Skip to content

Release v2.30.0

Release v2.30.0 #24

name: Finalize Release
on:
pull_request:
types:
- closed
branches:
- "rc/**"
workflow_dispatch:
inputs:
ref:
description: |
The ref of release to finalize (e.g., 'rc/MAJOR.MINOR.PATCH').
required: true
tool-ref:
description: |
The ref to the tooling to use for the finalize (e.g., 'rc/MAJOR.MINOR.PATCH').
required: false
jobs:
finalize-release:
if: (github.event_name == 'pull_request' && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-22.04
steps:
- name: Determine ref
env:
REF_FROM_INPUT: ${{ inputs.ref }}
TOOL_REF_FROM_INPUT: ${{ inputs.tool-ref }}
REF_FROM_PR: ${{ github.event.pull_request.merge_commit_sha }}
BASE_REF_FROM_PR: ${{ github.event.pull_request.base.ref }}
run: |
if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then
echo "REF=$REF_FROM_INPUT" >> "$GITHUB_ENV"
echo "TOOL_REF=$TOOL_REF_FROM_INPUT" >> "$GITHUB_ENV"
echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV"
else
echo "REF=$REF_FROM_PR" >> "$GITHUB_ENV"
echo "TOOL_REF=$REF_FROM_PR" >> "$GITHUB_ENV"
echo "BASE_REF=$BASE_REF_FROM_PR" >> "$GITHUB_ENV"
fi
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ env.REF }}
fetch-depth: 0
path: release
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ env.TOOL_REF }}
path: tooling
- name: Install Python
uses: actions/setup-python@v4
with:
python-version: "3.9"
- name: Install dependencies
run: pip install -r scripts/release/requirements.txt
working-directory: tooling
- name: Configure git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
working-directory: release
- name: Update release tag
run: |
version=${BASE_REF#rc/}
echo "Creating release tag v$version"
git tag -f -a v$version -m "Release v$version"
git push --force origin v$version
working-directory: release
- name: Finalize release
env:
GITHUB_TOKEN: ${{ github.token }}
run: |
version=${BASE_REF#rc/}
echo "Finalizing release v$version"
gh release edit "v$version" --draft=false --tag=v$version
working-directory: release
- name: Determine if release was a hotfix release
run: |
version=${BASE_REF#rc/}
# We are running the script in the tooling directory with the release directory as the working directory
echo "HOTFIX_RELEASE=$(python ../tooling/scripts/release/is-hotfix-release.py $version)" >> "$GITHUB_ENV"
working-directory: release
- name: Determine next release version
if: env.HOTFIX_RELEASE == 'false'
run: |
version=${BASE_REF#rc/}
next_version=$(python scripts/release/next-version.py --component minor --pre-release dev -- $version)
echo "NEXT_VERSION=$next_version" >> "$GITHUB_ENV"
working-directory: tooling
- name: Generate token
if: env.HOTFIX_RELEASE == 'false'
id: generate-token
uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e
with:
app-id: ${{ vars.AUTOMATION_APP_ID }}
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: "codeql-coding-standards"
- name: Bump main version
if: env.HOTFIX_RELEASE == 'false'
env:
GH_TOKEN: ${{ steps.generate-token.outputs.token }}
run: |
echo "Bumping main version to $NEXT_VERSION"
git switch main
git pull --ff-only origin main
git switch -c "release-automation/bump-version-to-$NEXT_VERSION"
# We are running the script in the tooling directory with the release directory as the working directory
../tooling/scripts/release/bump-version.sh "$NEXT_VERSION"
git add -u .
git commit -m "Bump version to $NEXT_VERSION"
git push --set-upstream origin "release-automation/bump-version-to-$NEXT_VERSION"
gh pr create --repo $GITHUB_REPOSITORY --base main --head "release-automation/bump-version-to-$NEXT_VERSION" --body "Bump the version of main to $NEXT_VERSION" --title "Bump version to $NEXT_VERSION"
working-directory: release