Skip to content

Commit

Permalink
workflow:feat - Automating the release notes (#570)
Browse files Browse the repository at this point in the history 
In this PR I'll update Release Beta, RC and Final to set automatic
body in release notes. I changed file release-new.yml to
release-final.yml and I changed file alpha.yml to release-alpha.yml

Signed-off-by: Wilian Gabriel <[email protected]>
  • Loading branch information
@wiliansilvazup
wiliansilvazup authored Mar 7, 2022
1 parent 1c0b37e commit 07dba43
Show file tree
Hide file tree
Showing 10 changed files with 138 additions and 125 deletions.
2 changes: 1 addition & 1 deletion .github/CODEOWNERS
View file
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# GitHub code owners
# See https://github.com/blog/2392-introducing-code-owners
* @wiliansilvazup @lucasbrunozup @nathanmartinszup @iancardosozup @matheusalcantarazup
* @wiliansilvazup @lucasbrunozup @nathanmartinszup @iancardosozup @matheusalcantarazup @oliveirafelipezup

4 changes: 2 additions & 2 deletions .github/workflows/e2e-pipeline.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
- name: Set up nodejs
uses: actions/setup-node@v2
with:
node-version: "12"
node-version: "14"
id: node
- uses: actions/checkout@v2
# - name: Run e2e tests
Expand All @@ -48,7 +48,7 @@ jobs:
- name: Set up nodejs
uses: actions/setup-node@v2
with:
node-version: "12"
node-version: "14"
id: node
- uses: actions/checkout@v2
# - name: Run e2e tests
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/manager-pipeline.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
- name: Set up nodejs
uses: actions/setup-node@v2
with:
node-version: "12"
node-version: "14"
id: node
- uses: actions/checkout@v2
- name: Install dependencies
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/alpha.yml → .github/workflows/release-alpha.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,18 +12,19 @@
# See the License for the specific language governing permissions and
# limitations under the License.

name: Alpha
name: release-alpha

on:
push:
branches:
- main
permissions: read-all
jobs:
Alpha:
ReleaseAlpha:
permissions:
contents: write
packages: write
issues: write
runs-on: ubuntu-latest
env:
COSIGN_KEY_LOCATION: /tmp/cosign.key
Expand Down
47 changes: 16 additions & 31 deletions .github/workflows/release-beta.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,20 +23,21 @@ on:

permissions: read-all
jobs:
beta:
ReleaseBeta:
permissions:
contents: write
packages: write
issues: write
env:
COSIGN_KEY_LOCATION: /tmp/cosign.key
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
runs-on: ubuntu-latest

if: contains('["wiliansilvazup","matheusalcantarazup","lucasbrunozup","nathanmartinszup","iancardosozup","oliveirafelipezup"]', github.actor)
steps:
- name: Set up nodejs
uses: actions/setup-node@v2
with:
node-version: 12
node-version: 14
- name: Checkout
uses: actions/checkout@v2
with:
Expand Down Expand Up @@ -69,7 +70,7 @@ jobs:
uses: crazy-max/ghaction-import-gpg@v4
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
passphrase: ${{ secrets.GPG_PASSWORD }}
git_user_signingkey: true
git_commit_gpgsign: true

Expand All @@ -91,9 +92,8 @@ jobs:
run: |
./mage -v checkoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }}
- name: Create local tag
run: |
./mage -v createLocalTag ${{ steps.updated-version.outputs.nextBetaVersion }}
- name: Create and push tag
run: ./mage -v createAndPushTag ${{ steps.updated-version.outputs.nextBetaVersion }}

- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
Expand All @@ -106,8 +106,10 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextBetaVersion }}
GORELEASER_PREVIOUS_TAG: ${{ steps.updated-version.outputs.actualBetaVersion }}

- name: Push go projects to dockerhub
if: ${{ success() }}
run: |
./mage -v dockerPushPlatformGoProjects ${{ steps.updated-version.outputs.nextBetaVersion }}
Expand All @@ -119,6 +121,7 @@ jobs:
./mage -v dockerSignPlatformGoProjects ${{ steps.updated-version.outputs.nextBetaVersion }}
- name: "Docker meta"
if: ${{ success() }}
uses: docker/metadata-action@v3
id: meta
env:
Expand All @@ -132,6 +135,7 @@ jobs:
type=semver,prefix=v,pattern={{major}},value=${{ env.RELEASE_VERSION }}
- name: "Build and push manager"
if: ${{ success() }}
uses: docker/build-push-action@v2
with:
push: true
Expand All @@ -147,28 +151,9 @@ jobs:
COSIGN_PASSWORD: ${{ secrets.COSIGN_PWD }}

- name: Push updates
run: |
./mage -v gitPushAll
if: ${{ success() }}
run: ./mage -v gitPushAll

- name: Update release
uses: meeDamian/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ steps.updated-version.outputs.nextBetaVersion }}
name: ${{ steps.updated-version.outputs.nextBetaVersion }}
draft: true
prerelease: false
commitish: ${{ github.sha }}
gzip: false
allow_override: false
body: |
## Docker images
- `docker pull horuszup/horusec-analytic:${{ steps.updated-version.outputs.nextBetaVersion }}`
- `docker pull horuszup/horusec-api:${{ steps.updated-version.outputs.nextBetaVersion }}`
- `docker pull horuszup/horusec-auth:${{ steps.updated-version.outputs.nextBetaVersion }}`
- `docker pull horuszup/horusec-core:${{ steps.updated-version.outputs.nextBetaVersion }}`
- `docker pull horuszup/horusec-manager:${{ steps.updated-version.outputs.nextBetaVersion }}`
- `docker pull horuszup/horusec-messages:${{ steps.updated-version.outputs.nextBetaVersion }}`
- `docker pull horuszup/horusec-migrations:${{ steps.updated-version.outputs.nextBetaVersion }}`
- `docker pull horuszup/horusec-vulnerability:${{ steps.updated-version.outputs.nextBetaVersion }}`
- `docker pull horuszup/horusec-webhook:${{ steps.updated-version.outputs.nextBetaVersion }}`
- name: Remove updates
if: ${{ !success() }}
run: ./mage -v removeTag ${{ steps.updated-version.outputs.nextBetaVersion }}
30 changes: 20 additions & 10 deletions .github/workflows/release.yml → .github/workflows/release-final.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.

name: release-new
name: release-final

on:
workflow_dispatch:
Expand All @@ -23,20 +23,21 @@ on:

permissions: read-all
jobs:
release:
ReleaseFinal:
permissions:
contents: write
packages: write
issues: write
env:
COSIGN_KEY_LOCATION: /tmp/cosign.key
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
runs-on: ubuntu-latest

if: contains('["wiliansilvazup","matheusalcantarazup","lucasbrunozup","nathanmartinszup","iancardosozup","oliveirafelipezup"]', github.actor)
steps:
- name: Set up nodejs
uses: actions/setup-node@v2
with:
node-version: 12
node-version: 14
- name: Checkout
uses: actions/checkout@v2
with:
Expand Down Expand Up @@ -68,7 +69,7 @@ jobs:
uses: crazy-max/ghaction-import-gpg@v4
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
passphrase: ${{ secrets.GPG_PASSWORD }}
git_user_signingkey: true
git_commit_gpgsign: true

Expand Down Expand Up @@ -101,9 +102,10 @@ jobs:
committer_name: Horusec
committer_email: [email protected]
branch: ${{ steps.updated-version.outputs.nextReleaseBranchName }}
message: "versioning:release - [skip ci] automatic commit updating versioning files"

- name: Create local tag
run: ./mage -v createLocalTag ${{ steps.updated-version.outputs.nextReleaseVersion }}
- name: Create and push tag
run: ./mage -v createAndPushTag ${{ steps.updated-version.outputs.nextReleaseVersion }}

- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
Expand All @@ -116,8 +118,10 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextReleaseVersion }}
GORELEASER_PREVIOUS_TAG: ${{ steps.updated-version.outputs.actualReleaseVersion }}

- name: "Docker meta"
if: ${{ success() }}
uses: docker/metadata-action@v3
id: meta
env:
Expand All @@ -131,6 +135,7 @@ jobs:
type=semver,prefix=v,pattern={{major}},value=${{ env.RELEASE_VERSION }}
- name: "Build and push manager"
if: ${{ success() }}
uses: docker/build-push-action@v2
with:
push: true
Expand All @@ -146,25 +151,30 @@ jobs:


- name: Push updates
run: |
./mage -v gitPushAll
if: ${{ success() }}
run: ./mage -v gitPushAll

- name: Remove updates
if: ${{ !success() }}
run: ./mage -v removeTag ${{ steps.updated-version.outputs.nextReleaseVersion }}
# This step gets the sha of last commit made, witch is the updating versioning files commit, after that creates a
# branch from the origin main and cherry pick this commit on it. This process need to occur only when the release
# workflow is started from a branch that isn't the main branch, for example a release branch.
# When the workflow it's triggered to run on main, the commit it's going to be made directly to the main branch.
- name: Cherry pick
if: ${{ success() }}
id: cherry-pick
run: |
./mage CherryPick
# This step utilizes an action to create a pull request with the branch that was cherry picked on the last step
# into the main branch. As the last commit, this also needs to run only when the release workflow is started from a
# branch that isn't the main branch. Others workflows should be skipped cause of the skip ci in the pull request title.
- name: Create Pull Request
if: ${{ success() }}
uses: repo-sync/pull-request@v2
with:
source_branch: "${{ steps.cherry-pick.outputs.cherryPickBranchName }}"
destination_branch: "main"
pr_title: "versioning:release - [skip ci] automatic pull request updating versioning files"
pr_body: "This is a automatic pull request that contains changes to files that need to be updated with the new release version. Where the commit ${{ steps.cherry-pick.outputs.commitShaToPick }} was cherry picked from the release branch, which already contains all the necessary changes."
github_token: ${{ secrets.HORUSEC_PUSH_TOKEN }}

49 changes: 18 additions & 31 deletions .github/workflows/release-rc.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,20 +23,21 @@ on:

permissions: read-all
jobs:
rc:
ReleaseRC:
permissions:
contents: write
packages: write
issues: write
env:
COSIGN_KEY_LOCATION: /tmp/cosign.key
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
runs-on: ubuntu-latest

if: contains('["wiliansilvazup","matheusalcantarazup","lucasbrunozup","nathanmartinszup","iancardosozup","oliveirafelipezup"]', github.actor)
steps:
- name: Set up nodejs
uses: actions/setup-node@v2
with:
node-version: 12
node-version: 14
- name: Checkout
uses: actions/checkout@v2
with:
Expand Down Expand Up @@ -69,7 +70,7 @@ jobs:
uses: crazy-max/ghaction-import-gpg@v4
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
passphrase: ${{ secrets.GPG_PASSWORD }}
git_user_signingkey: true
git_commit_gpgsign: true

Expand All @@ -91,9 +92,8 @@ jobs:
run: |
./mage -v checkoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }}
- name: Create local tag
run: |
./mage -v createLocalTag ${{ steps.updated-version.outputs.nextRcVersion }}
- name: Create and push tag
run: ./mage -v createAndPushTag ${{ steps.updated-version.outputs.nextRcVersion }}

- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
Expand All @@ -106,19 +106,23 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextRcVersion }}
GORELEASER_PREVIOUS_TAG: ${{ steps.updated-version.outputs.actualRCVersion }}

- name: Push go projects to dockerhub
if: ${{ success() }}
run: |
./mage -v dockerPushPlatformGoProjects ${{ steps.updated-version.outputs.nextRcVersion }}
- name: Sign go projects in dockerhub
if: ${{ success() }}
env:
COSIGN_KEY: ${{secrets.COSIGN_KEY}}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PWD }}
run: |
./mage -v dockerSignPlatformGoProjects ${{ steps.updated-version.outputs.nextRcVersion }}
- name: "Docker meta"
if: ${{ success() }}
uses: docker/metadata-action@v3
id: meta
env:
Expand All @@ -132,6 +136,7 @@ jobs:
type=semver,prefix=v,pattern={{major}},value=${{ env.RELEASE_VERSION }}
- name: "Build and push manager"
if: ${{ success() }}
uses: docker/build-push-action@v2
with:
push: true
Expand All @@ -141,34 +146,16 @@ jobs:
labels: ${{ steps.meta.outputs.labels }}

- name: Sign image
if: ${{ success() }}
run: |
cosign sign -key $COSIGN_KEY_LOCATION horuszup/horusec-manager:${{ steps.updated-version.outputs.nextRcVersion }}
env:
COSIGN_PASSWORD: ${{ secrets.COSIGN_PWD }}

- name: Push updates
run: |
./mage -v gitPushAll
if: ${{ success() }}
run: ./mage -v gitPushAll

- name: Update release
uses: meeDamian/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ steps.updated-version.outputs.nextRcVersion }}
name: ${{ steps.updated-version.outputs.nextRcVersion }}
draft: true
prerelease: false
commitish: ${{ github.sha }}
gzip: false
allow_override: false
body: |
## Docker images
- `docker pull horuszup/horusec-analytic:${{ steps.updated-version.outputs.nextRcVersion }}`
- `docker pull horuszup/horusec-api:${{ steps.updated-version.outputs.nextRcVersion }}`
- `docker pull horuszup/horusec-auth:${{ steps.updated-version.outputs.nextRcVersion }}`
- `docker pull horuszup/horusec-core:${{ steps.updated-version.outputs.nextRcVersion }}`
- `docker pull horuszup/horusec-manager:${{ steps.updated-version.outputs.nextRcVersion }}`
- `docker pull horuszup/horusec-messages:${{ steps.updated-version.outputs.nextRcVersion }}`
- `docker pull horuszup/horusec-migrations:${{ steps.updated-version.outputs.nextRcVersion }}`
- `docker pull horuszup/horusec-vulnerability:${{ steps.updated-version.outputs.nextRcVersion }}`
- `docker pull horuszup/horusec-webhook:${{ steps.updated-version.outputs.nextRcVersion }}`
- name: Remove updates
if: ${{ !success() }}
run: ./mage -v removeTag ${{ steps.updated-version.outputs.nextRCVersion }}
Loading

0 comments on commit 07dba43

Please sign in to comment.