diff --git a/.github/workflows/create-release-proposal.yml b/.github/workflows/create-release-proposal.yml
index 5f0f80eed24c95..13a4a10254f62c 100644
--- a/.github/workflows/create-release-proposal.yml
+++ b/.github/workflows/create-release-proposal.yml
@@ -1,7 +1,6 @@
# This action requires the following secrets to be set on the repository:
# GH_USER_NAME: GitHub user whose Jenkins and GitHub token are defined below
# GH_USER_TOKEN: GitHub user token, to be used by ncu and to push changes
-# JENKINS_TOKEN: Jenkins token, to be used to check CI status
name: Create Release Proposal
@@ -25,7 +24,7 @@ env:
NODE_VERSION: lts/*
permissions:
- contents: write
+ contents: read
jobs:
releasePrepare:
@@ -39,9 +38,6 @@ jobs:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: ${{ env.STAGING_BRANCH }}
- # Needs the whole git history for ncu to work
- # See https://github.com/nodejs/node-core-utils/pull/486
- fetch-depth: 0
# Install dependencies
- name: Install Node.js
@@ -58,29 +54,37 @@ jobs:
ncu-config set upstream origin
ncu-config set username "$USERNAME"
ncu-config set token "$GH_TOKEN"
- ncu-config set jenkins_token "$JENKINS_TOKEN"
ncu-config set repo "$(echo "$GITHUB_REPOSITORY" | cut -d/ -f2)"
ncu-config set owner "${GITHUB_REPOSITORY_OWNER}"
env:
USERNAME: ${{ secrets.JENKINS_USER }}
- GH_TOKEN: ${{ secrets.GH_USER_TOKEN }}
- JENKINS_TOKEN: ${{ secrets.JENKINS_TOKEN }}
+ GH_TOKEN: ${{ github.token }}
- name: Set up ghauth config (Ubuntu)
run: |
- mkdir -p ~/.config/changelog-maker/
- echo '{
- "user": "'$(ncu-config get username)'",
- "token": "'$(ncu-config get token)'"
- }' > ~/.config/changelog-maker/config.json
+ mkdir -p "${XDG_CONFIG_HOME:-~/.config}/changelog-maker"
+ echo '{}' | jq '{user: env.USERNAME, token: env.TOKEN}' > "${XDG_CONFIG_HOME:-~/.config}/changelog-maker/config.json"
+ env:
+ USERNAME: ${{ secrets.JENKINS_USER }}
+ TOKEN: ${{ github.token }}
- name: Setup git author
run: |
git config --local user.email "github-bot@iojs.org"
git config --local user.name "Node.js GitHub Bot"
+ # Workaround, see https://github.com/nodejs/node-core-utils/pull/876
+ git fetch origin --shallow-exclude v23.3.0 v23.x-staging
+ git fetch origin --deepen=1 v23.x-staging
- name: Start git node release prepare
+ # The curl command is to make sure we run the version of the script corresponding to the current workflow.
run: |
+ curl -L https://github.com/${GITHUB_REPOSITORY}/raw/${GITHUB_SHA}/tools/actions/create-release.sh > tools/actions/create-release.sh
./tools/actions/create-release.sh "${RELEASE_DATE}" "${RELEASE_LINE}"
env:
GH_TOKEN: ${{ secrets.GH_USER_TOKEN }}
+
+ - uses: actions/upload-artifact@v4
+ with:
+ name: query.gql
+ path: query.gql
diff --git a/doc/contributing/releases.md b/doc/contributing/releases.md
index 32e9880b444dcb..12a72b0e00ed98 100644
--- a/doc/contributing/releases.md
+++ b/doc/contributing/releases.md
@@ -33,7 +33,8 @@ official release builds for Node.js, hosted on .
