From 44257ab61a55e54df05542e3360c353180e579fe Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Thu, 27 Nov 2025 13:01:17 +1030 Subject: [PATCH 01/19] Refactor docs building This change refactors how we build the documentation: - Introduce a new workflow, build-docs that calls docusaurus-action and builds the docs. - It can also optionally "version tag" the docs - It can also "deploy" the docs (ie build the zipped archive for later deployment). - It introduces the use of a new environment parameter called PRODUCT (to differentiate the deployment of evolve and ednar). Other workflows were adapted to use this new flow. The benefit of this refactoring is that all aspects of the documentation building are now controlled centrally via 1 flow. Additionally, it allows to easily create separate, stand-alone docs-deployment flows. Signed-off-by: Alex Lourie --- .github/workflows/build-docs.yaml | 120 +++++ .github/workflows/csharp-app-release.yml | 75 +-- .github/workflows/csharp-app-snapshot.yml | 83 +--- .github/workflows/csharp-build.yml | 28 +- .../workflows/maven-app-release-with-docs.yml | 432 ++++++++++++++++++ .github/workflows/maven-app-release.yml | 91 +--- .github/workflows/maven-app-snapshot.yml | 83 +--- .github/workflows/maven-build-oss.yml | 28 +- .github/workflows/maven-build.yml | 28 +- .../workflows/maven-lib-release-with-docs.yml | 425 +++++++++++++++++ .github/workflows/maven-lib-release.yml | 97 +--- .github/workflows/maven-lib-snapshot.yml | 83 +--- .github/workflows/npm-app-build.yml | 28 +- .../workflows/npm-app-release-with-docs.yml | 394 ++++++++++++++++ .github/workflows/npm-app-release.yml | 99 +--- .../workflows/npm-app-snapshot-release.yml | 83 +--- .github/workflows/npm-lib-snapshot.yml | 81 +--- .github/workflows/python-build.yml | 28 +- .../python-lib-release-with-docs.yml | 419 +++++++++++++++++ .github/workflows/python-lib-release.yml | 93 +--- .github/workflows/python-lib-snapshot.yml | 81 +--- 21 files changed, 1872 insertions(+), 1007 deletions(-) create mode 100644 .github/workflows/build-docs.yaml create mode 100644 .github/workflows/maven-app-release-with-docs.yml create mode 100644 .github/workflows/maven-lib-release-with-docs.yml create mode 100644 .github/workflows/npm-app-release-with-docs.yml create mode 100644 .github/workflows/python-lib-release-with-docs.yml diff --git a/.github/workflows/build-docs.yaml b/.github/workflows/build-docs.yaml new file mode 100644 index 00000000..8d56ec0d --- /dev/null +++ b/.github/workflows/build-docs.yaml @@ -0,0 +1,120 @@ +name: Build Docs + +on: + workflow_call: + inputs: + DEPLOY: + description: 'Flag to deploy the docs' + required: false + type: boolean + default: false + VERSION: + description: 'Version to tag the release with' + required: false + type: string + default: "0" + secrets: + CI_GITHUB_TOKEN: + required: true + + outputs: + artifact-uploaded: + value: ${{ jobs.build-docs.outputs.artifact-uploaded }} + product: + value: ${{ jobs.build-docs.outputs.product }} + component: + value: ${{ jobs.build-docs.outputs.component }} + +jobs: + build-docs: + runs-on: ubuntu-latest + container: zepben/pipeline-docusaurus + outputs: + artifact-uploaded: ${{ steps.artifact.outputs.uploaded }} + product: ${{ steps.docs-component.outputs.product }} + component: ${{ steps.docs-component.outputs.component }} + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + PRODUCT: ${{ vars.PRODUCT }} + steps: + + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Check that DOCS_TITLE and PRODUCT are properly defined in the repo + run: | + if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then + echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" + exit 1 + fi + if [[ ! -z $PRODUCT && $PRODUCT != "evolve" && $PRODUCT != "ednar" ]]; then + echo "The only supported values for \$PRODUCT environment variable are 'evolve' and 'ednar'! It's currently set to '$PRODUCT'" + exit 1 + fi + shell: bash + + - name: Fetch the document component name + id: docs-component + shell: sh {0} + run: | + # Figure out the product type + product=${PRODUCT:-"evolve"} + echo "product=$product" >> "${GITHUB_OUTPUT}" + + # This is a project/component name, both for the docs slug and for the proper directory under zepben.github.io {product}/docs/{component} + echo "component=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" + + - name: Build docusaurus + id: build + uses: zepben/docusaurus-action@OPS-512-support-product + with: + VERSION: ${{ inputs.VERSION }} + NPM_REPO: ${{ secrets.NPM_REPO }} + NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + DOCS_TITLE: ${{ env.DOCS_TITLE }} + PRODUCT: ${{ env.PRODUCT }} + continue-on-error: true + + - name: Failed build + if: steps.build.outcome == 'failure' + run: | + echo "There was an error in the docusaurus build above. Docs are not pushed" + echo " :boom: There was an error in the docusaurus build step. Current docs are not published" >> ${GITHUB_STEP_SUMMARY} + shell: sh + + - name: Check if we need to skip deployment for hotfix or LTS branch + if: ${{ inputs.DEPLOY }} + run: | + if [[ ${GITHUB_REF_NAME} =~ "hotfix" || ${GITHUB_REF_NAME} =~ "LTS" ]]; then + echo "deployDocs=no" >> ${GITHUB_ENV} + echo "Running on LTS or hotfix branch, skip deploying docs" + else + echo "deployDocs=yes" >> ${GITHUB_ENV} + fi + + - name: Zip documentation + if: ${{ env.deployDocs == 'yes' }} + run: | + cd docs/build + zip -r ../../docs.zip . + shell: bash + + - uses: actions/upload-artifact@v4 + if: ${{ steps.build.outcome == 'success' && env.deployDocs == 'yes' }} + id: upload + with: + name: docs.zip + path: docs.zip + + - if: ${{ steps.upload.outcome == 'success' }} + id: artifact + run: + echo "uploaded=yes" >> "${GITHUB_OUTPUT}" diff --git a/.github/workflows/csharp-app-release.yml b/.github/workflows/csharp-app-release.yml index 14e23044..889037d9 100644 --- a/.github/workflows/csharp-app-release.yml +++ b/.github/workflows/csharp-app-release.yml @@ -228,76 +228,13 @@ jobs: shell: bash build-docs: - needs: release-checks - runs-on: ubuntu-latest + needs: [release-checks] if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - container: zepben/pipeline-docusaurus - steps: - - name: Install Git - run: | - apk add git zip - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh + uses: ./.github/workflows/build-docs.yaml + with: + DEPLOY: true + VERSION: ${{ needs.release-checks.outputs.version }} + secrets: inherit create-release: diff --git a/.github/workflows/csharp-app-snapshot.yml b/.github/workflows/csharp-app-snapshot.yml index 0deab92c..a5dcfeb3 100644 --- a/.github/workflows/csharp-app-snapshot.yml +++ b/.github/workflows/csharp-app-snapshot.yml @@ -198,85 +198,12 @@ jobs: path: ${{ env.artifact_id }}/bin/Release/ build-docs: - runs-on: ubuntu-latest - container: zepben/pipeline-docusaurus needs: [build-app] if: ${{ needs.build-app.outputs.docs-present == 'yes' }} - outputs: - artifact-uploaded: ${{ steps.artifact.outputs.uploaded }} - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - steps: - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - continue-on-error: true - - - name: Failed build - if: steps.build.outcome == 'failure' - run: | - echo "There was an error in the docusaurus build above. Docs are not pushed" - echo " :boom: There was an error in the docusaurus build step. Current docs are not published" >> ${GITHUB_STEP_SUMMARY} - shell: sh - - - name: Check if we need to skip deployment for hotfix or LTS branch - run: | - if [[ ${GITHUB_REF_NAME} =~ "hotfix" || ${GITHUB_REF_NAME} =~ "LTS" ]]; then - echo "deployDocs=no" >> ${GITHUB_ENV} - echo "Running on LTS or hotfix branch, skip deploying docs" - else - echo "deployDocs=yes" >> ${GITHUB_ENV} - fi - - - name: Zip documentation - if: ${{ env.deployDocs == 'yes' }} - run: | - cd docs/build - zip -r ../../docs.zip . - shell: bash - - - uses: actions/upload-artifact@v4 - if: ${{ steps.build.outcome == 'success' && env.deployDocs == 'yes' }} - id: upload - with: - name: docs.zip - path: docs.zip - - - if: ${{ steps.upload.outcome == 'success' }} - id: artifact - run: - echo "uploaded=yes" >> "${GITHUB_OUTPUT}" - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi - - + uses: ./.github/workflows/build-docs.yaml + with: + deploy: true + secrets: inherit deploy-docs: runs-on: ubuntu-latest @@ -289,4 +216,4 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' diff --git a/.github/workflows/csharp-build.yml b/.github/workflows/csharp-build.yml index 1abdc3b4..748577e0 100644 --- a/.github/workflows/csharp-build.yml +++ b/.github/workflows/csharp-build.yml @@ -185,29 +185,7 @@ jobs: run: vstest.console.exe ${{ inputs.test_files }} /Platform:${{ inputs.platform }} build-docs: - runs-on: ubuntu-latest - needs: checks + needs: [checks] if: ${{ needs.checks.outputs.docs-present == 'yes' }} - container: zepben/pipeline-docusaurus - steps: - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} + uses: ./.github/workflows/build-docs.yaml + secrets: inherit diff --git a/.github/workflows/maven-app-release-with-docs.yml b/.github/workflows/maven-app-release-with-docs.yml new file mode 100644 index 00000000..5e2092ae --- /dev/null +++ b/.github/workflows/maven-app-release-with-docs.yml @@ -0,0 +1,432 @@ +# Note: default release notes file is docs/release.md. +name: Maven App Release + Docs + +on: + workflow_call: + inputs: + product-key: + description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' + required: false + default: "productkeynotprovided" + type: string + private: + description: 'Calling workflow from a private repo' + required: true + type: boolean + default: true + sourcepath: + description: 'Path to source directory (used for licence check)' + required: false + type: string + default: "src" + + outputs: + version: + description: "The current released version." + value: ${{ jobs.release-checks.outputs.version }} + + secrets: + CI_GITHUB_TOKEN: + required: true + NEXUS_MAVEN_REPO: + required: true + NEXUS_USERNAME: + required: true + NEXUS_PASSWORD: + required: true + NEXUS_SIGNATURE: + required: true + NEXUS_MAVEN_SNAPSHOT: + required: true + NEXUS_MAVEN_RELEASE: + required: true + SLACK_NOTIFICATION: + required: false + SLACK_WEBHOOK: + required: false + NPM_REPO: + required: true + DOCS_REPO: + required: true + DOCS_REPO_EVOLVE_WORKFLOW: + required: true + LC_URL: + required: false + + + +jobs: + release-checks: + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + DEBUG: ${{ secrets.DEBUG }} + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + NEXUS_MAVEN_RELEASE: ${{ secrets.NEXUS_MAVEN_RELEASE }} + NEXUS_MAVEN_SNAPSHOT: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} + SLACK_NOTIFICATION: YES + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + outputs: + version: ${{ steps.check.outputs.version }} + docs-present: ${{ steps.docs.outputs.present }} + changelog: ${{ steps.changelog.outputs.changelog }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Cache licence-check + uses: actions/cache@v4 + with: + path: /lc + key: lcc + + - name: Check licence + uses: zepben/licence-check-action@main + with: + LC_URL: ${{ secrets.LC_URL }} + PATH: ${{ inputs.sourcepath }} + + - name: Release checks and update version for release + id: check + run: | + /scripts/release-checks.sh --java --maven pom.xml + /scripts/finalize-version.sh --java --maven pom.xml changelog.md + version=$(xmlstarlet pyx pom.xml | grep -v ^A | xmlstarlet p2x | xmlstarlet sel -t -v "/project/version") + echo "version=$(echo $version)" >> "${GITHUB_OUTPUT}" + shell: bash + + - name: Check if docs present + id: docs + run: | + if [ -d docs ]; then + echo "Docs folder found, will run the build-docs job" + echo "present=yes" >> "${GITHUB_OUTPUT}" + echo "present=yes" >> "${GITHUB_ENV}" + else + echo "Docs folder not found, will skip the build-docs" + fi + + - name: Check doc build artifacts are ignored + if: ${{ env.present == 'yes' }} + shell: sh {0} + run: | + # Make sure directories are properly ignored + # docs/node_modules + git check-ignore -q docs/node_modules + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" + exit 1 + fi + + # docs/build + git check-ignore -q docs/build + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/build' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" + exit 1 + fi + + - name: Test changelog format + id: changelog + shell: bash + run: | + changelog=$(sed -n -E "/${{ steps.check.outputs.version }}/,/## [[0-9]+\.[0-9]+\.[0-9]+]/ { /## \[/d;p }" changelog.md) + if [[ -z "$changelog" ]]; then + echo "Changelog content was not found - ensure your changelog.md matches the expected growing format. Deleting release branch." + git push origin -d release + # We can safely fail here because we haven't done anything yet. Changelog.md file should be in correct format. + exit 1 + fi + # Changelog has newlines which isn't well supported, so we base64 with line wrap disabled (-w0) + new_changelog=$(echo "${changelog}" | base64 -w0) + echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT + + + build-docs: + needs: release-checks + runs-on: ubuntu-latest + if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} + outputs: + artifact: docs + product-key: ${{ steps.docs-component.outputs.name }} + product-repo: ${{ steps.docs-component.outputs.repo }} + container: zepben/pipeline-docusaurus + steps: + - name: Install Git + run: | + apk add git zip + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - uses: actions/checkout@v4 + + - name: Check that title is defined in the repo + run: | + if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then + echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" + exit 1 + fi + env: + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + shell: bash + + - name: Checkout release branch + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git checkout release + shell: sh + + - name: Cache nodejs deps + uses: actions/cache@v4 + with: + path: ~/.npm + key: npm + + - name: Build docusaurus + id: build + uses: zepben/docusaurus-action@main + with: + VERSION: ${{ needs.release-checks.outputs.version }} + NPM_REPO: ${{ secrets.NPM_REPO }} + NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + continue-on-error: true + + - name: Zip documentation + run: | + cd docs/build + zip -r ../../docs.zip . + shell: sh + + - uses: actions/upload-artifact@v4 + if: steps.build.outcome == 'success' + with: + name: docs.zip + path: docs.zip + if-no-files-found: error + + - name: Fail build + if: steps.build.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in the docusaurus build above." + exit 1 + shell: sh + + - name: Fetch the document component name + id: docs-component + shell: sh {0} + run: | + echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" + # if product key is supplied + if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then + echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" + else + # parse out the product key from the repository name + echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" + fi + + deploy: + needs: [release-checks, build-docs] + runs-on: ubuntu-latest + container: zepben/pipeline-java-ewb + outputs: + artifact: ${{ steps.build.outputs.artifact }} + artifact-id: ${{ steps.build.outputs.artifact-id }} + version: ${{ steps.build.outputs.version }} + env: + NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + NEXUS_SIGNATURE: ${{ secrets.NEXUS_SIGNATURE }} + steps: + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - uses: actions/checkout@v4 + + - name: Cache maven deps + uses: actions/cache@v4 + with: + path: /maven + key: maven + + - name: Checkout release branch + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git checkout release + shell: bash + + - name: Maven package + id: build + run: | + artifactId=$(xmlstarlet pyx pom.xml | grep -v ^A | xmlstarlet p2x | xmlstarlet sel -t -v "/project/artifactId") + version=$(xmlstarlet pyx pom.xml | grep -v ^A | xmlstarlet p2x | xmlstarlet sel -t -v "/project/version") + artifact="${artifactId}-${version}" + mvn clean package -B -f pom.xml -P release -Dgpg.key.id=$GPG_KEY_ID -Dgpg.key.password=$GPG_KEY_PASSWORD -Dserver.username=$NEXUS_USERNAME -Dserver.password=$NEXUS_PASSWORD -Dserver.repo.url=$NEXUS_MAVEN_REPO -Dnexus.signature=$NEXUS_SIGNATURE + mkdir .artifact-$artifact + cp target/* -t .artifact-$artifact || : + rm .artifact-$artifact/original*.jar || : + echo "version=$(echo $version)" >> ${GITHUB_OUTPUT} + echo "artifact=$(echo $artifact)" >> ${GITHUB_OUTPUT} + echo "artifact-id=$(echo $artifactId)" >> ${GITHUB_OUTPUT} + echo "artifact-path=$(echo .artifact-$artifact/)" >> ${GITHUB_OUTPUT} + shell: bash + continue-on-error: true + + - name: Upload coverage to Codecov + if: steps.build.outcome == 'success' + uses: codecov/codecov-action@v4 + with: + token: ${{ secrets.CODECOV_TOKEN }} + continue-on-error: true + + - uses: actions/upload-artifact@v4 + id: upload + if: steps.build.outcome == 'success' + with: + name: ${{ steps.build.outputs.artifact }} + path: ${{ steps.build.outputs.artifact-path }} + include-hidden-files: true + if-no-files-found: error + + - name: Delete release branch if deploy failed and fail + if: steps.build.outcome == 'failure' || steps.upload.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in the mvn package command above." + exit 1 + shell: bash + + create-release: + needs: [deploy, build-docs, release-checks] + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Merge and Tag + id: merge + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git branch -a + git merge origin/release + git push origin ${GITHUB_REF/refs\/heads\//} + git tag "v${{ needs.release-checks.outputs.version }}" + git push --tags + echo "tag=$(echo v${{ needs.release-checks.outputs.version }})" >> "${GITHUB_OUTPUT}" + shell: bash + continue-on-error: true + + - name: Delete release branch if merge failed and fail + if: steps.merge.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in merging the branch. release branch was deleted." + exit 1 + shell: bash + + - name: Download binary + uses: actions/download-artifact@v4 + with: + name: ${{ needs.deploy.outputs.artifact }} + path: built-artifacts + continue-on-error: true + + - name: Get latest changelog + id: changelog + run: | + echo "${{ needs.release-checks.outputs.changelog }}" | base64 -d > latest_changelog.txt + shell: bash + continue-on-error: true + + - name: Create Release and upload assets + if: success() + id: create_release + uses: softprops/action-gh-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ steps.merge.outputs.tag }} + body_path: latest_changelog.txt + draft: false + prerelease: false + files: | + built-artifacts/* + continue-on-error: true + + - name: Deploy documentation + uses: peter-evans/repository-dispatch@v1 + with: + token: ${{ secrets.CI_GITHUB_TOKEN }} + repository: ${{ secrets.DOCS_REPO }} + event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + continue-on-error: true + + # call-build-container: + # needs: [build-artifact, create-release] + # uses: zepben/energy-workbench-server/.github/workflows/build-release-container.yaml@main + # with: + # ewbRelease: ${{ needs.build-artifact.outputs.version }} + + update-version: + needs: [create-release] + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + DEBUG: ${{ secrets.DEBUG }} + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + NEXUS_MAVEN_SNAPSHOT: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} + NEXUS_MAVEN_RELEASE: ${{ secrets.NEXUS_MAVEN_RELEASE }} + SLACK_NOTIFICATION: YES + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Update to next minor version + run: | + /scripts/update-version.sh --java --maven --release pom.xml changelog.md + shell: bash diff --git a/.github/workflows/maven-app-release.yml b/.github/workflows/maven-app-release.yml index 33c984e3..1ef1b23c 100644 --- a/.github/workflows/maven-app-release.yml +++ b/.github/workflows/maven-app-release.yml @@ -151,90 +151,13 @@ jobs: build-docs: - needs: release-checks - runs-on: ubuntu-latest + needs: [release-checks] if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - container: zepben/pipeline-docusaurus - steps: - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - if-no-files-found: error - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi + uses: ./.github/workflows/build-docs.yaml + with: + DEPLOY: true + VERSION: ${{ needs.release-checks.outputs.version }} + secrets: inherit deploy: needs: [release-checks, build-docs] @@ -389,7 +312,7 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' continue-on-error: true update-version: diff --git a/.github/workflows/maven-app-snapshot.yml b/.github/workflows/maven-app-snapshot.yml index 98730c18..e76de145 100644 --- a/.github/workflows/maven-app-snapshot.yml +++ b/.github/workflows/maven-app-snapshot.yml @@ -162,85 +162,12 @@ jobs: fi build-docs: - runs-on: ubuntu-latest - container: zepben/pipeline-docusaurus needs: [build-app] if: ${{ needs.build-app.outputs.docs-present == 'yes' }} - outputs: - artifact-uploaded: ${{ steps.artifact.outputs.uploaded }} - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - steps: - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Failed build - if: steps.build.outcome == 'failure' - run: | - echo "There was an error in the docusaurus build above. Docs are not pushed" - echo " :boom: There was an error in the docusaurus build step. Current docs are not published" >> ${GITHUB_STEP_SUMMARY} - shell: sh - - - name: Check if we need to skip deployment for hotfix or LTS branch - run: | - if [[ ${GITHUB_REF_NAME} =~ "hotfix" || ${GITHUB_REF_NAME} =~ "LTS" ]]; then - echo "deployDocs=no" >> ${GITHUB_ENV} - echo "Running on LTS or hotfix branch, skip deploying docs" - else - echo "deployDocs=yes" >> ${GITHUB_ENV} - fi - - - name: Zip documentation - if: ${{ env.deployDocs == 'yes' }} - run: | - cd docs/build - zip -r ../../docs.zip . - shell: bash - - - uses: actions/upload-artifact@v4 - if: ${{ steps.build.outcome == 'success' && env.deployDocs == 'yes' }} - id: upload - with: - name: docs.zip - path: docs.zip - - - if: ${{ steps.upload.outcome == 'success' }} - id: artifact - run: - echo "uploaded=yes" >> "${GITHUB_OUTPUT}" - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi - + uses: ./.github/workflows/build-docs.yaml + with: + deploy: true + secrets: inherit update-snapshot-version: needs: [build-app] @@ -280,4 +207,4 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' diff --git a/.github/workflows/maven-build-oss.yml b/.github/workflows/maven-build-oss.yml index ace60e9d..91b252df 100644 --- a/.github/workflows/maven-build-oss.yml +++ b/.github/workflows/maven-build-oss.yml @@ -130,29 +130,7 @@ jobs: fi build-docs: - runs-on: ubuntu-latest - needs: build-and-test + needs: [build-and-test] if: ${{ needs.build-and-test.outputs.docs-present == 'yes' }} - container: zepben/pipeline-docusaurus - steps: - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} + uses: ./.github/workflows/build-docs.yaml + secrets: inherit diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml index d677d8d5..86dacdf7 100644 --- a/.github/workflows/maven-build.yml +++ b/.github/workflows/maven-build.yml @@ -167,29 +167,7 @@ jobs: fi build-docs: - runs-on: ubuntu-latest - needs: build-and-test + needs: [build-and-test] if: ${{ needs.build-and-test.outputs.docs-present == 'yes' }} - container: zepben/pipeline-docusaurus - steps: - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} + uses: ./.github/workflows/build-docs.yaml + secrets: inherit diff --git a/.github/workflows/maven-lib-release-with-docs.yml b/.github/workflows/maven-lib-release-with-docs.yml new file mode 100644 index 00000000..c9e1a3ca --- /dev/null +++ b/.github/workflows/maven-lib-release-with-docs.yml @@ -0,0 +1,425 @@ +# Note: default release notes file is docs/release.md. +name: Maven Library Release + Docs + +on: + workflow_call: + inputs: + product-key: + description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' + required: false + default: "productkeynotprovided" + type: string + private: + description: 'Calling workflow from a private repo' + required: false + type: boolean + default: true + sourcepath: + description: 'Path to source directory (used for licence check)' + required: false + type: string + default: "src" + + secrets: + CI_GITHUB_TOKEN: + required: true + NEXUS_MAVEN_REPO: + required: true + NEXUS_USERNAME: + required: true + NEXUS_PASSWORD: + required: true + NEXUS_MAVEN_SNAPSHOT: + required: true + NEXUS_MAVEN_RELEASE: + required: true + SLACK_NOTIFICATION: + required: false + SLACK_WEBHOOK: + required: false + LC_URL: + required: false + ZEPBEN_GPG_KEY: + required: false + MAVEN_CENTRAL_USERNAME: + required: false + MAVEN_CENTRAL_PASSWORD: + required: false + GPG_KEY_ID: + required: false + GPG_KEY_PASSWORD: + required: false + NPM_REPO: + required: true + DOCS_REPO: + required: true + DOCS_REPO_EVOLVE_WORKFLOW: + required: true + + + +jobs: + release-checks: + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + DEBUG: ${{ secrets.DEBUG }} + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + NEXUS_MAVEN_RELEASE: ${{ secrets.NEXUS_MAVEN_RELEASE }} + NEXUS_MAVEN_SNAPSHOT: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} + SLACK_NOTIFICATION: YES + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + outputs: + version: ${{ steps.check.outputs.version }} + docs-present: ${{ steps.docs.outputs.present }} + changelog: ${{ steps.changelog.outputs.changelog }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Cache licence-check + uses: actions/cache@v4 + with: + path: /lc + key: lcc + + - name: Check licence + uses: zepben/licence-check-action@main + with: + LC_URL: ${{ secrets.LC_URL }} + PATH: ${{ inputs.sourcepath }} + + - name: Release checks and update version for release + id: check + run: | + /scripts/release-checks.sh --java --maven pom.xml + /scripts/finalize-version.sh --java --maven pom.xml changelog.md + version=$(xmlstarlet pyx pom.xml | grep -v ^A | xmlstarlet p2x | xmlstarlet sel -t -v "/project/version") + echo "version=$version" >> "${GITHUB_OUTPUT}" + shell: bash + + - name: Check if docs present + id: docs + run: | + if [ -d docs ]; then + echo "Docs folder found, will run the build-docs job" + echo "present=yes" >> "${GITHUB_OUTPUT}" + echo "present=yes" >> "${GITHUB_ENV}" + else + echo "Docs folder not found, will skip the build-docs" + fi + + - name: Check doc build artifacts are ignored + if: ${{ env.present == 'yes' }} + shell: sh {0} + run: | + # Make sure directories are properly ignored + # docs/node_modules + git check-ignore -q docs/node_modules + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" + exit 1 + fi + + # docs/build + git check-ignore -q docs/build + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/build' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" + exit 1 + fi + + - name: Test changelog format + id: changelog + shell: bash + run: | + changelog=$(sed -n -E "/${{ steps.check.outputs.version }}/,/## [[0-9]+\.[0-9]+\.[0-9]+]/ { /## \[/d;p }" changelog.md) + if [[ -z "$changelog" ]]; then + echo "Changelog content was not found - ensure your changelog.md matches the expected growing format. Deleting release branch." + git push origin -d release + # We can safely fail here because we haven't done anything yet. Changelog.md file should be in correct format. + exit 1 + fi + # Changelog has newlines which isn't well supported, so we base64 with line wrap disabled (-w0) + new_changelog=$(echo "${changelog}" | base64 -w0) + echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT + + build-docs: + needs: release-checks + runs-on: ubuntu-latest + if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} + outputs: + artifact: docs + product-key: ${{ steps.docs-component.outputs.name }} + product-repo: ${{ steps.docs-component.outputs.repo }} + container: zepben/pipeline-docusaurus + steps: + - name: Install Git + run: | + apk add git zip + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - uses: actions/checkout@v4 + + - name: Check that title is defined in the repo + run: | + if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then + echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" + exit 1 + fi + env: + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + shell: bash + + - name: Checkout release branch + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git checkout release + shell: sh + + - name: Cache nodejs deps + uses: actions/cache@v4 + with: + path: ~/.npm + key: npm + + - name: Build docusaurus + id: build + uses: zepben/docusaurus-action@main + with: + VERSION: ${{ needs.release-checks.outputs.version }} + NPM_REPO: ${{ secrets.NPM_REPO }} + NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + continue-on-error: true + + - name: Zip documentation + run: | + cd docs/build + zip -r ../../docs.zip . + shell: sh + + - uses: actions/upload-artifact@v4 + if: steps.build.outcome == 'success' + with: + name: docs.zip + path: docs.zip + if-no-files-found: error + + - name: Fail build + if: steps.build.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in the docusaurus build above." + exit 1 + shell: sh + + - name: Fetch the document component name + id: docs-component + shell: sh {0} + run: | + # if product key is supplied + if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then + echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" + else + # parse out the product key from the repository name + echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" + fi + + + deploy: + needs: [release-checks, build-docs] + runs-on: ubuntu-latest + outputs: + artifact: ${{ steps.build.outputs.artifact }} + container: zepben/pipeline-java-ewb + steps: + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - uses: actions/checkout@v4 + + - name: Cache maven deps + uses: actions/cache@v4 + with: + path: /maven + key: maven + + - name: Checkout release branch + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git checkout release + shell: bash + + - name: Set profile + id: profile + shell: bash + run: | + priv=${{ inputs.private }} + if [[ $priv == 'true' ]]; then echo "PROFILE=zepben-maven" >> ${GITHUB_ENV}; else echo "PROFILE=maven-central" >> ${GITHUB_ENV}; fi + + - name: Maven deploy to Central + id: build + uses: zepben/maven-deploy-central-action@main + with: + NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + NEXUS_RELEASE_URL: ${{ secrets.NEXUS_MAVEN_RELEASE }} + NEXUS_SNAPSHOT_URL: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} + ZEPBEN_GPG_KEY: ${{ secrets.ZEPBEN_GPG_KEY_B64 }} + MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }} + MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} + GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} + GPG_KEY_PASSWORD: ${{ secrets.GPG_KEY_PASSWORD }} + PROFILE: ${{ env.PROFILE }} + continue-on-error: true + + - name: Upload coverage to Codecov + if: steps.build.outcome == 'success' + uses: codecov/codecov-action@v4 + with: + token: ${{ secrets.CODECOV_TOKEN }} + continue-on-error: true + + - uses: actions/upload-artifact@v4 + if: steps.build.outcome == 'success' + with: + name: ${{ steps.build.outputs.artifact }} + path: ${{ steps.build.outputs.artifact-path }} + + - name: Delete release branch if deploy failed and fail + if: steps.build.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in the mvn deploy command above." + exit 1 + shell: bash + + create-release: + needs: [deploy, build-docs, release-checks] + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Merge and Tag + id: merge + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git branch -a + git merge origin/release + git push origin ${GITHUB_REF/refs\/heads\//} + git tag "v${{ needs.release-checks.outputs.version }}" + git push --tags + echo "::set-output name=tag::$(echo v${{ needs.release-checks.outputs.version }})" + shell: bash + continue-on-error: true + + - name: Delete release branch if merge failed and fail + if: steps.merge.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in merging the branch. release branch was deleted." + exit 1 + shell: bash + + - name: Download binary + uses: actions/download-artifact@v4 + with: + name: ${{ needs.deploy.outputs.artifact }} + path: built-artifacts + continue-on-error: true + + - name: Get latest changelog + id: changelog + run: | + echo "${{ needs.release-checks.outputs.changelog }}" | base64 -d > latest_changelog.txt + shell: bash + continue-on-error: true + + - name: Create Release and upload assets + if: success() + id: create_release + uses: softprops/action-gh-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ steps.merge.outputs.tag }} + body_path: latest_changelog.txt + draft: false + prerelease: false + files: | + built-artifacts/${{ needs.deploy.outputs.artifact }} + continue-on-error: true + + - name: Deploy documentation + uses: peter-evans/repository-dispatch@v1 + with: + token: ${{ secrets.CI_GITHUB_TOKEN }} + repository: ${{ secrets.DOCS_REPO }} + event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + continue-on-error: true + + update-version: + needs: [create-release] + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + DEBUG: ${{ secrets.DEBUG }} + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + NEXUS_MAVEN_SNAPSHOT: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} + NEXUS_MAVEN_RELEASE: ${{ secrets.NEXUS_MAVEN_RELEASE }} + SLACK_NOTIFICATION: YES + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Update to next minor version + run: | + /scripts/update-version.sh --java --maven --release pom.xml changelog.md + shell: bash diff --git a/.github/workflows/maven-lib-release.yml b/.github/workflows/maven-lib-release.yml index d8e585fe..045d6ff2 100644 --- a/.github/workflows/maven-lib-release.yml +++ b/.github/workflows/maven-lib-release.yml @@ -158,94 +158,13 @@ jobs: echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT build-docs: - needs: release-checks - runs-on: ubuntu-latest + needs: [release-checks] if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - container: zepben/pipeline-docusaurus - steps: - - name: Install Git - run: | - apk add git zip - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - if-no-files-found: error - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi - + uses: ./.github/workflows/build-docs.yaml + with: + DEPLOY: true + VERSION: ${{ needs.release-checks.outputs.version }} + secrets: inherit deploy: needs: [release-checks, build-docs] @@ -253,6 +172,8 @@ jobs: runs-on: ubuntu-latest outputs: artifact: ${{ steps.build.outputs.artifact }} + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} container: zepben/pipeline-java-ewb steps: - name: Work around git permission issue @@ -404,7 +325,7 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}" }' continue-on-error: true update-version: diff --git a/.github/workflows/maven-lib-snapshot.yml b/.github/workflows/maven-lib-snapshot.yml index 376320c2..6c76e8ab 100644 --- a/.github/workflows/maven-lib-snapshot.yml +++ b/.github/workflows/maven-lib-snapshot.yml @@ -13,7 +13,7 @@ on: required: false type: string default: "src" - product-key: + component: description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' required: false default: "productkeynotprovided" @@ -170,83 +170,12 @@ jobs: continue-on-error: true build-docs: - runs-on: ubuntu-latest - container: zepben/pipeline-docusaurus needs: [check-docs] if: ${{ needs.check-docs.outputs.docs-present == 'yes' }} - outputs: - artifact-uploaded: ${{ steps.artifact.outputs.uploaded }} - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - steps: - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - continue-on-error: true - - - name: Failed build - if: steps.build.outcome == 'failure' - run: | - echo "There was an error in the docusaurus build above. Docs are not pushed" - echo " :boom: There was an error in the docusaurus build step. Current docs are not published" >> ${GITHUB_STEP_SUMMARY} - shell: sh - - - name: Check if we need to skip deployment for hotfix or LTS branch - run: | - if [[ ${GITHUB_REF_NAME} =~ "hotfix" || ${GITHUB_REF_NAME} =~ "LTS" ]]; then - echo "deployDocs=no" >> ${GITHUB_ENV} - echo "Running on LTS or hotfix branch, skip deploying docs" - else - echo "deployDocs=yes" >> ${GITHUB_ENV} - fi - - - name: Zip documentation - if: ${{ env.deployDocs == 'yes' }} - run: | - cd docs/build - zip -r ../../docs.zip . - shell: bash - - - uses: actions/upload-artifact@v4 - if: ${{ steps.build.outcome == 'success' && env.deployDocs == 'yes' }} - id: upload - with: - name: docs.zip - path: docs.zip - - - if: ${{ steps.upload.outcome == 'success' }} - id: artifact - run: - echo "uploaded=yes" >> "${GITHUB_OUTPUT}" - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi + uses: ./.github/workflows/build-docs.yaml + with: + deploy: true + secrets: inherit update-snapshot-version: needs: [deploy] @@ -286,5 +215,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}" }' diff --git a/.github/workflows/npm-app-build.yml b/.github/workflows/npm-app-build.yml index 25fb3318..f1f0a117 100644 --- a/.github/workflows/npm-app-build.yml +++ b/.github/workflows/npm-app-build.yml @@ -166,29 +166,7 @@ jobs: fi build-docs: - runs-on: ubuntu-latest - needs: build-and-test + needs: [build-and-test] if: ${{ needs.build-and-test.outputs.docs-present == 'yes' }} - container: zepben/pipeline-docusaurus - steps: - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} + uses: ./.github/workflows/build-docs.yaml + secrets: inherit diff --git a/.github/workflows/npm-app-release-with-docs.yml b/.github/workflows/npm-app-release-with-docs.yml new file mode 100644 index 00000000..ecacb2b6 --- /dev/null +++ b/.github/workflows/npm-app-release-with-docs.yml @@ -0,0 +1,394 @@ +name: NPM Static App Release + +on: + workflow_call: + inputs: + product-key: + description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' + required: false + default: "productkeynotprovided" + type: string + private: + description: 'Calling workflow from a private repo' + required: false + type: boolean + default: true + sourcepath: + description: 'Path to source directory (used for licence check)' + required: false + type: string + default: "src" + secrets: + NEXUS_NPM_REPO: + required: true + CI_NPM_TOKEN: + required: true + CI_GITHUB_TOKEN: + required: true + SLACK_NOTIFICATION: + required: false + SLACK_WEBHOOK: + required: false + LC_URL: + required: false + + outputs: + version: + description: "The current released version." + value: ${{ jobs.build-artifact.outputs.version }} +jobs: + release-checks: + runs-on: ubuntu-latest + container: zepben/pipeline-basic + continue-on-error: false + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + SLACK_NOTIFICATION: YES + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + outputs: + version: ${{ steps.check.outputs.version }} + docs-present: ${{ steps.docs.outputs.present }} + changelog: ${{ steps.changelog.outputs.changelog }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Cache licence-check + uses: actions/cache@v4 + with: + path: /lc + key: lcc + + - name: Check licence + uses: zepben/licence-check-action@main + with: + LC_URL: ${{ secrets.LC_URL }} + PATH: ${{ inputs.sourcepath }} + + - name: Release checks and update version for release + id: check + run: | + /scripts/release-checks.sh --js package.json + /scripts/finalize-version.sh --js package.json changelog.md + version=$(jq -r .version package.json) + echo "version=$version" >> $GITHUB_OUTPUT + shell: bash + + - name: Check if docs present + id: docs + shell: bash + run: | + if [ -d docs ]; then + echo "Docs folder found, will run the build-docs job" + echo "present=yes" >> "${GITHUB_OUTPUT}" + echo "present=yes" >> "${GITHUB_ENV}" + else + echo "Docs folder not found, will skip the build-docs" + fi + + - name: Check doc build artifacts are ignored + if: ${{ env.present == 'yes' }} + shell: sh {0} + run: | + # Make sure directories are properly ignored + # docs/node_modules + git check-ignore -q docs/node_modules + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" + exit 1 + fi + + # docs/build + git check-ignore -q docs/build + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/build' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" + exit 1 + fi + + - name: Test changelog format + id: changelog + run: | + changelog=$(sed -n -E "/${{ steps.check.outputs.version }}/,/## [[0-9]+\.[0-9]+\.[0-9]+]/ { /## \[/d;p }" changelog.md) + if [[ -z "$changelog" ]]; then + echo "Changelog content was not found - ensure your changelog.md matches the expected growing format. Deleting release branch." + git push origin -d release + # We can safely fail here because we haven't done anything yet. Changelog.md file should be in correct format. + exit 1 + fi + # Changelog has newlines which isn't well supported, so we base64 with line wrap disabled (-w0) + new_changelog=$(echo "${changelog}" | base64 -w0) + echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT + + build-docs: + needs: release-checks + runs-on: ubuntu-latest + if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} + outputs: + artifact: docs + product-key: ${{ steps.docs-component.outputs.name }} + product-repo: ${{ steps.docs-component.outputs.repo }} + container: zepben/pipeline-docusaurus + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + steps: + + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Check that title is defined in the repo + run: | + if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then + echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" + exit 1 + fi + env: + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + shell: bash + + - name: Checkout release branch + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git checkout release + shell: sh + + - name: Cache nodejs deps + uses: actions/cache@v4 + with: + path: ~/.npm + key: npm + + - name: Build docusaurus + id: build + uses: zepben/docusaurus-action@main + with: + VERSION: ${{ needs.release-checks.outputs.version }} + NPM_REPO: ${{ secrets.NPM_REPO }} + NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + continue-on-error: true + + - name: Zip documentation + run: | + cd docs/build + zip -r ../../docs.zip . + shell: sh + + - uses: actions/upload-artifact@v4 + if: steps.build.outcome == 'success' + with: + name: docs.zip + path: docs.zip + if-no-files-found: error + + - name: Fail build + if: steps.build.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in the docusaurus build above." + exit 1 + shell: sh + + - name: Fetch the document component name + id: docs-component + shell: sh {0} + run: | + echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" + # if product key is supplied + if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then + echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" + else + # parse out the product key from the repository name + echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" + fi + + + build-artifact: + needs: [build-docs, release-checks] + runs-on: ubuntu-latest + container: node:20-alpine + outputs: + artifact: ${{ steps.build.outputs.artifact }} + artifact-id: ${{ steps.build.outputs.artifact-id }} + version: ${{ steps.build.outputs.version }} + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + steps: + - name: Install Dependencies + run: | + apk add jq tar alpine-conf git + + - name: Cache nodejs deps + uses: actions/cache@v4 + with: + path: ~/.npm + key: npm + + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Set timezone to Australia/ACT + run: | + setup-timezone -z Australia/ACT + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Checkout release branch + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git checkout release + shell: sh + + - name: create .npmrc + run: | + rm -rf .npmrc + echo "@zepben:registry=${{ secrets.NEXUS_NPM_REPO }}" >> .npmrc + echo "//nexus.z.zepben.cloud/repository/zepben-npm/:_authToken=${{ secrets.CI_NPM_TOKEN }}" >> .npmrc + echo "\n" >> .npmrc + + - name: build + id: build + run: | + npm ci --unsafe-perm + npm run prod + version=$(jq -r .version package.json) + artifactId=$(jq -r .name package.json) + artifact="$artifactId-$version.tar.bz2" + tar jcvf "$artifact" -C dist . + echo "version=$version" >> "${GITHUB_OUTPUT}" + echo "artifact=$artifact" >> "${GITHUB_OUTPUT}" + continue-on-error: true + + - uses: actions/upload-artifact@v4 + if: steps.build.outcome == 'success' + with: + name: ${{ steps.build.outputs.artifact }} + path: ${{ steps.build.outputs.artifact }} + + - name: Fail build + if: steps.build.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in the npm package command above." + exit 1 + shell: sh + + create-release: + needs: [build-artifact] + runs-on: ubuntu-latest + outputs: + artifact: ${{ steps.merge.outputs.artifact }} + tag: ${{ steps.merge.outputs.tag }} + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Get latest changelog + id: changelog + run: | + echo "${{ needs.release-checks.outputs.changelog }}" | base64 -d > latest_changelog.txt + shell: bash + continue-on-error: true + + - name: Merge and Tag + id: merge + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git merge origin/release + git push origin ${GITHUB_REF/refs\/heads\//} + version=$(jq -r .version package.json) + git tag "v$version" + git push --tags + echo "::set-output name=tag::$(echo v$version)" + echo "::set-output name=artifact::$(echo ${{ needs.build-artifact.outputs.artifact }})" + shell: bash + continue-on-error: true + + - name: Fail + if: steps.merge.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in merging the branch. release branch was deleted." + exit 1 + shell: bash + + - name: Create Release and upload assets + if: success() + id: create_release + uses: softprops/action-gh-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ steps.merge.outputs.tag }} + body_path: latest_changelog.txt + draft: false + prerelease: false + files: | + built-artifacts/${{ needs.build-artifact.outputs.artifact }} + continue-on-error: true + + - name: Deploy documentation + uses: peter-evans/repository-dispatch@v1 + with: + token: ${{ secrets.CI_GITHUB_TOKEN }} + repository: ${{ secrets.DOCS_REPO }} + event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + continue-on-error: true + + update-version: + needs: create-release + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + DEBUG: ${{ secrets.DEBUG }} + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + SLACK_NOTIFICATION: YES + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Update to next minor version + run: | + /scripts/update-version.sh --js --release package.json changelog.md + shell: bash diff --git a/.github/workflows/npm-app-release.yml b/.github/workflows/npm-app-release.yml index 78fbc1c2..f44a4696 100644 --- a/.github/workflows/npm-app-release.yml +++ b/.github/workflows/npm-app-release.yml @@ -129,98 +129,13 @@ jobs: echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT build-docs: - needs: release-checks - runs-on: ubuntu-latest + needs: [release-checks] if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - container: zepben/pipeline-docusaurus - env: - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - steps: - - name: Install Git - run: | - apk add git zip - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - if-no-files-found: error - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi - + uses: ./.github/workflows/build-docs.yaml + with: + DEPLOY: true + VERSION: ${{ needs.release-checks.outputs.version }} + secrets: inherit build-artifact: needs: [build-docs, release-checks] @@ -400,7 +315,7 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' update-version: needs: create-release diff --git a/.github/workflows/npm-app-snapshot-release.yml b/.github/workflows/npm-app-snapshot-release.yml index 3f5797a4..719fefae 100644 --- a/.github/workflows/npm-app-snapshot-release.yml +++ b/.github/workflows/npm-app-snapshot-release.yml @@ -152,84 +152,13 @@ jobs: fi build-docs: - runs-on: ubuntu-latest needs: [build-artifact] - container: zepben/pipeline-docusaurus if: ${{ needs.build-artifact.outputs.docs-present == 'yes' }} - outputs: - artifact-uploaded: ${{ steps.artifact.outputs.uploaded }} - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - steps: - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Failed build - if: steps.build.outcome == 'failure' - run: | - echo "There was an error in the docusaurus build above. Docs are not pushed" - echo " :boom: There was an error in the docusaurus build step. Current docs are not published" >> ${GITHUB_STEP_SUMMARY} - shell: sh - - - name: Check if we need to skip deployment for hotfix or LTS branch - run: | - if [[ ${GITHUB_REF_NAME} =~ "hotfix" || ${GITHUB_REF_NAME} =~ "LTS" ]]; then - echo "deployDocs=no" >> ${GITHUB_ENV} - echo "Running on LTS or hotfix branch, skip deploying docs" - else - echo "deployDocs=yes" >> ${GITHUB_ENV} - fi - - - name: Zip documentation - if: ${{ env.deployDocs == 'yes' }} - run: | - cd docs/build - zip -r ../../docs.zip . - shell: bash - - - uses: actions/upload-artifact@v4 - if: ${{ steps.build.outcome == 'success' && env.deployDocs == 'yes' }} - id: upload - with: - name: docs.zip - path: docs.zip - - - if: ${{ steps.upload.outcome == 'success' }} - id: artifact - run: - echo "uploaded=yes" >> "${GITHUB_OUTPUT}" - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi + uses: ./.github/workflows/build-docs.yaml + with: + DEPLOY: true + VERSION: ${{ needs.build-artifact.outputs.version }} + secrets: inherit update-snapshot-version: needs: [build-artifact] @@ -266,5 +195,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' diff --git a/.github/workflows/npm-lib-snapshot.yml b/.github/workflows/npm-lib-snapshot.yml index c13c77fb..643023b0 100644 --- a/.github/workflows/npm-lib-snapshot.yml +++ b/.github/workflows/npm-lib-snapshot.yml @@ -146,83 +146,12 @@ jobs: fi build-docs: - runs-on: ubuntu-latest needs: [build-artifact] if: ${{ needs.build-artifact.outputs.docs-present == 'yes' }} - container: zepben/pipeline-docusaurus - outputs: - artifact-uploaded: ${{ steps.artifact.outputs.uploaded }} - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - steps: - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - continue-on-error: true - - - name: Failed build - if: steps.build.outcome == 'failure' - run: | - echo "There was an error in the docusaurus build above. Docs are not pushed" - echo " :boom: There was an error in the docusaurus build step. Current docs are not published" >> ${GITHUB_STEP_SUMMARY} - shell: sh - - - name: Check if we need to skip deployment for hotfix or LTS branch - run: | - if [[ ${GITHUB_REF_NAME} =~ "hotfix" || ${GITHUB_REF_NAME} =~ "LTS" ]]; then - echo "deployDocs=no" >> ${GITHUB_ENV} - echo "Running on LTS or hotfix branch, skip deploying docs" - else - echo "deployDocs=yes" >> ${GITHUB_ENV} - fi - - - name: Zip documentation - if: ${{ env.deployDocs == 'yes' }} - run: | - cd docs/build - zip -r ../../docs.zip . - shell: bash - - - uses: actions/upload-artifact@v4 - if: ${{ steps.build.outcome == 'success' && env.deployDocs == 'yes' }} - id: upload - with: - name: docs.zip - path: docs.zip - - - if: ${{ steps.upload.outcome == 'success' }} - id: artifact - run: - echo "uploaded=yes" >> "${GITHUB_OUTPUT}" - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi + uses: ./.github/workflows/build-docs.yaml + with: + deploy: true + secrets: inherit update-snapshot-version: needs: [build-artifact] @@ -259,5 +188,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' diff --git a/.github/workflows/python-build.yml b/.github/workflows/python-build.yml index 0a5715c9..ae5318d3 100644 --- a/.github/workflows/python-build.yml +++ b/.github/workflows/python-build.yml @@ -142,29 +142,7 @@ jobs: fi build-docs: - runs-on: ubuntu-latest - needs: build-and-test + needs: [build-and-test] if: ${{ needs.build-and-test.outputs.docs-present == 'yes' }} - container: zepben/pipeline-docusaurus - steps: - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} + uses: ./.github/workflows/build-docs.yaml + secrets: inherit diff --git a/.github/workflows/python-lib-release-with-docs.yml b/.github/workflows/python-lib-release-with-docs.yml new file mode 100644 index 00000000..c05a939e --- /dev/null +++ b/.github/workflows/python-lib-release-with-docs.yml @@ -0,0 +1,419 @@ +# Note: default release notes file is docs/release.md. +name: Python Library Release + Docs + +on: + workflow_call: + inputs: + product-key: + description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' + required: false + type: string + private: + description: 'Calling workflow from a private repo' + required: false + type: boolean + default: true + sourcepath: + description: 'Path to source directory (used for licence check)' + required: false + type: string + default: "src" + + secrets: + CI_GITHUB_TOKEN: + required: true + ZEPBEN_PYPI_REPO: + required: false + NEXUS_USERNAME: + required: false + NEXUS_PASSWORD: + required: false + SLACK_NOTIFICATION: + required: false + SLACK_WEBHOOK: + required: false + LC_URL: + required: false + COVERALLS_REPO_TOKEN: + required: false + PYPI_API_TOKEN: + required: false + NPM_REPO: + required: true + DOCS_REPO: + required: true + DOCS_REPO_EVOLVE_WORKFLOW: + required: true + + + +jobs: + release-checks: + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + DEBUG: ${{ secrets.DEBUG }} + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + SLACK_NOTIFICATION: ${{ secrets.SLACK_NOTIFICATION }} + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + outputs: + version: ${{ steps.check.outputs.version }} + docs-present: ${{ steps.docs.outputs.present }} + changelog: ${{ steps.changelog.outputs.changelog }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Release checks and update version for release + id: check + run: | + /scripts/release-checks.sh --python pyproject.toml + /scripts/finalize-version.sh --python pyproject.toml + version="$(cat pyproject.toml | grep 'version[[:space:]]*=[[:space:]]*"\?[0-9]\+\.[0-9]\+\.[0-9]\+\(b[0-9]\+\)\?"\?' | grep -o "[0-9]\+\.[0-9]\+\.[0-9]\+\(b[0-9]\+\)\?")" + echo "version=$version" >> "${GITHUB_OUTPUT}" + shell: bash + + - name: Cache licence-check + uses: actions/cache@v4 + with: + path: /lc + key: lcc + + - name: Check licence + uses: zepben/licence-check-action@main + with: + LC_URL: ${{ secrets.LC_URL }} + PATH: ${{ inputs.sourcepath }} + + - name: Check if docs present + id: docs + run: | + if [ -d docs ]; then + echo "Docs folder found, will run the build-docs job" + echo "present=yes" >> "${GITHUB_OUTPUT}" + echo "present=yes" >> "${GITHUB_ENV}" + else + echo "Docs folder not found, will skip the build-docs" + fi + + - name: Check doc build artifacts are ignored + if: ${{ env.present == 'yes' }} + shell: sh {0} + run: | + # Make sure directories are properly ignored + # docs/node_modules + git check-ignore -q docs/node_modules + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" + exit 1 + fi + + # docs/build + git check-ignore -q docs/build + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/build' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" + exit 1 + fi + + - name: Test changelog format + id: changelog + shell: bash + run: | + changelog=$(sed -n -E "/${{ steps.check.outputs.version }}/,/## [[0-9]+\.[0-9]+\.[0-9]+]/ { /## \[/d;p }" changelog.md) + if [[ -z "$changelog" ]]; then + echo "Changelog content was not found - ensure your changelog.md matches the expected growing format. Deleting release branch." + git push origin -d release + # We can safely fail here because we haven't done anything yet. Changelog.md file should be in correct format. + exit 1 + fi + # Changelog has newlines which isn't well supported, so we base64 with line wrap disabled (-w0) + new_changelog=$(echo "${changelog}" | base64 -w0) + echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT + + python-deps-check: + needs: release-checks + runs-on: ubuntu-latest + container: python:3.10 + steps: + - uses: actions/checkout@v4 + + - name: Test install the local package with deps + run: | + # finalize-version above removes all snapshot/test versions + # from zepben packages. Now let's try to install to see if deps exist or fail quick + pip install --pre '.' + + + build-docs: + needs: [release-checks, python-deps-check] + runs-on: ubuntu-latest + if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} + outputs: + artifact: docs + product-key: ${{ steps.docs-component.outputs.name }} + product-repo: ${{ steps.docs-component.outputs.repo }} + container: zepben/pipeline-docusaurus + steps: + - name: Install Git + run: | + apk add git zip + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - uses: actions/checkout@v4 + + - name: Check that title is defined in the repo + run: | + if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then + echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" + exit 1 + fi + env: + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + shell: bash + + - name: Checkout release branch + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git checkout release + shell: sh + + - name: Cache nodejs deps + uses: actions/cache@v4 + with: + path: ~/.npm + key: npm + + - name: Build docusaurus + id: build + uses: zepben/docusaurus-action@main + with: + VERSION: ${{ needs.release-checks.outputs.version }} + NPM_REPO: ${{ secrets.NPM_REPO }} + NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + DOCS_TITLE: ${{ vars.DOCS_TITLE }} + continue-on-error: true + + - name: Zip documentation + run: | + cd docs/build + zip -r ../../docs.zip . + shell: sh + + - uses: actions/upload-artifact@v4 + if: steps.build.outcome == 'success' + with: + name: docs.zip + path: docs.zip + if-no-files-found: error + + - name: Fail build + if: steps.build.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in the docusaurus build above." + exit 1 + shell: sh + + - name: Fetch the document component name + id: docs-component + shell: sh {0} + run: | + echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" + # if product key is supplied + if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then + echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" + else + # parse out the product key from the repository name + echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" + fi + + + + deploy: + needs: [release-checks, build-docs] + runs-on: ubuntu-latest + container: python:3.10 + outputs: + artifact: ${{ steps.build.outputs.artifact }} + steps: + - name: Install dependencies + run: | + pip install tox twine + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - uses: actions/checkout@v4 + + - name: Checkout release branch + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git checkout release + shell: sh + + - name: Create .pypirc + env: + PYPI_API_TOKEN: ${{ secrets.PYPI_API_TOKEN }} + run: | + echo "[pypi]" > ~/.pypirc + echo "username = __token__" >> ~/.pypirc + echo "password = $PYPI_API_TOKEN" >> ~/.pypirc + echo "\n" >> ~/.pypirc + + - name: Build and publish + id: build + run: | + tox + twine upload --non-interactive --config-file ~/.pypirc dist/* + artifact_id=$(grep name= pyproject.toml | cut -d= -f2 | tr -d '",' | sed 's-\.-_-g') + artifact="${artifact_id}-${{ needs.release-checks.outputs.version }}-py3-none-any.whl" + echo "::set-output name=artifact::$(echo $artifact)" + echo "::set-output name=artifact-path::$(echo dist/$artifact)" + shell: bash + continue-on-error: true + + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v4 + with: + fail_ci_if_error: false + token: ${{ secrets.CODECOV_TOKEN }} + continue-on-error: true + + + - uses: actions/upload-artifact@v4 + if: steps.build.outcome == 'success' + with: + name: ${{ steps.build.outputs.artifact }} + path: ${{ steps.build.outputs.artifact-path }} + + - name: Delete release branch if deploy failed and fail + if: steps.build.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in the python build and publish commands above." + exit 1 + shell: bash + + create-release: + needs: [deploy, build-docs, release-checks] + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Merge and Tag + id: merge + run: | + git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" + git fetch --all + git branch -a + git merge origin/release + git push origin ${GITHUB_REF/refs\/heads\//} + git tag "v${{ needs.release-checks.outputs.version }}" + git push --tags + echo "::set-output name=tag::$(echo v${{ needs.release-checks.outputs.version }})" + shell: bash + continue-on-error: true + + - name: Delete release branch if merge failed and fail + if: steps.merge.outcome == 'failure' + run: | + git push origin -d release + echo "There was an error in merging the branch. release branch was deleted." + exit 1 + shell: bash + + - name: Download binary + uses: actions/download-artifact@v4 + with: + name: ${{ needs.deploy.outputs.artifact }} + path: built-artifacts + continue-on-error: true + + - name: Get latest changelog + id: changelog + run: | + echo "${{ needs.release-checks.outputs.changelog }}" | base64 -d > latest_changelog.txt + shell: bash + continue-on-error: true + + - name: Create Release and upload assets + if: success() + id: create_release + uses: softprops/action-gh-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ steps.merge.outputs.tag }} + body_path: latest_changelog.txt + draft: false + prerelease: false + files: | + built-artifacts/${{ needs.deploy.outputs.artifact }} + continue-on-error: true + + - name: Deploy documentation + uses: peter-evans/repository-dispatch@v1 + with: + token: ${{ secrets.CI_GITHUB_TOKEN }} + repository: ${{ secrets.DOCS_REPO }} + event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + continue-on-error: true + + update-version: + needs: [create-release] + runs-on: ubuntu-latest + container: zepben/pipeline-basic + env: + DEBUG: ${{ secrets.DEBUG }} + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + ZEPBEN_PYPI_USERNAME: ${{ secrets.NEXUS_USERNAME }} + ZEPBEN_PYPI_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} + ZEPBEN_PYPI_REPO: ${{ secrets.ZEPBEN_PYPI_REPO }} + SLACK_NOTIFICATION: ${{ secrets.SLACK_NOTIFICATION }} + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ env.GITHUB_TOKEN }} + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Update to next minor version + run: | + /scripts/update-version.sh --python --release pyproject.toml changelog.md + shell: bash diff --git a/.github/workflows/python-lib-release.yml b/.github/workflows/python-lib-release.yml index f76434aa..43e0a008 100644 --- a/.github/workflows/python-lib-release.yml +++ b/.github/workflows/python-lib-release.yml @@ -153,95 +153,14 @@ jobs: # from zepben packages. Now let's try to install to see if deps exist or fail quick pip install --pre '.' - build-docs: needs: [release-checks, python-deps-check] - runs-on: ubuntu-latest if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - container: zepben/pipeline-docusaurus - steps: - - name: Install Git - run: | - apk add git zip - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - if-no-files-found: error - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi + uses: ./.github/workflows/build-docs.yaml + with: + DEPLOY: true + VERSION: ${{ needs.release-checks.outputs.version }} + secrets: inherit deploy: needs: [release-checks, build-docs] @@ -395,7 +314,7 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' continue-on-error: true update-version: diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index d292ea2a..9112fb8a 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -158,83 +158,12 @@ jobs: shell: bash build-docs: - runs-on: ubuntu-latest - container: zepben/pipeline-docusaurus needs: [deploy] if: ${{ needs.deploy.outputs.docs-present == 'yes' }} - outputs: - artifact-uploaded: ${{ steps.artifact.outputs.uploaded }} - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - steps: - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - TAG: false - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - continue-on-error: true - - - name: Failed build - if: steps.build.outcome == 'failure' - run: | - echo "There was an error in the docusaurus build above. Docs are not pushed" - echo " :boom: There was an error in the docusaurus build step. Current docs are not published" >> ${GITHUB_STEP_SUMMARY} - shell: sh - - - name: Check if we need to skip deployment for hotfix or LTS branch - run: | - if [[ ${GITHUB_REF_NAME} =~ "hotfix" || ${GITHUB_REF_NAME} =~ "LTS" ]]; then - echo "deployDocs=no" >> ${GITHUB_ENV} - echo "Running on LTS or hotfix branch, skip deploying docs" - else - echo "deployDocs=yes" >> ${GITHUB_ENV} - fi - - - name: Zip documentation - if: ${{ env.deployDocs == 'yes' }} - run: | - cd docs/build - zip -r ../../docs.zip . - shell: bash - - - uses: actions/upload-artifact@v4 - if: ${{ steps.build.outcome == 'success' && env.deployDocs == 'yes' }} - id: upload - with: - name: docs.zip - path: docs.zip - - - if: ${{ steps.upload.outcome == 'success' }} - id: artifact - run: - echo "uploaded=yes" >> "${GITHUB_OUTPUT}" - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi + uses: ./.github/workflows/build-docs.yaml + with: + deploy: true + secrets: inherit deploy-docs: runs-on: ubuntu-latest @@ -247,5 +176,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' From d97aae35f63ea1175a4186720286fdc81fdd618d Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 12:48:09 +1030 Subject: [PATCH 02/19] Clear the docs?... Signed-off-by: Alex Lourie --- .../workflows/maven-app-release-with-docs.yml | 432 ------------------ .../workflows/maven-lib-release-with-docs.yml | 425 ----------------- .../workflows/npm-app-release-with-docs.yml | 394 ---------------- .../python-lib-release-with-docs.yml | 419 ----------------- 4 files changed, 1670 deletions(-) delete mode 100644 .github/workflows/maven-app-release-with-docs.yml delete mode 100644 .github/workflows/maven-lib-release-with-docs.yml delete mode 100644 .github/workflows/npm-app-release-with-docs.yml delete mode 100644 .github/workflows/python-lib-release-with-docs.yml diff --git a/.github/workflows/maven-app-release-with-docs.yml b/.github/workflows/maven-app-release-with-docs.yml deleted file mode 100644 index 5e2092ae..00000000 --- a/.github/workflows/maven-app-release-with-docs.yml +++ /dev/null @@ -1,432 +0,0 @@ -# Note: default release notes file is docs/release.md. -name: Maven App Release + Docs - -on: - workflow_call: - inputs: - product-key: - description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' - required: false - default: "productkeynotprovided" - type: string - private: - description: 'Calling workflow from a private repo' - required: true - type: boolean - default: true - sourcepath: - description: 'Path to source directory (used for licence check)' - required: false - type: string - default: "src" - - outputs: - version: - description: "The current released version." - value: ${{ jobs.release-checks.outputs.version }} - - secrets: - CI_GITHUB_TOKEN: - required: true - NEXUS_MAVEN_REPO: - required: true - NEXUS_USERNAME: - required: true - NEXUS_PASSWORD: - required: true - NEXUS_SIGNATURE: - required: true - NEXUS_MAVEN_SNAPSHOT: - required: true - NEXUS_MAVEN_RELEASE: - required: true - SLACK_NOTIFICATION: - required: false - SLACK_WEBHOOK: - required: false - NPM_REPO: - required: true - DOCS_REPO: - required: true - DOCS_REPO_EVOLVE_WORKFLOW: - required: true - LC_URL: - required: false - - - -jobs: - release-checks: - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - DEBUG: ${{ secrets.DEBUG }} - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} - NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} - NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - NEXUS_MAVEN_RELEASE: ${{ secrets.NEXUS_MAVEN_RELEASE }} - NEXUS_MAVEN_SNAPSHOT: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} - SLACK_NOTIFICATION: YES - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - outputs: - version: ${{ steps.check.outputs.version }} - docs-present: ${{ steps.docs.outputs.present }} - changelog: ${{ steps.changelog.outputs.changelog }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Cache licence-check - uses: actions/cache@v4 - with: - path: /lc - key: lcc - - - name: Check licence - uses: zepben/licence-check-action@main - with: - LC_URL: ${{ secrets.LC_URL }} - PATH: ${{ inputs.sourcepath }} - - - name: Release checks and update version for release - id: check - run: | - /scripts/release-checks.sh --java --maven pom.xml - /scripts/finalize-version.sh --java --maven pom.xml changelog.md - version=$(xmlstarlet pyx pom.xml | grep -v ^A | xmlstarlet p2x | xmlstarlet sel -t -v "/project/version") - echo "version=$(echo $version)" >> "${GITHUB_OUTPUT}" - shell: bash - - - name: Check if docs present - id: docs - run: | - if [ -d docs ]; then - echo "Docs folder found, will run the build-docs job" - echo "present=yes" >> "${GITHUB_OUTPUT}" - echo "present=yes" >> "${GITHUB_ENV}" - else - echo "Docs folder not found, will skip the build-docs" - fi - - - name: Check doc build artifacts are ignored - if: ${{ env.present == 'yes' }} - shell: sh {0} - run: | - # Make sure directories are properly ignored - # docs/node_modules - git check-ignore -q docs/node_modules - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" - exit 1 - fi - - # docs/build - git check-ignore -q docs/build - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/build' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" - exit 1 - fi - - - name: Test changelog format - id: changelog - shell: bash - run: | - changelog=$(sed -n -E "/${{ steps.check.outputs.version }}/,/## [[0-9]+\.[0-9]+\.[0-9]+]/ { /## \[/d;p }" changelog.md) - if [[ -z "$changelog" ]]; then - echo "Changelog content was not found - ensure your changelog.md matches the expected growing format. Deleting release branch." - git push origin -d release - # We can safely fail here because we haven't done anything yet. Changelog.md file should be in correct format. - exit 1 - fi - # Changelog has newlines which isn't well supported, so we base64 with line wrap disabled (-w0) - new_changelog=$(echo "${changelog}" | base64 -w0) - echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT - - - build-docs: - needs: release-checks - runs-on: ubuntu-latest - if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - container: zepben/pipeline-docusaurus - steps: - - name: Install Git - run: | - apk add git zip - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - if-no-files-found: error - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi - - deploy: - needs: [release-checks, build-docs] - runs-on: ubuntu-latest - container: zepben/pipeline-java-ewb - outputs: - artifact: ${{ steps.build.outputs.artifact }} - artifact-id: ${{ steps.build.outputs.artifact-id }} - version: ${{ steps.build.outputs.version }} - env: - NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} - NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} - NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - NEXUS_SIGNATURE: ${{ secrets.NEXUS_SIGNATURE }} - steps: - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Cache maven deps - uses: actions/cache@v4 - with: - path: /maven - key: maven - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: bash - - - name: Maven package - id: build - run: | - artifactId=$(xmlstarlet pyx pom.xml | grep -v ^A | xmlstarlet p2x | xmlstarlet sel -t -v "/project/artifactId") - version=$(xmlstarlet pyx pom.xml | grep -v ^A | xmlstarlet p2x | xmlstarlet sel -t -v "/project/version") - artifact="${artifactId}-${version}" - mvn clean package -B -f pom.xml -P release -Dgpg.key.id=$GPG_KEY_ID -Dgpg.key.password=$GPG_KEY_PASSWORD -Dserver.username=$NEXUS_USERNAME -Dserver.password=$NEXUS_PASSWORD -Dserver.repo.url=$NEXUS_MAVEN_REPO -Dnexus.signature=$NEXUS_SIGNATURE - mkdir .artifact-$artifact - cp target/* -t .artifact-$artifact || : - rm .artifact-$artifact/original*.jar || : - echo "version=$(echo $version)" >> ${GITHUB_OUTPUT} - echo "artifact=$(echo $artifact)" >> ${GITHUB_OUTPUT} - echo "artifact-id=$(echo $artifactId)" >> ${GITHUB_OUTPUT} - echo "artifact-path=$(echo .artifact-$artifact/)" >> ${GITHUB_OUTPUT} - shell: bash - continue-on-error: true - - - name: Upload coverage to Codecov - if: steps.build.outcome == 'success' - uses: codecov/codecov-action@v4 - with: - token: ${{ secrets.CODECOV_TOKEN }} - continue-on-error: true - - - uses: actions/upload-artifact@v4 - id: upload - if: steps.build.outcome == 'success' - with: - name: ${{ steps.build.outputs.artifact }} - path: ${{ steps.build.outputs.artifact-path }} - include-hidden-files: true - if-no-files-found: error - - - name: Delete release branch if deploy failed and fail - if: steps.build.outcome == 'failure' || steps.upload.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the mvn package command above." - exit 1 - shell: bash - - create-release: - needs: [deploy, build-docs, release-checks] - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Merge and Tag - id: merge - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git branch -a - git merge origin/release - git push origin ${GITHUB_REF/refs\/heads\//} - git tag "v${{ needs.release-checks.outputs.version }}" - git push --tags - echo "tag=$(echo v${{ needs.release-checks.outputs.version }})" >> "${GITHUB_OUTPUT}" - shell: bash - continue-on-error: true - - - name: Delete release branch if merge failed and fail - if: steps.merge.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in merging the branch. release branch was deleted." - exit 1 - shell: bash - - - name: Download binary - uses: actions/download-artifact@v4 - with: - name: ${{ needs.deploy.outputs.artifact }} - path: built-artifacts - continue-on-error: true - - - name: Get latest changelog - id: changelog - run: | - echo "${{ needs.release-checks.outputs.changelog }}" | base64 -d > latest_changelog.txt - shell: bash - continue-on-error: true - - - name: Create Release and upload assets - if: success() - id: create_release - uses: softprops/action-gh-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ steps.merge.outputs.tag }} - body_path: latest_changelog.txt - draft: false - prerelease: false - files: | - built-artifacts/* - continue-on-error: true - - - name: Deploy documentation - uses: peter-evans/repository-dispatch@v1 - with: - token: ${{ secrets.CI_GITHUB_TOKEN }} - repository: ${{ secrets.DOCS_REPO }} - event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' - continue-on-error: true - - # call-build-container: - # needs: [build-artifact, create-release] - # uses: zepben/energy-workbench-server/.github/workflows/build-release-container.yaml@main - # with: - # ewbRelease: ${{ needs.build-artifact.outputs.version }} - - update-version: - needs: [create-release] - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - DEBUG: ${{ secrets.DEBUG }} - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} - NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} - NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - NEXUS_MAVEN_SNAPSHOT: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} - NEXUS_MAVEN_RELEASE: ${{ secrets.NEXUS_MAVEN_RELEASE }} - SLACK_NOTIFICATION: YES - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Update to next minor version - run: | - /scripts/update-version.sh --java --maven --release pom.xml changelog.md - shell: bash diff --git a/.github/workflows/maven-lib-release-with-docs.yml b/.github/workflows/maven-lib-release-with-docs.yml deleted file mode 100644 index c9e1a3ca..00000000 --- a/.github/workflows/maven-lib-release-with-docs.yml +++ /dev/null @@ -1,425 +0,0 @@ -# Note: default release notes file is docs/release.md. -name: Maven Library Release + Docs - -on: - workflow_call: - inputs: - product-key: - description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' - required: false - default: "productkeynotprovided" - type: string - private: - description: 'Calling workflow from a private repo' - required: false - type: boolean - default: true - sourcepath: - description: 'Path to source directory (used for licence check)' - required: false - type: string - default: "src" - - secrets: - CI_GITHUB_TOKEN: - required: true - NEXUS_MAVEN_REPO: - required: true - NEXUS_USERNAME: - required: true - NEXUS_PASSWORD: - required: true - NEXUS_MAVEN_SNAPSHOT: - required: true - NEXUS_MAVEN_RELEASE: - required: true - SLACK_NOTIFICATION: - required: false - SLACK_WEBHOOK: - required: false - LC_URL: - required: false - ZEPBEN_GPG_KEY: - required: false - MAVEN_CENTRAL_USERNAME: - required: false - MAVEN_CENTRAL_PASSWORD: - required: false - GPG_KEY_ID: - required: false - GPG_KEY_PASSWORD: - required: false - NPM_REPO: - required: true - DOCS_REPO: - required: true - DOCS_REPO_EVOLVE_WORKFLOW: - required: true - - - -jobs: - release-checks: - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - DEBUG: ${{ secrets.DEBUG }} - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} - NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} - NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - NEXUS_MAVEN_RELEASE: ${{ secrets.NEXUS_MAVEN_RELEASE }} - NEXUS_MAVEN_SNAPSHOT: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} - SLACK_NOTIFICATION: YES - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - outputs: - version: ${{ steps.check.outputs.version }} - docs-present: ${{ steps.docs.outputs.present }} - changelog: ${{ steps.changelog.outputs.changelog }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Cache licence-check - uses: actions/cache@v4 - with: - path: /lc - key: lcc - - - name: Check licence - uses: zepben/licence-check-action@main - with: - LC_URL: ${{ secrets.LC_URL }} - PATH: ${{ inputs.sourcepath }} - - - name: Release checks and update version for release - id: check - run: | - /scripts/release-checks.sh --java --maven pom.xml - /scripts/finalize-version.sh --java --maven pom.xml changelog.md - version=$(xmlstarlet pyx pom.xml | grep -v ^A | xmlstarlet p2x | xmlstarlet sel -t -v "/project/version") - echo "version=$version" >> "${GITHUB_OUTPUT}" - shell: bash - - - name: Check if docs present - id: docs - run: | - if [ -d docs ]; then - echo "Docs folder found, will run the build-docs job" - echo "present=yes" >> "${GITHUB_OUTPUT}" - echo "present=yes" >> "${GITHUB_ENV}" - else - echo "Docs folder not found, will skip the build-docs" - fi - - - name: Check doc build artifacts are ignored - if: ${{ env.present == 'yes' }} - shell: sh {0} - run: | - # Make sure directories are properly ignored - # docs/node_modules - git check-ignore -q docs/node_modules - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" - exit 1 - fi - - # docs/build - git check-ignore -q docs/build - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/build' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" - exit 1 - fi - - - name: Test changelog format - id: changelog - shell: bash - run: | - changelog=$(sed -n -E "/${{ steps.check.outputs.version }}/,/## [[0-9]+\.[0-9]+\.[0-9]+]/ { /## \[/d;p }" changelog.md) - if [[ -z "$changelog" ]]; then - echo "Changelog content was not found - ensure your changelog.md matches the expected growing format. Deleting release branch." - git push origin -d release - # We can safely fail here because we haven't done anything yet. Changelog.md file should be in correct format. - exit 1 - fi - # Changelog has newlines which isn't well supported, so we base64 with line wrap disabled (-w0) - new_changelog=$(echo "${changelog}" | base64 -w0) - echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT - - build-docs: - needs: release-checks - runs-on: ubuntu-latest - if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - container: zepben/pipeline-docusaurus - steps: - - name: Install Git - run: | - apk add git zip - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - if-no-files-found: error - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi - - - deploy: - needs: [release-checks, build-docs] - runs-on: ubuntu-latest - outputs: - artifact: ${{ steps.build.outputs.artifact }} - container: zepben/pipeline-java-ewb - steps: - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Cache maven deps - uses: actions/cache@v4 - with: - path: /maven - key: maven - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: bash - - - name: Set profile - id: profile - shell: bash - run: | - priv=${{ inputs.private }} - if [[ $priv == 'true' ]]; then echo "PROFILE=zepben-maven" >> ${GITHUB_ENV}; else echo "PROFILE=maven-central" >> ${GITHUB_ENV}; fi - - - name: Maven deploy to Central - id: build - uses: zepben/maven-deploy-central-action@main - with: - NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} - NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} - NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - NEXUS_RELEASE_URL: ${{ secrets.NEXUS_MAVEN_RELEASE }} - NEXUS_SNAPSHOT_URL: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} - ZEPBEN_GPG_KEY: ${{ secrets.ZEPBEN_GPG_KEY_B64 }} - MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }} - MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} - GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} - GPG_KEY_PASSWORD: ${{ secrets.GPG_KEY_PASSWORD }} - PROFILE: ${{ env.PROFILE }} - continue-on-error: true - - - name: Upload coverage to Codecov - if: steps.build.outcome == 'success' - uses: codecov/codecov-action@v4 - with: - token: ${{ secrets.CODECOV_TOKEN }} - continue-on-error: true - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: ${{ steps.build.outputs.artifact }} - path: ${{ steps.build.outputs.artifact-path }} - - - name: Delete release branch if deploy failed and fail - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the mvn deploy command above." - exit 1 - shell: bash - - create-release: - needs: [deploy, build-docs, release-checks] - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Merge and Tag - id: merge - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git branch -a - git merge origin/release - git push origin ${GITHUB_REF/refs\/heads\//} - git tag "v${{ needs.release-checks.outputs.version }}" - git push --tags - echo "::set-output name=tag::$(echo v${{ needs.release-checks.outputs.version }})" - shell: bash - continue-on-error: true - - - name: Delete release branch if merge failed and fail - if: steps.merge.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in merging the branch. release branch was deleted." - exit 1 - shell: bash - - - name: Download binary - uses: actions/download-artifact@v4 - with: - name: ${{ needs.deploy.outputs.artifact }} - path: built-artifacts - continue-on-error: true - - - name: Get latest changelog - id: changelog - run: | - echo "${{ needs.release-checks.outputs.changelog }}" | base64 -d > latest_changelog.txt - shell: bash - continue-on-error: true - - - name: Create Release and upload assets - if: success() - id: create_release - uses: softprops/action-gh-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ steps.merge.outputs.tag }} - body_path: latest_changelog.txt - draft: false - prerelease: false - files: | - built-artifacts/${{ needs.deploy.outputs.artifact }} - continue-on-error: true - - - name: Deploy documentation - uses: peter-evans/repository-dispatch@v1 - with: - token: ${{ secrets.CI_GITHUB_TOKEN }} - repository: ${{ secrets.DOCS_REPO }} - event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' - continue-on-error: true - - update-version: - needs: [create-release] - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - DEBUG: ${{ secrets.DEBUG }} - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - NEXUS_MAVEN_REPO: ${{ secrets.NEXUS_MAVEN_REPO }} - NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} - NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - NEXUS_MAVEN_SNAPSHOT: ${{ secrets.NEXUS_MAVEN_SNAPSHOT }} - NEXUS_MAVEN_RELEASE: ${{ secrets.NEXUS_MAVEN_RELEASE }} - SLACK_NOTIFICATION: YES - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Update to next minor version - run: | - /scripts/update-version.sh --java --maven --release pom.xml changelog.md - shell: bash diff --git a/.github/workflows/npm-app-release-with-docs.yml b/.github/workflows/npm-app-release-with-docs.yml deleted file mode 100644 index ecacb2b6..00000000 --- a/.github/workflows/npm-app-release-with-docs.yml +++ /dev/null @@ -1,394 +0,0 @@ -name: NPM Static App Release - -on: - workflow_call: - inputs: - product-key: - description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' - required: false - default: "productkeynotprovided" - type: string - private: - description: 'Calling workflow from a private repo' - required: false - type: boolean - default: true - sourcepath: - description: 'Path to source directory (used for licence check)' - required: false - type: string - default: "src" - secrets: - NEXUS_NPM_REPO: - required: true - CI_NPM_TOKEN: - required: true - CI_GITHUB_TOKEN: - required: true - SLACK_NOTIFICATION: - required: false - SLACK_WEBHOOK: - required: false - LC_URL: - required: false - - outputs: - version: - description: "The current released version." - value: ${{ jobs.build-artifact.outputs.version }} -jobs: - release-checks: - runs-on: ubuntu-latest - container: zepben/pipeline-basic - continue-on-error: false - env: - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - SLACK_NOTIFICATION: YES - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - outputs: - version: ${{ steps.check.outputs.version }} - docs-present: ${{ steps.docs.outputs.present }} - changelog: ${{ steps.changelog.outputs.changelog }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Cache licence-check - uses: actions/cache@v4 - with: - path: /lc - key: lcc - - - name: Check licence - uses: zepben/licence-check-action@main - with: - LC_URL: ${{ secrets.LC_URL }} - PATH: ${{ inputs.sourcepath }} - - - name: Release checks and update version for release - id: check - run: | - /scripts/release-checks.sh --js package.json - /scripts/finalize-version.sh --js package.json changelog.md - version=$(jq -r .version package.json) - echo "version=$version" >> $GITHUB_OUTPUT - shell: bash - - - name: Check if docs present - id: docs - shell: bash - run: | - if [ -d docs ]; then - echo "Docs folder found, will run the build-docs job" - echo "present=yes" >> "${GITHUB_OUTPUT}" - echo "present=yes" >> "${GITHUB_ENV}" - else - echo "Docs folder not found, will skip the build-docs" - fi - - - name: Check doc build artifacts are ignored - if: ${{ env.present == 'yes' }} - shell: sh {0} - run: | - # Make sure directories are properly ignored - # docs/node_modules - git check-ignore -q docs/node_modules - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" - exit 1 - fi - - # docs/build - git check-ignore -q docs/build - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/build' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" - exit 1 - fi - - - name: Test changelog format - id: changelog - run: | - changelog=$(sed -n -E "/${{ steps.check.outputs.version }}/,/## [[0-9]+\.[0-9]+\.[0-9]+]/ { /## \[/d;p }" changelog.md) - if [[ -z "$changelog" ]]; then - echo "Changelog content was not found - ensure your changelog.md matches the expected growing format. Deleting release branch." - git push origin -d release - # We can safely fail here because we haven't done anything yet. Changelog.md file should be in correct format. - exit 1 - fi - # Changelog has newlines which isn't well supported, so we base64 with line wrap disabled (-w0) - new_changelog=$(echo "${changelog}" | base64 -w0) - echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT - - build-docs: - needs: release-checks - runs-on: ubuntu-latest - if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - container: zepben/pipeline-docusaurus - env: - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - steps: - - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - if-no-files-found: error - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi - - - build-artifact: - needs: [build-docs, release-checks] - runs-on: ubuntu-latest - container: node:20-alpine - outputs: - artifact: ${{ steps.build.outputs.artifact }} - artifact-id: ${{ steps.build.outputs.artifact-id }} - version: ${{ steps.build.outputs.version }} - env: - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - steps: - - name: Install Dependencies - run: | - apk add jq tar alpine-conf git - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Set timezone to Australia/ACT - run: | - setup-timezone -z Australia/ACT - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: create .npmrc - run: | - rm -rf .npmrc - echo "@zepben:registry=${{ secrets.NEXUS_NPM_REPO }}" >> .npmrc - echo "//nexus.z.zepben.cloud/repository/zepben-npm/:_authToken=${{ secrets.CI_NPM_TOKEN }}" >> .npmrc - echo "\n" >> .npmrc - - - name: build - id: build - run: | - npm ci --unsafe-perm - npm run prod - version=$(jq -r .version package.json) - artifactId=$(jq -r .name package.json) - artifact="$artifactId-$version.tar.bz2" - tar jcvf "$artifact" -C dist . - echo "version=$version" >> "${GITHUB_OUTPUT}" - echo "artifact=$artifact" >> "${GITHUB_OUTPUT}" - continue-on-error: true - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: ${{ steps.build.outputs.artifact }} - path: ${{ steps.build.outputs.artifact }} - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the npm package command above." - exit 1 - shell: sh - - create-release: - needs: [build-artifact] - runs-on: ubuntu-latest - outputs: - artifact: ${{ steps.merge.outputs.artifact }} - tag: ${{ steps.merge.outputs.tag }} - env: - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Get latest changelog - id: changelog - run: | - echo "${{ needs.release-checks.outputs.changelog }}" | base64 -d > latest_changelog.txt - shell: bash - continue-on-error: true - - - name: Merge and Tag - id: merge - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git merge origin/release - git push origin ${GITHUB_REF/refs\/heads\//} - version=$(jq -r .version package.json) - git tag "v$version" - git push --tags - echo "::set-output name=tag::$(echo v$version)" - echo "::set-output name=artifact::$(echo ${{ needs.build-artifact.outputs.artifact }})" - shell: bash - continue-on-error: true - - - name: Fail - if: steps.merge.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in merging the branch. release branch was deleted." - exit 1 - shell: bash - - - name: Create Release and upload assets - if: success() - id: create_release - uses: softprops/action-gh-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ steps.merge.outputs.tag }} - body_path: latest_changelog.txt - draft: false - prerelease: false - files: | - built-artifacts/${{ needs.build-artifact.outputs.artifact }} - continue-on-error: true - - - name: Deploy documentation - uses: peter-evans/repository-dispatch@v1 - with: - token: ${{ secrets.CI_GITHUB_TOKEN }} - repository: ${{ secrets.DOCS_REPO }} - event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' - continue-on-error: true - - update-version: - needs: create-release - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - DEBUG: ${{ secrets.DEBUG }} - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - SLACK_NOTIFICATION: YES - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Update to next minor version - run: | - /scripts/update-version.sh --js --release package.json changelog.md - shell: bash diff --git a/.github/workflows/python-lib-release-with-docs.yml b/.github/workflows/python-lib-release-with-docs.yml deleted file mode 100644 index c05a939e..00000000 --- a/.github/workflows/python-lib-release-with-docs.yml +++ /dev/null @@ -1,419 +0,0 @@ -# Note: default release notes file is docs/release.md. -name: Python Library Release + Docs - -on: - workflow_call: - inputs: - product-key: - description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' - required: false - type: string - private: - description: 'Calling workflow from a private repo' - required: false - type: boolean - default: true - sourcepath: - description: 'Path to source directory (used for licence check)' - required: false - type: string - default: "src" - - secrets: - CI_GITHUB_TOKEN: - required: true - ZEPBEN_PYPI_REPO: - required: false - NEXUS_USERNAME: - required: false - NEXUS_PASSWORD: - required: false - SLACK_NOTIFICATION: - required: false - SLACK_WEBHOOK: - required: false - LC_URL: - required: false - COVERALLS_REPO_TOKEN: - required: false - PYPI_API_TOKEN: - required: false - NPM_REPO: - required: true - DOCS_REPO: - required: true - DOCS_REPO_EVOLVE_WORKFLOW: - required: true - - - -jobs: - release-checks: - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - DEBUG: ${{ secrets.DEBUG }} - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - SLACK_NOTIFICATION: ${{ secrets.SLACK_NOTIFICATION }} - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - outputs: - version: ${{ steps.check.outputs.version }} - docs-present: ${{ steps.docs.outputs.present }} - changelog: ${{ steps.changelog.outputs.changelog }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Release checks and update version for release - id: check - run: | - /scripts/release-checks.sh --python pyproject.toml - /scripts/finalize-version.sh --python pyproject.toml - version="$(cat pyproject.toml | grep 'version[[:space:]]*=[[:space:]]*"\?[0-9]\+\.[0-9]\+\.[0-9]\+\(b[0-9]\+\)\?"\?' | grep -o "[0-9]\+\.[0-9]\+\.[0-9]\+\(b[0-9]\+\)\?")" - echo "version=$version" >> "${GITHUB_OUTPUT}" - shell: bash - - - name: Cache licence-check - uses: actions/cache@v4 - with: - path: /lc - key: lcc - - - name: Check licence - uses: zepben/licence-check-action@main - with: - LC_URL: ${{ secrets.LC_URL }} - PATH: ${{ inputs.sourcepath }} - - - name: Check if docs present - id: docs - run: | - if [ -d docs ]; then - echo "Docs folder found, will run the build-docs job" - echo "present=yes" >> "${GITHUB_OUTPUT}" - echo "present=yes" >> "${GITHUB_ENV}" - else - echo "Docs folder not found, will skip the build-docs" - fi - - - name: Check doc build artifacts are ignored - if: ${{ env.present == 'yes' }} - shell: sh {0} - run: | - # Make sure directories are properly ignored - # docs/node_modules - git check-ignore -q docs/node_modules - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" - exit 1 - fi - - # docs/build - git check-ignore -q docs/build - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/build' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" - exit 1 - fi - - - name: Test changelog format - id: changelog - shell: bash - run: | - changelog=$(sed -n -E "/${{ steps.check.outputs.version }}/,/## [[0-9]+\.[0-9]+\.[0-9]+]/ { /## \[/d;p }" changelog.md) - if [[ -z "$changelog" ]]; then - echo "Changelog content was not found - ensure your changelog.md matches the expected growing format. Deleting release branch." - git push origin -d release - # We can safely fail here because we haven't done anything yet. Changelog.md file should be in correct format. - exit 1 - fi - # Changelog has newlines which isn't well supported, so we base64 with line wrap disabled (-w0) - new_changelog=$(echo "${changelog}" | base64 -w0) - echo "changelog=${new_changelog}" >> $GITHUB_OUTPUT - - python-deps-check: - needs: release-checks - runs-on: ubuntu-latest - container: python:3.10 - steps: - - uses: actions/checkout@v4 - - - name: Test install the local package with deps - run: | - # finalize-version above removes all snapshot/test versions - # from zepben packages. Now let's try to install to see if deps exist or fail quick - pip install --pre '.' - - - build-docs: - needs: [release-checks, python-deps-check] - runs-on: ubuntu-latest - if: ${{ needs.release-checks.outputs.docs-present == 'yes' }} - outputs: - artifact: docs - product-key: ${{ steps.docs-component.outputs.name }} - product-repo: ${{ steps.docs-component.outputs.repo }} - container: zepben/pipeline-docusaurus - steps: - - name: Install Git - run: | - apk add git zip - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Check that title is defined in the repo - run: | - if [[ -d docs/site-config && -z $DOCS_TITLE ]]; then - echo "The \$DOCS_TITLE environment variable needs to be set on this repo!" - exit 1 - fi - env: - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - shell: bash - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Cache nodejs deps - uses: actions/cache@v4 - with: - path: ~/.npm - key: npm - - - name: Build docusaurus - id: build - uses: zepben/docusaurus-action@main - with: - VERSION: ${{ needs.release-checks.outputs.version }} - NPM_REPO: ${{ secrets.NPM_REPO }} - NPM_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - DOCS_TITLE: ${{ vars.DOCS_TITLE }} - continue-on-error: true - - - name: Zip documentation - run: | - cd docs/build - zip -r ../../docs.zip . - shell: sh - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: docs.zip - path: docs.zip - if-no-files-found: error - - - name: Fail build - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the docusaurus build above." - exit 1 - shell: sh - - - name: Fetch the document component name - id: docs-component - shell: sh {0} - run: | - echo "repo=${GITHUB_REPOSITORY}" >> "${GITHUB_OUTPUT}" - # if product key is supplied - if [ "${{ inputs.product-key }}" != "productkeynotprovided" ]; then - echo "name=${{ inputs.product-key }}" >> "${GITHUB_OUTPUT}" - else - # parse out the product key from the repository name - echo "name=$(echo ${GITHUB_REPOSITORY} | cut -f2 -d\/)" >> "${GITHUB_OUTPUT}" - fi - - - - deploy: - needs: [release-checks, build-docs] - runs-on: ubuntu-latest - container: python:3.10 - outputs: - artifact: ${{ steps.build.outputs.artifact }} - steps: - - name: Install dependencies - run: | - pip install tox twine - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - uses: actions/checkout@v4 - - - name: Checkout release branch - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git checkout release - shell: sh - - - name: Create .pypirc - env: - PYPI_API_TOKEN: ${{ secrets.PYPI_API_TOKEN }} - run: | - echo "[pypi]" > ~/.pypirc - echo "username = __token__" >> ~/.pypirc - echo "password = $PYPI_API_TOKEN" >> ~/.pypirc - echo "\n" >> ~/.pypirc - - - name: Build and publish - id: build - run: | - tox - twine upload --non-interactive --config-file ~/.pypirc dist/* - artifact_id=$(grep name= pyproject.toml | cut -d= -f2 | tr -d '",' | sed 's-\.-_-g') - artifact="${artifact_id}-${{ needs.release-checks.outputs.version }}-py3-none-any.whl" - echo "::set-output name=artifact::$(echo $artifact)" - echo "::set-output name=artifact-path::$(echo dist/$artifact)" - shell: bash - continue-on-error: true - - - name: Upload coverage to Codecov - uses: codecov/codecov-action@v4 - with: - fail_ci_if_error: false - token: ${{ secrets.CODECOV_TOKEN }} - continue-on-error: true - - - - uses: actions/upload-artifact@v4 - if: steps.build.outcome == 'success' - with: - name: ${{ steps.build.outputs.artifact }} - path: ${{ steps.build.outputs.artifact-path }} - - - name: Delete release branch if deploy failed and fail - if: steps.build.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in the python build and publish commands above." - exit 1 - shell: bash - - create-release: - needs: [deploy, build-docs, release-checks] - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Merge and Tag - id: merge - run: | - git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" - git fetch --all - git branch -a - git merge origin/release - git push origin ${GITHUB_REF/refs\/heads\//} - git tag "v${{ needs.release-checks.outputs.version }}" - git push --tags - echo "::set-output name=tag::$(echo v${{ needs.release-checks.outputs.version }})" - shell: bash - continue-on-error: true - - - name: Delete release branch if merge failed and fail - if: steps.merge.outcome == 'failure' - run: | - git push origin -d release - echo "There was an error in merging the branch. release branch was deleted." - exit 1 - shell: bash - - - name: Download binary - uses: actions/download-artifact@v4 - with: - name: ${{ needs.deploy.outputs.artifact }} - path: built-artifacts - continue-on-error: true - - - name: Get latest changelog - id: changelog - run: | - echo "${{ needs.release-checks.outputs.changelog }}" | base64 -d > latest_changelog.txt - shell: bash - continue-on-error: true - - - name: Create Release and upload assets - if: success() - id: create_release - uses: softprops/action-gh-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ steps.merge.outputs.tag }} - body_path: latest_changelog.txt - draft: false - prerelease: false - files: | - built-artifacts/${{ needs.deploy.outputs.artifact }} - continue-on-error: true - - - name: Deploy documentation - uses: peter-evans/repository-dispatch@v1 - with: - token: ${{ secrets.CI_GITHUB_TOKEN }} - repository: ${{ secrets.DOCS_REPO }} - event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' - continue-on-error: true - - update-version: - needs: [create-release] - runs-on: ubuntu-latest - container: zepben/pipeline-basic - env: - DEBUG: ${{ secrets.DEBUG }} - GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - ZEPBEN_PYPI_USERNAME: ${{ secrets.NEXUS_USERNAME }} - ZEPBEN_PYPI_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} - ZEPBEN_PYPI_REPO: ${{ secrets.ZEPBEN_PYPI_REPO }} - SLACK_NOTIFICATION: ${{ secrets.SLACK_NOTIFICATION }} - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} - steps: - - uses: actions/checkout@v4 - with: - token: ${{ env.GITHUB_TOKEN }} - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Update to next minor version - run: | - /scripts/update-version.sh --python --release pyproject.toml changelog.md - shell: bash From e9d77876cf78cb1bf491a44ed190801917bbd9ce Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 12:58:38 +1030 Subject: [PATCH 03/19] Fix component name Signed-off-by: Alex Lourie --- .github/workflows/csharp-app-snapshot.yml | 2 +- .github/workflows/maven-app-release.yml | 3 ++- .github/workflows/maven-app-snapshot.yml | 2 +- .github/workflows/maven-lib-release.yml | 1 + .github/workflows/maven-lib-snapshot.yml | 2 +- .github/workflows/npm-app-release.yml | 3 ++- .github/workflows/npm-app-snapshot-release.yml | 2 +- .github/workflows/npm-lib-snapshot.yml | 2 +- .github/workflows/python-lib-release.yml | 6 +++--- .github/workflows/python-lib-snapshot.yml | 2 +- 10 files changed, 14 insertions(+), 11 deletions(-) diff --git a/.github/workflows/csharp-app-snapshot.yml b/.github/workflows/csharp-app-snapshot.yml index a5dcfeb3..be591edf 100644 --- a/.github/workflows/csharp-app-snapshot.yml +++ b/.github/workflows/csharp-app-snapshot.yml @@ -216,4 +216,4 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' diff --git a/.github/workflows/maven-app-release.yml b/.github/workflows/maven-app-release.yml index 1ef1b23c..2bdb53a1 100644 --- a/.github/workflows/maven-app-release.yml +++ b/.github/workflows/maven-app-release.yml @@ -308,11 +308,12 @@ jobs: - name: Deploy documentation uses: peter-evans/repository-dispatch@v1 + if: ${{ needs.build-docs.outputs.artifact-uploaded == 'yes' }} with: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' continue-on-error: true update-version: diff --git a/.github/workflows/maven-app-snapshot.yml b/.github/workflows/maven-app-snapshot.yml index e76de145..cab861aa 100644 --- a/.github/workflows/maven-app-snapshot.yml +++ b/.github/workflows/maven-app-snapshot.yml @@ -207,4 +207,4 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' diff --git a/.github/workflows/maven-lib-release.yml b/.github/workflows/maven-lib-release.yml index 045d6ff2..a3d90bc3 100644 --- a/.github/workflows/maven-lib-release.yml +++ b/.github/workflows/maven-lib-release.yml @@ -321,6 +321,7 @@ jobs: - name: Deploy documentation uses: peter-evans/repository-dispatch@v1 + if: ${{ needs.build-docs.outputs.artifact-uploaded == 'yes' }} with: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} diff --git a/.github/workflows/maven-lib-snapshot.yml b/.github/workflows/maven-lib-snapshot.yml index 6c76e8ab..175fb12b 100644 --- a/.github/workflows/maven-lib-snapshot.yml +++ b/.github/workflows/maven-lib-snapshot.yml @@ -13,7 +13,7 @@ on: required: false type: string default: "src" - component: + product-key: description: 'Product key used for deploying docs. Should be repo specific. E.g: "python-sdk"' required: false default: "productkeynotprovided" diff --git a/.github/workflows/npm-app-release.yml b/.github/workflows/npm-app-release.yml index f44a4696..0c76c7de 100644 --- a/.github/workflows/npm-app-release.yml +++ b/.github/workflows/npm-app-release.yml @@ -311,11 +311,12 @@ jobs: - name: Deploy documentation uses: peter-evans/repository-dispatch@v1 + if: ${{ needs.build-docs.outputs.artifact-uploaded == 'yes' }} with: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' update-version: needs: create-release diff --git a/.github/workflows/npm-app-snapshot-release.yml b/.github/workflows/npm-app-snapshot-release.yml index 719fefae..da943a61 100644 --- a/.github/workflows/npm-app-snapshot-release.yml +++ b/.github/workflows/npm-app-snapshot-release.yml @@ -195,5 +195,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' diff --git a/.github/workflows/npm-lib-snapshot.yml b/.github/workflows/npm-lib-snapshot.yml index 643023b0..380f5345 100644 --- a/.github/workflows/npm-lib-snapshot.yml +++ b/.github/workflows/npm-lib-snapshot.yml @@ -188,5 +188,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' diff --git a/.github/workflows/python-lib-release.yml b/.github/workflows/python-lib-release.yml index 43e0a008..956bfcc3 100644 --- a/.github/workflows/python-lib-release.yml +++ b/.github/workflows/python-lib-release.yml @@ -248,7 +248,7 @@ jobs: - name: Testing release run: | - echo "Product: ${{ needs.build-docs.outputs.product-key }}" + echo "Product: ${{ needs.build-docs.outputs.component }}" - name: Work around git permission issue run: | @@ -309,12 +309,12 @@ jobs: - name: Deploy documentation uses: peter-evans/repository-dispatch@v1 - if: ${{ needs.build-docs.outputs.product-key != '' }} + if: ${{ needs.build-docs.outputs.artifact-uploaded == 'yes' }} with: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' continue-on-error: true update-version: diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index 9112fb8a..dac9d5aa 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -176,5 +176,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.product-key}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' From 68342372037b8d3e4e77c8f369e958490aa917dc Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 13:02:19 +1030 Subject: [PATCH 04/19] Capitalise deploy parameter to build-docs Signed-off-by: Alex Lourie --- .github/workflows/csharp-app-snapshot.yml | 2 +- .github/workflows/maven-app-snapshot.yml | 2 +- .github/workflows/maven-lib-snapshot.yml | 2 +- .github/workflows/npm-lib-snapshot.yml | 2 +- .github/workflows/python-lib-snapshot.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/csharp-app-snapshot.yml b/.github/workflows/csharp-app-snapshot.yml index be591edf..effd82ac 100644 --- a/.github/workflows/csharp-app-snapshot.yml +++ b/.github/workflows/csharp-app-snapshot.yml @@ -202,7 +202,7 @@ jobs: if: ${{ needs.build-app.outputs.docs-present == 'yes' }} uses: ./.github/workflows/build-docs.yaml with: - deploy: true + DEPLOY: true secrets: inherit deploy-docs: diff --git a/.github/workflows/maven-app-snapshot.yml b/.github/workflows/maven-app-snapshot.yml index cab861aa..35e2437a 100644 --- a/.github/workflows/maven-app-snapshot.yml +++ b/.github/workflows/maven-app-snapshot.yml @@ -166,7 +166,7 @@ jobs: if: ${{ needs.build-app.outputs.docs-present == 'yes' }} uses: ./.github/workflows/build-docs.yaml with: - deploy: true + DEPLOY: true secrets: inherit update-snapshot-version: diff --git a/.github/workflows/maven-lib-snapshot.yml b/.github/workflows/maven-lib-snapshot.yml index 175fb12b..52ad02b9 100644 --- a/.github/workflows/maven-lib-snapshot.yml +++ b/.github/workflows/maven-lib-snapshot.yml @@ -174,7 +174,7 @@ jobs: if: ${{ needs.check-docs.outputs.docs-present == 'yes' }} uses: ./.github/workflows/build-docs.yaml with: - deploy: true + DEPLOY: true secrets: inherit update-snapshot-version: diff --git a/.github/workflows/npm-lib-snapshot.yml b/.github/workflows/npm-lib-snapshot.yml index 380f5345..fba36a50 100644 --- a/.github/workflows/npm-lib-snapshot.yml +++ b/.github/workflows/npm-lib-snapshot.yml @@ -150,7 +150,7 @@ jobs: if: ${{ needs.build-artifact.outputs.docs-present == 'yes' }} uses: ./.github/workflows/build-docs.yaml with: - deploy: true + DEPLOY: true secrets: inherit update-snapshot-version: diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index dac9d5aa..f570c369 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -162,7 +162,7 @@ jobs: if: ${{ needs.deploy.outputs.docs-present == 'yes' }} uses: ./.github/workflows/build-docs.yaml with: - deploy: true + DEPLOY: true secrets: inherit deploy-docs: From b9032cb4c51d5ca298cdd7b37e81bdde6d048a1f Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 13:58:35 +1030 Subject: [PATCH 05/19] Don't tag on npm-app-snapshot Signed-off-by: Alex Lourie --- .github/workflows/npm-app-snapshot-release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/npm-app-snapshot-release.yml b/.github/workflows/npm-app-snapshot-release.yml index da943a61..3c9b8fc2 100644 --- a/.github/workflows/npm-app-snapshot-release.yml +++ b/.github/workflows/npm-app-snapshot-release.yml @@ -157,7 +157,6 @@ jobs: uses: ./.github/workflows/build-docs.yaml with: DEPLOY: true - VERSION: ${{ needs.build-artifact.outputs.version }} secrets: inherit update-snapshot-version: From 951152b1cf01237118ee029eff1587b9f7e69af8 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 15:16:41 +1030 Subject: [PATCH 06/19] Fix download_url Signed-off-by: Alex Lourie --- .github/workflows/csharp-app-snapshot.yml | 2 +- .github/workflows/maven-app-release.yml | 2 +- .github/workflows/maven-app-snapshot.yml | 2 +- .github/workflows/npm-app-release.yml | 2 +- .github/workflows/npm-app-snapshot-release.yml | 2 +- .github/workflows/npm-lib-snapshot.yml | 2 +- .github/workflows/python-lib-release.yml | 2 +- .github/workflows/python-lib-snapshot.yml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/csharp-app-snapshot.yml b/.github/workflows/csharp-app-snapshot.yml index effd82ac..01134765 100644 --- a/.github/workflows/csharp-app-snapshot.yml +++ b/.github/workflows/csharp-app-snapshot.yml @@ -216,4 +216,4 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' diff --git a/.github/workflows/maven-app-release.yml b/.github/workflows/maven-app-release.yml index 2bdb53a1..fd4bd232 100644 --- a/.github/workflows/maven-app-release.yml +++ b/.github/workflows/maven-app-release.yml @@ -313,7 +313,7 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' continue-on-error: true update-version: diff --git a/.github/workflows/maven-app-snapshot.yml b/.github/workflows/maven-app-snapshot.yml index 35e2437a..500a6dc1 100644 --- a/.github/workflows/maven-app-snapshot.yml +++ b/.github/workflows/maven-app-snapshot.yml @@ -207,4 +207,4 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' diff --git a/.github/workflows/npm-app-release.yml b/.github/workflows/npm-app-release.yml index 0c76c7de..f38767aa 100644 --- a/.github/workflows/npm-app-release.yml +++ b/.github/workflows/npm-app-release.yml @@ -316,7 +316,7 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' update-version: needs: create-release diff --git a/.github/workflows/npm-app-snapshot-release.yml b/.github/workflows/npm-app-snapshot-release.yml index 3c9b8fc2..00a6b01e 100644 --- a/.github/workflows/npm-app-snapshot-release.yml +++ b/.github/workflows/npm-app-snapshot-release.yml @@ -194,5 +194,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' diff --git a/.github/workflows/npm-lib-snapshot.yml b/.github/workflows/npm-lib-snapshot.yml index fba36a50..854765dd 100644 --- a/.github/workflows/npm-lib-snapshot.yml +++ b/.github/workflows/npm-lib-snapshot.yml @@ -188,5 +188,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' diff --git a/.github/workflows/python-lib-release.yml b/.github/workflows/python-lib-release.yml index 956bfcc3..3184cd7b 100644 --- a/.github/workflows/python-lib-release.yml +++ b/.github/workflows/python-lib-release.yml @@ -314,7 +314,7 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' continue-on-error: true update-version: diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index f570c369..0dd5fb18 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -176,5 +176,5 @@ jobs: token: ${{ secrets.CI_GITHUB_TOKEN }} repository: ${{ secrets.DOCS_REPO }} event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} - client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{needs.build-docs.outputs.product-repo}}"}' + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' From 37b163361d51e19b96929740b187acbc13b31492 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 15:38:01 +1030 Subject: [PATCH 07/19] Fix npm-app-release docs deployment Signed-off-by: Alex Lourie --- .github/workflows/npm-app-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/npm-app-release.yml b/.github/workflows/npm-app-release.yml index f38767aa..99200104 100644 --- a/.github/workflows/npm-app-release.yml +++ b/.github/workflows/npm-app-release.yml @@ -215,7 +215,7 @@ jobs: shell: sh create-release: - needs: [release-checks, build-artifact] + needs: [release-checks, build-docs, build-artifact] runs-on: ubuntu-latest outputs: artifact: ${{ steps.merge.outputs.artifact }} From 6e42d41d89071892876c28cf01c8b0380ab3c316 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 16:26:35 +1030 Subject: [PATCH 08/19] Fixup npm-lib-release to deploy docs Signed-off-by: Alex Lourie --- .github/workflows/npm-lib-release.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/npm-lib-release.yml b/.github/workflows/npm-lib-release.yml index 6dc19718..5d21a9af 100644 --- a/.github/workflows/npm-lib-release.yml +++ b/.github/workflows/npm-lib-release.yml @@ -166,6 +166,14 @@ jobs: exit 1 shell: sh + build-docs: + needs: [build-artifact] + if: ${{ needs.build-artifact.outputs.docs-present == 'yes' }} + uses: ./.github/workflows/build-docs.yaml + with: + DEPLOY: true + secrets: inherit + create-release: needs: [build-artifact, release-checks] runs-on: ubuntu-latest @@ -277,3 +285,17 @@ jobs: run: | /scripts/update-version.sh --js --release --grow-changelog package.json changelog.md shell: bash + + deploy-docs: + runs-on: ubuntu-latest + needs: [build-docs] + if: ${{ needs.build-docs.outputs.artifact-uploaded == 'yes' }} + steps: + - name: Deploy documentation + uses: peter-evans/repository-dispatch@v2 + with: + token: ${{ secrets.CI_GITHUB_TOKEN }} + repository: ${{ secrets.DOCS_REPO }} + event-type: ${{ secrets.DOCS_REPO_EVOLVE_WORKFLOW }} + client-payload: '{"product": "${{needs.build-docs.outputs.product}}", "product_key": "${{needs.build-docs.outputs.component}}", "download_url": "${{github.repository}}"}' + From bc4e54d5b83c34e99961a097fac9ef86e3fd62c2 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 16:30:31 +1030 Subject: [PATCH 09/19] Add docs deployment to npm-lib-release Signed-off-by: Alex Lourie --- .github/workflows/npm-lib-release.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/.github/workflows/npm-lib-release.yml b/.github/workflows/npm-lib-release.yml index 5d21a9af..5d9b7230 100644 --- a/.github/workflows/npm-lib-release.yml +++ b/.github/workflows/npm-lib-release.yml @@ -94,6 +94,7 @@ jobs: artifact: ${{ steps.build.outputs.artifact }} artifact-id: ${{ steps.build.outputs.artifact-id }} version: ${{ steps.build.outputs.version }} + docs-present: ${{ steps.docs.outputs.present }} env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} steps: @@ -166,6 +167,30 @@ jobs: exit 1 shell: sh + - name: Check if docs present + id: docs + run: | + if [ -d docs ]; then + echo "Docs folder found, will run the build-docs job" + echo "present=yes" >> "${GITHUB_OUTPUT}" + echo "present=yes" >> "${GITHUB_ENV}" + else + echo "Docs folder not found, will skip the build-docs" + fi + + - name: Check doc build artifacts are ignored + if: ${{ env.present == 'yes' }} + shell: sh {0} + run: | + # Make sure directories are properly ignored + # docs/node_modules + git check-ignore -q docs/site-config + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/site-config' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/site-config' to .gitignore" + exit 1 + fi + build-docs: needs: [build-artifact] if: ${{ needs.build-artifact.outputs.docs-present == 'yes' }} From 0d6ee838ce354477d5d5df900355f690f0bb57f7 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 16:56:25 +1030 Subject: [PATCH 10/19] Fix gitignore check Signed-off-by: Alex Lourie --- .github/workflows/npm-lib-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/npm-lib-release.yml b/.github/workflows/npm-lib-release.yml index 5d9b7230..621654af 100644 --- a/.github/workflows/npm-lib-release.yml +++ b/.github/workflows/npm-lib-release.yml @@ -184,7 +184,7 @@ jobs: run: | # Make sure directories are properly ignored # docs/node_modules - git check-ignore -q docs/site-config + git check-ignore -q docs/site-config/project.json if [ $? != 0 ]; then echo "ERROR! Make sure to add 'docs/site-config' to .gitignore" echo "::error line=1::ERROR! Make sure to add 'docs/site-config' to .gitignore" From 7003da0b46d00e86f1ab8156b5e7c0baaf254455 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 21:30:12 +1030 Subject: [PATCH 11/19] Outputs updates Signed-off-by: Alex Lourie --- .github/workflows/npm-app-release.yml | 6 ++---- .github/workflows/npm-lib-release.yml | 11 +++++------ .github/workflows/python-lib-release.yml | 2 +- 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/.github/workflows/npm-app-release.yml b/.github/workflows/npm-app-release.yml index 99200104..123a650a 100644 --- a/.github/workflows/npm-app-release.yml +++ b/.github/workflows/npm-app-release.yml @@ -219,7 +219,6 @@ jobs: runs-on: ubuntu-latest outputs: artifact: ${{ steps.merge.outputs.artifact }} - tag: ${{ steps.merge.outputs.tag }} env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} steps: @@ -253,10 +252,9 @@ jobs: git fetch --all git merge origin/release git push origin ${GITHUB_REF/refs\/heads\//} - tag="v${{ needs.release-checks.outputs.version }}" - git tag $tag + git tag "v${{ needs.release-checks.outputs.version }}" git push --tags - echo "tag=$tag" >> $GITHUB_OUTPUT + echo "tag=v${{ needs.release-checks.outputs.version }}" >> $GITHUB_OUTPUT shell: bash continue-on-error: true diff --git a/.github/workflows/npm-lib-release.yml b/.github/workflows/npm-lib-release.yml index 621654af..fbb042c5 100644 --- a/.github/workflows/npm-lib-release.yml +++ b/.github/workflows/npm-lib-release.yml @@ -34,6 +34,7 @@ jobs: continue-on-error: false outputs: changelog: ${{ steps.changelog.outputs.changelog }} + version: ${{ steps.version.outputs.version }} env: DEBUG: ${{ secrets.DEBUG }} GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} @@ -148,8 +149,8 @@ jobs: artifact="$(npm pack --foreground-scripts=false --json --dry-run | jq -r .[0].filename)" npm publish version=$(jq -r .version package.json) - echo "::set-output name=version::$(echo $version)" - echo "::set-output name=artifact::$(echo $artifact)" + echo "version=$version" >> "${GITHUB_OUTPUT}" + echo "artifact=$artifact" >> "${GITHUB_OUTPUT}" continue-on-error: true - uses: actions/upload-artifact@v4 @@ -207,7 +208,6 @@ jobs: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: artifact: ${{ steps.merge.outputs.artifact }} - tag: ${{ steps.merge.outputs.tag }} steps: - uses: actions/checkout@v4 with: @@ -246,10 +246,9 @@ jobs: git fetch --all git merge origin/release git push origin ${GITHUB_REF/refs\/heads\//} - version=$(jq -r .version package.json) - git tag "v$version" + git tag "v${{ needs.release-checks.outputs.version }}" git push --tags - echo "tag=v$version" >> $GITHUB_OUTPUT + echo "tag=v${{ needs.release-checks.outputs.version }}" >> $GITHUB_OUTPUT echo "artifact=${{ needs.build-artifact.outputs.artifact }}" >> $GITHUB_OUTPUT shell: bash continue-on-error: true diff --git a/.github/workflows/python-lib-release.yml b/.github/workflows/python-lib-release.yml index 3184cd7b..b5bc3182 100644 --- a/.github/workflows/python-lib-release.yml +++ b/.github/workflows/python-lib-release.yml @@ -266,7 +266,7 @@ jobs: git push origin ${GITHUB_REF/refs\/heads\//} git tag "v${{ needs.release-checks.outputs.version }}" git push --tags - echo "::set-output name=tag::$(echo v${{ needs.release-checks.outputs.version }})" + echo "tag=v${{ needs.release-checks.outputs.version }}" >> "${GITHUB_OUTPUT}" shell: bash continue-on-error: true From 6e327b08dba9228d90e228079b1d0558119e5d65 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 22:02:55 +1030 Subject: [PATCH 12/19] Update python-lib-snapshot Signed-off-by: Alex Lourie --- .github/workflows/python-lib-snapshot.yml | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index 0dd5fb18..16f03d3b 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -42,6 +42,10 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Install system dependencies + run: | + apt install gh jq + - name: Install dependencies run: | pip install tox twine @@ -119,20 +123,13 @@ jobs: run: | # Make sure directories are properly ignored # docs/node_modules - git check-ignore -q docs/node_modules + git check-ignore -q docs/site-config/project.json if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" + echo "ERROR! Make sure to add 'docs/site-config' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/site-config' to .gitignore" exit 1 fi - # docs/build - git check-ignore -q docs/build - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/build' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" - exit 1 - fi update-snapshot-version: needs: [deploy] From e3e0e8c24451d8a14d97cb0c26e28f05aa151bb3 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 22:27:29 +1030 Subject: [PATCH 13/19] Fix python-build Signed-off-by: Alex Lourie --- .github/workflows/python-build.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/python-build.yml b/.github/workflows/python-build.yml index ae5318d3..77697043 100644 --- a/.github/workflows/python-build.yml +++ b/.github/workflows/python-build.yml @@ -69,6 +69,10 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Install system dependencies + run: | + apt install gh jq + - name: Install dependencies run: | pip install tox From 034362ac513bf716fe24d3ab0fc2fe07e648ebec Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 22:47:43 +1030 Subject: [PATCH 14/19] Fix python things Signed-off-by: Alex Lourie --- .github/workflows/python-build.yml | 72 ++++++++------- .github/workflows/python-lib-snapshot.yml | 107 ++++++++++++---------- 2 files changed, 98 insertions(+), 81 deletions(-) diff --git a/.github/workflows/python-build.yml b/.github/workflows/python-build.yml index 77697043..251084bc 100644 --- a/.github/workflows/python-build.yml +++ b/.github/workflows/python-build.yml @@ -59,23 +59,16 @@ jobs: echo -e "${message}" | gh pr comment ${{ github.event.pull_request.number }} --body-file - fi - build-and-test: + run-checks: runs-on: ubuntu-latest - container: python:3.10 env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: docs-present: ${{ steps.docs.outputs.present }} - steps: - - uses: actions/checkout@v4 - - name: Install system dependencies - run: | - apt install gh jq + steps: - - name: Install dependencies - run: | - pip install tox + - uses: actions/checkout@v4 - name: Work around git permission issue run: | @@ -95,18 +88,6 @@ jobs: LC_URL: ${{ secrets.LC_URL }} PATH: ${{ inputs.sourcepath }} - - name: Build and test - run: | - tox - shell: bash - - - name: Upload coverage to Codecov - uses: codecov/codecov-action@v4 - with: - fail_ci_if_error: false - token: ${{ secrets.CODECOV_TOKEN }} - continue-on-error: true - - name: Check if docs present id: docs run: | @@ -130,23 +111,46 @@ jobs: run: | # Make sure directories are properly ignored # docs/node_modules - git check-ignore -q docs/node_modules + git check-ignore -q docs/site-config/project.json if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/node_modules' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/node_modules' to .gitignore" + echo "ERROR! Make sure to add 'docs/site-config' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/site-config' to .gitignore" exit 1 fi - # docs/build - git check-ignore -q docs/build - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/build' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/build' to .gitignore" - exit 1 - fi + build-and-test: + runs-on: ubuntu-latest + container: python:3.10 + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + + steps: + - uses: actions/checkout@v4 + + - name: Install dependencies + run: | + pip install tox + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Build and test + run: | + tox + shell: bash + + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v4 + with: + fail_ci_if_error: false + token: ${{ secrets.CODECOV_TOKEN }} + continue-on-error: true build-docs: - needs: [build-and-test] - if: ${{ needs.build-and-test.outputs.docs-present == 'yes' }} + needs: [run-checks] + if: ${{ needs.run-checks.outputs.docs-present == 'yes' }} uses: ./.github/workflows/build-docs.yaml secrets: inherit diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index 16f03d3b..f8f1b820 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -30,25 +30,17 @@ on: required: false jobs: - deploy: + + run-checks: runs-on: ubuntu-latest - container: python:3.10 env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} - outputs: + outputs: docs-present: ${{ steps.docs.outputs.present }} - # permissions: # Uncomment these when trusted publishing supports reusable workflows OPS-185 - # id-token: write # IMPORTANT: this permission is mandatory for trusted publishing - steps: - - uses: actions/checkout@v4 - - name: Install system dependencies - run: | - apt install gh jq + steps: - - name: Install dependencies - run: | - pip install tox twine + - uses: actions/checkout@v4 - name: Work around git permission issue run: | @@ -66,7 +58,59 @@ jobs: uses: zepben/licence-check-action@main with: LC_URL: ${{ secrets.LC_URL }} - PATH: src + PATH: ${{ inputs.sourcepath }} + + - name: Check if docs present + id: docs + run: | + if [ -d docs ]; then + echo "Docs folder found, will run the build-docs job" + echo "present=yes" >> "${GITHUB_OUTPUT}" + echo "present=yes" >> "${GITHUB_ENV}" + else + echo "Docs folder not found, will skip the build-docs" + fi + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh + + - name: Check doc build artifacts are ignored + if: ${{ env.present == 'yes' }} + shell: sh {0} + run: | + # Make sure directories are properly ignored + # docs/node_modules + git check-ignore -q docs/site-config/project.json + if [ $? != 0 ]; then + echo "ERROR! Make sure to add 'docs/site-config' to .gitignore" + echo "::error line=1::ERROR! Make sure to add 'docs/site-config' to .gitignore" + exit 1 + fi + + deploy: + runs-on: ubuntu-latest + container: python:3.10 + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + outputs: + docs-present: ${{ steps.docs.outputs.present }} + # permissions: # Uncomment these when trusted publishing supports reusable workflows OPS-185 + # id-token: write # IMPORTANT: this permission is mandatory for trusted publishing + steps: + - uses: actions/checkout@v4 + + - name: Install dependencies + run: | + pip install tox twine + + - name: Work around git permission issue + run: | + dname=$(echo ${{github.repository}} | cut -d'/' -f2) + git config --global --add safe.directory /__w/$dname/$dname + shell: sh - name: Create .pypirc env: @@ -100,37 +144,6 @@ jobs: token: ${{ secrets.CODECOV_TOKEN }} continue-on-error: true - - name: Check if docs present - id: docs - run: | - if [ -d docs ]; then - echo "Docs folder found, will run the build-docs job" - echo "present=yes" >> "${GITHUB_OUTPUT}" - echo "present=yes" >> "${GITHUB_ENV}" - else - echo "Docs folder not found, will skip the build-docs" - fi - - - name: Work around git permission issue - run: | - dname=$(echo ${{github.repository}} | cut -d'/' -f2) - git config --global --add safe.directory /__w/$dname/$dname - shell: sh - - - name: Check doc build artifacts are ignored - if: ${{ env.present == 'yes' }} - shell: sh {0} - run: | - # Make sure directories are properly ignored - # docs/node_modules - git check-ignore -q docs/site-config/project.json - if [ $? != 0 ]; then - echo "ERROR! Make sure to add 'docs/site-config' to .gitignore" - echo "::error line=1::ERROR! Make sure to add 'docs/site-config' to .gitignore" - exit 1 - fi - - update-snapshot-version: needs: [deploy] container: zepben/pipeline-basic @@ -155,8 +168,8 @@ jobs: shell: bash build-docs: - needs: [deploy] - if: ${{ needs.deploy.outputs.docs-present == 'yes' }} + needs: [run-checks] + if: ${{ needs.run-checks.outputs.docs-present == 'yes' }} uses: ./.github/workflows/build-docs.yaml with: DEPLOY: true From fd5b1ec2931bf6b045dfd5476b9a8099e2ad5cc2 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 23:01:54 +1030 Subject: [PATCH 15/19] Run python check in basic pipeline container Signed-off-by: Alex Lourie --- .github/workflows/python-build.yml | 1 + .github/workflows/python-lib-snapshot.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/python-build.yml b/.github/workflows/python-build.yml index 251084bc..8d9ddb46 100644 --- a/.github/workflows/python-build.yml +++ b/.github/workflows/python-build.yml @@ -61,6 +61,7 @@ jobs: run-checks: runs-on: ubuntu-latest + container: zepben/pipeline-basic env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index f8f1b820..32074cbc 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -33,6 +33,7 @@ jobs: run-checks: runs-on: ubuntu-latest + container: zepben/pipeline-basic env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: From 910fef6cb4ba8e8b89fe3315885459d7cb987edd Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 23:03:01 +1030 Subject: [PATCH 16/19] Add check for leaks as python deps Signed-off-by: Alex Lourie --- .github/workflows/python-build.yml | 1 + .github/workflows/python-lib-snapshot.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/python-build.yml b/.github/workflows/python-build.yml index 8d9ddb46..4be6c705 100644 --- a/.github/workflows/python-build.yml +++ b/.github/workflows/python-build.yml @@ -62,6 +62,7 @@ jobs: run-checks: runs-on: ubuntu-latest container: zepben/pipeline-basic + needs: check-for-leaks env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index 32074cbc..afd4c9b6 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -34,6 +34,7 @@ jobs: run-checks: runs-on: ubuntu-latest container: zepben/pipeline-basic + needs: check-for-leaks env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: From 4fa23cb5cdb871ab6f516614763bab7a8d70181c Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Fri, 28 Nov 2025 23:17:48 +1030 Subject: [PATCH 17/19] More deps for python Signed-off-by: Alex Lourie --- .github/workflows/python-build.yml | 1 + .github/workflows/python-lib-snapshot.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/python-build.yml b/.github/workflows/python-build.yml index 4be6c705..5af792bb 100644 --- a/.github/workflows/python-build.yml +++ b/.github/workflows/python-build.yml @@ -122,6 +122,7 @@ jobs: build-and-test: runs-on: ubuntu-latest + needs: [check-for-leaks, run-checks] container: python:3.10 env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index afd4c9b6..a5c0e4f6 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -95,6 +95,7 @@ jobs: deploy: runs-on: ubuntu-latest container: python:3.10 + needs: [check-for-leaks, run-checks] env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: From 4d8a8b18bf2074a7725651516dd5b196be5f438f Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Sat, 29 Nov 2025 00:11:00 +1030 Subject: [PATCH 18/19] fix dependency for python Signed-off-by: Alex Lourie --- .github/workflows/python-lib-snapshot.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/python-lib-snapshot.yml b/.github/workflows/python-lib-snapshot.yml index a5c0e4f6..ef2c2fab 100644 --- a/.github/workflows/python-lib-snapshot.yml +++ b/.github/workflows/python-lib-snapshot.yml @@ -34,7 +34,6 @@ jobs: run-checks: runs-on: ubuntu-latest container: zepben/pipeline-basic - needs: check-for-leaks env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: @@ -95,7 +94,7 @@ jobs: deploy: runs-on: ubuntu-latest container: python:3.10 - needs: [check-for-leaks, run-checks] + needs: [run-checks] env: GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} outputs: From d717b8c96ec979d333fd944a62da7702133fefd3 Mon Sep 17 00:00:00 2001 From: Alex Lourie Date: Sat, 29 Nov 2025 00:22:14 +1030 Subject: [PATCH 19/19] Finish testing Signed-off-by: Alex Lourie --- .github/workflows/build-docs.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-docs.yaml b/.github/workflows/build-docs.yaml index 8d56ec0d..23bf21c6 100644 --- a/.github/workflows/build-docs.yaml +++ b/.github/workflows/build-docs.yaml @@ -74,7 +74,7 @@ jobs: - name: Build docusaurus id: build - uses: zepben/docusaurus-action@OPS-512-support-product + uses: zepben/docusaurus-action@main with: VERSION: ${{ inputs.VERSION }} NPM_REPO: ${{ secrets.NPM_REPO }}