Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-08-27 13:49:10 +02:00
Code Issues Projects Releases Wiki Activity

chore: workflows call workflows (#7089)

Browse Source 
Relying on tags to trigger workflows makes it hard to trace what's
happening after a release, currently:
1. We manually trigger a release workflow
2. The release workflow executes and tags the new release in code
3. Several other workflows trigger after matching the tag doing
different things: build docker images, tarballs and other things.

This creates a loose dependency between the workflows which are actually
part of the same "release workflow" which makes it difficult to spot
when one or other dependent workflow fails because the dependency is
indirect through the tagging mechanism.

This PR switches to a more direct approach using [workflow
calls](https://docs.github.com/en/actions/using-workflows/reusing-workflows).
This will create a graph as shown in the following graph:
![](https://docs.github.com/assets/cb-34427/mw-1440/images/help/actions/reusable-workflows-ci-cd.webp)
making it easier to track and identify any problem.

The "drawback" of this approach is that previously we could trigger all
dependent workflows at once by creating a tag matching the expected
pattern without manually triggering a new release. This limitation can
be overcome by adding a manual workflow_dispatch to the workflows using
the tag trigger.
This commit is contained in:
Gastón Fournier 2024-05-24 09:28:39 +02:00 committed by GitHub
parent 292f43031a
commit 07354f7218
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 64 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.github/workflows/docker_publish.yaml vendored
View File

@ -6,14 +6,13 @@ on:
- main - main
paths-ignore: paths-ignore:
- website/** - website/**
tags: workflow_call:
- 'v*'
workflow_dispatch:
inputs: inputs:
ignore-push: version:
description: 'Ignore push to dockerhub. If not set the image will be pushed with the sha of the commit as tag' description: "Which version to release"
required: false type: 'string'
type: boolean required: true
workflow_dispatch:
jobs: jobs:
build: build:
@ -35,10 +34,10 @@ jobs:
images: | images: |
unleashorg/unleash-server unleashorg/unleash-server
tags: | tags: |
# only enabled for v* tags: # only enabled for workflow dispatch except main (assume its a release):
type=semver,pattern={{ version }},enable=${{ startsWith(github.ref, 'refs/tags/v') }} type=semver,pattern={{ version }},enable=${{ github.event_name == 'workflow_dispatch' && github.ref != 'refs/heads/main' }},value=${{ inputs.version }}
type=semver,pattern={{ major.minor }},enable=${{ startsWith(github.ref, 'refs/tags/v') }} type=semver,pattern={{ major }}.{{ minor }},enable=${{ github.event_name == 'workflow_dispatch' && github.ref != 'refs/heads/main' }},value=${{ inputs.version }}
type=semver,pattern={{ major }},enable=${{ startsWith(github.ref, 'refs/tags/v') }} type=semver,pattern={{ major }},enable=${{ github.event_name == 'workflow_dispatch' && github.ref != 'refs/heads/main' }},value=${{ inputs.version }}
# only enabled in main: # only enabled in main:
type=edge,prefix=main-,suffix=-${{ matrix.version }},enable=${{ github.ref == 'refs/heads/main' }} type=edge,prefix=main-,suffix=-${{ matrix.version }},enable=${{ github.ref == 'refs/heads/main' }}
# only enabled on workflow_dispatch: # only enabled on workflow_dispatch:
@ -57,7 +56,7 @@ jobs:
with: with:
context: . context: .
platforms: linux/amd64,linux/arm64 platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'workflow_dispatch' || github.event.inputs.ignore-push != 'true' }} push: true
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
build-args: NODE_VERSION=${{ matrix.version }} build-args: NODE_VERSION=${{ matrix.version }}

6
.github/workflows/notify_enterprise.yaml vendored
View File

@ -7,12 +7,6 @@ on:
paths-ignore: paths-ignore:
- website/** - website/**
- coverage/** - coverage/**
# not sure if we will have all the payload as the push to main has.
# workflow_run:
# workflows: [ 'Publish to npm' ]
# types: [ completed ]
# branches:
# - 'main'
jobs: jobs:
build: build:

