-
Notifications
You must be signed in to change notification settings - Fork 335
145 lines (129 loc) · 5.45 KB
/
create-release-branch.yaml
File metadata and controls
145 lines (129 loc) · 5.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: Create Release Branch
on:
push:
tags:
- 'v[0-9]+.[0-9]+.0' # Trigger on minor release tags (e.g. v1.54.0)
workflow_dispatch:
inputs:
tag:
description: 'The minor release tag (e.g. v1.54.0)'
required: true
type: string
jobs:
create-release-branch:
runs-on: ubuntu-latest
permissions:
contents: write # Allow pushing the release branch
outputs:
release-branch-name: ${{ steps.define-release-branch.outputs.branch }}
steps:
- name: Determine tag
id: determine-tag
run: |
if [ -n "${{ github.event.inputs.tag }}" ]; then
TAG=${{ github.event.inputs.tag }}
else
TAG=${GITHUB_REF#refs/tags/}
fi
if ! [[ "$TAG" =~ ^v[0-9]+\.[0-9]+\.0$ ]]; then
echo "Error: Tag $TAG is not in the expected format: vX.Y.0"
exit 1
fi
echo "tag=${TAG}" >> "$GITHUB_OUTPUT"
- name: Define release branch name from tag
id: define-release-branch
run: |
TAG=${{ steps.determine-tag.outputs.tag }}
echo "branch=test/${TAG%.0}.x" >> "$GITHUB_OUTPUT" # TODO: change back to release/ branch after testing
- name: Checkout dd-trace-java at tag
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2
# TODO: uncomment after testing
# with:
# ref: ${{ steps.determine-tag.outputs.tag }}
- name: Check if branch already exists
id: check-release-branch
run: |
BRANCH=${{ steps.define-release-branch.outputs.branch }}
if git ls-remote --heads origin "$BRANCH" | grep -q "$BRANCH"; then
echo "creating_new_branch=false" >> "$GITHUB_OUTPUT"
echo "Branch $BRANCH already exists - skipping creation"
else
echo "creating_new_branch=true" >> "$GITHUB_OUTPUT"
echo "Branch $BRANCH does not exist - creating it now"
fi
- name: Create and push release branch
if: steps.check-release-branch.outputs.creating_new_branch == 'true'
run: |
git checkout -b "${{ steps.define-release-branch.outputs.branch }}"
git push -u origin "${{ steps.define-release-branch.outputs.branch }}"
pin-system-tests:
needs: create-release-branch
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write # required for OIDC token federation
steps:
- uses: DataDog/dd-octo-sts-action@acaa02eee7e3bb0839e4272dacb37b8f3b58ba80 # v1.0.3
id: octo-sts
with:
scope: DataDog/dd-trace-java
policy: self.pin-system-tests.create-pr
- name: Checkout dd-trace-java at release branch
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2
with:
ref: ${{ needs.create-release-branch.outputs.release-branch-name }}
- name: Get latest commit SHA of base release branch
id: get-latest-commit-sha
run: |
echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
- name: Define pin-system-tests branch name
id: define-pin-branch
run: echo "branch=ci/pin-system-tests-$(date +'%Y%m%d')" >> $GITHUB_OUTPUT
- name: Check if pin-system-tests branch already exists
id: check-pin-branch
run: |
BRANCH=${{ steps.define-pin-branch.outputs.branch }}
if git ls-remote --heads origin "$BRANCH" | grep -q "$BRANCH"; then
echo "ERROR: Branch $BRANCH already exists - please delete it and re-run the workflow."
exit 1
else
echo "Branch $BRANCH does not exist - creating it now."
fi
- name: Update system-tests references to latest commit SHA of system-tests main
run: ./tooling/update_system_test_reference.sh
- name: Check if changes should be committed
id: check-changes
run: |
if [[ -z "$(git status -s)" ]]; then
echo "ERROR: No changes to commit - the system-tests reference was not updated."
exit 1
else
echo "Changes to commit:"
git status -s
fi
- name: Commit changes
id: create-commit
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git commit -m "chore: Pin system-tests for release branch" .github/workflows/run-system-tests.yaml
echo "commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
- name: Push changes
uses: DataDog/commit-headless@05d7b7ee023e2c7d01c47832d420c2503cd416f3 # action/v2.0.3
with:
token: "${{ steps.octo-sts.outputs.token }}"
branch: "${{ steps.define-pin-branch.outputs.branch }}"
head-sha: "${{ steps.get-latest-commit-sha.outputs.sha }}"
create-branch: true
command: push
commits: "${{ steps.create-commit.outputs.commit }}"
- name: Create pull request
env:
GH_TOKEN: ${{ steps.octo-sts.outputs.token }}
run: |
gh pr create --title "Pin system tests for release branch" \
--base ${{ needs.create-release-branch.outputs.release-branch-name }} \
--head ${{ steps.define-pin-branch.outputs.branch }} \
--label "tag: dependencies" \
--label "tag: no release notes" \
--body "This PR pins the system-tests reference for the release branch."