-
Notifications
You must be signed in to change notification settings - Fork 528
107 lines (94 loc) · 3.59 KB
/
run-patch-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
---
name: run-patch-release
on:
workflow_dispatch:
inputs:
version:
description: 'The current version to be released, normally the `FF version` (semver format: major.minor.patch)'
required: true
type: string
# Avoid concurrency so we can watch the releases correctly
concurrency:
group: ${{ github.workflow }}
permissions:
contents: read
env:
JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
SLACK_CHANNEL: "#apm-server"
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
release-branch: ${{ steps.prepare.outputs.release-branch }}
release-type: ${{ steps.prepare.outputs.release-type }}
release-version: ${{ steps.prepare.outputs.release-version }}
slack-thread: ${{ steps.prepare.outputs.slack-thread }}
steps:
- uses: actions/checkout@v4
- id: prepare
uses: ./.github/workflows/prepare-release
with:
slack-bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
version: ${{ inputs.version }}
type: 'patch'
run-patch:
runs-on: ubuntu-latest
needs: [ prepare ]
env:
RELEASE_BRANCH: ${{ needs.prepare.outputs.release-branch }}
RELEASE_TYPE: ${{ needs.prepare.outputs.release-type }}
RELEASE_VERSION: ${{ needs.prepare.outputs.release-version }}
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
# 0 indicates all history for all branches and tags.
fetch-depth: 0
# Use the makefile in the given release branch.
ref: ${{ env.RELEASE_BRANCH }}
- name: Get token
id: get_token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
with:
app_id: ${{ secrets.OBS_AUTOMATION_APP_ID }}
private_key: ${{ secrets.OBS_AUTOMATION_APP_PEM }}
permissions: >-
{
"contents": "write",
"pull_requests": "write"
}
# Required to use a service account, otherwise PRs created by
# GitHub bot won't trigger any CI builds.
# See https://github.com/peter-evans/create-pull-request/issues/48#issuecomment-537478081
- name: Configure git user
uses: elastic/oblt-actions/git/setup@v1
with:
github-token: ${{ steps.get_token.outputs.token }}
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
with:
gpg_private_key: ${{ secrets.APM_SERVER_RELEASE_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.APM_SERVER_RELEASE_PASSPHRASE }}
git_user_signingkey: true
git_commit_gpgsign: true
- run: make patch-release
env:
GH_TOKEN: ${{ steps.get_token.outputs.token }}
- if: success()
uses: elastic/oblt-actions/slack/send@v1
with:
bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
channel-id: ${{ env.SLACK_CHANNEL }}
message: |-
Feature freeze for `${{ github.repository }}@${{ env.RELEASE_VERSION }}` is Today.
All the relevant PRs and issues have been created.
thread-timestamp: ${{ needs.prepare.outputs.slack-thread || '' }}
- if: failure()
uses: elastic/oblt-actions/slack/send@v1
with:
bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
channel-id: ${{ env.SLACK_CHANNEL }}
message: |-
:fire: Something went wrong with the patch release. See <${{ env.JOB_URL }}|logs>.
thread-timestamp: ${{ needs.prepare.outputs.slack-thread || '' }}