Skip to content

Commit 8ef1106

Browse files
authored
Merge pull request #1456 from Acepresso/release-notes-EC-1164
Add automated release creation workflow
2 parents a36e473 + 0177642 commit 8ef1106

File tree

3 files changed

+256
-0
lines changed

3 files changed

+256
-0
lines changed

.github/workflows/release.yaml

Lines changed: 162 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,162 @@
1+
# Copyright The Conforma Contributors
2+
#
3+
# Licensed under the Apache License, Version 2.0 (the "License");
4+
# you may not use this file except in compliance with the License.
5+
# You may obtain a copy of the License at
6+
#
7+
# http://www.apache.org/licenses/LICENSE-2.0
8+
#
9+
# Unless required by applicable law or agreed to in writing, software
10+
# distributed under the License is distributed on an "AS IS" BASIS,
11+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
# See the License for the specific language governing permissions and
13+
# limitations under the License.
14+
#
15+
# SPDX-License-Identifier: Apache-2.0
16+
17+
---
18+
name: Release
19+
20+
on:
21+
workflow_dispatch:
22+
schedule:
23+
- cron: '0 9 * * 3' # every Wednesday
24+
25+
permissions:
26+
contents: read
27+
28+
env:
29+
TRACKED_PATHS: "acceptance/ policy/"
30+
31+
jobs:
32+
33+
get_info:
34+
35+
runs-on: ubuntu-latest
36+
outputs:
37+
latest_tag: ${{ steps.get_info.outputs.latest_tag }}
38+
latest_tag_sha: ${{ steps.get_info.outputs.latest_tag_sha }}
39+
changed: ${{ steps.get_info.outputs.changed }}
40+
next_version: ${{ steps.get_info.outputs.next_version }}
41+
42+
steps:
43+
44+
- name: Harden Runner
45+
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
46+
with:
47+
egress-policy: audit
48+
disable-telemetry: true
49+
50+
- name: Checkout code
51+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
52+
with:
53+
fetch-depth: 0
54+
55+
- name: Get info
56+
id: get_info
57+
run: |
58+
set -e
59+
git fetch --tags
60+
source hack/derive-version.sh $TRACKED_PATHS
61+
62+
echo latest_tag=$LATEST_TAG | tee -a "$GITHUB_OUTPUT"
63+
echo latest_tag_sha=$LATEST_TAG_SHA | tee -a "$GITHUB_OUTPUT"
64+
echo changed=$HAVE_CHANGED | tee -a "$GITHUB_OUTPUT"
65+
echo next_version=$NEXT_VERSION | tee -a "$GITHUB_OUTPUT"
66+
67+
generate_release_notes:
68+
69+
needs: get_info
70+
if: needs.get_info.outputs.changed == 'true'
71+
timeout-minutes: 15
72+
runs-on: ubuntu-latest
73+
permissions:
74+
contents: read
75+
steps:
76+
77+
- name: Harden Runner
78+
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
79+
with:
80+
egress-policy: audit
81+
disable-telemetry: true
82+
83+
- name: Checkout
84+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
85+
with:
86+
fetch-depth: 0
87+
88+
- name: Fetch tags
89+
id: fetch_tags
90+
run: |
91+
git fetch --tags
92+
93+
- name: Generate release notes
94+
uses: google-gemini/gemini-cli-action@main
95+
with:
96+
GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
97+
version: latest
98+
settings_json: |
99+
{
100+
"sandbox": true,
101+
"autoAccept": true
102+
}
103+
prompt: |
104+
Make a list of all notable changes since the tag ${{needs.get_info.outputs.latest_tag}}
105+
and categorize it nicely with emojis, output as Markdown and a
106+
one liner of the change. Add a jira link for each change if
107+
specified in the commit message. put the link in the begining
108+
of the line.
109+
Preface the release notes with a brief summary of the release.
110+
Don't create a title for the release.
111+
Also save the release notes in a file named "release-notes.md".
112+
113+
- name: Upload artifact
114+
uses: actions/upload-artifact@v4
115+
with:
116+
name: release-notes
117+
path: release-notes.md
118+
119+
120+
create_release:
121+
needs: [get_info, generate_release_notes]
122+
if: ${{ needs.get_info.outputs.changed == 'true' && needs.generate_release_notes.result == 'success'}}
123+
permissions:
124+
contents: write
125+
runs-on: ubuntu-latest
126+
127+
steps:
128+
129+
- name: Harden Runner
130+
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
131+
with:
132+
egress-policy: audit
133+
disable-telemetry: true
134+
135+
- name: Checkout
136+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
137+
with:
138+
fetch-depth: 0
139+
140+
- name: Tag
141+
run: |
142+
set -e
143+
git fetch --tags
144+
git config --local user.email "action@github.com"
145+
git config --local user.name "GitHub Action"
146+
147+
source hack/add-auto-tag.sh
148+
git push -f --tags
149+
150+
- name: Download artifact
151+
uses: actions/download-artifact@v4
152+
with:
153+
name: release-notes
154+
155+
- name: Create a release
156+
uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2.3.2
157+
with:
158+
name: ${{ needs.get_info.outputs.next_version }}
159+
tag_name: ${{ needs.get_info.outputs.next_version }}
160+
body_path: "release-notes.md"
161+
make_latest: false
162+
generate_release_notes: false

hack/add-auto-tag.sh

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,49 @@
1+
#!/usr/bin/env bash
2+
# Copyright The Conforma Contributors
3+
#
4+
# Licensed under the Apache License, Version 2.0 (the "License");
5+
# you may not use this file except in compliance with the License.
6+
# You may obtain a copy of the License at
7+
#
8+
# http://www.apache.org/licenses/LICENSE-2.0
9+
#
10+
# Unless required by applicable law or agreed to in writing, software
11+
# distributed under the License is distributed on an "AS IS" BASIS,
12+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
# See the License for the specific language governing permissions and
14+
# limitations under the License.
15+
#
16+
# SPDX-License-Identifier: Apache-2.0
17+
18+
set -o errexit
19+
set -o nounset
20+
set -o pipefail
21+
22+
AUTO_TAG=$(hack/derive-version.sh)
23+
24+
if [ -z "$(git tag -l $AUTO_TAG)" ]; then
25+
# Create a tag
26+
echo "Creating tag $AUTO_TAG"
27+
git tag -a -m 'Version tag added automatically' "$AUTO_TAG"
28+
29+
else
30+
# The tag exists already
31+
# Hopefully this won't happen, but let's not break the build if it does
32+
THIS_SHA=$(git rev-list -n1 --abbrev-commit HEAD)
33+
TAG_SHA=$(git rev-list -n1 --abbrev-commit "$AUTO_TAG")
34+
35+
if [ "$TAG_SHA" = "$THIS_SHA" ]; then
36+
# Tag is already what we wanted it to be. No big deal.
37+
echo "Tag $AUTO_TAG exists already"
38+
39+
else
40+
# This is more surprising. If you see this it's likely you want to do
41+
# some debugging to figure out what happened and why
42+
echo "Tag $AUTO_TAG exists already but on $TAG_SHA not $THIS_SHA. Skipping tag creation."
43+
echo "You should try to figure out why this happened!"
44+
45+
# Todo: Once we think this is stable enough we should fail more loudly
46+
#exit 1
47+
48+
fi
49+
fi

hack/derive-version.sh

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
#!/usr/bin/env bash
2+
# Copyright The Conforma Contributors
3+
#
4+
# Licensed under the Apache License, Version 2.0 (the "License");
5+
# you may not use this file except in compliance with the License.
6+
# You may obtain a copy of the License at
7+
#
8+
# http://www.apache.org/licenses/LICENSE-2.0
9+
#
10+
# Unless required by applicable law or agreed to in writing, software
11+
# distributed under the License is distributed on an "AS IS" BASIS,
12+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
# See the License for the specific language governing permissions and
14+
# limitations under the License.
15+
#
16+
# SPDX-License-Identifier: Apache-2.0
17+
18+
set -o errexit
19+
set -o nounset
20+
set -o pipefail
21+
22+
# Assumptions:
23+
# 1. A tag exists on branch "main" and contains the major.minor.patch version number
24+
# 2. Git checkouts are done with fetch-depth=0 so we have enough history
25+
# 3. Tags are fetched
26+
27+
# Pass in paths that will be checked for changes since last version.
28+
# Leave blank for "all".
29+
TRACKED_PATHS=$@
30+
31+
# Obtain most recent version tag
32+
LATEST_TAG=$(git describe --tags --abbrev=0 --match="v*.*.*" main)
33+
LATEST_TAG_SHA=$(git rev-parse --verify "$LATEST_TAG"^{commit})
34+
35+
# Check for changes since last version
36+
HAVE_CHANGED=false
37+
DIFF=$(git diff --name-only $LATEST_TAG_SHA -- $TRACKED_PATHS)
38+
[ -z "$DIFF" ] || HAVE_CHANGED=true
39+
40+
# Bump patch version
41+
CURRENT_VERSION_SANITIZED=$(echo "$LATEST_TAG" | grep -Eo '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}')
42+
NEXT_VERSION=$(echo "$CURRENT_VERSION_SANITIZED" | awk -F. -v OFS=. '{$NF++;print}')
43+
NEXT_VERSION=v$NEXT_VERSION
44+
45+
echo ${NEXT_VERSION}

0 commit comments

Comments
 (0)