ci(release-automation): make release issuance atomic #451
Comments
petermetz
added
enhancement
|
@ryjones I found this GH app called "MergeFreeze" which is meant to help out with situations like ours where PRs that are about issuing releases need to halt all other PRs until they are merged to keep the generated change logs and build artifacts consistent. MergeFreeze: https://github.com/marketplace/merge-freeze/plan/MDIyOk1hcmtldHBsYWNlTGlzdGluZ1BsYW4yMjAy#pricing-and-setup |
|
@petermetz I've installed it, but I'm not sure what more I need to do. If it needs more config, let me know? |
@ryjones It worked! Now I have a tool to keep the release issuance atomic, happy days! |
petermetz
added
good-first-issue-400-expert
P1
|
The last part for this seems to be to have npm packages auto-published BEFORE the container images get auto published (right now it's the other way around and it breaks the container image publishing given that the containers need the latest npm packages already published on the registry before they can be built) Update 1: With the addition of |
|
This PR/issue depends on:
|
|
Update 2: The npm publishing now works from the CI, the last thing remaining is that the GitHub token is not getting recognized somehow in the publishing job and that fails some of the weaver packages. Here's the complete log of the job: Uploading 2024-07-04T15-18-17-cacti-ci-npm-publish-crash.log… |
The NodeJS package publishing GitHub workflow job will now publish all packages to both GHCR and npmjs.org registries. It dynamically reconfigures the .npmrc file with the appropriate registry URL and the correct token gets set through the environment variables as well. The lerna publish script gets invoked twice, with different registry configurations which was the only way I found to make sure that all the packages are deployed to all the locations where they are to be used. Fixes hyperledger-cacti#451 Signed-off-by: Peter Somogyvari <[email protected]>
|
Re-opening because there was a small bug in the publish workflow where I accidentally mixed up the ghcr and npm tokens in the environment variable declarations. |
Hot-fixing the automatic release issuance workflow for npm packages yet again. The previous fix is still believed to bo correct conceptually, there was just a silly mistake of the mixing up of the ghcr vs npm tokens in the environment variables that get populated from the secrets. Fixes #451 Signed-off-by: Peter Somogyvari <[email protected]>
Hot-fixing the automatic release issuance workflow for npm packages yet again. The previous fix is still believed to bo correct conceptually, there was just a silly mistake of the mixing up of the ghcr vs npm tokens in the environment variables that get populated from the secrets. Fixes #451 Signed-off-by: Peter Somogyvari <[email protected]>
Depends on #1951
Description
As a maintainer I want to be able to issue releases without hassle so that I can spend more time doing other maintainer chores.
Currently we have scripts that automate the release issuance, but the way it works right now is that you run the script locally on your machine and then issue a PR with the administrative changes registering the release (like the version numbers being bumped in the package.json files, generating the CHANGELOG entries, etc).
The problem with this is that you tag your release commit when you make it and at the same time the npm packages get automatically published as well. So lots of automation and convenience already, but there's a concurrency issue at play which already manifested itself with our 0.2.0 release: If someone gets between your release PR and your release commit, then your tag will actually diverge, which is not a huge issue, but it could become confusing/annoying/even problematic once we get to GA and start doing hotfixes, backports on older release branches regularly (an unfortunate chore of mature software maintenance).
So, I had this idea (that I actually just stole from Besu, while I was browsing their CI code for something totally unrelated) that what we need is a separate github action (workflow yaml file in the
.githubdirectory) that will run only on branches matching the pattern ofrelease-*and this workflow will run the publish script that uploads the package contents to npm (and later on all the other things that we want to publish such as Java jars to BinTray/Maven Central for the Java bindings to the Cactus API).With this change, the release workflow would become this:
release-$SEMANTIC_VERSIONupstream(e.g. Hyperledger/Cactus)Acceptance Criteria
cc: @takeutak @sfuji822 @hartm @jonathan-m-hamilton @AzaharaC @jordigiam @kikoncuo @petermetz @arnab-roy @jagpreetsinghsasan
The text was updated successfully, but these errors were encountered: