From ca225f94eecc0e76624d223813a9d10670f48fe0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 20 Mar 2026 04:12:43 +0000 Subject: [PATCH] build(deps): Bump the github-actions-dependencies group across 3 directories with 5 updates Bumps the github-actions-dependencies group with 4 updates in the / directory: [actions/create-github-app-token](https://github.com/actions/create-github-app-token), [hoverkraft-tech/ci-github-container](https://github.com/hoverkraft-tech/ci-github-container), [hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml](https://github.com/hoverkraft-tech/ci-github-container) and [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter). Bumps the github-actions-dependencies group with 1 update in the /actions/deploy/jampack directory: [actions/cache](https://github.com/actions/cache). Bumps the github-actions-dependencies group with 1 update in the /actions/release/create directory: [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter). Updates `actions/create-github-app-token` from 2.2.1 to 3.0.0 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/29824e69f54612133e76f7eaac726eef6c875baf...f8d387b68d61c58ab83c6c016672934102569859) Updates `hoverkraft-tech/ci-github-container` from 0.30.6 to 0.31.0 - [Release notes](https://github.com/hoverkraft-tech/ci-github-container/releases) - [Commits](https://github.com/hoverkraft-tech/ci-github-container/compare/a0bab9151cc074af9f6c8204ab42a48d2d570379...df8b445f6cc9661dcb282d897d7146a82e5f2960) Updates `hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml` from 0.30.6 to 0.31.0 - [Release notes](https://github.com/hoverkraft-tech/ci-github-container/releases) - [Commits](https://github.com/hoverkraft-tech/ci-github-container/compare/a0bab9151cc074af9f6c8204ab42a48d2d570379...df8b445f6cc9661dcb282d897d7146a82e5f2960) Updates `release-drafter/release-drafter` from 6.4.0 to 7.1.1 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/6a93d829887aa2e0748befe2e808c66c0ec6e4c7...139054aeaa9adc52ab36ddf67437541f039b88e2) Updates `actions/cache` from 5.0.3 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/cdf6c1fa76f9f475f3d7449005a359c84ca0f306...668228422ae6a00e4ad889ee87cd7109ec5666a7) Updates `release-drafter/release-drafter` from 6.4.0 to 7.1.1 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/6a93d829887aa2e0748befe2e808c66c0ec6e4c7...139054aeaa9adc52ab36ddf67437541f039b88e2) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependencies - dependency-name: hoverkraft-tech/ci-github-container dependency-version: 0.31.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-dependencies - dependency-name: hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml dependency-version: 0.31.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-dependencies - dependency-name: release-drafter/release-drafter dependency-version: 7.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependencies - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-dependencies - dependency-name: release-drafter/release-drafter dependency-version: 7.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependencies ... Signed-off-by: dependabot[bot] Signed-off-by: Emilien Escalle --- .github/release-config.yml | 30 -- .github/workflows/__prepare-release.yml | 4 - .github/workflows/__shared-ci.yml | 4 + .../workflows/__test-action-deployment.yml | 2 +- ..._test-action-release-get-configuration.yml | 80 ++++++ .../clean-deploy-argocd-app-of-apps.yml | 2 +- .github/workflows/clean-deploy.yml | 2 +- .../workflows/deploy-argocd-app-of-apps.yml | 4 +- .github/workflows/deploy-chart.yml | 6 +- .../finish-deploy-argocd-app-of-apps.yml | 2 +- .github/workflows/prepare-release.yml | 263 +----------------- .github/workflows/release-actions.yml | 2 +- .github/workflows/release.yml | 15 + actions/deploy/jampack/action.yml | 4 +- actions/release/create/action.yml | 26 +- actions/release/get-configuration/action.yml | 173 ++++++++++-- 16 files changed, 287 insertions(+), 332 deletions(-) delete mode 100644 .github/release-config.yml create mode 100644 .github/workflows/__test-action-release-get-configuration.yml diff --git a/.github/release-config.yml b/.github/release-config.yml deleted file mode 100644 index d8b9da28..00000000 --- a/.github/release-config.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -template: | - # What's Changed - $CHANGES - **Full Changelog**: https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...$RESOLVED_VERSION -name-template: "Version $RESOLVED_VERSION" -tag-template: "$RESOLVED_VERSION" -tag-prefix: "" -prerelease-identifier: "rc" -version-resolver: - major: - labels: - - "release-major" - minor: - labels: - - "release-minor" - patch: - labels: - - "release-patch" - default: patch -autolabeler: - - label: "release-major" - title: - - "/^BREAKING CHANGE:/" - - "/^\\w+!:/" - - "/^\\w+\\(.+\\)!:/" - - label: "release-minor" - title: - - "/^feat:/" - - "/^feat\\(.+\\):/" diff --git a/.github/workflows/__prepare-release.yml b/.github/workflows/__prepare-release.yml index e2146589..181742a8 100644 --- a/.github/workflows/__prepare-release.yml +++ b/.github/workflows/__prepare-release.yml @@ -16,7 +16,3 @@ jobs: contents: write pull-requests: write id-token: write # Needed for getting local workflow actions - with: - github-app-id: ${{ vars.CI_BOT_APP_ID }} - secrets: - github-app-key: ${{ secrets.CI_BOT_APP_PRIVATE_KEY }} diff --git a/.github/workflows/__shared-ci.yml b/.github/workflows/__shared-ci.yml index 032c0d68..bd750ad0 100644 --- a/.github/workflows/__shared-ci.yml +++ b/.github/workflows/__shared-ci.yml @@ -37,3 +37,7 @@ jobs: needs: linter uses: ./.github/workflows/__test-action-deployment.yml secrets: inherit + + test-action-release-get-configuration: + needs: linter + uses: ./.github/workflows/__test-action-release-get-configuration.yml diff --git a/.github/workflows/__test-action-deployment.yml b/.github/workflows/__test-action-deployment.yml index 07f3e6eb..eda40212 100644 --- a/.github/workflows/__test-action-deployment.yml +++ b/.github/workflows/__test-action-deployment.yml @@ -59,7 +59,7 @@ jobs: deployment-id: ${{ steps.create-deployment.outputs.deployment-id }} state: "in_progress" - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: generate-token with: app-id: ${{ vars.CI_BOT_APP_ID }} diff --git a/.github/workflows/__test-action-release-get-configuration.yml b/.github/workflows/__test-action-release-get-configuration.yml new file mode 100644 index 00000000..c04a5d7f --- /dev/null +++ b/.github/workflows/__test-action-release-get-configuration.yml @@ -0,0 +1,80 @@ +name: Internal - Tests for "release/get-configuration" action + +on: + workflow_call: + +permissions: {} + +jobs: + tests: + name: Tests for "release/get-configuration" action + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: Arrange - Checkout + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + + - name: Arrange - Create repository config fixture + run: | + mkdir -p .github + cat <<'EOF' > .github/release-config.yml + --- + template: | + $CHANGES + EOF + + - name: Act - Resolve existing repository config + id: existing-config + uses: ./actions/release/get-configuration + + - name: Assert - Existing repository config + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + env: + CONFIG_PATH: ${{ steps.existing-config.outputs.config-path }} + with: + script: | + const assert = require('node:assert'); + const fs = require('node:fs'); + const path = require('node:path'); + + const workspace = process.env.GITHUB_WORKSPACE || process.cwd(); + const configPath = process.env.CONFIG_PATH; + + assert.equal(configPath, 'release-config.yml'); + + const absoluteConfigPath = path.resolve(workspace, '.github', configPath); + assert.ok(fs.existsSync(absoluteConfigPath), `Expected config to exist at ${absoluteConfigPath}`); + + - name: Act - Resolve generated temp config + id: generated-config + uses: ./actions/release/get-configuration + with: + working-directory: actions/release/get-configuration + include-paths: '["actions/release/create"]' + + - name: Assert - Generated temp config + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + env: + CONFIG_PATH: ${{ steps.generated-config.outputs.config-path }} + with: + script: | + const assert = require('node:assert'); + const fs = require('node:fs'); + const path = require('node:path'); + + const workspace = process.env.GITHUB_WORKSPACE || process.cwd(); + const configPath = process.env.CONFIG_PATH; + const absoluteConfigPath = path.resolve(workspace, '.github', configPath); + const configContent = fs.readFileSync(absoluteConfigPath, 'utf8'); + + assert.notEqual(configPath, 'release-configs/get-configuration.yml'); + assert.ok(configPath.endsWith('/release-drafter/get-configuration.yml') || configPath === '../release-drafter/get-configuration.yml' || configPath.includes('/release-drafter/get-configuration.yml')); + assert.ok(fs.existsSync(absoluteConfigPath), `Expected generated config to exist at ${absoluteConfigPath}`); + assert.ok(configContent.includes('include-paths:'), 'Expected include-paths section in generated config'); + assert.ok(configContent.includes(' - "actions/release/create"'), 'Expected custom include path in generated config'); + assert.ok(configContent.includes(' - "actions/release/get-configuration"'), 'Expected working directory include path in generated config'); + assert.ok(configContent.includes('name-template: "Version get-configuration - $RESOLVED_VERSION"'), 'Expected working-directory-specific name template'); + assert.ok(configContent.includes('tag-prefix: "get-configuration-"'), 'Expected working-directory-specific tag prefix'); diff --git a/.github/workflows/clean-deploy-argocd-app-of-apps.yml b/.github/workflows/clean-deploy-argocd-app-of-apps.yml index 38652883..02135820 100644 --- a/.github/workflows/clean-deploy-argocd-app-of-apps.yml +++ b/.github/workflows/clean-deploy-argocd-app-of-apps.yml @@ -108,7 +108,7 @@ jobs: core.setOutput("has-changes", hasChanges); # jscpd:ignore-start - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 if: ${{ steps.remove-files.outputs.has-changes == 'true' && inputs.github-app-id }} id: generate-token with: diff --git a/.github/workflows/clean-deploy.yml b/.github/workflows/clean-deploy.yml index a5822e67..c87933fc 100644 --- a/.github/workflows/clean-deploy.yml +++ b/.github/workflows/clean-deploy.yml @@ -139,7 +139,7 @@ jobs: core.setOutput("owner", ownerName); } - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 if: ${{ inputs.github-app-id }} id: generate-token with: diff --git a/.github/workflows/deploy-argocd-app-of-apps.yml b/.github/workflows/deploy-argocd-app-of-apps.yml index 34c870d0..c80203c8 100644 --- a/.github/workflows/deploy-argocd-app-of-apps.yml +++ b/.github/workflows/deploy-argocd-app-of-apps.yml @@ -140,7 +140,7 @@ jobs: core.setOutput("initiated-by", initiatedBy); - id: chart-variables - uses: hoverkraft-tech/ci-github-container/actions/helm/parse-chart-uri@a0bab9151cc074af9f6c8204ab42a48d2d570379 # 0.30.6 + uses: hoverkraft-tech/ci-github-container/actions/helm/parse-chart-uri@df8b445f6cc9661dcb282d897d7146a82e5f2960 # 0.31.0 with: uri: ${{ steps.check-client-payload.outputs.chart }} @@ -221,7 +221,7 @@ jobs: initiated-by: ${{ steps.check-client-payload.outputs.initiated-by }} # jscpd:ignore-start - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 if: inputs.github-app-id id: generate-token with: diff --git a/.github/workflows/deploy-chart.yml b/.github/workflows/deploy-chart.yml index 24928e29..f65f7ff2 100644 --- a/.github/workflows/deploy-chart.yml +++ b/.github/workflows/deploy-chart.yml @@ -241,7 +241,7 @@ jobs: build-oci-images: name: Build OCI images needs: prepare-deploy - uses: hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml@a0bab9151cc074af9f6c8204ab42a48d2d570379 # 0.30.6 + uses: hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml@df8b445f6cc9661dcb282d897d7146a82e5f2960 # 0.31.0 permissions: contents: read id-token: write @@ -355,7 +355,7 @@ jobs: core.setOutput('deploy-values', JSON.stringify(deployValues)); - id: release - uses: hoverkraft-tech/ci-github-container/actions/helm/release-chart@a0bab9151cc074af9f6c8204ab42a48d2d570379 # 0.30.6 + uses: hoverkraft-tech/ci-github-container/actions/helm/release-chart@df8b445f6cc9661dcb282d897d7146a82e5f2960 # 0.31.0 with: chart: ${{ inputs.chart-name }} path: ${{ inputs.chart-path }} @@ -453,7 +453,7 @@ jobs: core.setOutput("deploy-values", JSON.stringify(deployValues)); # jscpd:ignore-start - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 if: inputs.github-app-id id: generate-token with: diff --git a/.github/workflows/finish-deploy-argocd-app-of-apps.yml b/.github/workflows/finish-deploy-argocd-app-of-apps.yml index 74674c99..aaa60e34 100644 --- a/.github/workflows/finish-deploy-argocd-app-of-apps.yml +++ b/.github/workflows/finish-deploy-argocd-app-of-apps.yml @@ -144,7 +144,7 @@ jobs: core.setFailed(`Status "${status}" is not valid. Valid statuses are: ${JSON.stringify(statesStatuses)}`); - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 if: inputs.github-app-id id: generate-token with: diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 3c7ffcce..5a2e3b45 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -1,7 +1,6 @@ # Reusable workflow that performs release preparation tasks: # # - Add proper labels to pull requests -# - Ensure release configuration is up to date name: Prepare release @@ -23,19 +22,6 @@ on: type: string required: false default: "" - include-paths: - description: | - Additional paths to include in the release notes filtering (JSON array). - These paths are added to the `include-paths` configuration of release-drafter. - type: string - required: false - default: "[]" - github-app-id: - description: | - GitHub App ID to generate GitHub token in place of github-token. - See https://github.com/actions/create-github-app-token. - required: false - type: string secrets: github-token: description: | @@ -43,10 +29,6 @@ on: - `contents: write` - `pull-requests: write` - github-app-key: - description: | - GitHub App private key to generate GitHub token in place of github-token. - See https://github.com/actions/create-github-app-token. concurrency: group: ${{ github.workflow }}-${{ inputs.working-directory }}-${{ github.event.number || github.ref }} @@ -58,16 +40,14 @@ jobs: prepare: runs-on: ${{ fromJson(inputs.runs-on) }} if: github.event_name == 'pull_request' || (github.event_name == 'push' && github.ref_name == github.event.repository.default_branch) - outputs: - config-slug: ${{ steps.get-configuration.outputs.config-slug }} - config-name: ${{ steps.get-configuration.outputs.config-name }} - config-path: ${{ steps.get-configuration.outputs.config-path }} - working-directory: ${{ steps.get-configuration.outputs.working-directory }} - config-exists: ${{ steps.paths-exist.outputs.config-exists }} permissions: contents: read id-token: write # Needed for getting local workflow actions steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + - id: local-workflow-actions uses: hoverkraft-tech/ci-github-common/actions/local-workflow-actions@f5847cb398fe65d53794e6aba98ebdfa0801f691 # 0.32.0 with: @@ -78,37 +58,12 @@ jobs: with: working-directory: ${{ inputs.working-directory }} - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: release-drafter/release-drafter/autolabeler@139054aeaa9adc52ab36ddf67437541f039b88e2 # v7.1.1 + if: github.event_name == 'pull_request' with: - persist-credentials: false - ref: refs/heads/${{ github.event.repository.default_branch }} - sparse-checkout: | - ${{ steps.get-configuration.outputs.config-path }} - ${{ steps.get-configuration.outputs.working-directory || '' }} - - - id: paths-exist - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 - env: - WORKING_DIRECTORY: ${{ steps.get-configuration.outputs.working-directory }} - CONFIG_PATH: ${{ steps.get-configuration.outputs.config-path }} - IS_DEFAULT_BRANCH: ${{ github.ref_name == github.event.repository.default_branch }} - with: - script: | - const fs = require('node:fs'); - - const workingDirectory = process.env.WORKING_DIRECTORY; - if (workingDirectory && process.env.IS_DEFAULT_BRANCH === 'true' && !fs.existsSync(workingDirectory)) { - return core.setFailed(`Working directory "${workingDirectory}" does not exist.`); - } - - const configPath = process.env.CONFIG_PATH; - if (!configPath){ - return core.setFailed('Configuration path is not specified.'); - } - if (!fs.existsSync(configPath)) { - return core.warning(`Release configuration file "${configPath}" does not exist.`); - } - core.setOutput('config-exists', true); + token: ${{ secrets.github-token || secrets.GITHUB_TOKEN || github.token }} + # config-path is relative to ".github" directory + config-name: file:${{ steps.get-configuration.outputs.config-path }} # jscpd:ignore-start - uses: hoverkraft-tech/ci-github-common/actions/local-workflow-actions@f5847cb398fe65d53794e6aba98ebdfa0801f691 # 0.32.0 @@ -118,203 +73,3 @@ jobs: repository: ${{ steps.local-workflow-actions.outputs.repository }} ref: ${{ steps.local-workflow-actions.outputs.ref }} # jscpd:ignore-end - - pull-request-labeler: - needs: prepare - runs-on: ${{ fromJson(inputs.runs-on) }} - permissions: - contents: read - pull-requests: write - if: github.event_name == 'pull_request' && needs.prepare.outputs.config-exists - steps: - - uses: release-drafter/release-drafter@6a93d829887aa2e0748befe2e808c66c0ec6e4c7 # v6.4.0 - env: - GITHUB_TOKEN: ${{ secrets.github-token || secrets.GITHUB_TOKEN || github.token }} - with: - disable-releaser: true - # config-name is relative to .github/ directory - config-name: ${{ needs.prepare.outputs.config-name }} - - release-configuration: - needs: prepare - if: github.event_name == 'push' && github.ref_name == github.event.repository.default_branch - runs-on: ${{ fromJson(inputs.runs-on) }} - permissions: - contents: write - pull-requests: write - env: - INCLUDE_PATHS: ${{ inputs.include-paths }} - WORKING_DIRECTORY: ${{ needs.prepare.outputs.working-directory }} - CONFIG_NAME: ${{ needs.prepare.outputs.config-name }} - CONFIG_PATH: ${{ needs.prepare.outputs.config-path }} - CONFIG_SLUG: ${{ needs.prepare.outputs.config-slug }} - steps: - - id: get-config - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 - with: - script: | - const workingDirectory = process.env.WORKING_DIRECTORY; - const configName = process.env.CONFIG_NAME; - const configPath = process.env.CONFIG_PATH; - - // Parse additional include paths - const includePaths = new Set(); - try { - const includePathsInput = JSON.parse(process.env.INCLUDE_PATHS || '[]'); - if (!Array.isArray(includePathsInput)) { - return core.setFailed('include-paths input is not an array'); - } - - for (const includePath of includePathsInput) { - if (typeof includePath !== 'string') { - return core.setFailed('include-paths input must be an array of strings'); - } - const trimmedPath = includePath.trim(); - if (trimmedPath.length === 0) { - continue; - } - includePaths.add(trimmedPath); - } - } catch (e) { - return core.setFailed(`Failed to parse include-paths input: ${e.message}`); - } - - // Amend include-paths if working directory is specified - if (workingDirectory) { - // Add working directory to include-paths - includePaths.add(workingDirectory); - const workflowRef = process.env.GITHUB_WORKFLOW_REF || ''; - const repository = process.env.GITHUB_REPOSITORY || ''; - if (workflowRef && repository) { - const currentWorkflow = workflowRef.replace(`${repository}/`, '').replace(/@.*/, '').trim(); - if(currentWorkflow.length > 0) { - includePaths.add(currentWorkflow); - } - } - } - - // Build include-paths section if includePaths is not empty - let includePathsSection = ''; - if (includePaths.size > 0 ) { - const pathsYaml = Array.from(includePaths).map(p => ` - "${p}"`).join('\n'); - includePathsSection += `include-paths:\n${pathsYaml}\n`; - } - - const nameTemplate = workingDirectory - ? `Version ${process.env.CONFIG_SLUG} - \$RESOLVED_VERSION` - : `Version \$RESOLVED_VERSION`; - - const tagPrefix = workingDirectory - ? `${process.env.CONFIG_SLUG}-` - : ''; - - const tagTemplate = `${tagPrefix}\$RESOLVED_VERSION`; - - const config = `--- - ${includePathsSection}template: | - # What's Changed - \$CHANGES - **Full Changelog**: https://github.com/\$OWNER/\$REPOSITORY/compare/\$PREVIOUS_TAG...${tagTemplate} - name-template: "${nameTemplate}" - tag-template: "${tagTemplate}" - tag-prefix: "${tagPrefix}" - prerelease-identifier: "rc" - version-resolver: - major: - labels: - - "release-major" - minor: - labels: - - "release-minor" - patch: - labels: - - "release-patch" - default: patch - autolabeler: - - label: "release-major" - title: - - "/^BREAKING CHANGE:/" - - "/^\\\\w+!:/" - - "/^\\\\w+\\\\(.+\\\\)!:/" - - label: "release-minor" - title: - - "/^feat:/" - - "/^feat\\\\(.+\\\\):/" - `; - - // Get the config file from the repository - try { - const { data: { content } } = await github.rest.repos.getContent({ - owner: context.repo.owner, - repo: context.repo.repo, - path: configPath, - }); - - const decodedContent = Buffer.from(content, 'base64').toString('utf-8'); - if (decodedContent === config) { - core.info('No changes to the release configuration file.'); - return null; - } - } catch (error) { - if (error.status !== 404) { - throw error; - } - } - - core.setOutput('config-content', config); - core.setOutput('config-path', configPath); - - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - if: steps.get-config.outputs.config-content - with: - persist-credentials: false - ref: refs/heads/${{ github.event.repository.default_branch }} - sparse-checkout: ${{ needs.prepare.outputs.config-path }} - - - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 - if: steps.get-config.outputs.config-content - id: prepare-pull-request - env: - CONFIG_CONTENT: ${{ steps.get-config.outputs.config-content }} - CONFIG_PATH: ${{ needs.prepare.outputs.config-path }} - CONFIG_SLUG: ${{ needs.prepare.outputs.config-slug }} - WORKING_DIRECTORY: ${{ needs.prepare.outputs.working-directory }} - with: - script: | - const fs = require('node:fs'); - const path = require('node:path'); - - const configContent = process.env.CONFIG_CONTENT; - const configPath = process.env.CONFIG_PATH; - const configDir = path.dirname(configPath); - - fs.mkdirSync(configDir, { recursive: true }); - fs.writeFileSync(configPath, configContent, 'utf8'); - - const outputs = { - branch: `ci/prepare-release-config${process.env.CONFIG_SLUG ? `/${process.env.CONFIG_SLUG}` : ''}`, - title: `ci: prepare release configuration${process.env.CONFIG_SLUG ? ` for "${process.env.CONFIG_SLUG}"` : ''}`, - body: `Prepare release configuration${process.env.WORKING_DIRECTORY ? ` for "${process.env.WORKING_DIRECTORY}" working directory` : ''}.