Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(admin): convert manual release creation steps into automated script #1209

Merged
merged 12 commits into from
Mar 18, 2024

Conversation

timotheeg
Copy link
Contributor

Problem

Preparing for release is tedious with manual steps to cut branches, extract version, tag, push to staging, copy test procedures, and opening up 2 PRs (release OR to master, backport PR to develop).

While not a huge drain of time, the procedures has been in place for years, and time adds up. An automation script can cut the prep time to just a few seconds.

Solution

Provide a bash prep scripts engineers can run to start on a release in seconds.

This PR includes no runtime code for production.

Can do a first run with @dcshzj for next release.

@timotheeg timotheeg requested a review from a team March 13, 2024 10:20
Copy link
Contributor

@seaerchin seaerchin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not approving yet so we can add comments but functionality wise no blockers.

scripts/release_prep.sh Show resolved Hide resolved
scripts/release_prep.sh Show resolved Hide resolved
scripts/release_prep.sh Outdated Show resolved Hide resolved
Comment on lines 87 to 109
grep -v -E -- '- [a-z]+\(deps(-dev)?\)' ${pr_body_file} | grep -v -E -- '- (release|backport) v' | grep -v -E -- '- \d+\.\d+\.\d+ ' | while read line_item; do
pr_id=$(echo ${line_item} | grep -o -E '\[`#\d+`\]' | grep -o -E '\d+')
pr_content=$(gh pr view ${pr_id})
tests=$(echo "$pr_content" | awk "/^## Test/{flag=1;next}/^## /{flag=0}flag" | sed -E "s/\[[Xx]\]/[ ]/" | sed -E "s/^(###+) /\1## /")
if [[ ${tests} =~ [^[:space:]] ]]; then
echo ${line_item} | sed "s/^- /### /" >> ${pr_body_file_groupped}
echo "${tests}" >> ${pr_body_file_groupped}
echo "" >> ${pr_body_file_groupped}
fi
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could we add a comment here :monkas:

@seaerchin
Copy link
Contributor

could you also dup this to FE once comments added!

Copy link
Contributor

@kishore03109 kishore03109 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a life saver, thank you

scripts/release_prep.sh Outdated Show resolved Hide resolved
scripts/release_prep.sh Show resolved Hide resolved
scripts/release_prep.sh Show resolved Hide resolved
@timotheeg
Copy link
Contributor Author

@dcshzj just ran this in for the current release FE+BE. Everything worked well! ✌️ 💪

image

These are the 4 PRs that were created (in just a few seconds!) for reference:

Some notes and TODOs:

  • The script is not creating the draft deployments, it should do that too
  • Several PRs did not have a test sections when they probably should have (e.g. this one)
  • Tests for one PR could not be captured because the test section did not follow the PR template naming convention. section title was Manual Local Tests

@kishore03109
Copy link
Contributor

@timotheeg
haha intended! since the tests cannot be performed on staging easily, so not part of deployment process haha

@dcshzj
Copy link
Contributor

dcshzj commented Mar 14, 2024

Sorry I forgot one thing to point out for @timotheeg, are we able to copy over the Deploy notes section as well? These are steps to perform when doing the release (e.g. creating alarms, updating SSM, etc)

@timotheeg
Copy link
Contributor Author

We can! If the convention is well followed by all PRs, we can carry the deploy notes into the release PR!

@timotheeg timotheeg force-pushed the release_prep_script branch from 73f902e to a866565 Compare March 14, 2024 10:27
@timotheeg
Copy link
Contributor Author

  • Added deploy notes to PR
  • Added creation of draft release
  • cleaned up the code a bit to be more readable

There are comments that indicate the intent of portions the script, and the variable names should be explanatory enough to indicate what they contain.

I'm not going to add comments that explains what the bash commands themselves do. That would be much too noisy and not add much value. So if you want info on the bash commands (sed/awk/whatever, feel free to ping me)

There's not much to understand really:

  • compute the changelog via npm version minor
  • each line item contains a pr id that can be extracted
  • use the github cli to get PR info for each id
  • find content in between sections by convention (e.g. ## Tests section and ## Deploy Notes section) as needed and append to local files

@timotheeg
Copy link
Contributor Author

Added syncing local tags to origin tags

@timotheeg
Copy link
Contributor Author

I added a few more comments which I think should suffice.

I'll merge now, and I'll pair with Chin @seaerchin to run the script for this week's release.

@timotheeg timotheeg merged commit 0fb31e7 into develop Mar 18, 2024
12 checks passed
@timotheeg timotheeg deleted the release_prep_script branch March 18, 2024 02:15
@seaerchin seaerchin mentioned this pull request Mar 21, 2024
5 tasks
seaerchin added a commit that referenced this pull request Mar 21, 2024
* build(deps): bump @aws-sdk/client-secrets-manager (#1218)

Bumps [@aws-sdk/client-secrets-manager](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-secrets-manager) from 3.501.0 to 3.533.0.
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-secrets-manager/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.533.0/clients/client-secrets-manager)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-secrets-manager"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: upgrade isomorphic-dompurify from 0.24.0 to 0.27.0 (#881)

Snyk has created this PR to upgrade isomorphic-dompurify from 0.24.0 to 0.27.0.

