UTMStack/.github/workflows/v11-principal-beta-deployment.yml at 1b40d141a0bcbad254bbf0f1ec3ceb829a47637e · utmstack/UTMStack · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
name: "Beta Deployment"

on:
  workflow_dispatch:
    inputs:
      version_tag:
        description: "Version to deploy.(e.g., v11.0.0-beta.1)"
        required: true
      event_processor_tag:
        description: "Event processor version to use for this deployment.(e.g., 1.0.0-beta)"
        required: true

jobs:
  validations:
    name: Validate permissions
    runs-on: ubuntu-24.04
    steps:
      - name: Check permissions
        run: |
          echo "Checking permissions..."

          if [[ "${{ github.event.inputs.version_tag }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+-beta\.[0-9]+$ ]]; then
            echo "✅ Version tag format is correct."

            if [[ "${{ github.ref }}" =~ ^refs/heads/(release/|feature/) ]]; then
              echo "✅ Base branch ${{ github.ref }} is valid."
            else
              echo "⛔ ERROR: Base branch ${{ github.ref }} is not valid. It should be release/ or feature/."
              exit 1
            fi

            echo "Validating user permissions..."
            RESPONSE=$(curl -s -H "Authorization: Bearer ${{ secrets.API_SECRET }}" \
            -H "Accept: application/vnd.github.json" \
            "https://api.github.com/orgs/utmstack/teams/core-developers/memberships/${{ github.actor }}")

            if echo "$RESPONSE" | grep -q '"state": "active"'; then
              echo "✅ User ${{ github.actor }} is a member of the core-developers team."
            else
              echo "⛔ ERROR: User ${{ github.actor }} is not a member of the core-developers team."
              exit 1
            fi

          else
            echo "⛔ Version tag format is incorrect. It should be in the format vX.Y.Z-beta.N."
            exit 1
          fi

  deploy:
    name: Deploy to Beta
    needs: validations
    uses: ./.github/workflows/v11-used-build.yml
    with:
      version_tag: ${{ github.event.inputs.version_tag }}
      event_processor_tag: ${{ github.event.inputs.event_processor_tag }}
      environment: beta
    secrets:
      AGENT_SECRET_PREFIX: ${{ secrets.AGENT_SECRET_PREFIX }}
      SIGNER_TOKEN: ${{ secrets.SIGNER_TOKEN }}
      CM_AUTH: ${{ secrets.CM_AUTH_BETA }}