From 6535b15d7c731640fee8e8c694c50b6346391565 Mon Sep 17 00:00:00 2001 From: Matt Krick Date: Tue, 9 Jan 2024 13:40:41 -0800 Subject: [PATCH 1/2] fix: add pr write permission to CI Signed-off-by: Matt Krick --- .github/workflows/release-to-staging.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release-to-staging.yml b/.github/workflows/release-to-staging.yml index ba1903f3e51..07f33d6c50f 100644 --- a/.github/workflows/release-to-staging.yml +++ b/.github/workflows/release-to-staging.yml @@ -12,6 +12,7 @@ jobs: permissions: contents: "read" id-token: "write" + pull-requests: "write" steps: - name: Checkout uses: actions/checkout@v3 From ae6a7c13d5faa9b47fad90f8893901efd9d83cce Mon Sep 17 00:00:00 2001 From: Matt Krick Date: Tue, 9 Jan 2024 15:21:43 -0800 Subject: [PATCH 2/2] fix: release-staging handle async job creation Signed-off-by: Matt Krick --- .github/workflows/release-to-staging.yml | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release-to-staging.yml b/.github/workflows/release-to-staging.yml index 07f33d6c50f..d660a8161e9 100644 --- a/.github/workflows/release-to-staging.yml +++ b/.github/workflows/release-to-staging.yml @@ -69,20 +69,32 @@ jobs: JOBS=$(curl "https://gitlab.com/api/v4/projects/${{ vars.GITLAB_PROJECT_ID }}/pipelines/$PIPELINE_ID/jobs" \ --header 'PRIVATE-TOKEN: ${{ secrets.GITLAB_API_TOKEN }}') JOB_ID=$(echo $JOBS | jq '.[] | select(.name == "${{ env.STAGING_JOB }}")' | jq .id) - curl "https://gitlab.com/api/v4/projects/${{ vars.GITLAB_PROJECT_ID }}/jobs/$JOB_ID/play" \ - --request POST \ - --header 'PRIVATE-TOKEN: ${{ secrets.GITLAB_API_TOKEN }}' PROD_JOB_ID=$(echo $JOBS | jq '.[] | select(.name == "${{ env.PRODUCTION_JOB}}")' | jq .id) echo "JOB_ID=${JOB_ID}" >> $GITHUB_ENV echo "PROD_JOB_ID=${PROD_JOB_ID}" >> $GITHUB_ENV + - name: Push to staging + uses: nick-fields/retry@v2 + with: + timeout_minutes: 1 + max_attempts: 20 + retry_wait_seconds: 5 + # If the job isn't created yet, will return {"message":"400 Bad request - Unplayable Job"} + command: | + RES=$(curl "https://gitlab.com/api/v4/projects/${{ vars.GITLAB_PROJECT_ID }}/jobs/${{ env.JOB_ID }}/play" \ + --request POST \ + --header 'PRIVATE-TOKEN: ${{ secrets.GITLAB_API_TOKEN }}') + JOB_ID_DONE=$(echo $RES | jq .id) + [ -z "$JOB_ID_DONE" ] && exit 1 - name: Open PR to Push to Prod env: GH_TOKEN: ${{ github.token }} + # gh cli does not interpret \n, so we first write to a file run: | BACKLINK="Production Job Id: $PROD_JOB_ID\nStaging Job Id: $JOB_ID" TEMPLATE=$(tail -n +12 .github/ISSUE_TEMPLATE/release_test.md) CHANGES=$(perl -0777ne 'print "$1\n" and exit if m/\n##\s[^\n]*\n+(.*?\n)##?\s|$/gs;' CHANGELOG.md) - BODY="${BACKLINK}\n\n${TEMPLATE}\n\n\n${CHANGES}" + echo -e "${BACKLINK}\n\n${TEMPLATE}\n\n\n${CHANGES}" > BODY + export BODY=$(cat BODY) gh pr create \ --assignee ${{ github.actor }} \ --base production \ @@ -91,7 +103,7 @@ jobs: - name: Poll Staging Release uses: artiz/poll-endpoint@1.0.2 with: - url: https://gitlab.com/api/v4/projects/${{ vars.GITLAB_PROJECT_ID }}/jobs/${{ env.JOB_ID }} + url: https://gitlab.com/api/v4/projects/${{ vars.GITLAB_PROJECT_ID }}/jobs/${{ env.JOB_ID }}?access_token=${{ secrets.GITLAB_API_TOKEN }} method: GET expect-status: 200 expect-response-regex: '"status":"success"'