From 43aab70250f0546795fe528fc4687a7228d05d1f Mon Sep 17 00:00:00 2001 From: Patrick Poetz Date: Tue, 29 Oct 2024 10:43:29 +0100 Subject: [PATCH] ci: Introduce Auto-Releases --- .github/config/.release-please-manifest.json | 3 ++ .github/config/release-please-config.json | 40 ++++++++++++++++++++ .github/workflows/automerge.yml | 31 +++++++++++++++ .github/workflows/release.yml | 32 ++++++++++++++++ 4 files changed, 106 insertions(+) create mode 100644 .github/config/.release-please-manifest.json create mode 100644 .github/config/release-please-config.json create mode 100644 .github/workflows/automerge.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/config/.release-please-manifest.json b/.github/config/.release-please-manifest.json new file mode 100644 index 0000000..a397c09 --- /dev/null +++ b/.github/config/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "3.21.0" +} diff --git a/.github/config/release-please-config.json b/.github/config/release-please-config.json new file mode 100644 index 0000000..106bca7 --- /dev/null +++ b/.github/config/release-please-config.json @@ -0,0 +1,40 @@ +{ + "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json", + "changelog-sections": [ + { + "type": "chore", + "section": "Miscellaneous" + }, + { + "type": "ci", + "section": "CI/CD" + }, + { + "type": "deps", + "section": "Dependency Upgrades" + }, + { + "type": "docs", + "section": "Documentation" + }, + { + "type": "feat", + "section": "Features" + }, + { + "type": "fix", + "section": "Bugfixes" + }, + { + "type": "refactor", + "section": "Refactoring" + } + ], + "changelog-type": "github", + "extra-label": "automerge", + "include-v-in-tag": false, + "packages": { + ".": {} + }, + "release-type": "simple" +} diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 0000000..609d1f1 --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,31 @@ +name: Automerge Release-Please PRs + +on: + schedule: + - cron: '50 4 * * 1' # runs every Monday at 04:50 UTC + +jobs: + auto-merge: + runs-on: ubuntu-latest + steps: + - name: Import Secrets + id: vault-secrets + uses: hashicorp/vault-action@v3.0.0 + with: + url: ${{ secrets.VAULT_ADDR }} + method: approle + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID}} + secrets: | + secret/data/products/infra/ci/infra-releases RELEASES_APP_ID; + secret/data/products/infra/ci/infra-releases RELEASES_APP_KEY; + - name: Generate a GitHub token for infra-rerun camunda/infra-global-github-actions + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ steps.vault-secrets.outputs.RELEASES_APP_ID }} + private-key: ${{ steps.vault-secrets.outputs.RELEASES_APP_KEY }} + - name: Automerge Release-Please PR + uses: camunda/infra-global-github-actions/teams/infra/pull-request/automerge@main + with: + github-token: ${{ steps.app-token.outputs.token }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..4e1a630 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,32 @@ +name: Handle Release PRs + +on: + push: + branches: + - master + +jobs: + release-please: + runs-on: ubuntu-latest + steps: + - name: Import Secrets + id: vault-secrets + uses: hashicorp/vault-action@v3.0.0 + with: + url: ${{ secrets.VAULT_ADDR }} + method: approle + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID}} + secrets: | + secret/data/products/infra/ci/infra-releases RELEASES_APP_ID; + secret/data/products/infra/ci/infra-releases RELEASES_APP_KEY; + - name: Generate a GitHub token for infra-rerun camunda/infra-global-github-actions + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ steps.vault-secrets.outputs.RELEASES_APP_ID }} + private-key: ${{ steps.vault-secrets.outputs.RELEASES_APP_KEY }} + - name: Handle Release Creation + uses: camunda/infra-global-github-actions/teams/infra/pull-request/release@main + with: + github-token: ${{ steps.app-token.outputs.token }}