Skip to content

NuGet release flow #607

NuGet release flow

NuGet release flow #607

name: NuGet release flow
on:
workflow_run:
workflows: [
"NuGet release",
"NuGet publish"
]
types:
- completed
pull_request:
branches: [ main ]
types: [ closed ]
defaults:
run:
shell: pwsh
# Because the way that I structured this workflow the on-pr is always the first job and might be skipped
# If it's skipped then all subsquent jobs need to have a check with 'always()' as described in https://github.com/actions/runner/issues/2205#issuecomment-1381988186
# "Once a job in the workflow is failed or skipped, you need to overwrite the conditional for all subsequent jobs"
# That's why all the jobs after on-pr have the always() check.
jobs:
on-pr:
name: Create output artifacts
if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'nuget-release')
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- name: Dump github context for debug purposes
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: $env:GITHUB_CONTEXT
- name: Checkout repository
uses: actions/checkout@v4
- name: Get release info run id
id: release-info
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# This step only works if no extra commits are pushed to the release PR
# The problem is that the status that is carrying the NuGet release info is only added to the commit that opens the PR.
# This status is added by the NuGet Release workflow, see nuget-release.yml at the step with description 'Set PR status'
#
# If more commits are pushed to the NuGet release PR then this step will fail to find the status because it looks only
# at ${{ github.event.pull_request.head.sha }}, not the original commit.
#
# Passing information to the PR by means of adding a status to it is not ideal and I should rethink how this is done to properly
# fix this step
#
$statuses = gh api repos/${{ github.repository }}/commits/${{ github.event.pull_request.head.sha }}/statuses | ConvertFrom-Json
Write-Output $statuses
$nugetReleaseInfoStatus = $statuses | Where-Object {$_.context.startsWith("NuGet release / NuGet release info")}
$nugetReleaseInfoWorkflowUrl = $nugetReleaseInfoStatus.target_url
$runId = $nugetReleaseInfoWorkflowUrl.Split("/")[-1]
Write-Output "run-id=$runId"
Write-Output "run-id=$runId" >> $env:GITHUB_OUTPUT
- name: Download NuGet release info artifact
uses: dawidd6/action-download-artifact@v6
with:
name: nuget-release-info
run_id: ${{ steps.release-info.outputs.run-id }}
- name: Set NuGet release flow info
id: set-nuget-release-flow-info
run: |
$prMerged = [System.Convert]::ToBoolean('${{ github.event.pull_request.merged }}')
if($prMerged) {
$workflowStatus = "ok"
$releaseStatus = "in%20progress"
$releaseBadgeColor = "blue"
}
else {
$workflowStatus = "error"
$releaseStatus = "failed"
$releaseBadgeColor = "red"
}
$nugetInfoJson = Get-Content ./nuget-release-info.md
$nugetInfo = $nugetInfoJson | ConvertFrom-Json
$issueNumber = $nugetInfo.issueNumber
Write-Output "issue-number=$issueNumber" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-status=$releaseStatus" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-badge-color=$releaseBadgeColor" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-pull-request-node-status=$workflowStatus" >> $env:GITHUB_OUTPUT
- name: Upload NuGet release flow info artifact
uses: ./.github/actions/create-nuget-release-flow-info-artifact
with:
issue-number: '${{ steps.set-nuget-release-flow-info.outputs.issue-number }}'
nuget-release-status: '${{ steps.set-nuget-release-flow-info.outputs.nuget-release-status }}'
nuget-release-badge-color: '${{ steps.set-nuget-release-flow-info.outputs.nuget-release-badge-color }}'
nuget-release-pull-request-node-status: '${{ steps.set-nuget-release-flow-info.outputs.nuget-release-pull-request-node-status }}'
nuget-release-pull-request-url: '${{ github.event.pull_request.html_url }}'
release-flow-args:
name: Process NuGet release flow info artifact
needs: [on-pr]
if: always() && ( (github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'nuget-release')) || (github.event_name == 'workflow_run' && github.event.action == 'completed' && github.event.workflow_run.conclusion != 'skipped'))
permissions:
contents: read
runs-on: ubuntu-latest
outputs:
issue-number: ${{ steps.nuget-flow-info.outputs.issue-number }}
nuget-id: ${{ steps.nuget-flow-info.outputs.nuget-id }}
nuget-version: ${{ steps.nuget-flow-info.outputs.nuget-version }}
nuget-release-status: ${{ steps.nuget-flow-info.outputs.nuget-release-status }}
nuget-release-badge-color: ${{ steps.nuget-flow-info.outputs.nuget-release-badge-color }}
issue-nuget-release-node-status: ${{ steps.nuget-flow-info.outputs.issue-nuget-release-node-status }}
issue-nuget-release-url: ${{ steps.nuget-flow-info.outputs.issue-nuget-release-url }}
nuget-release-pull-request-node-status: ${{ steps.nuget-flow-info.outputs.nuget-release-pull-request-node-status }}
nuget-release-pull-request-url: ${{ steps.nuget-flow-info.outputs.nuget-release-pull-request-url }}
publish-nuget-node-status: ${{ steps.nuget-flow-info.outputs.publish-nuget-node-status }}
publish-nuget-url: ${{ steps.nuget-flow-info.outputs.publish-nuget-url }}
is-user-allowed-to-release-nuget: ${{ steps.nuget-flow-info.outputs.is-user-allowed-to-release-nuget }}
steps:
- name: Dump github context for debug purposes
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: $env:GITHUB_CONTEXT
- name: Output trigger info
run: |
$workflowRunName = '${{ github.event.workflow_run.name }}'
$workflowRunId = '${{ github.event.workflow_run.id }}'
$headBranch = '${{ github.event.workflow_run.head_branch }}'
Write-Output "::notice::This workflows was triggered by the completion of '$workflowRunName' with run id '$workflowRunId' on the branch '$headBranch'."
- name: Checkout repository
uses: actions/checkout@v4
- name: Set NuGet release flow info artifact source
id: nuget-release-flow-artifact
run: |
$isPullRequest = "${{ github.event_name }}" -eq "pull_request"
if($isPullRequest)
{
$source = 'current-workflow'
}
else # workflow_run event
{
$source = 'different-workflow'
}
Write-Output "source=$source" >> $env:GITHUB_OUTPUT
- name: Read NuGet release flow info artifact
id: nuget-flow-info
uses: ./.github/actions/read-nuget-release-flow-info-artifact
with:
source: ${{ steps.nuget-release-flow-artifact.outputs.source }}
workflow-id: ${{ github.event.workflow_run.workflow_id }} # on github.event_name == pull_request this will be empty and it's ok
workflow-run-id: ${{ github.event.workflow_run.id }} # on github.event_name == pull_request this will be empty and it's ok
update-release-flow-diagram:
name: Update NuGet release flow diagram
needs: [release-flow-args]
if: always() && needs.release-flow-args.result == 'success' && needs.release-flow-args.outputs.issue-number != '' # manually triggered workflows might not have an issue to update, example when using workflow_dispatch on the nuget-publish workflow
permissions:
contents: read
issues: write
runs-on: ubuntu-latest
steps:
- name: Dump outputs from previous job
shell: pwsh
env:
STEP_OUTPUT: ${{ toJSON(needs.release-flow-args.outputs) }}
run: $env:STEP_OUTPUT
- name: Checkout repository
uses: actions/checkout@v4
- name: Find NuGet release flow comment
uses: peter-evans/find-comment@v3
id: find-nuget-release-flow-comment
with:
issue-number: '${{ needs.release-flow-args.outputs.issue-number }}'
body-includes: '<!-- nuget-release-flow -->'
comment-author: github-actions[bot]
- name: Parse data from NuGet flow comment
id: parse-nuget-flow-data
if: steps.find-nuget-release-flow-comment.outputs.comment-id != 0
run: |
$commentBody = '${{ steps.find-nuget-release-flow-comment.outputs.comment-body }}'
$commentBody -match '<!-- nuget-id: (?<NugetId>.+) -->'
$nugetId = $Matches.NugetId
$commentBody -match '<!-- nuget-version: (?<NugetVersion>.+) -->'
$nugetVersion = $Matches.NugetVersion
$commentBody -match '<!-- issue-nuget-release-node-status: (?<IssueNugetReleaseNodeStatus>.+) -->'
$issueNugetReleaseNodeStatus = $Matches.IssueNugetReleaseNodeStatus
$commentBody -match '<!-- issue-nuget-release-url: (?<IssueNugetReleaseUrl>.+) -->'
$issueNugetReleaseUrl = $Matches.IssueNugetReleaseUrl
$commentBody -match '<!-- nuget-release-pull-request-node-status: (?<NugetReleasePullRequestNodeStatus>.+) -->'
$nugetReleasePullRequestNodeStatus = $Matches.NugetReleasePullRequestNodeStatus
$commentBody -match '<!-- nuget-release-pull-request-url: (?<NugetReleasePullRequestUrl>.+) -->'
$nugetReleasePullRequestUrl = $Matches.NugetReleasePullRequestUrl
Write-Output "issue-nuget-id=$nugetId" >> $env:GITHUB_OUTPUT
Write-Output "issue-nuget-version=$nugetVersion" >> $env:GITHUB_OUTPUT
Write-Output "issue-nuget-release-node-status=$issueNugetReleaseNodeStatus" >> $env:GITHUB_OUTPUT
Write-Output "issue-nuget-release-url=$issueNugetReleaseUrl" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-pull-request-node-status=$nugetReleasePullRequestNodeStatus" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-pull-request-url=$nugetReleasePullRequestUrl" >> $env:GITHUB_OUTPUT
- name: Dump outputs from previous step
env:
