Skip to content

Commit

Permalink
Merge pull request #555 from github/fix/update-release
Browse files Browse the repository at this point in the history
Fix release automation
  • Loading branch information
rvermeulen authored Mar 26, 2024
2 parents 454ba4e + 486000e commit 000a447
Show file tree
Hide file tree
Showing 5 changed files with 79 additions and 14 deletions.
58 changes: 47 additions & 11 deletions .github/workflows/finalize-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,12 @@ on:
inputs:
ref:
description: |
The release branch to finalize.
The ref of release to finalize (e.g., 'rc/MAJOR.MINOR.PATCH').
required: true
tool-ref:
description: |
The ref to the tooling to use for the finalize (e.g., 'rc/MAJOR.MINOR.PATCH').
required: false

jobs:
finalize-release:
Expand All @@ -20,34 +24,56 @@ jobs:
- name: Determine ref
env:
REF_FROM_INPUT: ${{ inputs.ref }}
TOOL_REF_FROM_INPUT: ${{ inputs.tool-ref }}
REF_FROM_PR: ${{ github.event.pull_request.merge_commit_sha }}
BASE_REF_FROM_PR: ${{ github.event.pull_request.base.ref }}
run: |
if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then
echo "REF=$REF_FROM_INPUT" >> "$GITHUB_ENV"
echo "TOOL_REF=$TOOL_REF_FROM_INPUT" >> "$GITHUB_ENV"
echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV"
else
echo "REF=$REF_FROM_PR" >> "$GITHUB_ENV"
echo "TOOL_REF=$REF_FROM_PR" >> "$GITHUB_ENV"
echo "BASE_REF=$BASE_REF_FROM_PR" >> "$GITHUB_ENV"
fi
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ env.REF }}
fetch-depth: 0
path: release

- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ env.TOOL_REF }}
path: tooling

- name: Install Python
uses: actions/setup-python@v4
with:
python-version: "3.9"

- name: Install dependencies
run: pip install -r scripts/release/requirements.txt
working-directory: tooling

- name: Configure git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
working-directory: release

- name: Update release tag
run: |
version=${BASE_REF#rc/}
echo "Creating release tag v$version"
git tag -a v$version -m "Release v$version"
git push -f origin v$version
git tag -f -a v$version -m "Release v$version"
git push --force origin v$version
working-directory: release

- name: Finalize release
env:
Expand All @@ -57,30 +83,40 @@ jobs:
echo "Finalizing release v$version"
gh release edit "v$version" --draft=false --tag=v$version
working-directory: release

- name: Determine if release was a hotfix release
run: |
version=${BASE_REF#rc/}
echo "HOTFIX_RELEASE=$(python scripts/release/is-hotfix.py $version)" >> "$GITHUB_ENV"
# We are running the script in the tooling directory with the release directory as the working directory
echo "HOTFIX_RELEASE=$(python ../tooling/scripts/release/is-hotfix-release.py $version)" >> "$GITHUB_ENV"
working-directory: release

- name: Determine next release version
if: env.HOTFIX_RELEASE == 'false'
run: |
version=${BASE_REF#rc/}
next_version=$(python scripts/release/next-version.py --component minor --pre-release dev -- $version)
echo "NEXT_VERSION=$next_version" >> "$GITHUB_ENV"
working-directory: tooling

- name: Bump main version
if: env.HOTFIX_RELEASE == 'false'
env:
GH_TOKEN: ${{ github.token }}
run: |
version=${BASE_REF#rc/}
next_version="$version-dev"
echo "Bumping main version to $next_version"
echo "Bumping main version to $NEXT_VERSION"
git switch main
git pull --ff-only origin main
git switch -c release-automation/bump-version
./scripts/release/bump-version.sh "$next_version"
# We are running the script in the tooling directory with the release directory as the working directory
../tooling/scripts/release/bump-version.sh "$NEXT_VERSION"
git add -u .
git commit -m "Bump version to $next_version"
git commit -m "Bump version to $NEXT_VERSION"
git push --set-upstream origin release-automation/bump-version
gh pr create --repo $GITHUB_REPOSITORY --base main --head release-automation/bump-version --body "Bump the version of main to the dev label of the just released version $next_version" --title "Bump version to $next_version"
gh pr create --repo $GITHUB_REPOSITORY --base main --head release-automation/bump-version --body "Bump the version of main to $NEXT_VERSION" --title "Bump version to $NEXT_VERSION"
working-directory: release
3 changes: 2 additions & 1 deletion .github/workflows/update-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ jobs:
uses: actions/checkout@v4
with:
fetch-depth: 0 # We need the full history to compute the changelog
ref: ${{ inputs.head-sha }}

- name: Install Python
uses: actions/setup-python@v4
Expand Down Expand Up @@ -59,7 +60,7 @@ jobs:
--layout scripts/release/release-layout.yml \
--repo "$GITHUB_REPOSITORY" \
--github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \
--skip-checkrun "release-status"
--skip-checkrun "release-status" "Update Release"
- name: Update release notes
env:
Expand Down
2 changes: 1 addition & 1 deletion docs/user_manual.md
Original file line number Diff line number Diff line change
Expand Up @@ -496,7 +496,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des
| | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). |
| | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). |
| | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). |
| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.25.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. |
| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.25.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. |
| | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. |
| | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. |
| | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. |
Expand Down
2 changes: 1 addition & 1 deletion scripts/release/is-hotfix-release.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
def get_merge_base_of_ref() -> str:
cp = run(["git", "merge-base", "HEAD", "origin/main"], capture_output=True, text=True)
if cp.returncode != 0:
raise RuntimeError("Failed to get merge base")
raise RuntimeError(f"Failed to get merge base with reason '{cp.stderr.strip()}'")
return cp.stdout.strip()

def get_release_branches_containing(commit: str) -> List[Version]:
Expand Down
28 changes: 28 additions & 0 deletions scripts/release/next-version.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
from semantic_version import Version
import argparse

parser = argparse.ArgumentParser(description='Prints the next release version')
parser.add_argument('-c', '--component', default="minor", help='The component to increment (major, minor, patch)')
parser.add_argument('-p', '--pre-release', nargs='*', help='The pre-release label(s) (e.g. alpha, dev). Multiple labels can be specified so separate the options and the version using `--`!')
parser.add_argument('-b', '--build', nargs='*', help='The build identifier(s). Multiple identifiers can be specified so separate the options and the version using `--`!')
parser.add_argument('current_version', type=Version, help='The current version')

if __name__ == "__main__":
args = parser.parse_args()
version : Version = args.current_version
next_version = None
if args.component== "major":
next_version = version.next_major()
elif args.component == "minor":
next_version = version.next_minor()
elif args.component == "patch":
next_version = version.next_patch()
else:
raise ValueError(f"Invalid release type: {args.release_type}")

if args.pre_release:
next_version.prerelease = args.pre_release
if args.build:
next_version.build = args.build

print(next_version)

0 comments on commit 000a447

Please sign in to comment.