See this package in npm:
https://www.npmjs.com/package/isomorphic-dompurify

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>
Co-authored-by: seaerchin <[email protected]>

* fix: upgrade dd-trace from 4.7.0 to 4.11.0 (#922)

Snyk has created this PR to upgrade dd-trace from 4.7.0 to 4.11.0.

See this package in npm:
https://www.npmjs.com/package/dd-trace

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>

* fix: upgrade @aws-sdk/client-amplify from 3.370.0 to 3.382.0 (#923)

Snyk has created this PR to upgrade @aws-sdk/client-amplify from 3.370.0 to 3.382.0.

See this package in npm:
https://www.npmjs.com/package/@aws-sdk/client-amplify

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>

* fix: upgrade @aws-sdk/client-secrets-manager from 3.370.0 to 3.389.0 (#932)

Snyk has created this PR to upgrade @aws-sdk/client-secrets-manager from 3.370.0 to 3.389.0.

See this package in npm:
https://www.npmjs.com/package/@aws-sdk/client-secrets-manager

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>

* fix: upgrade aws-sdk from 2.1428.0 to 2.1450.0 (#948)

Snyk has created this PR to upgrade aws-sdk from 2.1428.0 to 2.1450.0.

See this package in npm:
https://www.npmjs.com/package/aws-sdk

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>

* fix: package.json & package-lock.json to reduce vulnerabilities (#1161)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116

Co-authored-by: snyk-bot <[email protected]>

* feat(pino): removes extraneous stuff (#1212)

* fix(logger): delete old files, shift to pino

* fix(pino-pretty): intsall as dev deps

* refactor(tracer): inject logs based on env

* fix(ggsrepair): delete outdated import

* fix(stats-spec): update error log

* build(deps): bump follow-redirects from 1.15.5 to 1.15.6 (#1221)

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.5 to 1.15.6.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/follow-redirects/follow-redirects/commit/35a517c5861d79dc8bff7db8626013d20b711b06"><code>35a517c</code></a> Release version 1.15.6 of the npm package.</li>
<li><a href="https://github.com/follow-redirects/follow-redirects/commit/c4f847f85176991f95ab9c88af63b1294de8649b"><code>c4f847f</code></a> Drop Proxy-Authorization across hosts.</li>
<li><a href="https://github.com/follow-redirects/follow-redirects/commit/8526b4a1b2ab3a2e4044299377df623a661caa76"><code>8526b4a</code></a> Use GitHub for disclosure.</li>
<li>See full diff in <a href="https://github.com/follow-redirects/follow-redirects/compare/v1.15.5...v1.15.6">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=follow-redirects&package-manager=npm_and_yarn&previous-version=1.15.5&new-version=1.15.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/isomerpages/isomercms-backend/network/alerts).

</details>

* chore(admin): convert manual release creation steps into automated script (#1209)

* chore(admin): convert manual release creation steps into automated script

* feat: prepare the draft release

* fix: correct spelling for "grouped"

* feat: extract and present deploy notes

* chore: slight comment update

* feat: extract tests and notes in one pass

* chore: add comment

* fix: fix invalid string concat in subshells (use file holders instead)

* feat: sync local tags to remote tags

* chore: more comments

* chore: remove empty line

* chore: add more comments

* fix: upgrade @aws-sdk/client-cloudwatch-logs from 3.501.0 to 3.521.0 (#1226)

Snyk has created this PR to upgrade @aws-sdk/client-cloudwatch-logs from 3.501.0 to 3.521.0.

See this package in npm:
https://www.npmjs.com/package/@aws-sdk/client-cloudwatch-logs

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>

* fix: upgrade @aws-sdk/lib-dynamodb from 3.501.0 to 3.521.0 (#1225)

Snyk has created this PR to upgrade @aws-sdk/lib-dynamodb from 3.501.0 to 3.521.0.

See this package in npm:
https://www.npmjs.com/package/@aws-sdk/lib-dynamodb

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>

* fix: upgrade aws-sdk from 2.1545.0 to 2.1565.0 (#1223)

Snyk has created this PR to upgrade aws-sdk from 2.1545.0 to 2.1565.0.

See this package in npm:
https://www.npmjs.com/package/aws-sdk

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>

* fix: upgrade @aws-sdk/client-dynamodb from 3.501.0 to 3.521.0 (#1224)

Snyk has created this PR to upgrade @aws-sdk/client-dynamodb from 3.501.0 to 3.521.0.

