-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathrelease-branch-pull-request-handler.yml
More file actions
122 lines (121 loc) · 6.35 KB
/
release-branch-pull-request-handler.yml
File metadata and controls
122 lines (121 loc) · 6.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
permissions:
contents: write
pull-requests: read
actions: read
packages: read
id-token: write
name: Release Branch Pull Request Handler
on:
pull_request:
jobs:
deploy-to-uat-sandbox:
runs-on: ubuntu-latest
if: startsWith(github.event.pull_request.base.ref, vars.RELEASE_BRANCH_PREFIX)
steps:
- name: Checkout
uses: actions/checkout@v2.5.0
with:
token: ${{ secrets.SCOPED_PAT }}
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 2
- name: Setup Node
uses: actions/setup-node@v3.5.1
with:
node-version-file: ".nvmrc"
- name: Cache Node Modules
uses: actions/cache@v3.0.11
id: npm_cache_id
with:
path: node_modules
key: ${{ runner.os }}-npm-cache-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-npm-cache-
${{ runner.os }}-
- name: Install Dependencies
if: steps.npm_cache_id.outputs.cache-hit != 'true'
run: npm ci
- name: Parse Issue Number
id: branchFilter
env:
BRANCH_NAME: ${{ github.head_ref }}
ISSUE_PREFIX: ${{ vars.ISSUE_BRANCH_PREFIX }}
run: node ./node-scripts/branch-filter.js
- name: Did Metadata or Auth Files Change
if: steps.branchFilter.outputs.matches == 'true'
uses: rdietrick/did-files-change@12ed863b722bc28052850c22b28a37f38b6eca8d
id: requires-deploy
with:
pathspec: force-app auth
sha: ${{ github.event.pull_request.head.sha }}
- name: Recompose Profiles
if: steps.branchFilter.outputs.matches == 'true' && steps.requires-deploy.outputs.changed == '1' && vars.SALESFORCE_FORMATTED_PROFILES_AND_PERMS == 'false'
run: |
echo y | npx sf plugins:install @rdietrick/sfdx-profile-decompose
npx sf profiles:aggregate
rm -rf force-app/main/default/profiles/decomposed force-app/main/default/permissionsets/decomposed
- name: Check First Deploy
if: vars.GENERATE_RELEASE == 'true' && steps.branchFilter.outputs.matches == 'true'
id: check_first_deploy
run: |
if [ -f release-notes/${{ vars.ISSUE_BRANCH_PREFIX }}${{ steps.branchFilter.outputs.issueNumber }}.md ]
then
echo "FIRST_DEPLOY=false" >> "$GITHUB_OUTPUT"; else echo "FIRST_DEPLOY=true" >> "$GITHUB_OUTPUT";
fi
- name: Generate Destructive Changes Param
if: steps.branchFilter.outputs.matches == 'true' && steps.requires-deploy.outputs.changed == '1' && steps.check_first_deploy.outputs.FIRST_DEPLOY == 'true'
id: check_for_destructive_changes
run: |
if [ -f destructive-changes/destructiveChangesPre.xml ] && [ -f destructive-changes/destructiveChangesPost.xml ]
then
echo "DESTRUCTIVE_FILES=--predestructivechanges destructive-changes/destructiveChangesPre.xml --postdestructivechanges destructive-changes/destructiveChangesPost.xml" >> "$GITHUB_OUTPUT";
elif [ -f destructive-changes/destructiveChangesPre.xml ]
then
echo "DESTRUCTIVE_FILES=--predestructivechanges destructive-changes/destructiveChangesPre.xml" >> "$GITHUB_OUTPUT";
elif [ -f destructive-changes/destructiveChangesPost.xml ]
then
echo "DESTRUCTIVE_FILES=--postdestructivechanges destructive-changes/destructiveChangesPost.xml" >> "$GITHUB_OUTPUT";
fi
- name: Authenticate to UAT Sandbox
if: steps.branchFilter.outputs.matches == 'true' && steps.requires-deploy.outputs.changed == '1'
env:
LOGIN_ENC_FILE: auth/sandbox-login-url-${{ steps.branchFilter.outputs.branchName }}-uat.txt
SFDX_AUTH_SECRET_KEY: ${{ secrets.SFDX_AUTH_SECRET_KEY }}
run: |
sudo apt install age
echo "$SFDX_AUTH_SECRET_KEY" >> key.txt
age --decrypt -i key.txt ${LOGIN_ENC_FILE}.age > ${LOGIN_ENC_FILE}
rm key.txt
npx sf org login sfdx-url -f ${LOGIN_ENC_FILE} -a is${{ steps.branchFilter.outputs.issueNumber }}uat
- name: Deploy Source to Sandbox
if: steps.branchFilter.outputs.matches == 'true' && steps.requires-deploy.outputs.changed == '1'
env:
LOGIN_ENC_FILE: auth/sandbox-login-url-${{ steps.branchFilter.outputs.branchName }}-uat.txt
run: |
npx sf project generate manifest -p force-app -n temp-deploy-manifest
npx sf project deploy start -o is${{ steps.branchFilter.outputs.issueNumber }}uat -x temp-deploy-manifest.xml ${{ steps.check_for_destructive_changes.outputs.DESTRUCTIVE_FILES }} -w ${{ vars.DEPLOYMENT_TIMEOUT }} -l RunLocalTests --ignore-conflicts
- name: Init Release Notes
id: init-release-notes
if: vars.GENERATE_RELEASE == 'true' && steps.check_first_deploy.outputs.FIRST_DEPLOY == 'true' && steps.branchFilter.outputs.matches == 'true'
env:
GITHUB_TOKEN: ${{ secrets.SCOPED_PAT }}
ISSUE_URL: https://api.github.com/repos/${{ github.repository }}/issues/${{ steps.branchFilter.outputs.issueNumber }}
HEAD_REF: ${{ github.head_ref }}
run: |
git fetch origin $HEAD_REF
curl -H "Authorization: Bearer ${GITHUB_TOKEN}" -s ${ISSUE_URL} > issue.json
ISSUE_HTML_URL=$(jq -r '.html_url' issue.json)
ISSUE_TITLE=$(jq -r '.title' issue.json)
touch release-notes/${{ vars.ISSUE_BRANCH_PREFIX }}${{ steps.branchFilter.outputs.issueNumber }}.md
echo -e "1. [#${{ steps.branchFilter.outputs.issueNumber }} - ${ISSUE_TITLE}](${ISSUE_HTML_URL})\n" > release-notes/${{ vars.ISSUE_BRANCH_PREFIX }}${{ steps.branchFilter.outputs.issueNumber }}.md
ISSUE_JSON="$(cat issue.json)"
ISSUE_JSON="${ISSUE_JSON//'%'/'%25'}"
ISSUE_JSON="${ISSUE_JSON//$'\n'/'%0A'}"
ISSUE_JSON="${ISSUE_JSON//$'\r'/'%0D'}"
echo "ISSUE=$ISSUE_JSON" >> "$GITHUB_OUTPUT";
rm issue.json
- uses: stefanzweifel/git-auto-commit-action@75802d269e7721b5146d08f6063ba3097c55ad2b
if: vars.GENERATE_RELEASE == 'true' && steps.check_first_deploy.outputs.FIRST_DEPLOY == 'true' && steps.branchFilter.outputs.matches == 'true'
with:
branch: ${{ github.head_ref }}
commit_message: Issue release note
file_pattern: release-notes/${{ vars.ISSUE_BRANCH_PREFIX }}${{ steps.branchFilter.outputs.issueNumber }}.md