STEP_OUTPUT: ${{ toJSON(steps.parse-nuget-flow-data.outputs) }}
run: $env:STEP_OUTPUT
- name: Read nuget release flow info
id: nuget-release-flow-info
run: |
# the value is defined in the following order:
# 1 - if it exists in the NuGet release flow info artifact
# 2 - use default value for a node if the node from the NuGet release flow info artifact is an ancestor node
# 2 - if it exists in the parsed data from the nuget release flow comment
# 3 - use a default value
# default values
$issueNugetReleaseNodeStatus = 'default'
$issueNugetReleaseUrl = 'empty'
$nugetReleasePullRequestNodeStatus = 'default'
$nugetReleasePullRequestUrl = 'empty'
$publishNugetNodeStatus = 'default'
$publishNugetUrl = 'empty'
# use parsed data from nuget release flow if exists
$issueNugetReleaseNodeStatus = [string]::IsNullOrWhiteSpace('${{ steps.parse-nuget-flow-data.outputs.issue-nuget-release-node-status }}') `
? $issueNugetReleaseNodeStatus `
: '${{ steps.parse-nuget-flow-data.outputs.issue-nuget-release-node-status }}'
$issueNugetReleaseUrl = [string]::IsNullOrWhiteSpace('${{ steps.parse-nuget-flow-data.outputs.issue-nuget-release-url }}') `
? $issueNugetReleaseUrl `
: '${{ steps.parse-nuget-flow-data.outputs.issue-nuget-release-url }}'
$nugetReleasePullRequestNodeStatus = [string]::IsNullOrWhiteSpace('${{ steps.parse-nuget-flow-data.outputs.nuget-release-pull-request-node-status }}') `
? $nugetReleasePullRequestNodeStatus `
: '${{ steps.parse-nuget-flow-data.outputs.nuget-release-pull-request-node-status }}'
$nugetReleasePullRequestUrl = [string]::IsNullOrWhiteSpace('${{ steps.parse-nuget-flow-data.outputs.nuget-release-pull-request-url }}') `
? $nugetReleasePullRequestUrl `
: '${{ steps.parse-nuget-flow-data.outputs.nuget-release-pull-request-url }}'
# use data from the NuGet release flow info artifact if exists
$issueNugetReleaseNodeStatus = [string]::IsNullOrWhiteSpace('${{ needs.release-flow-args.outputs.issue-nuget-release-node-status }}') `
? $issueNugetReleaseNodeStatus `
: '${{ needs.release-flow-args.outputs.issue-nuget-release-node-status }}'
$issueNugetReleaseUrl = [string]::IsNullOrWhiteSpace('${{ needs.release-flow-args.outputs.issue-nuget-release-url }}') `
? $issueNugetReleaseUrl `
: '${{ needs.release-flow-args.outputs.issue-nuget-release-url }}'
$nugetReleasePullRequestNodeStatus = [string]::IsNullOrWhiteSpace('${{ needs.release-flow-args.outputs.nuget-release-pull-request-node-status }}') `
? $nugetReleasePullRequestNodeStatus `
: '${{ needs.release-flow-args.outputs.nuget-release-pull-request-node-status }}'
$nugetReleasePullRequestUrl = [string]::IsNullOrWhiteSpace('${{ needs.release-flow-args.outputs.nuget-release-pull-request-url }}') `
? $nugetReleasePullRequestUrl `
: '${{ needs.release-flow-args.outputs.nuget-release-pull-request-url }}'
$publishNugetNodeStatus = [string]::IsNullOrWhiteSpace('${{ needs.release-flow-args.outputs.publish-nuget-node-status }}') `
? $publishNugetNodeStatus `
: '${{ needs.release-flow-args.outputs.publish-nuget-node-status }}'
$publishNugetUrl = [string]::IsNullOrWhiteSpace('${{ needs.release-flow-args.outputs.publish-nuget-url }}') `
? $publishNugetUrl `
: '${{ needs.release-flow-args.outputs.publish-nuget-url }}'
# reset nodes to default if the NuGet release flow info artifact node is an ancestor node
$isIssueNugetReleaseNode = ![string]::IsNullOrWhiteSpace('${{ needs.release-flow-args.outputs.issue-nuget-release-node-status }}')
