diff --git a/.github/actions/release/create-draft-release/action.yml b/.github/actions/release/create-draft-release/action.yml index 4653e3459..fe69ff2fe 100644 --- a/.github/actions/release/create-draft-release/action.yml +++ b/.github/actions/release/create-draft-release/action.yml @@ -79,6 +79,7 @@ runs: if: ${{ steps.check_release.outputs.release_exists == 'false' }} run: | tag="${{ inputs.tag }}" + release_name="${tag}-rc" release_body="### Pre-release candidate for version $tag\n\n" release_body+="This is a draft pre-release candidate for release $tag that is undergoing testing. The current testing status is:\n\n" release_body+="- [x] Local environment\n" @@ -87,7 +88,7 @@ runs: release_body+="Please note: this release is not yet fully verified and is pending further testing.\n" release_response=$(curl -s -X POST -H "Authorization: token ${{ env.GITHUB_TOKEN }}" \ - -d '{"tag_name": "'$tag'", "name": "'$tag'", "body": "'"$release_body"'", "draft": true, "generate_release_notes": true, "prerelease": true}' \ + -d '{"tag_name": "'$tag'", "name": "'$release_name'", "body": "'"$release_body"'", "draft": true, "generate_release_notes": true, "prerelease": true}' \ "https://api.github.com/repos/${{ github.repository }}/releases") echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV echo "::set-output name=release_id::$(echo $release_response | jq -r .id)" diff --git a/.github/actions/release/publish-draft-release/action.yml b/.github/actions/release/publish-draft-release/action.yml index fa883b122..dfef14ad2 100644 --- a/.github/actions/release/publish-draft-release/action.yml +++ b/.github/actions/release/publish-draft-release/action.yml @@ -23,9 +23,7 @@ runs: tag="${{ inputs.tag }}" release_response=$(curl -s -H "Authorization: token ${{ env.GITHUB_TOKEN }}" \ "https://api.github.com/repos/${{ github.repository }}/releases?per_page=100") - release_id=$(echo "$release_response" | jq -r '.[] | select(.tag_name=="'"$tag"'") | .id') - if [ -z "$release_id" ] || [ "$release_id" == "null" ]; then echo "release_exists=false" >> "$GITHUB_OUTPUT" echo "release_id=" >> "$GITHUB_OUTPUT" @@ -40,45 +38,27 @@ runs: set -e if [[ "${{ steps.check_release.outputs.release_exists }}" == "true" ]]; then release_id="${{ steps.check_release.outputs.release_id }}" - - # Set draft to false + release_data=$(curl -s -H "Authorization: token ${{ env.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/${{ github.repository }}/releases/$release_id") + current_body=$(echo "$release_data" | jq -r .body) + updated_body=$(echo "$current_body" | \ + sed 's/- \[ \] Staging preview environment/- [x] Staging preview environment/g' | \ + sed 's/This is a draft pre-release candidate/This is a pre-release candidate/g') + json_data=$(jq -n \ + --arg name "$tag" \ + --arg body "$updated_body" \ + '{"draft": false, "name": $name, "body": $body}') response=$(curl -s -X PATCH -H "Authorization: token ${{ env.GITHUB_TOKEN }}" \ - -d '{"draft": false}' \ + -d "$json_data" \ "https://api.github.com/repos/${{ github.repository }}/releases/$release_id") - echo "Response: $response" - - # Verify the release was updated if echo "$response" | jq -e '.id' >/dev/null; then echo "Release updated successfully" else echo "Failed to update release" exit 1 fi - - # Extract the current release body - current_body=$(echo "$response" | jq -r .body) - - # Perform the desired replacements - updated_body=$(echo "$current_body" | \ - sed 's/- \[ \] Staging preview environment/- [x] Staging preview environment/g' | \ - sed 's/This is a draft pre-release/This is a pre-release/g') - - # Update the release body with the modified content - updated_response=$(curl -s -X PATCH -H "Authorization: token ${{ env.GITHUB_TOKEN }}" \ - -d '{"body": "'"$updated_body"'"}' \ - "https://api.github.com/repos/${{ github.repository }}/releases/$release_id") - - echo "Body Update Response: $updated_response" - - # Verify the release body was updated - if echo "$updated_response" | jq -e '.body' >/dev/null; then - echo "Release body updated successfully" - else - echo "Failed to update release body" - exit 1 - fi else echo "Release does not exist, skipping publish step." fi - shell: bash \ No newline at end of file + shell: bash diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 09dc3c1b9..69daa7ac1 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -420,25 +420,28 @@ jobs: threads: 1 publish: - if: ${{ github.event.inputs.no-release != 'true' && (github.event.inputs.no-tests == 'true' || needs.run-all-tests-on-n2-epoch.result == 'success') }} - permissions: - id-token: write - contents: write - packages: write + if: ${{ always() && github.event.inputs.no-release != 'true' && (github.event.inputs.no-tests == 'true' || needs.run-all-tests-on-n2-epoch.result == 'success') }} + runs-on: ubuntu-latest needs: - build-linux - build-macos-x86_64 - build-macos-arm64 - run-all-tests-on-n2-epoch - runs-on: ubuntu-latest steps: - - name: Trigger Publish Workflow + - name: Trigger Publish Workflow via Repository Dispatch run: | curl -X POST \ - -H "Authorization: token ${{ secrets.ACTIONS_PAT }}" \ + -H "Authorization: token ${{ secrets.ACTIONS_PUBLISH_PAT }}" \ -H "Accept: application/vnd.github.v3+json" \ - https://api.github.com/repos/${{ github.repository }}/actions/workflows/publish.yml/dispatches \ - -d '{"ref": "main", "inputs": {"sha": "${{ github.sha }}", "tag": "${{ github.ref }}"}}' + https://api.github.com/repos/${{ github.repository }}/dispatches \ + -d '{ + "event_type": "publish", + "client_payload": { + "sha": "${{ github.sha }}", + "tag": "${{ inputs.tag }}", + "skip_release": "${{ github.event.inputs.no-release }}" + } + }' # deploy-staging-preprod: # if: ${{ github.event.inputs.no-deploy != 'true' }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 70699d5c0..f52fd5f95 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,48 +1,42 @@ -name: Publish the draft release created by cd.yml, and upload GHCR image +name: Publish the Draft Release on: - workflow_dispatch: - inputs: - sha: - description: 'The SHA of the commit to build' - required: true - type: string - tag: - description: 'The tag for the release' - required: true - type: string + repository_dispatch: + types: [publish] + +permissions: + id-token: write + contents: write + packages: write jobs: build-and-publish-ghcr: - permissions: - id-token: write - contents: write - packages: write + if: ${{ github.event.client_payload.skip_release != 'true' }} runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 + - name: Build and Publish to GHCR uses: ./.github/actions/images/build-and-publish-ghcr with: - sha: ${{ inputs.sha }} - tag: ${{ inputs.tag }} + sha: ${{ github.event.client_payload.sha }} + tag: ${{ github.event.client_payload.tag }} env: GITHUB_ACTOR: ${{ github.actor }} - GITHUB_TOKEN: ${{ github.token }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} publish-release: - permissions: - id-token: write - contents: write - packages: write + if: ${{ github.event.client_payload.skip_release != 'true' }} + needs: build-and-publish-ghcr runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 + - name: Publish Release uses: ./.github/actions/release/publish-draft-release with: - tag: ${{ inputs.tag }} + tag: ${{ github.event.client_payload.tag }} env: - GITHUB_TOKEN: ${{ github.token }} \ No newline at end of file + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}