubuntu-latest steps: - # Version: 2.3.4 - - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - with: - fetch-depth: 0 - token: ${{ secrets.OS_BOTIFY_TOKEN }} - - uses: softprops/turnstyle@8db075d65b19bf94e6e8687b504db69938dc3c65 with: poll-interval-seconds: 10 env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Create new BUILD version - uses: Expensify/App/.github/actions/javascript/triggerWorkflowAndWait@main - with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - WORKFLOW: createNewVersion.yml - INPUTS: '{ "SEMVER_LEVEL": "BUILD" }' - - - name: Pull main to get the new version - run: | - git pull origin main - echo "NEW_VERSION=$(npm run print-version --silent)" >> "$GITHUB_ENV" - echo "New version is ${{ env.NEW_VERSION }}" + GITHUB_TOKEN: ${{ github.token }} - name: Update staging branch from main - if: ${{ !fromJSON(needs.chooseDeployActions.outputs.isStagingDeployLocked) }} + if: ${{ !fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) }} uses: Expensify/App/.github/actions/composite/updateProtectedBranch@main with: TARGET_BRANCH: staging OS_BOTIFY_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} - - name: Determine if this pull request will be cherry-picked - run: echo "DO_CHERRY_PICK=${{ fromJSON(needs.chooseDeployActions.outputs.isStagingDeployLocked) && fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) }}" >> "$GITHUB_ENV" - - - name: Cherry pick to staging - if: ${{ fromJSON(env.DO_CHERRY_PICK) }} + - name: Cherry-pick PR to staging + if: ${{ fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) }} uses: Expensify/App/.github/actions/javascript/triggerWorkflowAndWait@main with: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} WORKFLOW: cherryPick.yml - INPUTS: '{ "PULL_REQUEST_NUMBER": "${{ needs.chooseDeployActions.outputs.mergedPullRequest }}", "NEW_VERSION": "${{ env.NEW_VERSION }}" }' + INPUTS: '{ "PULL_REQUEST_NUMBER": "${{ needs.chooseDeployActions.outputs.mergedPullRequest }}", "NEW_VERSION": "${{ needs.createNewVersion.outputs.NEW_VERSION }}" }' + + # Version: 3.0.2 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b + with: + ref: staging # Create a local git tag on staging so that GitUtils.getPullRequestsMergedBetween can use `git log` to generate a # list of pull requests that were merged between this version tag and another. # NOTE: This tag is only used locally and shouldn't be pushed to the remote. # If it was pushed, that would trigger the staging deploy which is handled in a separate workflow (deploy.yml) - name: Tag staging - run: | - git checkout staging - git pull origin staging - git tag ${{ env.NEW_VERSION }} + run: git tag ${{ needs.createNewVersion.outputs.NEW_VERSION }} - name: Update StagingDeployCash uses: Expensify/App/.github/actions/javascript/createOrUpdateStagingDeploy@main with: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - NPM_VERSION: ${{ env.NEW_VERSION }} + NPM_VERSION: ${{ needs.createNewVersion.outputs.NEW_VERSION }} + + - name: Find open StagingDeployCash + id: getStagingDeployCash + run: echo "::set-output name=STAGING_DEPLOY_CASH::$(gh issue list --label StagingDeployCash --json number --jq '.[0].number')" + env: + GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - name: Comment in StagingDeployCash to alert Applause that a new pull request has been cherry-picked - if: ${{ fromJSON(env.DO_CHERRY_PICK) }} + if: ${{ fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) }} run: | PR_URL="https://github.com/Expensify/App/pull/${{ needs.chooseDeployActions.outputs.mergedPullRequest }}" - printf -v COMMENT ":clap: Heads up @Expensify/applauseleads :clap:\nA [new pull request](%s) has been :cherries: cherry-picked :cherries: to staging, and will be deployed to staging in version \`%s\` :rocket:" "$PR_URL" ${{ env.NEW_VERSION }} + printf -v COMMENT ":clap: Heads up @Expensify/applauseleads :clap:\nA [new pull request](%s) has been :cherries: cherry-picked :cherries: to staging, and will be deployed to staging in version \`%s\` :rocket:" "$PR_URL" ${{ needs.createNewVersion.outputs.NEW_VERSION }} gh issue comment \ - "$(gh issue list --label StagingDeployCash --json number --jq '.[0].number')" \ - --body "$COMMENT" + ${{ steps.getStagingDeployCash.outputs.STAGING_DEPLOY_CASH }} \ + --body "$COMMENT" env: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - name: Wait for staging deploys to finish - if: ${{ fromJSON(env.DO_CHERRY_PICK) }} + if: ${{ fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) }} uses: Expensify/App/.github/actions/javascript/awaitStagingDeploys@main with: - GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} - TAG: ${{ env.NEW_VERSION }} + GITHUB_TOKEN: ${{ github.token }} + TAG: ${{ needs.createNewVersion.outputs.NEW_VERSION }} - name: Comment in StagingDeployCash to alert Applause that cherry-picked pull request has been deployed. - if: ${{ fromJSON(env.DO_CHERRY_PICK) }} + if: ${{ fromJSON(needs.chooseDeployActions.outputs.shouldCherryPick) }} run: | gh issue comment \ - "$(gh issue list --label StagingDeployCash --json number --jq '.[0].number')" \ - --body ":tada: All set?…You bet! @Expensify/applauseleads https://github.com/Expensify/App/releases/tag/${{ env.NEW_VERSION }} has been deployed to staging :tada:" + ${{ steps.getStagingDeployCash.outputs.STAGING_DEPLOY_CASH }} \ + --body ":tada: All set?…You bet! @Expensify/applauseleads https://github.com/Expensify/App/releases/tag/${{ needs.createNewVersion.outputs.NEW_VERSION }} has been deployed to staging :tada:" env: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}