Version packages (#352) #324
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
push: | |
branches: | |
- master | |
env: | |
GITHUB_WORKFLOW_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
jobs: | |
release: | |
name: Release | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
id-token: write | |
actions: write | |
pull-requests: write | |
issues: write | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4.1.0 | |
with: | |
# This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits | |
fetch-depth: 0 | |
# This forces changesets to use git user, provided by GITHUB_TOKEN env var | |
persist-credentials: false | |
- name: GSM Secrets | |
id: secrets_manager | |
uses: toptal/davinci-github-actions/gsm-secrets@master | |
with: | |
workload_identity_provider: ${{ secrets.IDENTITY_POOL }} | |
service_account: ${{ secrets.SA_IDENTITY_POOL }} | |
secrets_name: |- | |
JENKINS_BUILD_URL:toptal-ci/JENKINS_BUILD_URL | |
JENKINS_BUILD_CLIENT_ID:toptal-ci/JENKINS_BUILD_CLIENT_ID | |
JENKINS_SA_CREDENTIALS:toptal-ci/JENKINS_SA_CREDENTIALS | |
SLACK_BOT_TOKEN:toptal-ci/SLACK_BOT_TOKEN | |
TOPTAL_DEVBOT_TOKEN:toptal-ci/TOPTAL_DEVBOT_TOKEN | |
TOPTAL_REPOACCESSBOT_TOKEN:toptal-ci/TOPTAL_REPOACCESSBOT_TOKEN | |
TOPTAL_TRIGGERBOT_BUILD_TOKEN:toptal-ci/TOPTAL_TRIGGERBOT_BUILD_TOKEN | |
TOPTAL_TRIGGERBOT_USERNAME:toptal-ci/TOPTAL_TRIGGERBOT_USERNAME | |
- name: Parse secrets | |
id: parse_secrets | |
uses: toptal/davinci-github-actions/expose-json-outputs@master | |
with: | |
json: ${{ steps.secrets_manager.outputs.secrets }} | |
- name: Set ENV Variables | |
run: |- | |
echo "SLACK_BOT_TOKEN=${{ steps.parse_secrets.outputs.SLACK_BOT_TOKEN }}" >> $GITHUB_ENV | |
echo "DEVBOT_TOKEN=${{ steps.parse_secrets.outputs.TOPTAL_DEVBOT_TOKEN }}" >> $GITHUB_ENV | |
- name: Set up node | |
uses: actions/setup-node@v4.0.0 | |
with: | |
node-version: 20 | |
- uses: ./yarn-install | |
- name: Create Release Pull Request or Publish to npm | |
id: changesets | |
uses: changesets/action@v1.4.1 | |
with: | |
publish: yarn release | |
commit: 'chore: version packages' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Add no-jira label to "Version Package" PR | |
if: ${{ steps.changesets.outputs.published != 'true' }} | |
uses: actions/github-script@v7 | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
script: | | |
// Get list of all open PRs with | |
// head branch "changeset-release/master" | |
// (there should be max 1 PR with such condition) | |
const { data } = await github.rest.pulls.list({ | |
owner: 'toptal', | |
repo: 'davinci-github-actions', | |
state: 'open', | |
head: 'toptal:changeset-release/master' | |
}) | |
// add to all of them label "no-jira" | |
for await (let pr of data) { | |
github.rest.issues.addLabels({ | |
owner: 'toptal', | |
repo: 'davinci-github-actions', | |
issue_number: pr.number, | |
labels: [ | |
'no-jira' | |
] | |
}) | |
} | |
- name: Send a Slack notification on failure | |
if: ${{ failure() }} | |
uses: slackapi/slack-github-action@v1.27.0 | |
with: | |
channel-id: '-frontend-exp-team-notifications' | |
slack-message: ":x: <!here> Current master version of davinci-github-actions is <${{ env.GITHUB_WORKFLOW_URL }}|broken>." | |
env: | |
SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }} | |
- name: Send a Slack notification on success release | |
if: ${{ success() && steps.changesets.outputs.published == 'true' }} | |
uses: slackapi/slack-github-action@v1.27.0 | |
with: | |
channel-id: '-frontend-exp-team-notifications' | |
slack-message: "Current master version of davinci-github-actions successfully released :green_heart:" | |
env: | |
SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }} | |
- name: Send a Slack notification on success PR merge | |
if: ${{ success() && steps.changesets.outputs.published != 'true'}} | |
uses: slackapi/slack-github-action@v1.27.0 | |
with: | |
channel-id: '-frontend-exp-team-notifications' | |
slack-message: "A new PR was merged to davinci-github-actions :parrotspin:" | |
env: | |
SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }} | |
- name: Get new tag version | |
id: tag-version | |
if: ${{ steps.changesets.outputs.published == 'true' }} | |
run: | | |
echo LATEST_TAG=$(git describe --tags --abbrev=0) >> $GITHUB_OUTPUT | |
- name: Get toptal/actions | |
uses: actions/checkout@v4 | |
with: | |
repository: toptal/actions | |
token: ${{ steps.parse_secrets.outputs.TOPTAL_REPOACCESSBOT_TOKEN }} | |
path: ./.github/actions/ | |
- name: Replace toptal/actions/get-job-url@main from trigger-jenkins-job/action.yml | |
shell: bash | |
run: | | |
sed -i 's|toptal/actions/get-job-url@main|./.github/actions/get-job-url|' ./.github/actions/trigger-jenkins-job/action.yml | |
sed -i 's|toptal/actions/trigger-jenkins-job@main|./.github/actions/trigger-jenkins-job|' ./.github/actions/create-jira-deployment/action.yml | |
- name: Create Jira Deployment | |
uses: ./.github/actions/create-jira-deployment/ | |
if: ${{ always() && steps.changesets.outputs.published == 'true'}} | |
with: | |
jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_URL }} | |
jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }} | |
jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_BUILD_TOKEN }} | |
jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_CLIENT_ID }} | |
jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }} | |
token: ${{ env.DEVBOT_TOKEN }} | |
environment: production | |
environment-url: https://github.com/toptal/davinci-github-actions/releases/tag/${{ steps.tag-version.outputs.LATEST_TAG }} | |
transient-environment: false | |
auto-inactive: false |