reference-implementations-afm/.github/workflows/release-ballerina.yml at main · RadCod3/reference-implementations-afm · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
name: Release Ballerina

on:
  workflow_dispatch:
    inputs:
      branch:
        description: 'Branch to release from'
        required: false
        default: 'main'
        type: string

concurrency:
  group: release-ballerina-interpreter
  cancel-in-progress: false

jobs:
  validate:
    runs-on: ubuntu-latest
    permissions:
      contents: read
    outputs:
      release_version: ${{ steps.version.outputs.RELEASE_VERSION }}
      next_version: ${{ steps.version.outputs.NEXT_VERSION }}
      tag: ${{ steps.version.outputs.TAG }}
    steps:
      - name: Validate branch format
        env:
          BRANCH: ${{ inputs.branch }}
        run: |
          # Validate branch format (alphanumeric, dash, underscore, dot, slash)
          if [[ ! "$BRANCH" =~ ^[a-zA-Z0-9._/-]+$ ]]; then
            echo "::error::Invalid branch name: $BRANCH"
            exit 1
          fi

      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ref: ${{ inputs.branch }}
          fetch-depth: 0

      - name: Read and validate version
        id: version
        run: |
          VERSION_FILE="ballerina-interpreter/Ballerina.toml"

          if [ ! -f "$VERSION_FILE" ]; then
            echo "::error::Version file not found: $VERSION_FILE"
            exit 1
          fi

          # Read version (first match is package version)
          RELEASE_VERSION=$(grep '^version = ' "$VERSION_FILE" | head -1 | sed 's/version = "\(.*\)"/\1/')

          # Validate version format
          if [[ ! "$RELEASE_VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
            echo "::error::Version in $VERSION_FILE must be in format X.Y.Z, got: $RELEASE_VERSION"
            exit 1
          fi

          # Parse for next patch bump
          MAJOR=$(echo "$RELEASE_VERSION" | cut -d. -f1)
          MINOR=$(echo "$RELEASE_VERSION" | cut -d. -f2)
          PATCH=$(echo "$RELEASE_VERSION" | cut -d. -f3)
          NEXT_VERSION="$MAJOR.$MINOR.$((PATCH + 1))"
          TAG="ballerina-interpreter-v$RELEASE_VERSION"

          echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_OUTPUT
          echo "NEXT_VERSION=$NEXT_VERSION" >> $GITHUB_OUTPUT
          echo "TAG=$TAG" >> $GITHUB_OUTPUT
          echo "Releasing ballerina-interpreter $RELEASE_VERSION (tag: $TAG), next will be $NEXT_VERSION"

      - name: Check tag doesn't already exist
        env:
          TAG: ${{ steps.version.outputs.TAG }}
        run: |
          if git rev-parse "$TAG" >/dev/null 2>&1; then
            echo "::error::Tag $TAG already exists."
            exit 1
          fi

      - name: Check release branch doesn't already exist
        env:
          RELEASE_BRANCH: release-ballerina-interpreter-${{ steps.version.outputs.RELEASE_VERSION }}
        run: |
          if git ls-remote --exit-code --heads origin "$RELEASE_BRANCH" >/dev/null 2>&1; then
            echo "::error::Release branch $RELEASE_BRANCH already exists."
            exit 1
          fi

  test:
    needs: validate
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ballerina-interpreter
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ref: ${{ inputs.branch }}
          fetch-depth: 0

      - name: Set up Ballerina
        uses: ballerina-platform/setup-ballerina@v1.1.3
        with:
          version: 2201.12.10

      - name: Build and test
        run: |
          bal build
          bal test

  docker:
    needs: [validate, test]
    uses: ./.github/workflows/release-docker.yml
    with:
      context: ballerina-interpreter
      image_name: afm-ballerina-interpreter
      version: ${{ needs.validate.outputs.release_version }}
      branch: ${{ inputs.branch }}
      image_title: AFM Ballerina Interpreter
    permissions:
      packages: write
      security-events: write

  finalize:
    needs: [validate, docker]
    uses: ./.github/workflows/release-finalize.yml
    with:
      tag: ${{ needs.validate.outputs.tag }}
      implementation: ballerina-interpreter
      package: ballerina-interpreter
      version: ${{ needs.validate.outputs.release_version }}
      branch: ${{ inputs.branch }}
      is_rerelease: false
    permissions:
      contents: write

  bump-version:
    needs: [validate, finalize]
    if: false  # Disabled: direct push blocked by branch protection
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ref: ${{ inputs.branch }}

      - name: Bump version to next
        env:
          BRANCH: ${{ inputs.branch }}
          NEXT_VERSION: ${{ needs.validate.outputs.next_version }}
        run: |
          git config user.name "github-actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"
          git pull origin "$BRANCH" --rebase

          VERSION_FILE="ballerina-interpreter/Ballerina.toml"
          sed -i "s/^version = \".*\"/version = \"$NEXT_VERSION\"/" "$VERSION_FILE"
          git add "$VERSION_FILE"
          git commit -m "Bump ballerina-interpreter version to $NEXT_VERSION"
          git push origin "$BRANCH"