$isNugetReleasePullRequestNode = ![string]::IsNullOrWhiteSpace('${{ needs.release-flow-args.outputs.nuget-release-pull-request-node-status }}')
if($isIssueNugetReleaseNode) {
$nugetReleasePullRequestNodeStatus = 'default'
$nugetReleasePullRequestUrl = 'empty'
$publishNugetNodeStatus = 'default'
$publishNugetUrl = 'empty'
}
elseif($isNugetReleasePullRequestNode) {
$publishNugetNodeStatus = 'default'
$publishNugetUrl = 'empty'
}
# there's no default for nuget id and nuget version, they need to be passed in the first time and then
# their value is read from the nuget release flow comment
$nugetId = [string]::IsNullOrWhiteSpace('${{ steps.parse-nuget-flow-data.outputs.nuget-id }}') `
? '${{ needs.release-flow-args.outputs.nuget-id }}' `
: '${{ steps.parse-nuget-flow-data.outputs.nuget-id }}'
$nugetVersion = [string]::IsNullOrWhiteSpace('${{ steps.parse-nuget-flow-data.outputs.nuget-version }}') `
? '${{ needs.release-flow-args.outputs.nuget-version }}' `
: '${{ steps.parse-nuget-flow-data.outputs.nuget-version }}'
Write-Output "nuget-id=$nugetId" >> $env:GITHUB_OUTPUT
Write-Output "nuget-version=$nugetVersion" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-status=${{ needs.release-flow-args.outputs.nuget-release-status }}" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-badge-color=${{ needs.release-flow-args.outputs.nuget-release-badge-color }}" >> $env:GITHUB_OUTPUT
Write-Output "issue-nuget-release-node-status=$issueNugetReleaseNodeStatus" >> $env:GITHUB_OUTPUT
Write-Output "issue-nuget-release-url=$issueNugetReleaseUrl" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-pull-request-node-status=$nugetReleasePullRequestNodeStatus" >> $env:GITHUB_OUTPUT
Write-Output "nuget-release-pull-request-url=$nugetReleasePullRequestUrl" >> $env:GITHUB_OUTPUT
Write-Output "publish-nuget-node-status=$publishNugetNodeStatus" >> $env:GITHUB_OUTPUT
Write-Output "publish-nuget-url=$publishNugetUrl" >> $env:GITHUB_OUTPUT
- name: Dump outputs from previous step
env:
STEP_OUTPUT: ${{ toJSON(steps.nuget-release-flow-info.outputs) }}
run: $env:STEP_OUTPUT
- name: Render issue comment template
uses: yukitsune/template-cli@v0.1.0
with:
args: --input .github/workflows/templates/nuget-release-flow/nuget-release-flow-issue-comment.md \
--value "nugetId=${{ steps.nuget-release-flow-info.outputs.nuget-id }}" \
--value "nugetVersion=${{ steps.nuget-release-flow-info.outputs.nuget-version }}" \
--value "nugetReleaseStatus=${{ steps.nuget-release-flow-info.outputs.nuget-release-status }}" \
--value "nugetReleaseBadgeColor=${{ steps.nuget-release-flow-info.outputs.nuget-release-badge-color }}" \
--value "issueNugetReleaseNodeStatus=${{ steps.nuget-release-flow-info.outputs.issue-nuget-release-node-status }}" \
--value "issueNugetReleaseUrl=${{ steps.nuget-release-flow-info.outputs.issue-nuget-release-url }}" \
--value "nugetReleasePullRequestNodeStatus=${{ steps.nuget-release-flow-info.outputs.nuget-release-pull-request-node-status }}" \
--value "nugetReleasePullRequestUrl=${{ steps.nuget-release-flow-info.outputs.nuget-release-pull-request-url }}" \
--value "publishNugetNodeStatus=${{ steps.nuget-release-flow-info.outputs.publish-nuget-node-status }}" \
--value "publishNugetUrl=${{ steps.nuget-release-flow-info.outputs.publish-nuget-url }}" \
--output .
- name: Set render issue comment template as step output
id: render-issue-comment-template
run: |
$fileContent = Get-Content ./nuget-release-flow-issue-comment.md
$random = Get-Random
$delimiter = "EOF_$random"
Write-Output "result<<$delimiter" >> $env:GITHUB_OUTPUT
Write-Output $fileContent >> $env:GITHUB_OUTPUT
Write-Output $delimiter >> $env:GITHUB_OUTPUT
- name: Update issue with NuGet flow comment
uses: edumserrano/find-create-or-update-comment@v3
with:
issue-number: ${{ needs.release-flow-args.outputs.issue-number }}
body-includes: '<!-- nuget-release-flow -->'
comment-author: github-actions[bot]
body: ${{ steps.render-issue-comment-template.outputs.result }}
edit-mode: replace
on-permission-check-fail:
name: Handle permission denied for NuGet release
needs: [release-flow-args, update-release-flow-diagram]
if: always() && needs.update-release-flow-diagram.result == 'success' && needs.release-flow-args.outputs.is-user-allowed-to-release-nuget == 'false'
permissions:
contents: read
issues: write
runs-on: ubuntu-latest
steps:
- name: Dump github context for debug purposes
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: $env:GITHUB_CONTEXT
- name: Checkout repository
uses: actions/checkout@v4
- name: Render close issue comment template
uses: yukitsune/template-cli@v0.1.0
with:
args: --input .github/workflows/templates/nuget-release-flow/permission-denied-for-nuget-release.md \
--value "user=${{ github.triggering_actor }}" \
--output .
- name: Set render close issue comment template as step output
id: render-issue-comment-template
run: |
$fileContent = Get-Content ./permission-denied-for-nuget-release.md
$random = Get-Random
$delimiter = "EOF_$random"
Write-Output "result<<$delimiter" >> $env:GITHUB_OUTPUT
Write-Output $fileContent >> $env:GITHUB_OUTPUT
Write-Output $delimiter >> $env:GITHUB_OUTPUT
- name: Update issue with permission denied for NuGet release comment
uses: edumserrano/find-create-or-update-comment@v3
with:
issue-number: ${{ needs.release-flow-args.outputs.issue-number }}
body-includes: '<!-- permission-denied-for-nuget-release -->'
comment-author: github-actions[bot]
body: ${{ steps.render-issue-comment-template.outputs.result }}
edit-mode: replace
- name: Close NuGet release issue
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh issue close ${{ needs.release-flow-args.outputs.issue-number }}
close-release-issue:
name: Close NuGet release issue
needs: [update-release-flow-diagram]
if: always() && needs.update-release-flow-diagram.result == 'success' && github.event.workflow_run.conclusion != 'skipped' && github.event.workflow_run.name == 'NuGet publish'
permissions:
contents: read
issues: write
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download GitHub release info artifact
uses: dawidd6/action-download-artifact@v6
with:
name: github-release-info
run_id: ${{ github.event.workflow_run.id }}
- name: Read GitHub release info artifact
id: github-release-info
shell: pwsh
run: |
$githubReleaseInfo = Get-Content ./github-release-info.md | ConvertFrom-Json
Write-Output "issue-number=$($githubReleaseInfo.issueNumber)" >> $env:GITHUB_OUTPUT
Write-Output "nuget-id=$($githubReleaseInfo.nugetId)" >> $env:GITHUB_OUTPUT
Write-Output "nuget-version=$($githubReleaseInfo.nugetVersion)" >> $env:GITHUB_OUTPUT
Write-Output "github-release-url=$($githubReleaseInfo.githubReleaseUrl)" >> $env:GITHUB_OUTPUT
- name: Render close issue comment template
uses: yukitsune/template-cli@v0.1.0
with:
args: --input .github/workflows/templates/nuget-release-flow/nuget-released-successfully-issue-comment.md \
--value "nugetId=${{ steps.github-release-info.outputs.nuget-id }}" \
--value "nugetVersion=${{ steps.github-release-info.outputs.nuget-version }}" \
--value "nugetUrl=https://www.nuget.org/packages/${{ steps.github-release-info.outputs.nuget-id }}" \
--value "gitHubReleaseUrl=${{ steps.github-release-info.outputs.github-release-url }}" \
--output .
- name: Set render close issue comment template as step output
id: render-issue-comment-template
run: |
$fileContent = Get-Content ./nuget-released-successfully-issue-comment.md
$random = Get-Random
$delimiter = "EOF_$random"
Write-Output "result<<$delimiter" >> $env:GITHUB_OUTPUT
Write-Output $fileContent >> $env:GITHUB_OUTPUT
Write-Output $delimiter >> $env:GITHUB_OUTPUT
- name: Update issue with NuGet released comment
uses: edumserrano/find-create-or-update-comment@v3
with:
issue-number: ${{ steps.github-release-info.outputs.issue-number }}
body-includes: '<!-- nuget-released -->'
comment-author: github-actions[bot]
body: ${{ steps.render-issue-comment-template.outputs.result }}
edit-mode: replace
- name: Close NuGet release issue
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh issue close ${{ steps.github-release-info.outputs.issue-number }}