* [17. Create a blog post](#17-create-a-blog-post)
* [18. Create the release on GitHub](#18-create-the-release-on-github)
* [19. Announce](#19-announce)
- * [20. Celebrate](#20-celebrate)
+ * [20. Re-enable the backport-queue workflow](#20-re-enable-the-backport-queue-workflow)
+ * [21. Celebrate](#21-celebrate)
* [LTS releases](#lts-releases)
* [Major releases](#major-releases)
@@ -140,6 +141,11 @@ of the `nodejs-private/node-private` repository a day or so before the
[CI lockdown procedure][] begins. This is to confirm that Jenkins can properly
access the private repository.
+### 1. Disable the backport-queue workflow
+
+Having the staging branch and the proposal branch starting to differ will make
+the release work harder.
+
### 1. Update the staging branch
Checkout the staging branch locally.
@@ -1096,7 +1102,9 @@ Let the security release steward know the releases are available.
-### 20. Celebrate
+### 20. Re-enable the backport-queue workflow
+
+### 21. Celebrate
_In whatever form you do this..._
diff --git a/tools/actions/create-release.sh b/tools/actions/create-release.sh
index 3a69b3f5602ffc..3a2bdf3b0bda82 100755
--- a/tools/actions/create-release.sh
+++ b/tools/actions/create-release.sh
@@ -10,24 +10,91 @@ if [ -z "$RELEASE_DATE" ] || [ -z "$RELEASE_LINE" ]; then
exit 1
fi
+buildMutationQuery() {
+ repo=$1
+ branch=$2
+ commit="${3:-HEAD}"
+ commit_title="${4:-$(git log -1 "$commit" --format=%s)}"
+ commit_body="${5:-$(git log -1 "$commit" --format=%b)}"
+ cat - <<'EOF'
+mutation ($repo: String! $branch: String!, $parent: GitObjectID!, $commit_title: String!, $commit_body: String) {
+ createCommitOnBranch(input: {
+ branch: {
+ repositoryNameWithOwner: $repo,
+ branchName: $branch
+ },
+ message: {
+ headline: $commit_title,
+ body: $commit_body
+ },
+ expectedHeadOid: $parent,
+ fileChanges: {
+ additions: [
+EOF
+ git show "$commit" --diff-filter=d --name-only --format= | while read -r FILE; do
+ echo " { path: "
+ node -p 'JSON.stringify(process.argv[1])' "$FILE"
+ printf ", contents: \""
+ base64 -w 0 -i "$FILE"
+ echo "\"},"
+ done
+ echo ' ], deletions: ['
+ git show "$commit" --diff-filter=D --name-only --format= | while read -r FILE; do
+ echo "$(node -p 'JSON.stringify(process.argv[1])' "$FILE"),"
+ done
+ cat - <<'EOF'
+ ]
+ }
+ }) {
+ commit {
+ url
+ }
+ }
+}
+EOF
+ node -p '"variables " + JSON.stringify({
+ repo: process.argv[1],
+ branch: process.argv[2],
+ parent: process.argv[3],
+ commit_title: process.argv[4],
+ commit_body: process.argv[5]
+ }, undefined, 2)' "$repo" "$branch" "$(git rev-parse "${commit}^")" "$commit_title" "${commit_body}"
+}
+
git node release --prepare --skipBranchDiff --yes --releaseDate "$RELEASE_DATE"
-# We use it to not specify the branch name as it changes based on
-# the commit list (semver-minor/semver-patch)
-git config push.default current
-git push
+
+HEAD_BRANCH="$(git rev-parse --abbrev-ref HEAD)"
TITLE=$(awk "/^## ${RELEASE_DATE}/ { print substr(\$0, 4) }" "doc/changelogs/CHANGELOG_V${RELEASE_LINE}.md")
# Use a temporary file for the PR body
TEMP_BODY="$(awk "/## ${RELEASE_DATE}/,/^ query.gql
+< query.gql \
+node --input-type=module -e 'console.log(JSON.stringify({ query: Buffer.concat(await process.stdin.toArray()).toString() }))' \
+| curl -fS -H "Authorization: bearer ${GH_TOKEN}" -X POST --data @- https://api.github.com/graphql