See this package in npm:
https://www.npmjs.com/package/@aws-sdk/client-dynamodb

See this project in Snyk:
https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <[email protected]>

* perf(I/O): rm blocking fs calls (#1220)

## Problem

We have quite a number of blocking I/O calls that has lead to unwanted CPU spikes in the event pool thread. 

This PR scrapes any existence of I/O calls and ensures that there is no lingering sync fs calls made from node. 


## Solution
use `fs.promises` instead

Looking at the spike after running the site checker
### NOTE: initial spike in event loop delay is due to the startup push to staging environment, this is not due to the site checker calls that were made
![Screenshot 2024-03-19 at 2 30 02 PM](https://github.com/isomerpages/isomercms-backend/assets/42832651/10604267-a702-4764-9ba4-e428987a8317)



![Screenshot 2024-03-19 at 1 30 03 PM](https://github.com/isomerpages/isomercms-backend/assets/42832651/fd9432b0-c83d-4a34-9c56-3e62d5d23a37)

**Breaking Changes**

<!-- Does this PR contain any backward incompatible changes? If so, what are they and should there be special considerations for release? -->

- [ ] Yes - this PR contains breaking changes
  - Details ...
- [X] No - this PR is backwards compatible with ALL of the following feature flags in this [doc](https://www.notion.so/opengov/Existing-feature-flags-518ad2cdc325420893a105e88c432be5)

**Features**:


when running the site repair form:

- Details ...

**Improvements**:

- Details ...

**Bug Fixes**:

- Details ...

## Before & After Screenshots

**BEFORE**:

<!-- [insert screenshot here] -->

**AFTER**:

<!-- [insert screenshot here] -->

## Tests

- [ ] Run the following command from the command line: 
```
grep -rE '(accessSync|appendFileSync|chmodSync|chownSync|closeSync|copyFileSync|cpSync|existsSync|fchmodSync|fchownSync|fdatasyncSync|fstatSync|fsyncSync|ftruncateSync|futimesSync|lchmodSync|lchownSync|lutimesSync|linkSync|lstatSync|mkdirSync|mkdtempSync|opendirSync|openSync|readdirSync|readFileSync|readlinkSync|readSync|readvSync|realpathSync|renameSync|rmdirSync|rmSync|statSync|statfsSync|symlinkSync|truncateSync|unlinkSync|utimesSync|writeFileSync|writeSync|writevSync)\b' src 
```

the only results should be from the `GitFileSystemService.spec.ts` which is fine since this test file runs locally and not in prod line

- [ ] Submit a form [here](https://form.gov.sg/65e4a3d2c25a061b046f3f01) for a repo in staging efs, and assert that the attachments are sent properly

- [ ] submit the site create form 


## Deploy Notes

<!-- Notes regarding deployment of the contained body of work.  -->
<!-- These should note any new dependencies, new scripts, etc. -->

**New environment variables**:

- `env var` : env var details
    - [ ] added env var to 1PW + SSM script (`fetch_ssm_parameters.sh`)

**New scripts**:

- `script` : script details

**New dependencies**:

- `dependency` : dependency details

**New dev dependencies**:

- `dependency` : dependency details

* fix(tags): update tagging for dd (#1222)

* fix(tags): update tagging for dd

* fix(task-def): update to isomer

* fix(link checker): wrong error reported (#1227)

## Problem

when pages are empty, we currently throw a link checker error which trips up alarms 

it is ok for a page content to be empty (eg, newly created page)


## Solution

remove the existing errors being reported

**Breaking Changes**

<!-- Does this PR contain any backward incompatible changes? If so, what are they and should there be special considerations for release? -->

- [ ] Yes - this PR contains breaking changes
  - Details ...
- [ ] No - this PR is backwards compatible with ALL of the following feature flags in this [doc](https://www.notion.so/opengov/Existing-feature-flags-518ad2cdc325420893a105e88c432be5)

**Features**:

- Details ...

**Improvements**:

- Details ...

**Bug Fixes**:

- Details ...

## Before & After Screenshots

**BEFORE**:

<!-- [insert screenshot here] -->

**AFTER**:

<!-- [insert screenshot here] -->

## Tests

<!-- What tests should be run to confirm functionality? -->

## Deploy Notes

<!-- Notes regarding deployment of the contained body of work.  -->
<!-- These should note any new dependencies, new scripts, etc. -->

**New environment variables**:

- `env var` : env var details
    - [ ] added env var to 1PW + SSM script (`fetch_ssm_parameters.sh`)

**New scripts**:

- `script` : script details

**New dependencies**:

- `dependency` : dependency details

**New dev dependencies**:

- `dependency` : dependency details

* chore: bump version to v0.72.0

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hsu Zhong Jun <[email protected]>
Co-authored-by: Isomer Admin <[email protected]>
Co-authored-by: snyk-bot <[email protected]>
Co-authored-by: Timothee Groleau <[email protected]>
Co-authored-by: Kishore <[email protected]>
@timotheeg timotheeg mentioned this pull request Apr 2, 2024
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants