diff --git a/.github/workflows/build_from_branch.yml b/.github/workflows/build_from_branch.yml new file mode 100644 index 0000000..f8dd08f --- /dev/null +++ b/.github/workflows/build_from_branch.yml @@ -0,0 +1,100 @@ +name: Build from Branch + +on: + workflow_call: + inputs: + repo: + type: string + required: true + branch_name: + type: string + required: true + default: "main" + project_name: + type: string + required: true + artifact_name: + type: string + required: true + next_version: + type: string + required: false + secrets: + gh_token: + required: true + gh_user: + required: true + gh_email: + required: true + + outputs: + artifact_file: + description: List of unique labels + value: ${{ jobs.build-from-branch.outputs.artifact_file }} + +env: + GH_TOKEN: ${{ secrets.gh_token }} + OUTPUT_DIR: "artifact" + NEXT_VERSION: "${{ inputs.next_version }}" + PROJECT_NAME: "${{ inputs.project_name }}" + ARTIFACT_NAME: "${{ inputs.artifact_name }}" + +jobs: + build-from-branch: + runs-on: ubuntu-latest + + outputs: + artifact_file: ${{ steps.create-artifact.outputs.file_name }} + + steps: + - name: ⬇️ Checkout ${{ inputs.branch_name }} + uses: actions/checkout@v4 + with: + ref: ${{ inputs.branch_name }} + fetch-depth: 0 + submodules: true + + - name: Update package.py version to ${{ env.NEXT_VERSION }} + run: | + sed -i "s/^version = \".*\"/version = \"${{ env.NEXT_VERSION }}\"/" package.py + sed -i "s/^name = \".*\"/name = \"${{ env.PROJECT_NAME }}\"/" package.py + + - name: Create package artifacts + id: create-artifact + run: | + python create_package.py --output ${{ env.OUTPUT_DIR }} + echo "file_name=${{ env.PROJECT_NAME }}-${{ env.NEXT_VERSION }}.zip" >> $GITHUB_OUTPUT + + - name: 🔑 Set Bot Authentication + run: | + git config --global user.name "${{ secrets.gh_user }}" + git config --global user.email "${{ secrets.gh_email }}" + + - name: Add changed files from ${{ vars.MAIN_BRANCH }} + # INFO wont work in ayon-addon-action testing for initial release + # INFO due to no present changes at this point in time + # WARNING This will offset the tag by one commit if generated artifact is the only change cause it's excluded + run: | + git add . -- ':!${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }}' + if git diff --cached --exit-code > /dev/null; then + echo "No changes to commit" + else + git commit -m "[Automated] Add generated package files from ${{ vars.MAIN_BRANCH }}" + fi + + git tag -a ${{ env.NEXT_VERSION }} -m "[Automated] Release version ${{ env.NEXT_VERSION }}" + + - name: 🔏 Push to protected ${{ vars.MAIN_BRANCH }} branch + uses: CasperWA/push-protected@v2.16.0 + with: + token: ${{ env.GH_TOKEN }} + branch: ${{ vars.MAIN_BRANCH }} + tags: true + unprotect_reviews: false + + - name: 🔼 Upload package zip artifacts + uses: actions/upload-artifact@v4 + with: + name: ${{ env.ARTIFACT_NAME }} + path: | + ${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }} diff --git a/.github/workflows/initial_release.yml b/.github/workflows/initial_release.yml index a50c992..6af6ed7 100644 --- a/.github/workflows/initial_release.yml +++ b/.github/workflows/initial_release.yml @@ -5,13 +5,7 @@ on: inputs: draft: type: boolean - major: - type: string - minor: - type: string - patch: - type: string - name: + release_overwrite: type: string secrets: @@ -27,255 +21,88 @@ env: GH_TOKEN: ${{ secrets.token || secrets.YNPUT_BOT_TOKEN}} GH_USER: ${{ secrets.user || secrets.CI_USER }} GH_EMAIL: ${{ secrets.email || secrets.CI_EMAIL }} - INIT_VERSION: "0.1.0" RELEASE_NAME: ${{ inputs.name || '' }} DRAFT: ${{ inputs.draft }} ARTIFACT_NAME: "${{ vars.PROJECT_NAME }}-package" PROJECT_NAME: "${{ vars.PROJECT_NAME }}" - REQUIRED_VARS: MAIN_BRANCH,MINOR_BUMP_LABEL,PATCH_BUMP_LABEL,PROJECT_NAME jobs: - verify_repo_vars_and_secrets: - runs-on: ubuntu-latest - - # TODO include orgnaistion secrets - needs actions [secrets fine-grained permission](https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28) - # TODO only check if no inputs provided - # TODO move verification into github action - steps: - - name: 🔎 Verify secret 'GH_TOKEN' for ${{ github.repository }} - if: ${{ !env.GH_TOKEN }} - run: | - echo "::error::Secret 'GH_TOKEN' is not set or empty" - - - name: 🔎 Verify secret 'GH_USER' for ${{ github.repository }} - if: ${{ !env.GH_USER }} - run: | - echo "::error::Secret 'GH_USER' is not set or empty" - - - name: 🔎 Verify secret 'GH_EMAIL' for ${{ github.repository }} - if: ${{ !env.GH_EMAIL }} - run: | - echo "::error::Secret 'GH_EMAIL' is not set or empty" - - - name: 🔎 Secrets verified - if: ${{ env.GH_TOKEN && env.GH_USER && env.GH_EMAIL }} - run: | - echo "::notice::All required secrets are present." - - - name: 🔎 Verify repo variables for ${{ github.repository }} - run: | - missing_vars=$(echo ${{ env.REQUIRED_VARS }} | tr ',' '\n' | while read var; do - gh variable list --repo ${{ github.repository }} --json name --jq '.[].name' | grep -qx "$var" || echo "$var" - done) - - if [ -n "$missing_vars" ]; then - echo "::error::The following required variables are missing: $missing_vars for repository ${{ github.repository }}" - exit 1 - else - echo "::notice::All required variables are present." - fi - - - # TODO Move release query logic into github action - get-latest-release: - runs-on: ubuntu-latest - needs: - - verify_repo_vars_and_secrets - outputs: - id: ${{ steps.latest-release.outputs.id }} - name: ${{ steps.latest-release.outputs.name }} - tag: ${{ steps.latest-release.outputs.tag }} - date_created: ${{ steps.latest-release.outputs.date_created }} - date_published: ${{ steps.latest-release.outputs.date_published }} - draft: ${{ steps.latest-release.outputs.draft }} - pre_release: ${{ steps.latest-release.outputs.pre_release}} - - steps: - - name: Get latest release - id: latest-release - run: | - declare -A release_option_map=( - ["id"]="id" - ["createdAt"]="date_created" - ["publishedAt"]="date_published" - ["tagName"]="tag" - ["name"]="name" - ["isDraft"]="draft" - ["isPrerelease"]="pre_release" - ) + verify-latest-release: + uses: ynput/ops-repo-automation/.github/workflows/verify_latest_release.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + expect_release: false + secrets: + gh_token: ${{ secrets.token }} - key_list=$(IFS=,; echo "${!release_option_map[*]}") - release=$(gh release view --repo ${{ github.repository }} --json $key_list || true) - for key in "${!release_option_map[@]}"; do - value=$(echo "$release" | jq -r ".$key") - echo "${release_option_map[$key]}=$value" >> $GITHUB_OUTPUT - done + verify-repo-secrets: + uses: ynput/ops-repo-automation/.github/workflows/verify_secrets.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + secrets: + gh_token: ${{ secrets.token }} + gh_user: ${{ secrets.user }} + gh_email: ${{ secrets.email }} - - name: Show release data - run: | - echo "Release ID: ${{ steps.latest-release.outputs.id }}" - echo "Release Name: ${{ steps.latest-release.outputs.name }}" - echo "Tag Name: ${{ steps.latest-release.outputs.tag }}" - echo "Date Created: ${{ steps.latest-release.outputs.date_created }}" - echo "Date Published: ${{ steps.latest-release.outputs.date_published }}" - echo "Draft Status: ${{ steps.latest-release.outputs.draft }}" - echo "Pre-release Status: ${{ steps.latest-release.outputs.pre_release }}" - - name: Test existing release - if: ${{ steps.latest-release.outputs.date_published }} - run: | - echo "::error::An existing releases was found for ${{ github.repository }}. Please use the general release-trigger for further releases." - exit 1 + verify-repo-vars: + uses: ynput/ops-repo-automation/.github/workflows/verify_variables.yml@refactor-release-workflow-structure + with: + variables: "MAIN_BRANCH,MINOR_BUMP_LABEL,PATCH_BUMP_LABEL,PROJECT_NAME" + repo: ${{ github.repository }} + secrets: + gh_token: ${{ secrets.token }} merge-to-main: - runs-on: ubuntu-latest needs: - - get-latest-release - - steps: - - name: ⬇️ Checkout ${{ vars.MAIN_BRANCH }} - uses: actions/checkout@v4 - with: - ref: ${{ vars.MAIN_BRANCH }} - fetch-depth: 0 - - - name: 🔑 Set Bot Authentication - run: | - git config --global user.name "${{ env.GH_USER }}" - git config --global user.email "${{ env.GH_EMAIL }}" - - - name: 🔀 Merge ${{ github.ref_name }} -> ${{ vars.MAIN_BRANCH }} - run: | - git pull origin ${{ github.ref_name }} - git merge --no-ff origin/${{ github.ref_name }} -m "[Automated] Merged ${{ github.ref_name }} -> ${{ vars.MAIN_BRANCH }}" - - # TODO implement this using gh command - - name: 🔏 Push to protected main branch - uses: CasperWA/push-protected@v2.15.0 - with: - token: ${{ env.GH_TOKEN }} - branch: ${{ vars.MAIN_BRANCH }} - tags: false - unprotect_reviews: false + - verify-latest-release + - verify-repo-secrets + - verify-repo-vars + + uses: ynput/ops-repo-automation/.github/workflows/merge_branch.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + checkout_branch: ${{ vars.MAIN_BRANCH }} + merge_from_branch: ${{ github.ref_name }} + secrets: + gh_token: ${{ secrets.token }} + gh_user: ${{ secrets.user }} + gh_email: ${{ secrets.email }} build-from-main: - runs-on: ubuntu-latest needs: - merge-to-main - env: - OUTPUT_DIR: "artifact" - outputs: - artifact_file: ${{ steps.create-artifact.outputs.file_name }} - - steps: - - name: ⬇️ Checkout ${{ vars.MAIN_BRANCH }} - uses: actions/checkout@v4 - with: - ref: ${{ vars.MAIN_BRANCH }} - fetch-depth: 0 - - - name: Update package.py version to ${{ env.INIT_VERSION }} - run: | - sed -i "s/^version = \".*\"/version = \"${{ env.INIT_VERSION }}\"/" package.py - sed -i "s/^name = \".*\"/name = \"${{ env.PROJECT_NAME }}\"/" package.py - - - name: Create artifacts - id: create-artifact - run: | - python create_package.py --output ${{ env.OUTPUT_DIR }} - echo "file_name=${{ env.PROJECT_NAME }}-${{ env.INIT_VERSION }}.zip" >> $GITHUB_OUTPUT - - - name: 🔑 Set Bot Authentication - run: | - git config --global user.name "${{ env.GH_USER }}" - git config --global user.email "${{ env.GH_EMAIL }}" - - - name: Add generated files from ${{ vars.MAIN_BRANCH }} - run: | - git add . -- ':!${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }}' - if git diff --cached --exit-code > /dev/null; then - echo "No changes to commit" - else - git commit -m "[Automated] Add generated package files from ${{ vars.MAIN_BRANCH }}" - fi - - git tag -a ${{ env.INIT_VERSION }} -m "[Automated] Release version ${{ env.INIT_VERSION }}" - - - name: 🔏 Push to protected ${{ vars.MAIN_BRANCH }} branch - uses: CasperWA/push-protected@v2.16.0 - with: - token: ${{ env.GH_TOKEN }} - branch: ${{ vars.MAIN_BRANCH }} - tags: false - unprotect_reviews: false - - name: 🔼 Upload zip artifacts - uses: actions/upload-artifact@v4 - with: - name: ${{ env.ARTIFACT_NAME }} - path: | - ${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }} + uses: ynput/ops-repo-automation/.github/workflows/build_from_branch.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + branch_name: ${{ vars.MAIN_BRANCH }} + project_name: ${{ vars.PROJECT_NAME }} + artifact_name: "${{ vars.PROJECT_NAME }}-package" + next_version: "${{ inputs.release_overwrite }}" + secrets: + gh_token: ${{ secrets.token }} + gh_user: ${{ secrets.user }} + gh_email: ${{ secrets.email }} update-develop: - runs-on: ubuntu-latest - env: - OUTPUT_DIR: "artifact" needs: - build-from-main - steps: - - name: ⬇️ Checkout ${{ github.ref_name }} - uses: actions/checkout@v4 - with: - ref: ${{ github.ref_name }} - - - name: 🔀 Merge ${{ vars.MAIN_BRANCH }} -> ${{ github.ref_name }} - run: | - git pull origin ${{ vars.MAIN_BRANCH }} - git merge --no-ff origin/${{ vars.MAIN_BRANCH }} -m "[Automated] Merged ${{ vars.MAIN_BRANCH }} -> ${{ github.ref_name }}" - - - name: Read version from package.py - id: package-version - run: | - version=$(sed -n 's/^version *= *"\(.*\)"/\1/p' package.py) - echo "version=$version" >> $GITHUB_OUTPUT - - - name: Update package version for ${{ github.ref_name }} - id: develop-version - run: | - echo "develop_version=${{ env.INIT_VERSION }}-dev" >> $GITHUB_OUTPUT - - - name: Update package version for - run: | - sed -i "s/^version = \".*\"/version = \"${{ steps.develop-version.outputs.develop_version }}\"/" package.py - - - name: Create artifacts - id: create-artifact - run: | - python create_package.py --output ${{ env.OUTPUT_DIR }} - - - name: 🔑 Set Bot Authentication - run: | - git config --global user.email "${{ env.GH_EMAIL }}" - git config --global user.name "${{ env.GH_USER }}" - - - name: Update package.py version to ${{ steps.develop-version.outputs.develop_version }} - if: ${{ steps.package-version.outputs.version != steps.develop-version.outputs.develop_version }} - run: | - git add . -- ':!${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }}' - git commit -m "[Automated] Update version in package.py for develop" - - - name: 🔏 Push to protected ${{ github.ref_name }} branch - uses: CasperWA/push-protected@v2.16.0 - with: - token: ${{ env.GH_TOKEN }} - branch: ${{ github.ref_name }} - tags: false - unprotect_reviews: false + uses: ynput/ops-repo-automation/.github/workflows/update_branch.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + checkout_branch: ${{ github.ref_name }} + update_from_branch: ${{ vars.MAIN_BRANCH }} + next_version: ${{ inputs.release_overwrite }} + secrets: + gh_token: ${{ secrets.token }} + gh_user: ${{ secrets.user }} + gh_email: ${{ secrets.email }} create-release: @@ -292,35 +119,23 @@ jobs: - name: 🚀 Create Github Release uses: ncipollo/release-action@v1 with: - commit: ${{ vars.MAIN_BRANCH }} - tag: "${{ env.INIT_VERSION }}" + tag: ${{ inputs.release_overwrite }} generateReleaseNotes: true artifacts: ${{ needs.build-from-main.outputs.artifact_file }} token: ${{ env.GH_TOKEN }} - draft: true + draft: ${{ inputs.draft }} verify-release: - runs-on: ubuntu-latest needs: - create-release - steps: - - name: Fetch Latest Release Draft - id: fetch-latest-release-draft - run: | - current_release_name="$(gh release list --repo ${{ github.repository }} --json isDraft,name,createdAt --jq '[.[] | select(.isDraft == true)] | sort_by(.createdAt) | reverse | .[0].name')" - echo "current_release_name=$current_release_name" >> $GITHUB_OUTPUT - - - name: 🔍 Verify Release-Draft Name - id: check-release-tag - env: - latest_release_draft: ${{ steps.fetch-latest-release-draft.outputs.current_release_name }} - run: | - if [ "${{ env.INIT_VERSION }}" == "${{ env.latest_release_draft }}" ]; then - echo "::notice::Success, release-draft found with the expected name ${{ env.INIT_VERSION }}." - exit 0 - fi + uses: ynput/ops-repo-automation/.github/workflows/verify_created_release.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + expected_release_name: "${{ inputs.release_overwrite }}" + draft_release: ${{ inputs.draft }} + secrets: + gh_token: ${{ secrets.token }} - echo "::error::Expected tag ${{ env.INIT_VERSION }}, but found ${{ env.latest_release_draft }}." - exit 1 \ No newline at end of file + # TODO verify tag position diff --git a/.github/workflows/merge_branch.yml b/.github/workflows/merge_branch.yml new file mode 100644 index 0000000..e95c9a0 --- /dev/null +++ b/.github/workflows/merge_branch.yml @@ -0,0 +1,54 @@ +name: merge branch + +on: + workflow_call: + inputs: + repo: + type: string + required: true + checkout_branch: + type: string + required: true + merge_from_branch: + type: string + required: true + secrets: + gh_token: + required: true + gh_user: + required: true + gh_email: + required: true + +env: + GH_TOKEN: ${{ secrets.gh_token }} + +jobs: + merge-to-main: + runs-on: ubuntu-latest + + steps: + - name: ⬇️ Checkout ${{ inputs.checkout_branch }} + uses: actions/checkout@v4 + with: + ref: ${{ inputs.checkout_branch }} + fetch-depth: 0 + + - name: 🔑 Set Bot Authentication + run: | + git config --global user.name "${{ secrets.gh_user }}" + git config --global user.email "${{ secrets.gh_email }}" + + - name: 🔀 Merge ${{ inputs.merge_from_branch }} -> ${{ inputs.checkout_branch }} + run: | + git pull origin ${{ inputs.merge_from_branch }} + git merge --no-ff origin/${{ inputs.merge_from_branch }} -m "[Automated] Merged ${{ inputs.merge_from_branch }} -> ${{ inputs.checkout_branch }}" + + # TODO implement this using gh command + - name: 🔏 Push to protected ${{ inputs.checkout_branch }} branch + uses: CasperWA/push-protected@v2.16.0 + with: + token: ${{ secrets.gh_token }} + branch: ${{ inputs.checkout_branch }} + tags: false + unprotect_reviews: false \ No newline at end of file diff --git a/.github/workflows/release_trigger.yml b/.github/workflows/release_trigger.yml index a0988ba..4a4facc 100644 --- a/.github/workflows/release_trigger.yml +++ b/.github/workflows/release_trigger.yml @@ -5,11 +5,10 @@ on: inputs: draft: type: boolean + required: false release_overwrite: type: string - release_name: - type: string - + required: false secrets: token: required: true @@ -24,167 +23,68 @@ env: GH_EMAIL: ${{ secrets.email || secrets.CI_EMAIL }} DRAFT: ${{ inputs.draft }} NEXT_RELEASE: ${{ inputs.release_overwrite }} - RELEASE_NAME: ${{ inputs.release_name || '' }} ARTIFACT_NAME: "${{ vars.PROJECT_NAME }}-package" PROJECT_NAME: "${{ vars.PROJECT_NAME }}" REQUIRED_VARS: MAIN_BRANCH,MINOR_BUMP_LABEL,PATCH_BUMP_LABEL,PROJECT_NAME CHANGELOG_ORDER: "${{ vars.CHANGELOG_ORDER || '' }}" jobs: - verify_repo_vars_and_secrets: - runs-on: ubuntu-latest - - # TODO include orgnaistion secrets - needs actions [secrets fine-grained permission](https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28) - # TODO move verification into github action - # TODO RnD more efficient way for secret checks without converting them to values - steps: - - name: 🔎 Verify secret 'GH_TOKEN' for ${{ github.repository }} - if: ${{ !env.GH_TOKEN }} - run: | - echo "::error::Secret 'GH_TOKEN' is not set or empty" - - - name: 🔎 Verify secret 'GH_USER' for ${{ github.repository }} - if: ${{ !env.GH_USER }} - run: | - echo "::error::Secret 'GH_USER' is not set or empty" - - - name: 🔎 Verify secret 'GH_EMAIL' for ${{ github.repository }} - if: ${{ !env.GH_EMAIL }} - run: | - echo "::error::Secret 'GH_EMAIL' is not set or empty" - - - name: 🔎 Secrets verified - if: ${{ env.GH_TOKEN && env.GH_USER && env.GH_EMAIL }} - run: | - echo "::notice::All required secrets are present." - - - name: 🔎 Verify repo variables for ${{ github.repository }} - run: | - missing_vars=$(echo ${{ env.REQUIRED_VARS }} | tr ',' '\n' | while read var; do - gh variable list --repo ${{ github.repository }} --json name --jq '.[].name' | grep -qx "$var" || echo "$var" - done) - - if [ -n "$missing_vars" ]; then - echo "::error::The following required variables are missing: $missing_vars for repository ${{ github.repository }}" - exit 1 - else - echo "::notice::All required variables are present." - fi - - - # TODO Move release query logic into github action - get-latest-release: - runs-on: ubuntu-latest - needs: - - verify_repo_vars_and_secrets - outputs: - id: ${{ steps.latest-release.outputs.id }} - name: ${{ steps.latest-release.outputs.name }} - tag: ${{ steps.latest-release.outputs.tag }} - date_created: ${{ steps.latest-release.outputs.date_created }} - date_published: ${{ steps.latest-release.outputs.date_published }} - draft: ${{ steps.latest-release.outputs.draft }} - pre_release: ${{ steps.latest-release.outputs.pre_release}} + verify-latest-release: + uses: ynput/ops-repo-automation/.github/workflows/verify_latest_release.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + expect_release: true + secrets: + gh_token: ${{ secrets.token }} - steps: - - name: Get latest release - id: latest-release - run: | - declare -A release_option_map=( - ["id"]="id" - ["createdAt"]="date_created" - ["publishedAt"]="date_published" - ["tagName"]="tag" - ["name"]="name" - ["isDraft"]="draft" - ["isPrerelease"]="pre_release" - ) - key_list=$(IFS=,; echo "${!release_option_map[*]}") - release=$(gh release view --repo ${{ github.repository }} --json $key_list || true) + verify-repo-secrets: + uses: ynput/ops-repo-automation/.github/workflows/verify_secrets.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + secrets: + gh_token: ${{ secrets.token }} + gh_user: ${{ secrets.user }} + gh_email: ${{ secrets.email }} - for key in "${!release_option_map[@]}"; do - value=$(echo "$release" | jq -r ".$key") - echo "${release_option_map[$key]}=$value" >> $GITHUB_OUTPUT - done - - name: Show release data - # TODO create a loop for this - run: | - echo "Release ID: ${{ steps.latest-release.outputs.id }}" - echo "Release Name: ${{ steps.latest-release.outputs.name }}" - echo "Tag Name: ${{ steps.latest-release.outputs.tag }}" - echo "Date Created: ${{ steps.latest-release.outputs.date_created }}" - echo "Date Published: ${{ steps.latest-release.outputs.date_published }}" - echo "Draft Status: ${{ steps.latest-release.outputs.draft }}" - echo "Pre-release Status: ${{ steps.latest-release.outputs.pre_release }}" + verify-repo-vars: + uses: ynput/ops-repo-automation/.github/workflows/verify_variables.yml@refactor-release-workflow-structure + with: + variables: "MAIN_BRANCH,MINOR_BUMP_LABEL,PATCH_BUMP_LABEL,PROJECT_NAME" + repo: ${{ github.repository }} + secrets: + gh_token: ${{ secrets.token }} - - name: Test existing release - if: ${{ ! steps.latest-release.outputs.date_published }} - run: | - echo "::warning::No releases found for ${{ github.repository }}. Please use the Initial Release Trigger workflow. - exit 1 - - name: Test release drafts - if: ${{ fromJson(steps.latest-release.outputs.draft) }} - run: | - echo "::warning::Release draft already present: ${{ steps.latest-release.outputs.name }}" - exit 0 + validate-pr-information: + needs: + - verify-latest-release + uses: ynput/ops-repo-automation/.github/workflows/verify_pr_data.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + latest_release: ${{ needs.verify-latest-release.outputs.date_published }} + changelog_order: ${{ vars.CHANGELOG_ORDER || '' }} + secrets: + gh_token: ${{ secrets.token }} increment-version: runs-on: ubuntu-latest - needs: get-latest-release - env: - release_date: ${{ needs.get-latest-release.outputs.date_published }} + needs: + - validate-pr-information + outputs: next-version: "${{ steps.set-tag.outputs.NEXT_TAG }}" - changelog: "${{ steps.pr-query.outputs.changelog-markdown }}" steps: - - name: Query PR data - id: pr-query - uses: ynput/github-query@main - with: - repo: "${{ github.repository }}" - date: "${{ env.release_date }}" - query_parameters: "body,labels,title,id,number,url" - changelog_labels: "${{ env.CHANGELOG_ORDER }}" - - - name: Show debug output - run: | - echo "label-list: ${{ steps.pr-query.outputs.label-list }}" - echo "bump-increment: ${{ steps.pr-query.outputs.bump-increment }}" - echo "changelog: ${{ steps.pr-query.outputs.changelog-markdown }}" - - - name: Check for existing PRs - if: ${{ !fromJson(steps.pr-query.outputs.raw-output) }} - run: | - echo "pr_list: ${{ steps.pr-query.outputs.raw-output }}" - echo "::error::No merged PRs found since last release." - exit 1 - - - name: Check for existing PR labels - if: ${{ !(steps.pr-query.outputs.label-list) }} - # TODO enhance output to show wich PR - run: | - echo "::error:: No release related PR labels found. Can't create a new release." - exit 1 - - - name: ❗ Validate labels - if: ${{ !steps.pr-query.outputs.bump-increment }} - run: | - # TODO Format using line breaks - not supported by annotations - echo "::error:: No valid versioning labels found in PRs. Only found these labels: ${{ steps.pr-query.outputs.label-list }}. Are you sure you want to create a new release?" - exit 1 - - name: 🔼 Get next Version Tag if: ${{ ! inputs.release_overwrite }} uses: reecetech/version-increment@2024.4.4 id: calculated_version_tag with: scheme: semver - increment: ${{ steps.pr-query.outputs.bump-increment }} + increment: ${{ needs.validate-pr-information.outputs.bump-increment }} release_branch: ${{ vars.MAIN_BRANCH }} use_api: true @@ -203,167 +103,66 @@ jobs: merge-to-main: - runs-on: ubuntu-latest - needs: increment-version - - steps: - - name: ⬇️ Checkout ${{ vars.MAIN_BRANCH }} - uses: actions/checkout@v4 - with: - ref: ${{ vars.MAIN_BRANCH }} - fetch-depth: 0 - - - name: 🔑 Set Bot Authentication - run: | - git config --global user.name "${{ env.GH_USER }}" - git config --global user.email "${{ env.GH_EMAIL }}" - - - name: 🔀 Merge ${{ github.ref_name }} -> ${{ vars.MAIN_BRANCH }} - run: | - git merge origin/${{ github.ref_name }} -m "[Automated] Merged ${{ github.ref_name }} -> ${{ vars.MAIN_BRANCH }}" - - # TODO implement this using gh command - - name: 🔏 Push to protected ${{ vars.MAIN_BRANCH }} branch - uses: CasperWA/push-protected@v2.16.0 - with: - token: ${{ env.GH_TOKEN }} - branch: ${{ vars.MAIN_BRANCH }} - tags: false - unprotect_reviews: false + needs: + - increment-version + - verify-latest-release + - verify-repo-secrets + - verify-repo-vars + + uses: ynput/ops-repo-automation/.github/workflows/merge_branch.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + checkout_branch: ${{ vars.MAIN_BRANCH }} + merge_from_branch: ${{ github.ref_name }} + secrets: + gh_token: ${{ secrets.token }} + gh_user: ${{ secrets.user }} + gh_email: ${{ secrets.email }} build-from-main: - runs-on: ubuntu-latest needs: - - get-latest-release - increment-version - merge-to-main - env: - OUTPUT_DIR: "artifact" - NEXT_VERSION: "${{ needs.increment-version.outputs.next-version }}" - outputs: - artifact_file: ${{ steps.create-artifact.outputs.file_name }} - latest_commit: ${{ steps.get-commit-hash.outputs.latest_commit}} - - steps: - - name: ⬇️ Checkout ${{ vars.MAIN_BRANCH }} - uses: actions/checkout@v4 - with: - ref: ${{ vars.MAIN_BRANCH }} - fetch-depth: 0 - submodules: true - - - name: Update package.py version to ${{ env.NEXT_VERSION }} - run: | - sed -i "s/^version = \".*\"/version = \"${{ env.NEXT_VERSION }}\"/" package.py - sed -i "s/^name = \".*\"/name = \"${{ env.PROJECT_NAME }}\"/" package.py - - - name: Create package artifacts - id: create-artifact - run: | - python create_package.py --output ${{ env.OUTPUT_DIR }} - echo "file_name=${{ env.PROJECT_NAME }}-${{ env.NEXT_VERSION }}.zip" >> $GITHUB_OUTPUT - - - name: 🔑 Set Bot Authentication - run: | - git config --global user.name "${{ env.GH_USER }}" - git config --global user.email "${{ env.GH_EMAIL }}" - - - name: Add changed files from ${{ vars.MAIN_BRANCH }} - run: | - git add . -- ':!${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }}' - git commit -m "[Automated] Add generated package files to ${{ vars.MAIN_BRANCH }}" - - - name: 🔏 Push to protected ${{ vars.MAIN_BRANCH }} branch - uses: CasperWA/push-protected@v2.16.0 - with: - token: ${{ env.GH_TOKEN }} - branch: ${{ vars.MAIN_BRANCH }} - tags: false - unprotect_reviews: false - - # TODO remove obsolete step - - name: Get latest commit hash on ${{ vars.MAIN_BRANCH }} - id: get-commit-hash - run: | - latest_commit_hash=$(git rev-parse HEAD) - echo "latest_commit=$latest_commit" >> $GITHUB_OUTPUT - - - name: 🔼 Upload package zip artifacts - uses: actions/upload-artifact@v4 - with: - name: ${{ env.ARTIFACT_NAME }} - path: | - ${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }} + uses: ynput/ops-repo-automation/.github/workflows/build_from_branch.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + branch_name: ${{ vars.MAIN_BRANCH }} + project_name: ${{ vars.PROJECT_NAME }} + artifact_name: "${{ vars.PROJECT_NAME }}-package" + next_version: "${{ inputs.release_overwrite || needs.increment-version.outputs.next-version }}" + secrets: + gh_token: ${{ secrets.token }} + gh_user: ${{ secrets.user }} + gh_email: ${{ secrets.email }} update-develop: - runs-on: ubuntu-latest needs: - build-from-main - increment-version - env: - OUTPUT_DIR: "artifact" - NEXT_VERSION: "${{ needs.increment-version.outputs.next-version }}" - NEXT_PACKAGE_VERSION: "${{ needs.increment-version.outputs.next-version }}+dev" - steps: - - name: ⬇️ Checkout ${{ github.ref_name }} - uses: actions/checkout@v4 - with: - ref: ${{ github.ref_name }} - - - name: 🔀 Merge ${{ vars.MAIN_BRANCH }} -> ${{ github.ref_name }} - run: | - git pull origin ${{ vars.MAIN_BRANCH }} - git merge --no-ff origin/${{ vars.MAIN_BRANCH }} -m "[Automated] Merged ${{ vars.MAIN_BRANCH }} -> ${{ github.ref_name }}" - - # ? Still requried ? - - name: Read version from package.py - id: package-version - run: | - version=$(sed -n 's/^version *= *"\(.*\)"/\1/p' package.py) - echo "version=$version" >> $GITHUB_OUTPUT - - - name: Update package version for ${{ github.ref_name }} to ${{ env.NEXT_PACKAGE_VERSION }} - run: | - sed -i "s/^version = \".*\"/version = \"${{ env.NEXT_PACKAGE_VERSION }}\"/" package.py - - - name: Create artifacts - id: create-artifact - run: | - python create_package.py --output ${{ env.OUTPUT_DIR }} - - - name: 🔑 Set Bot Authentication - run: | - git config --global user.email "${{ env.GH_EMAIL }}" - git config --global user.name "${{ env.GH_USER }}" - - - name: Commit generated files - if: ${{ steps.package-version.outputs.version != env.NEXT_PACKAGE_VERSION }} - run: | - git add . -- ':!${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }}' - git commit -m "[Automated] Update version in package.py for develop" - - - name: 🔏 Push to protected ${{ github.ref_name }} branch - uses: CasperWA/push-protected@v2.16.0 - with: - token: ${{ env.GH_TOKEN }} - branch: ${{ github.ref_name }} - tags: false - unprotect_reviews: false + uses: ynput/ops-repo-automation/.github/workflows/update_branch.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + checkout_branch: ${{ github.ref_name }} + update_from_branch: ${{ vars.MAIN_BRANCH }} + next_version: "${{ needs.increment-version.outputs.next-version }}" + secrets: + gh_token: ${{ secrets.token }} + gh_user: ${{ secrets.user }} + gh_email: ${{ secrets.email }} create-release: runs-on: ubuntu-latest needs: + - validate-pr-information - build-from-main - increment-version - # TODO remove obsolete env var env: NEXT_VERSION: "${{ needs.increment-version.outputs.next-version }}" - RELEASE_COMMIT: "${{ needs.build-from-main.outputs.latest_commit }}" - CHANGELOG: "${{ needs.increment-version.outputs.changelog }}" + CHANGELOG: "${{ needs.validate-pr-information.outputs.changelog }}" steps: - name: 🔽 Download zip artifacts @@ -385,30 +184,16 @@ jobs: verify-release: - runs-on: ubuntu-latest needs: - create-release - increment-version - env: - NEXT_VERSION: "${{ needs.increment-version.outputs.next-version }}" - steps: - - name: Fetch Latest Release Draft - id: fetch-latest-release-draft - run: | - current_release_name="$(gh release list --repo ${{ github.repository }} --json isDraft,name,createdAt --jq '[.[] | select(.isDraft == ${{ env.DRAFT }})] | sort_by(.createdAt) | reverse | .[0].name')" - echo "current_release_name=$current_release_name" >> $GITHUB_OUTPUT - # TODO streamline to use actions if check - - name: 🔍 Check Release-Draft Name - id: check-release-tag - env: - latest_release_draft: ${{ steps.fetch-latest-release-draft.outputs.current_release_name }} - # TODO notification should show if it was a draft or is a release already - run: | - if [ "${{ env.NEXT_VERSION }}" == "${{ env.latest_release_draft }}" ]; then - echo "::notice::Success, release-draft found with the expected name ${{ env.NEXT_VERSION }}." - exit 0 - fi + uses: ynput/ops-repo-automation/.github/workflows/verify_created_release.yml@refactor-release-workflow-structure + with: + repo: ${{ github.repository }} + expected_release_name: ${{ needs.increment-version.outputs.next-version }} + draft_release: ${{ inputs.draft }} + secrets: + gh_token: ${{ secrets.token }} - echo "::error::Expected tag ${{ env.NEXT_VERSION }}, but found ${{ env.latest_release_draft }}." - exit 1 + # TODO verify tag position diff --git a/.github/workflows/reset_test_repo.yml b/.github/workflows/reset_test_repo.yml index eb27afa..f31a853 100644 --- a/.github/workflows/reset_test_repo.yml +++ b/.github/workflows/reset_test_repo.yml @@ -99,18 +99,19 @@ jobs: - name: Set repo variables run: | - gh variable set PATCH_BUMP_LABEL --body "bugfix" --repo ${{ env.TARGET_REPO }} - gh variable set MINOR_BUMP_LABEL --body "feature, enhancement" --repo ${{ env.TARGET_REPO }} + gh variable set PATCH_BUMP_LABEL --body "type: bugfix" --repo ${{ env.TARGET_REPO }} + gh variable set MINOR_BUMP_LABEL --body "type: feature, type: enhancement" --repo ${{ env.TARGET_REPO }} gh variable set MAIN_BRANCH --body "main" --repo ${{ env.TARGET_REPO }} gh variable set PROJECT_NAME --body ${{ env.TARGET_REPO_PROJECT_NAME }} --repo ${{ env.TARGET_REPO }} - gh variable set CHANGELOG_ORDER --body "feature(🎉),enhancement(💚),bugfix(🐛),refactor,docs,test,pr" --repo ${{ env.TARGET_REPO }} + gh variable set CHANGELOG_ORDER --body "type: feature(🎉),type: enhancement(💚),type: bugfix(🐛),refactor,docs,test,pr" --repo ${{ env.TARGET_REPO }} echo "$(gh variable list --repo ${{ env.TARGET_REPO }})" - name: Add repo labels run: | - gh label create "feature" --color "#008672" --description "New functionality which is not present so far" --repo ${{ env.TARGET_REPO }} - gh label create "bugfix" --color "#f96713" --description "Something got fixed" --repo ${{ env.TARGET_REPO }} + gh label create "type: feature" --color "#008672" --description "New functionality which is not present so far" --repo ${{ env.TARGET_REPO }} + gh label create "type: enhancement" --color "#b9f29d" --description "Something got fixed" --repo ${{ env.TARGET_REPO }} + gh label create "type: bugfix" --color "#f96713" --description "Something got fixed" --repo ${{ env.TARGET_REPO }} echo "$(gh label list --repo ${{ env.TARGET_REPO }})" @@ -141,9 +142,9 @@ jobs: git push origin ${{ env.DEFAULT_BRANCH }} - name: Add initial-release workflow - # TODO change develop to main + # TODO change branch to main run: | - curl -O https://raw.githubusercontent.com/${{ github.repository }}/develop/caller_workflows/addon_repo_initial_release.yml + curl -O https://raw.githubusercontent.com/${{ github.repository }}/refactor-release-workflow-structure/caller_workflows/addon_repo_initial_release.yml mv addon_repo_initial_release.yml ./.github/workflows/initial_release.yml @@ -156,7 +157,7 @@ jobs: - name: Add release workflow run: | - curl -O https://raw.githubusercontent.com/${{ github.repository }}/develop/caller_workflows/addon_repo_release_trigger.yml + curl -O https://raw.githubusercontent.com/${{ github.repository }}/refactor-release-workflow-structure/caller_workflows/addon_repo_release_trigger.yml mv addon_repo_release_trigger.yml ./.github/workflows/release_trigger.yml @@ -266,7 +267,7 @@ jobs: steps: - name: Create GitHub Release run: | - gh workflow run initial_release.yml --repo ${{ env.TARGET_REPO }} + gh workflow run initial_release.yml --repo ${{ env.TARGET_REPO }} --field draft=false - name: Poll for Draft Release # TODO check if draft release creation emmits a signal or something to avoid this kind of pulling @@ -285,11 +286,6 @@ jobs: fi done - - name: Publish Release - if: steps.poll-release.outputs.release_tag - run: | - gh release edit ${{ steps.poll-release.outputs.release_tag }} --draft=false --repo ${{ env.TARGET_REPO }} - create-dummy-prs: runs-on: ubuntu-latest @@ -327,6 +323,24 @@ jobs: n/a + ## Testing notes: + + 1. Launch Blender + 2. Create Render Instance + 3. Publish + 4. If validate render output for deadline errors out, make sure you perform repair action + 5. Publish + 6. It should be rendered successfully. + ## Changelog Description + Add temp directory for deadline submission so that it would not error out during deadline submission. + Continuity of https://github.com/ynput/ayon-blender/pull/17 + *Support different system platform + + + ## Additional info + n/a + + ## Testing notes: 1. Launch Blender @@ -336,7 +350,7 @@ jobs: 5. Publish 6. It should be rendered successfully. " - gh pr create --base ${{ env.DEFAULT_BRANCH }} --head test_feature01 --title "Add date file" --body "$pr_body" --label "bugfix" --assignee "${{ github.actor }}" + gh pr create --base ${{ env.DEFAULT_BRANCH }} --head test_feature01 --title "Add date file" --body "$pr_body" --label "type: bugfix" --assignee "${{ github.actor }}" - name: Create second feature branch run: | @@ -365,7 +379,22 @@ jobs: ## Testing notes: + 1. Loading of the USD data should work as intended into Maya USD Proxy Shapes. + 2. Managing (updating) and removal via scene inventory should also do what is expected. + ## Changelog Description + + + - Prototype loading of USD references into a Maya USD proxy while keeping it managed by the pipeline + - Prototype loading of Maya references into a Maya USD proxy while keeping it managed by the pipeline + + ## Additional info + + + Separated from #2 + + ## Testing notes: + 1. Loading of the USD data should work as intended into Maya USD Proxy Shapes. 2. Managing (updating) and removal via scene inventory should also do what is expected. " - gh pr create --base ${{ env.DEFAULT_BRANCH }} --head test_feature02 --title "Add mem file" --body "$pr_body" --label "enhancement" --assignee "${{ github.actor }}" + gh pr create --base ${{ env.DEFAULT_BRANCH }} --head test_feature02 --title "Add mem file" --body "$pr_body" --label "type: enhancement" --assignee "${{ github.actor }}" diff --git a/.github/workflows/update_branch.yml b/.github/workflows/update_branch.yml new file mode 100644 index 0000000..fa2c32a --- /dev/null +++ b/.github/workflows/update_branch.yml @@ -0,0 +1,78 @@ +name: Update Branch + +on: + workflow_call: + inputs: + repo: + type: string + required: true + checkout_branch: + type: string + required: true + update_from_branch: + type: string + required: true + next_version: + type: string + required: true + secrets: + gh_token: + required: true + gh_user: + required: true + gh_email: + required: true + +env: + GH_TOKEN: ${{ secrets.gh_token }} + OUTPUT_DIR: "artifact" + NEXT_PACKAGE_VERSION: "${{ inputs.next_version }}+dev" + +jobs: + update-branch: + runs-on: ubuntu-latest + + steps: + - name: ⬇️ Checkout ${{ inputs.checkout_branch }} + uses: actions/checkout@v4 + with: + ref: ${{ inputs.checkout_branch }} + + - name: 🔀 Merge ${{ inputs.update_from_branch }} -> ${{ inputs.checkout_branch }} + run: | + git pull origin ${{ inputs.update_from_branch }} + git merge --no-ff origin/${{ inputs.update_from_branch }} -m "[Automated] Merged ${{ inputs.update_from_branch }} -> ${{ inputs.checkout_branch }}" + + - name: Read version from package.py + id: package-version + run: | + version=$(sed -n 's/^version *= *"\(.*\)"/\1/p' package.py) + echo "version=$version" >> $GITHUB_OUTPUT + + - name: Update package version for ${{ inputs.checkout_branch }} to ${{ env.NEXT_PACKAGE_VERSION }} + run: | + sed -i "s/^version = \".*\"/version = \"${{ env.NEXT_PACKAGE_VERSION }}\"/" package.py + + - name: Create artifacts + id: create-artifact + run: | + python create_package.py --output ${{ env.OUTPUT_DIR }} + + - name: 🔑 Set Bot Authentication + run: | + git config --global user.name "${{ secrets.gh_user }}" + git config --global user.email "${{ secrets.gh_email }}" + + - name: Commit generated files + if: ${{ steps.package-version.outputs.version != env.NEXT_PACKAGE_VERSION }} + run: | + git add . -- ':!${{ env.OUTPUT_DIR }}/${{ steps.create-artifact.outputs.file_name }}' + git commit -m "[Automated] Update version in package.py for develop" + + - name: 🔏 Push to protected ${{ github.ref_name }} branch + uses: CasperWA/push-protected@v2.16.0 + with: + token: ${{ env.GH_TOKEN }} + branch: ${{ github.ref_name }} + tags: false + unprotect_reviews: false \ No newline at end of file diff --git a/.github/workflows/verify_created_release.yml b/.github/workflows/verify_created_release.yml new file mode 100644 index 0000000..02c6b88 --- /dev/null +++ b/.github/workflows/verify_created_release.yml @@ -0,0 +1,44 @@ +name: verify created release + +on: + workflow_call: + inputs: + repo: + type: string + required: true + expected_release_name: + type: string + required: true + draft_release: + type: boolean + required: true + + secrets: + gh_token: + required: true + +env: + GH_TOKEN: ${{ secrets.gh_token }} + +jobs: + verify-created-release: + runs-on: ubuntu-latest + + steps: + - name: Fetch Latest Release + id: fetch-latest-release + run: | + current_release_name="$(gh release list --repo ${{ inputs.repo }} --json isDraft,name,createdAt --jq '[.[] | select(.isDraft == ${{ inputs.draft_release }})] | sort_by(.createdAt) | reverse | .[0].name')" + echo "current_release_name=$current_release_name" >> $GITHUB_OUTPUT + + - name: Verify Release Name + env: + latest_release: ${{ steps.fetch-latest-release.outputs.current_release_name }} + run: | + if [ "${{ inputs.expected_release_name }}" == "${{ env.latest_release }}" ]; then + echo "::notice::Success, release$( [ '${{ inputs.draft_release }}' = 'true' ] && echo '-draft' ) found with the expected name ${{ inputs.expected_release_name }}." + exit 0 + fi + + echo "::error::Expected tag ${{ inputs.expected_release_name }}, but found ${{ env.latest_release }}." + exit 1 \ No newline at end of file diff --git a/.github/workflows/verify_latest_release.yml b/.github/workflows/verify_latest_release.yml new file mode 100644 index 0000000..74b5345 --- /dev/null +++ b/.github/workflows/verify_latest_release.yml @@ -0,0 +1,108 @@ +name: verify latest release + +on: + workflow_call: + inputs: + repo: + type: string + required: false + expect_release: + type: boolean + required: false + + secrets: + gh_token: + required: true + + + + outputs: + id: + description: Release ID + value: ${{ jobs.verify-release.outputs.id }} + name: + description: Release name + value: ${{ jobs.verify-release.outputs.name }} + tag: + description: Release ID + value: ${{ jobs.verify-release.outputs.tag }} + date_created: + description: Release name + value: ${{ jobs.verify-release.outputs.date_created }} + date_published: + description: Release ID + value: ${{ jobs.verify-release.outputs.date_published }} + draft: + description: Release name + value: ${{ jobs.verify-release.outputs.draft }} + pre_release: + description: Release name + value: ${{ jobs.verify-release.outputs.pre_release }} + +env: + GH_REPO : ${{ inputs.repo || github.repository }} + GH_TOKEN: ${{ secrets.gh_token }} + +jobs: + verify-release: + + runs-on: ubuntu-latest + + outputs: + id: ${{ steps.latest-release.outputs.id }} + name: ${{ steps.latest-release.outputs.name }} + tag: ${{ steps.latest-release.outputs.tag }} + date_created: ${{ steps.latest-release.outputs.date_created }} + date_published: ${{ steps.latest-release.outputs.date_published }} + draft: ${{ steps.latest-release.outputs.draft }} + pre_release: ${{ steps.latest-release.outputs.pre_release}} + + steps: + - name: Get latest release + id: latest-release + run: | + declare -A release_option_map=( + ["id"]="id" + ["createdAt"]="date_created" + ["publishedAt"]="date_published" + ["tagName"]="tag" + ["name"]="name" + ["isDraft"]="draft" + ["isPrerelease"]="pre_release" + ) + + key_list=$(IFS=,; echo "${!release_option_map[*]}") + release=$(gh release view --repo ${{ env.GH_REPO }} --json $key_list || true) + + for key in "${!release_option_map[@]}"; do + value=$(echo "$release" | jq -r ".$key") + echo "${release_option_map[$key]}=$value" >> $GITHUB_OUTPUT + done + + - name: Show release data + run: | + echo "Release ID: ${{ steps.latest-release.outputs.id }}" + echo "Release Name: ${{ steps.latest-release.outputs.name }}" + echo "Tag Name: ${{ steps.latest-release.outputs.tag }}" + echo "Date Created: ${{ steps.latest-release.outputs.date_created }}" + echo "Date Published: ${{ steps.latest-release.outputs.date_published }}" + echo "Draft Status: ${{ steps.latest-release.outputs.draft }}" + echo "Pre-release Status: ${{ steps.latest-release.outputs.pre_release }}" + + - name: Test non-existing release + if: ${{ steps.latest-release.outputs.date_published && !inputs.expect_release }} + run: | + echo "::error::Release already exists, but wasn't expected for ${{ inputs.repo }}. - Please use the release-trigger workflow instead" + exit 1 + + - name: Test existing release + if: ${{ !steps.latest-release.outputs.date_published && inputs.expect_release }} + run: | + echo "::error::No release found, but was expected for ${{ inputs.repo }}. - Please use the initial-release workflow instead" + exit 1 + + - name: Test release drafts + if: ${{ inputs.expect_release && fromJson(steps.latest-release.outputs.draft) }} + run: | + echo "::warning::Release draft already present: ${{ steps.latest-release.outputs.name }}" + exit 0 diff --git a/.github/workflows/verify_pr_data.yml b/.github/workflows/verify_pr_data.yml new file mode 100644 index 0000000..1df22f3 --- /dev/null +++ b/.github/workflows/verify_pr_data.yml @@ -0,0 +1,80 @@ +name: Validate pr information + +on: + workflow_call: + inputs: + repo: + type: string + required: false + latest_release: + type: string + required: true + changelog_order: + type: string + required: true + + secrets: + gh_token: + required: true + + outputs: + label-list: + description: List of unique labels + value: ${{ jobs.validate-pr-information.outputs.label-list }} + bump-increment: + description: Calcualted bump increment based on pr labels + value: ${{ jobs.validate-pr-information.outputs.bump-increment }} + changelog: + description: Markdown formatted changelog + value: ${{ jobs.validate-pr-information.outputs.changelog }} + +env: + GH_REPO : ${{ inputs.repo || github.repository }} + GH_TOKEN: ${{ secrets.gh_token || false }} + RELEASE_DATE: ${{inputs.latest_release }} + +jobs: + validate-pr-information: + runs-on: ubuntu-latest + + outputs: + label-list: "${{ steps.pr-query.outputs.label-list }}" + bump-increment: "${{ steps.pr-query.outputs.bump-increment }}" + changelog: "${{ steps.pr-query.outputs.changelog-markdown }}" + + steps: + - name: Query PR data + id: pr-query + uses: ynput/github-query@main + with: + repo: "${{ env.GH_REPO }}" + date: "${{ env.RELEASE_DATE }}" + query_parameters: "body,labels,title,id,number,url" + changelog_labels: "${{ inputs.changelog_order }}" + + - name: Show debug output + run: | + echo "label-list: ${{ steps.pr-query.outputs.label-list }}" + echo "bump-increment: ${{ steps.pr-query.outputs.bump-increment }}" + echo "changelog: ${{ steps.pr-query.outputs.changelog-markdown }}" + + - name: Check for existing PRs + if: ${{ !fromJson(steps.pr-query.outputs.raw-output) }} + run: | + echo "pr_list: ${{ steps.pr-query.outputs.raw-output }}" + echo "::error::No merged PRs found since last release." + exit 1 + + - name: Check for existing PR labels + if: ${{ !steps.pr-query.outputs.label-list }} + # TODO enhance output to show wich PR + run: | + echo "::error:: No PR labels found. Can't create a new release." + exit 1 + + - name: ❗ Validate labels + if: ${{ !steps.pr-query.outputs.bump-increment }} + run: | + # TODO Format using line breaks - not supported by annotations + echo "::error:: No valid versioning labels found in PRs. Only found these labels: ${{ steps.pr-query.outputs.label-list }}. Are you sure you want to create a new release?" + exit 1 diff --git a/.github/workflows/verify_secrets.yml b/.github/workflows/verify_secrets.yml new file mode 100644 index 0000000..a2d5752 --- /dev/null +++ b/.github/workflows/verify_secrets.yml @@ -0,0 +1,51 @@ +name: Verify repository secrets + +on: + workflow_call: + inputs: + repo: + type: string + required: false + + secrets: + gh_token: + required: true + gh_user: + required: true + gh_email: + required: true + +env: + GH_REPO : ${{ inputs.repo || github.repository }} + GH_TOKEN: ${{ secrets.gh_token || false }} + GH_USER: ${{ secrets.gh_user || false }} + GH_EMAIL: ${{ secrets.gh_mail || false }} + +jobs: + verify_secrets: + + runs-on: ubuntu-latest + + # TODO include orgnaistion secrets - needs actions [secrets fine-grained permission](https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28) + # TODO only check if no inputs provided + + steps: + - name: Verify secret 'GH_TOKEN' for ${{ env.GH_REPO }} + if: ${{ !env.GH_TOKEN }} + run: | + echo "::error::Secret 'GH_TOKEN' is not set or empty" + + - name: Verify secret 'GH_USER' for ${{ env.GH_REPO }} + if: ${{ !env.GH_USER }} + run: | + echo "::error::Secret 'GH_USER' is not set or empty" + + - name: Verify secret 'GH_EMAIL' for ${{ env.GH_REPO }} + if: ${{ !env.GH_EMAIL }} + run: | + echo "::error::Secret 'GH_EMAIL' is not set or empty" + + - name: Secrets verified + if: ${{ env.GH_TOKEN && env.GH_USER && env.GH_EMAIL }} + run: | + echo "::notice::All required secrets are present." diff --git a/.github/workflows/verify_variables.yml b/.github/workflows/verify_variables.yml new file mode 100644 index 0000000..51ca46d --- /dev/null +++ b/.github/workflows/verify_variables.yml @@ -0,0 +1,39 @@ +name: Verify repository variables + +on: + workflow_call: + inputs: + variables: + description: Repository variables as comma separated string without spaces + type: string + required: true + repo: + type: string + required: false + + secrets: + gh_token: + required: true + +env: + REPO_VARS: ${{ inputs.variables || false }} + GH_REPO : ${{ inputs.repo || github.repository }} + GH_TOKEN: ${{ secrets.gh_token }} + +jobs: + verify_variables: + runs-on: ubuntu-latest + + steps: + - name: Verify repo variables for ${{ env.GH_REPO }} + run: | + missing_vars=$(echo ${{ env.REPO_VARS }} | tr ',' '\n' | while read var; do + gh variable list --repo ${{ env.GH_REPO }} --json name --jq '.[].name' | grep -qx "$var" || echo "$var" + done) + + if [ -n "$missing_vars" ]; then + echo "::error::The following required variables are missing: $missing_vars for repository ${{ env.GH_REPO }}" + exit 1 + else + echo "::notice::All required variables are present." + fi diff --git a/NOTES.md b/NOTES.md new file mode 100644 index 0000000..22f1426 --- /dev/null +++ b/NOTES.md @@ -0,0 +1,9 @@ +## Known issue for [testing environment](https://github.com/ynput/ayon-addon-action-testing) + +* package.py wont create any additional files in this repo +* Therefore no changes happen in this step and no commit +* Version tag gets set one commit behind + +## Testing notes + +* Add tag to hash verification to release workflow diff --git a/caller_workflows/addon_repo_initial_release.yml b/caller_workflows/addon_repo_initial_release.yml index 1e225bb..849b4f1 100644 --- a/caller_workflows/addon_repo_initial_release.yml +++ b/caller_workflows/addon_repo_initial_release.yml @@ -14,6 +14,7 @@ jobs: uses: ynput/ops-repo-automation/.github/workflows/initial_release.yml@develop with: draft: ${{ inputs.draft }} + release_overwrite: "0.1.0" secrets: token: ${{ secrets.YNPUT_BOT_TOKEN }} email: ${{ secrets.CI_EMAIL }}