diff --git a/.github/workflows/cd-to-infra.yml b/.github/workflows/cd-to-infra.yml index 8966ee022..881228062 100644 --- a/.github/workflows/cd-to-infra.yml +++ b/.github/workflows/cd-to-infra.yml @@ -1,10 +1,14 @@ name: Continuous Deployment to Infra +permissions: + contents: write + on: push: branches: [ "main" ] release: - types: [created, published, edited, prereleased, released] +# TODO: We can scope release types once we're able to get reliable behavior with event triggers +# types: [prereleased, released] env: AWS_REGION: ${{ secrets.AWS_REGION }} @@ -37,7 +41,7 @@ jobs: run: | SHA_TAG=$(echo ${{ github.SHA }} | head -c 12) DEPLOY_TAG=$SHA_TAG - if [[ ${{ contains(github.event.head_commit.message, 'chore: Release') }} == 'true' ]]; then + if [[ ${{ contains(github.event.head_commit.message, 'chore: version v') }} == 'true' ]]; then RELEASE_TAG=$(cargo metadata --format-version=1 --no-deps | jq '.packages[0].version' | tr -d '"') # Use the release tag to deploy, if one is available. DEPLOY_TAG=$RELEASE_TAG diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index f892e46eb..9bdad9865 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -5,16 +5,17 @@ permissions: contents: write on: + # Run this workflow against any branch that updates the TOML file. This can be used to create (pre)releases from any + # branch (e.g. for hotfixes) without affecting the main branch. push: - branches: [ "main" ] paths: - 'Cargo.toml' jobs: - # Build and packages all the things + # Build and package all the things build-binaries: if: | - contains(github.event.head_commit.message, 'chore: Release') + contains(github.event.head_commit.message, 'chore: version v') strategy: matrix: # For these target platforms @@ -82,8 +83,9 @@ jobs: runs-on: ubuntu-latest env: CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_TOKEN }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # Use PAT to allow release events to be triggered via this workflow + GH_TOKEN: ${{ secrets.GH_TOKEN_PAT }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN_PAT }} steps: - uses: actions/checkout@v3 with: @@ -100,4 +102,7 @@ jobs: run: | export TAG=$(cargo metadata --format-version=1 --no-deps | jq '.packages[0].version' | tr -d '"') echo "Releasing "$TAG - gh release create "v${TAG}" -n "Release of ${TAG}" -t "v${TAG}" --latest artifacts/**/*.tar.gz \ No newline at end of file + # Generate a GitHub pre-release. This will trigger the "prereleased" event that will deploy to Clay. When the + # pre-release is promoted to a release from the GitHub console, the "released" event will trigger and deploy + # to Prod. + gh release create "v${TAG}" -t "v${TAG}" --generate-notes --prerelease artifacts/**/*.tar.gz diff --git a/ci-scripts/release_pr.sh b/ci-scripts/release_pr.sh index 2b9d3aafa..3c94f0ade 100755 --- a/ci-scripts/release_pr.sh +++ b/ci-scripts/release_pr.sh @@ -63,16 +63,17 @@ cargo update -p ceramic-api-server # Commit the specified packages # `cargo release commit` currently fails to build a good commit message. # Using git commit directly for now -branch="release-v${version}" -git checkout -b "$branch" -msg="chore: release version v${version}" +current_branch=$(git rev-parse --abbrev-ref HEAD) +pr_branch="version-v${version}" +git checkout -b "$pr_branch" +msg="chore: version v${version}" git commit -am "$msg" -git push --set-upstream origin $branch +git push --set-upstream origin "$pr_branch" -# Create a PR +# Create a PR against the branch this workflow is running on gh pr create \ - --base main \ - --head "$branch" \ + --base "$current_branch" \ + --head "$pr_branch" \ --label release \ --title "$msg" \ --body "$release_notes"