NR-329534 Automate release of nri-jmx #158
Conversation
.github/workflows/prerelease.yml
Outdated
| windows_goarch_matrix: ["amd64"] # 386 not supported in jmx integrations | ||
| win_package_type: exe # JMX integrations are shipped in .exe format | ||
| publish_schema: "ohi-jmx" # ohi-jmx for integrations that bundle JMX on windows installers | ||
| NRJMX_VERSION: '2.6.0' # TODO check if we should update it to latest release version |
There was a problem hiding this comment.
2.6.0 is the latest, isn't it? Would it make sense having a custom rule to make renovate updating this dependency?
There was a problem hiding this comment.
I see v3.7.1 as the latest version in the releases tab
There was a problem hiding this comment.
That link is for this repo, nri-jmx, but it is pointing to nrjmx, isn't it? https://github.com/newrelic/nrjmx/releases (these similar names are confusing! 😅)
| go-version-file: 'go.mod' | ||
| # reusable_push_pr contains static-analysis but it does not contain the Semgrep step | ||
| # static-analysis job in reusable_push_pr cannot be disabled | ||
| # uncommenting the below leads to the following error "creating validator: parsing markdown: parsing markdown headers: unexpected additional L1 header \"2.4.7 (2021-06-10)\" found, only a single L1 header is allowed" |
There was a problem hiding this comment.
Is the error due to the changelog format or is it something else?
There was a problem hiding this comment.
Yeah it was due to the changelog format. Now we are not getting that error I made changes to the changelog.md file to fix the parsing error
| # TODO check if we can remove the below code and ignore the Semgrep step | ||
| # static-analysis: | ||
| # name: Run all static analysis checks | ||
| # runs-on: ubuntu-20.04 | ||
| # steps: | ||
| # - uses: actions/checkout@v2 | ||
| # - uses: newrelic/newrelic-infra-checkers@v1 | ||
| # - name: Semgrep | ||
| # uses: returntocorp/semgrep-action@v1 | ||
| # with: | ||
| # auditOn: push |
There was a problem hiding this comment.
It was removed from other repositories. Ex nri-postgresql. I'd double-check with the team if it is required here for some reason.
There was a problem hiding this comment.
If it was removed in nri-postgresql then it makes sense to remove the static-analysis step as the remaining part is present in reusable workflow.
There was a problem hiding this comment.
Hey @paologallinaharbur can you confirm if we can ignore the Semgrep step in the static-analysis job, similar to the above mentioned nri-postgresql
| ### enhancements | ||
| - leveraged reusable workflows for pipelines |
There was a problem hiding this comment.
I wouldn't include the pipeline changes in the changelog (after all they shouldn't change the integration at all). I don't know if we could take the chance to update the golang version and include that instead.
There was a problem hiding this comment.
Should I be changing from 1.22.9 -> 1.23.2 ?
There was a problem hiding this comment.
Only if we are including some changes related to the code itself (dependency bumps, bug-fixes, features, ...). I'd say that changes such as pipelines or dev-dependencies (Eg: a testify upgrade) should not be included in the changelog and should not generate a new release
| uses: actions/setup-go@v5 | ||
| with: | ||
| go-version-file: 'go.mod' | ||
| # reusable_push_pr contains static-analysis but it does not contain the Semgrep step |
There was a problem hiding this comment.
If we managed to use the reusable static-analysis we we could get rid of the tools module.
There was a problem hiding this comment.
yep we can remove the commented static-analysis job as it is managed by reusable workflow.
There was a problem hiding this comment.
Nit: I'd keep newlines at the end of files. (See this rationale)
Added the following files:
Updated the following files: