pine/.github/workflows/schedule-release.yml at 1620a458bd58a4f7b9cde6b2bbcc64ae83584d2d · Kajabi/pine · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
name: "Pine Continuous Deployment"

# Restrict default permissions to read-only for security (principle of least privilege)
# Jobs that need more permissions (like release) explicitly override this
permissions:
  contents: read

on:
  ## We will uncomment this when we settle on a deployment schedule
  # schedule:
  #  - cron: '00 04 * * 1' # 4 am UTC (9 am CST) Monday

  workflow_call:
    inputs:
      preid:
        description: 'The prerelease id used when doing a prerelease. e.g prerelease, premajor, preminor, etc.'
        type: string
        default: ''

      ref:
        description: 'This could be a branch name, tag, or a SHA.'
        type: string
        default: ''

      tag:
        description: 'The tag to publish on NPM.'
        required: true
        type: string

      version:
        description: 'The type of version to release.'
        required: true
        type: string

    secrets:
      NPM_TOKEN:
        required: true

  workflow_dispatch:
    inputs:
      preid:
        type: string
        description: Which prerelease id should be used? This is only needed when a version is "prepatch", "preminor", "premajor", or "prerelease".
        default: ''
          # - ''
          # - alpha
          # - beta
          # - rc
          # - next

      ref:
        type: string
        description: The branch name, tag, or SHA to be checked out. This can also be left blank.
        default: ''

      tag:
        type: choice
        required: true
        description: Which npm tag should this be published to?
        options:
          - latest
          - next
          - dev

      version:
        type: choice
        description: Which version should be published?
        options:
          - ''
          - patch
          - minor
          - major
          - prepatch
          - preminor
          - premajor
          - prerelease

jobs:
  build-core:
    runs-on: ubuntu-latest

    steps:
      - name: Set SHA
        uses: nrwl/nx-set-shas@v4

      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Setup
        uses: ./.github/workflows/actions/setup
        with:
          token: ${{ secrets.NPM_TOKEN }}

      - name: Install Dependencies
        run: npm ci --legacy-peer-deps
        shell: bash

      - name: Build Core
        uses: ./.github/workflows/actions/build-core

  build-react:
    runs-on: ubuntu-latest

    steps:
      - name: Set SHA
        uses: nrwl/nx-set-shas@v4

      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Setup
        uses: ./.github/workflows/actions/setup
        with:
          token: ${{ secrets.NPM_TOKEN }}

      - name: Build React
        uses: ./.github/workflows/actions/build-react


  build-doc-components:
    runs-on: ubuntu-latest

    steps:
      - name: Set SHA
        uses: nrwl/nx-set-shas@v4

      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Setup
        uses: ./.github/workflows/actions/setup
        with:
          token: ${{ secrets.NPM_TOKEN }}

      - name: Build Doc Components
        uses: ./.github/workflows/actions/build-doc-components

  release:
    permissions:
      contents: write
      id-token: write
    needs: [build-core, build-react, build-doc-components]
    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Get Latest
        run: git pull
        shell: bash

      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version-file: '.nvmrc'

      - name: Verify NPM Cache
        shell: bash
        run: npm cache verify

      - name: Get NPM cache directory
        id: npm-cache-dir
        shell: bash
        run: echo "dir=$(npm config get cache)" >> $GITHUB_ENV

      - name: Configure user
        run: |
          git config user.name "DSS Automation Bot"
          git config user.email "dev+github-bot@kajabi.com"
        shell: bash

      # - name: Restore Core built Cache
      #   uses: ./.github/workflows/actions/download-archive
      #   with:
      #     name: pine-core
      #     path: libs/core
      #     filename: CoreBuild.zip

      # - name: Restore React built Cache
      #   uses: ./.github/workflows/actions/download-archive
      #   with:
      #     name: pine-react
      #     path: libs/react
      #     filename: ReactBuild.zip

      # - name: Restore Doc Components built cache
      #   uses: ./.github/workflows/actions/download-archive
      #   with:
      #     name: pine-doc-components
      #     path: libs/doc-components
      #     filename: DocComponentsBuild.zip

      - name: Install Dependencies
        run: npm ci --ignore-scripts
        shell: bash

      - name: Build All
        run: npx nx run-many --target=build --all
        shell: bash

      - name: Prepare NPM Token
        run: echo //registry.npmjs.org/:_authToken=${NPM_TOKEN} >> .npmrc
        shell: bash
        env:
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

      - name: Release
        if: ${{ inputs.version == '' }}
        run: npx nx release --yes
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NPM_CONFIG_PROVENANCE: true

      ### Steps below are used for releasing a specified version type (major, minor, patch, etc.)
      - name: Release with Input Version
        if: ${{ inputs.version != '' }}
        run: npx nx release ${{ inputs.version }} --preid ${{ inputs.preid }} --yes
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
          NPM_CONFIG_PROVENANCE: true

      - name: Report pine production deployment to GetDX
        if: ${{ success() }}
        uses: Kajabi/getdx-deployment-identifier-action@main
        with:
          getdx-instance-name: 'kajabi'
          getdx-token: ${{ secrets.GETDX_DEPLOYMENT_TOKEN }}
          service-name: 'pine'

  send-slack-notification:
    runs-on: ubuntu-latest
    needs: release

    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Get latest
        run: git pull
        shell: bash

      - name: Fetch latest tags
        run: git fetch --tags
        shell: bash

      - name: Setup ENV Vars
        run: |
          # Get the latest git tag (which is the version just released)
          VERSION=$(git describe --tags --abbrev=0)
          CURRENT_DATE=$(date +'%B %d, %Y')

          echo "VERSION=$VERSION" >> $GITHUB_ENV
          echo "CURRENT_DATE=$CURRENT_DATE" >> $GITHUB_ENV
          echo "RELEASE_URL=https://github.com/${{ github.repository }}/releases/tag/$VERSION" >> $GITHUB_ENV
        shell: bash

      - name: Send Slack Notification
        uses: slackapi/slack-github-action@v1.26.0
        env:
          SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
          DATE: ${{ env.CURRENT_DATE }}
          RELEASE_URL: ${{ env.RELEASE_URL }}
          VERSION: ${{ env.VERSION }}
        with:
          channel-id: ${{ vars.SLACK_CHANNEL_NAME }}
          payload-file-path: "./.github/workflows/slack_payloads/release-info.json"