`, - "commit-message": `ci: prepare release configuration${process.env.CONFIG_SLUG ? ` for "${process.env.CONFIG_SLUG}"` : ''}\n\n[skip ci]`, - }; - - for (const [key, value] of Object.entries(outputs)) { - core.setOutput(key, value); - } - - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 - if: ${{ steps.get-config.outputs.config-content && inputs.github-app-id }} - id: generate-token - with: - app-id: ${{ inputs.github-app-id }} - private-key: ${{ secrets.github-app-key }} - - - uses: hoverkraft-tech/ci-github-common/actions/create-and-merge-pull-request@f5847cb398fe65d53794e6aba98ebdfa0801f691 # 0.32.0 - if: steps.get-config.outputs.config-content - with: - github-token: ${{ steps.generate-token.outputs.token || secrets.github-token || github.token }} - branch: ${{ steps.prepare-pull-request.outputs.branch }} - title: ${{ steps.prepare-pull-request.outputs.title }} - body: ${{ steps.prepare-pull-request.outputs.body }} - commit-message: | - ${{ steps.prepare-pull-request.outputs.commit-message }} diff --git a/.github/workflows/release-actions.yml b/.github/workflows/release-actions.yml index e1de650c..548e4df8 100644 --- a/.github/workflows/release-actions.yml +++ b/.github/workflows/release-actions.yml @@ -312,7 +312,7 @@ jobs: # jscpd:ignore-start - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 if: inputs.github-app-id id: generate-token with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 348d47c8..eacdfe80 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,6 +21,19 @@ on: type: boolean default: false required: false + working-directory: + description: | + Working directory for monorepo support. + If specified, the release configuration will be generated at runtime when missing. + type: string + default: "" + required: false + include-paths: + description: | + Additional paths to include in the generated release configuration (JSON array). + type: string + default: "[]" + required: false permissions: {} @@ -44,6 +57,8 @@ jobs: uses: ./self-workflow/actions/release/create with: prerelease: ${{ inputs.prerelease }} + working-directory: ${{ inputs.working-directory }} + include-paths: ${{ inputs.include-paths }} # jscpd:ignore-start - uses: hoverkraft-tech/ci-github-common/actions/local-workflow-actions@f5847cb398fe65d53794e6aba98ebdfa0801f691 # 0.32.0 diff --git a/actions/deploy/jampack/action.yml b/actions/deploy/jampack/action.yml index b72d389f..869949f8 100644 --- a/actions/deploy/jampack/action.yml +++ b/actions/deploy/jampack/action.yml @@ -20,7 +20,7 @@ runs: shell: bash run: echo "dir=$(npm config get cache)" >> "$GITHUB_OUTPUT" - - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 + - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 id: npm-cache with: path: ${{ steps.npm-cache-dir.outputs.dir }} @@ -33,7 +33,7 @@ runs: # Install jampack globally npm install -g @divriots/jampack - - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 + - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: "${{ runner.temp }}/.jampack" key: ${{ runner.os }}-jampack-${{ github.run_id }} diff --git a/actions/release/create/action.yml b/actions/release/create/action.yml index 14616c31..0bed30ba 100644 --- a/actions/release/create/action.yml +++ b/actions/release/create/action.yml @@ -20,6 +20,13 @@ inputs: type: string required: false default: "" + include-paths: + description: | + Additional paths to include in the release notes filtering (JSON array). + These paths are added to the `include-paths` configuration of release-drafter. + type: string + required: false + default: "[]" github-token: description: | GitHub Token for creating the release. @@ -37,6 +44,10 @@ outputs: runs: using: "composite" steps: + - uses: hoverkraft-tech/ci-github-common/actions/checkout@f5847cb398fe65d53794e6aba98ebdfa0801f691 # 0.32.0 + with: + fetch-depth: "0" + - shell: bash # FIXME: workaround until will be merged: https://github.com/actions/runner/pull/1684 run: mkdir -p ./self-release-create-actions/ && cp -r $GITHUB_ACTION_PATH/../* ./self-release-create-actions/ @@ -45,26 +56,21 @@ runs: uses: ./self-release-create-actions/get-configuration with: working-directory: ${{ inputs.working-directory }} + include-paths: ${{ inputs.include-paths }} - shell: bash # FIXME: workaround until will be merged: https://github.com/actions/runner/pull/1684 run: | rm -fr ./self-release-create-actions - - uses: hoverkraft-tech/ci-github-common/actions/checkout@f5847cb398fe65d53794e6aba98ebdfa0801f691 # 0.32.0 - with: - fetch-depth: "0" - - id: release - uses: release-drafter/release-drafter@6a93d829887aa2e0748befe2e808c66c0ec6e4c7 # v6.4.0 - env: - GITHUB_TOKEN: ${{ inputs.github-token }} + uses: release-drafter/release-drafter@139054aeaa9adc52ab36ddf67437541f039b88e2 # v7.1.1 with: + token: ${{ inputs.github-token }} publish: ${{ inputs.publish }} - # config-name is relative to .github/ directory - config-name: ${{ steps.get-configuration.outputs.config-name }} + # config-path is relative to ".github" directory + config-name: file:${{ steps.get-configuration.outputs.config-path }} prerelease: ${{ inputs.prerelease }} - disable-autolabeler: true latest: ${{ inputs.prerelease != 'true' && !inputs.working-directory && 'true' || 'false' }} - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 diff --git a/actions/release/get-configuration/action.yml b/actions/release/get-configuration/action.yml index 9f17fb12..1fca181f 100644 --- a/actions/release/get-configuration/action.yml +++ b/actions/release/get-configuration/action.yml @@ -14,22 +14,17 @@ inputs: type: string required: false default: "" + include-paths: + description: | + Additional paths to include in the release notes filtering (JSON array). + These paths are added to the `include-paths` configuration of release-drafter. + type: string + required: false + default: "[]" outputs: - working-directory: - description: | - The working directory used for the release. - Relative to the repository root. - Empty if not set. - value: ${{ steps.get-config.outputs.working-directory }} - config-slug: - description: "The slug derived from the working directory. Empty if no working directory is set." - value: ${{ steps.get-config.outputs.config-slug }} - config-name: - description: "The name of the release configuration file" - value: ${{ steps.get-config.outputs.config-name }} config-path: - description: "The path to the release configuration file" + description: "The effective configuration path relative to the .github directory" value: ${{ steps.get-config.outputs.config-path }} runs: @@ -41,30 +36,164 @@ runs: WORKING_DIRECTORY: ${{ inputs.working-directory }} with: script: | - const path = require('node:path'); const fs = require('node:fs'); + const path = require('node:path'); + const workspace = process.env.GITHUB_WORKSPACE || process.cwd(); + const githubDirectory = path.join(workspace, '.github'); let workingDirectory = process.env.WORKING_DIRECTORY.trim(); - let configName = 'release-config.yml'; + let configRelativePath = 'release-config.yml'; + let configSlug = ''; if (workingDirectory) { // Get working directory absolute path const workingDirectoryFullPath = path.isAbsolute(workingDirectory) ? workingDirectory - : path.join(process.env.GITHUB_WORKSPACE || '', workingDirectory); + : path.join(workspace, workingDirectory); - workingDirectory = path.relative(process.env.GITHUB_WORKSPACE, workingDirectoryFullPath); + workingDirectory = path.relative(workspace, workingDirectoryFullPath); core.setOutput("working-directory", workingDirectory); // Convert path to slug: handle slashes, spaces, and special characters - const slug = path.basename(workingDirectoryFullPath) + configSlug = path.basename(workingDirectoryFullPath) .toLowerCase() .replace(/[^a-z0-9]+/g, '-') // Replace non-alphanumeric chars with dashes .replace(/^-+|-+$/g, ''); // Remove leading/trailing dashes - core.setOutput("config-slug", slug); - configName = `release-configs/${slug}.yml`; + core.setOutput("config-slug", configSlug); + configRelativePath = `release-configs/${configSlug}.yml`; + } + + const repositoryConfigPath = path.join(githubDirectory, configRelativePath); + const configExists = fs.existsSync(repositoryConfigPath); + + if (configExists) { + core.setOutput('config-exists', true); + const relativeRepositoryConfigPath = path.relative(githubDirectory, repositoryConfigPath).split(path.sep).join('/'); + core.debug(`Using repository config path: ${relativeRepositoryConfigPath}`); + core.setOutput('config-path', relativeRepositoryConfigPath); + return; } - core.setOutput("config-name", configName); - core.setOutput("config-path", `.github/${configName}`); + const runnerTemp = process.env.RUNNER_TEMP || path.join(workspace, '.runner-temp'); + const tempDirectory = path.join(runnerTemp, 'release-drafter'); + const tempConfigPath = path.join(tempDirectory, path.basename(configRelativePath)); + const relativeTempConfigPath = path.relative(githubDirectory, tempConfigPath).split(path.sep).join('/'); + core.debug(`Using generated config path: ${relativeTempConfigPath}`); + core.setOutput('config-path', relativeTempConfigPath); + + - id: create-temp-config + if: steps.get-config.outputs.config-exists != 'true' + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + env: + CONFIG_SLUG: ${{ steps.get-config.outputs.config-slug }} + INCLUDE_PATHS: ${{ inputs.include-paths }} + CONFIG_PATH: ${{ steps.get-config.outputs.config-path }} + WORKING_DIRECTORY: ${{ steps.get-config.outputs.working-directory }} + with: + script: | + const fs = require('node:fs'); + const path = require('node:path'); + + let configPath = process.env.CONFIG_PATH; + const configSlug = process.env.CONFIG_SLUG || ''; + const workingDirectory = process.env.WORKING_DIRECTORY || ''; + const workspace = process.env.GITHUB_WORKSPACE || process.cwd(); + const githubDirectory = path.join(workspace, '.github'); + + if (!configPath) { + return core.setFailed('Configuration path is not specified.'); + } + configPath = path.join(githubDirectory, configPath); + + const includePaths = new Set(); + try { + const includePathsInput = JSON.parse(process.env.INCLUDE_PATHS || '[]'); + if (!Array.isArray(includePathsInput)) { + return core.setFailed('include-paths input is not an array'); + } + + for (const includePath of includePathsInput) { + if (typeof includePath !== 'string') { + return core.setFailed('include-paths input must be an array of strings'); + } + + const trimmedPath = includePath.trim(); + if (trimmedPath.length === 0) { + continue; + } + + includePaths.add(trimmedPath); + } + } catch (error) { + return core.setFailed(`Failed to parse include-paths input: ${error.message}`); + } + + if (workingDirectory) { + includePaths.add(workingDirectory); + const workflowRef = process.env.GITHUB_WORKFLOW_REF || ''; + const repository = process.env.GITHUB_REPOSITORY || ''; + if (workflowRef && repository) { + const currentWorkflow = workflowRef.replace(`${repository}/`, '').replace(/@.*/, '').trim(); + if (currentWorkflow.length > 0) { + includePaths.add(currentWorkflow); + } + } + } + + core.debug(`Resolved include paths: ${JSON.stringify(Array.from(includePaths))}`); + + let includePathsSection = ''; + if (includePaths.size > 0) { + const pathsYaml = Array.from(includePaths).map(includePath => ` - "${includePath}"`).join('\n'); + includePathsSection = `include-paths:\n${pathsYaml}\n`; + } + + const nameTemplate = workingDirectory + ? `Version ${configSlug} - \$RESOLVED_VERSION` + : 'Version \$RESOLVED_VERSION'; + + const tagPrefix = workingDirectory + ? `${configSlug}-` + : ''; + + const tagTemplate = `${tagPrefix}\$RESOLVED_VERSION`; + + const configContent = [ + '---', + `${includePathsSection}template: |`, + ' # What\'s Changed', + ' \$CHANGES', + ` **Full Changelog**: https://github.com/\$OWNER/\$REPOSITORY/compare/\$PREVIOUS_TAG...${tagTemplate}`, + `name-template: "${nameTemplate}"`, + `tag-template: "${tagTemplate}"`, + `tag-prefix: "${tagPrefix}"`, + 'prerelease-identifier: "rc"', + 'version-resolver:', + ' major:', + ' labels:', + ' - "release-major"', + ' minor:', + ' labels:', + ' - "release-minor"', + ' patch:', + ' labels:', + ' - "release-patch"', + ' default: patch', + 'autolabeler:', + ' - label: "release-major"', + ' title:', + ' - "/^BREAKING CHANGE:/"', + ' - "/^\\\\w+!:/"', + ' - "/^\\\\w+\\\\(.+\\\\)!:/"', + ' - label: "release-minor"', + ' title:', + ' - "/^feat:/"', + ' - "/^feat\\\\(.+\\\\):/"', + '', + ].join('\n'); + + core.debug(`Writing generated config to: ${configPath}:\n${configContent}`); + + fs.mkdirSync(path.dirname(configPath), { recursive: true }); + fs.writeFileSync(configPath, configContent, 'utf8');