44
.github/workflows/publish-new-version.yaml vendored
View File

@ -54,14 +54,18 @@ jobs:
echo PREV=$(git describe --tags ${PREV_COMMIT}) >> $GITHUB_ENV echo PREV=$(git describe --tags ${PREV_COMMIT}) >> $GITHUB_ENV
- if: ${{ !endsWith(github.event.inputs.version, '0') }} - if: ${{ !endsWith(github.event.inputs.version, '0') }}
run: echo PREV=$(git describe --abbrev=0) >> $GITHUB_ENV run: echo PREV=$(git describe --abbrev=0) >> $GITHUB_ENV
- name: Generate changelog if not pre-release - name: Generate changelog from ${{ env.PREV }}
continue-on-error: true continue-on-error: true
if: ${{ !contains(github.event.inputs.version, '-') }} if: ${{ !contains(github.event.inputs.version, '-') }}
env: env:
PREV: ${{ env.PREV }} PREV: ${{ env.PREV }}
run: | run: |
git-cliff ${PREV}..HEAD --tag v${{ github.event.inputs.version }} --prepend CHANGELOG.md git-cliff ${{ env.PREV }}..HEAD --tag v${{ github.event.inputs.version }} --prepend CHANGELOG.md
if [ -n "$(git status --porcelain)" ]; then
git commit -am "docs: Update CHANGELOG.md" git commit -am "docs: Update CHANGELOG.md"
else
echo "No changes to CHANGELOG.md"
fi
- run: yarn install --frozen-lockfile --ignore-scripts - run: yarn install --frozen-lockfile --ignore-scripts
- name: npm version - name: npm version
run: | run: |
@ -106,19 +110,27 @@ jobs:
git commit -m "chore: bump version to ${{ github.event.inputs.version }}+main" git commit -m "chore: bump version to ${{ github.event.inputs.version }}+main"
git push origin main git push origin main
update-version-checker: publish-docker:
needs: build needs: build
uses: ./.github/workflows/docker_publish.yaml
with:
version: ${{ github.event.inputs.version }}
publish-npm:
needs: build
uses: ./.github/workflows/release.yaml
with:
version: ${{ github.event.inputs.version }}
release-changelog: # TODO this changelog is different than the git-cliff one above
needs: build
uses: ./.github/workflows/release_changelog.yml
with:
version: ${{ github.event.inputs.version }}
update-version-checker:
needs: publish-docker
if: ${{ github.event.inputs.update-version-function == 'true' }} if: ${{ github.event.inputs.update-version-function == 'true' }}
runs-on: ubuntu-latest uses: ./.github/workflows/update_version_for_version_checker.yml
steps: with:
- name: Authenticate Google IAM version: ${{ github.event.inputs.version }}
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: 'projects/340004706233/locations/global/workloadIdentityPools/gh-actions-pool/providers/github-actions-oidc-unleash'
service_account: 'versionUpdateSa@metrics-304612.iam.gserviceaccount.com'
token_format: 'access_token'
- name: Update version checker
uses: 'Unleash/update-version-action@v0'
with:
version: ${{ github.event.inputs.version }}
distribution: 'oss'

14
.github/workflows/release.yaml vendored
View File

@ -1,8 +1,11 @@
name: 'Publish to npm' name: 'Publish to npm'
on: on:
push: workflow_call:
tags: inputs:
- 'v*' version:
description: "Which version number should we use for the release"
type: 'string'
required: true
jobs: jobs:
build: build:
@ -35,9 +38,6 @@ jobs:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }} aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Get the version
id: get_version
run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}
- name: Publish static assets to S3 - name: Publish static assets to S3
run: | run: |
aws s3 cp frontend/build s3://getunleash-static/unleash/${{ steps.get_version.outputs.VERSION }} --recursive aws s3 cp frontend/build s3://getunleash-static/unleash/v${{ inputs.version }} --recursive

21
.github/workflows/release_changelog.yml vendored
View File

@ -1,12 +1,14 @@
name: 'Releases' name: 'Release changelog'
on: on:
push: workflow_call:
tags: inputs:
- 'v*' version:
description: "Which version number should we use for the release"
type: 'string'
required: true
jobs: jobs:
release: release:
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout code - name: Checkout code
@ -16,12 +18,13 @@ jobs:
uses: metcalfc/changelog-generator@v4.3.1 uses: metcalfc/changelog-generator@v4.3.1
with: with:
myToken: ${{ secrets.GITHUB_TOKEN }} myToken: ${{ secrets.GITHUB_TOKEN }}
base-ref: v${{ inputs.version }}
- name: Create release - name: Create release
uses: actions/create-release@v1 uses: softprops/action-gh-release@v2
with: with:
tag_name: ${{ github.ref }} tag_name: v${{ inputs.version }}
release_name: ${{ github.ref }} name: v${{ inputs.version }}
body: ${{ steps.github_release.outputs.changelog }} body: ${{ steps.github_release.outputs.changelog }}
prerelease: ${{ contains(github.ref, 'beta') || contains(github.ref, 'alpha') }} prerelease: ${{ contains(inputs.version, 'beta') || contains(inputs.version, 'alpha') }}
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}}

6
.github/workflows/update_version_for_version_checker.yml vendored
View File

@ -5,6 +5,12 @@ permissions:
contents: read contents: read
on: on:
workflow_call:
inputs:
version:
description: "Which version should we set OSS to"
type: 'string'
required: true
workflow_dispatch: workflow_dispatch:
inputs: inputs:
version: version: