Skip to content

Commit 9a92a49

Browse files
anton-haubner-sonarsourceanton-haubner-sonarsource
authored
GHA-120 Add workflow for automating ABD releases (#50)
1 parent b8bbdd7 commit 9a92a49

File tree

1 file changed

+329
-0
lines changed

1 file changed

+329
-0
lines changed

.github/workflows/abd-automated-release.yml

Lines changed: 329 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,329 @@
1+
name: ABD Reusable Release Automations
2+
3+
# This workflow automates most of the DBD release process as described at https://xtranet-sonarsource.atlassian.net/wiki/spaces/CodeQualit/pages/2824634385/DBD+Release+Instructions
4+
#
5+
# KNOWN LIMITATIONS
6+
#
7+
# Steps not yet automated:
8+
# - Checking if there are relevant RSPEC pull requests that still need to be merged
9+
# - Verify that all analyses on Peach are successful
10+
# - Verify that performance is under control
11+
# - Posting artifact links comment to Jira release ticket (see TODO in release-in-jira job)
12+
# All of this is currently handled by manual instructions.
13+
#
14+
# Also, this has not yet been tested with the COBOL and JCL analyzers.
15+
16+
env:
17+
JIRA_PROJECT_KEY: ${{ inputs.jira-project-key }}
18+
USE_JIRA_SANDBOX: ${{ inputs.use-jira-sandbox }}
19+
20+
on:
21+
workflow_call:
22+
inputs:
23+
jira-project-key:
24+
description: "Jira project key"
25+
required: true
26+
type: string
27+
project-name:
28+
description: "Project name"
29+
required: true
30+
type: string
31+
plugin-artifacts:
32+
description: "Plugin artifacts"
33+
required: true
34+
type: string
35+
use-jira-sandbox:
36+
description: "Use Jira sandbox"
37+
required: false
38+
type: boolean
39+
default: true
40+
is-draft-release:
41+
description: "Create draft release"
42+
required: false
43+
type: boolean
44+
default: true
45+
pm-email:
46+
description: "Product manager email"
47+
required: true
48+
type: string
49+
release-automation-secret-name:
50+
description: "Release automation secret name"
51+
required: true
52+
type: string
53+
short-description:
54+
description: "A brief summary of what the release contains"
55+
required: true
56+
type: string
57+
rule-props-changed:
58+
description: "Did any rule properties change in this release"
59+
required: true
60+
type: string
61+
branch:
62+
description: "Branch from which to do the release"
63+
required: true
64+
type: string
65+
default: "master"
66+
release-notes:
67+
description: "Release notes"
68+
required: true
69+
type: string
70+
new-version:
71+
description: "New version to release"
72+
required: true
73+
type: string
74+
75+
outputs:
76+
new-version:
77+
description: "New version to release"
78+
value: ${{ jobs.release-in-jira.outputs.new-version }}
79+
80+
jobs:
81+
pre-release-checks:
82+
name: Pre-release checks
83+
runs-on: ubuntu-latest
84+
permissions:
85+
statuses: read
86+
contents: write
87+
pull-requests: write
88+
id-token: write
89+
steps:
90+
# TODO: Add step to check whether all relevant RSPEC changes have been merged
91+
# TODO: Verify that all analyses on Peach are successful
92+
# TODO: Verify that performance on Peach is under control
93+
94+
- name: Check Releasability Status
95+
uses: SonarSource/release-github-actions/check-releasability-status@v1
96+
with:
97+
branch: ${{ inputs.branch }}
98+
99+
- name: Update Rule Metadata
100+
id: update-rule-metadata
101+
uses: SonarSource/release-github-actions/update-rule-metadata@v1
102+
103+
- name: Check Rule Metadata Changes
104+
if: steps.update-rule-metadata.outputs.has-changes == 'true'
105+
run: |
106+
echo "::error::Rule metadata changes detected. The generated PR needs to be merged first before continuing with the release."
107+
echo "::error::Pull Request URL: ${{ steps.update-rule-metadata.outputs.pull-request-url }}"
108+
echo "::error::Please merge the PR and run this workflow again (Start a new run instead of re-runing failed jobs in the current one)."
109+
exit 1
110+
111+
prepare-release:
112+
name: Prepare release
113+
runs-on: ubuntu-latest
114+
needs: pre-release-checks
115+
permissions:
116+
statuses: read
117+
contents: read
118+
id-token: write
119+
outputs:
120+
release-version: ${{ steps.get-release-version.outputs.release-version }}
121+
jira-version-name: ${{ steps.get-jira-version.outputs.jira-version-name }}
122+
release-notes: ${{ inputs.release-notes != '' && inputs.release-notes || steps.get-jira-release-notes.outputs.release-notes }}
123+
jira-release-notes: ${{ inputs.release-notes != '' && inputs.release-notes || steps.get-jira-release-notes.outputs.jira-release-notes }}
124+
jira-release-url: ${{ steps.get-jira-release-notes.outputs.jira-release-url }}
125+
steps:
126+
- name: Get Release Version
127+
id: get-release-version
128+
uses: SonarSource/release-github-actions/get-release-version@v1
129+
with:
130+
branch: ${{ inputs.branch }}
131+
132+
- name: Get Jira Version
133+
id: get-jira-version
134+
uses: SonarSource/release-github-actions/get-jira-version@v1
135+
136+
- name: Get Jira Release Notes
137+
id: get-jira-release-notes
138+
if: inputs.release-notes == ''
139+
uses: SonarSource/release-github-actions/get-jira-release-notes@v1
140+
141+
create-release-ticket:
142+
name: Create release ticket
143+
runs-on: ubuntu-latest
144+
needs: prepare-release
145+
permissions:
146+
statuses: read
147+
contents: read
148+
id-token: write
149+
outputs:
150+
release-ticket-key: ${{ steps.create-ticket.outputs.release-ticket-key }}
151+
release-ticket-url: ${{ steps.create-ticket.outputs.release-ticket-url }}
152+
steps:
153+
- name: Create Jira Release Ticket
154+
id: create-ticket
155+
uses: SonarSource/release-github-actions/create-jira-release-ticket@v1
156+
with:
157+
project-name: ${{ inputs.project-name }}
158+
short-description: ${{ inputs.short-description }}
159+
rule-props-changed: ${{ inputs.rule-props-changed }}
160+
jira-release-url: ${{ needs.prepare-release.outputs.jira-release-url }}
161+
start-progress: true
162+
version: ${{ needs.prepare-release.outputs.release-version }}
163+
164+
publish-github-release:
165+
name: Publish github release
166+
runs-on: ubuntu-latest
167+
needs: [ prepare-release, create-release-ticket ]
168+
permissions:
169+
id-token: write
170+
contents: write
171+
actions: write
172+
outputs:
173+
github-release-url: ${{ steps.publish-github-release.outputs.release-url}}
174+
steps:
175+
- name: Publish GitHub Release
176+
id: publish-github-release
177+
uses: SonarSource/release-github-actions/publish-github-release@v1
178+
with:
179+
release-version: ${{ needs.prepare-release.outputs.release-version }}
180+
release-notes: ${{ inputs.release-notes != '' && inputs.release-notes || needs.prepare-release.outputs.release-notes }}
181+
draft: ${{ inputs.is-draft-release }}
182+
branch: ${{ inputs.branch }}
183+
184+
release-in-jira:
185+
name: Release in Jira
186+
runs-on: ubuntu-latest
187+
needs: [ prepare-release, publish-github-release, create-release-ticket ]
188+
permissions:
189+
statuses: read
190+
contents: read
191+
id-token: write
192+
outputs:
193+
new-version: ${{ steps.create-jira-version.outputs.jira-new-version-name }}
194+
sqc-ticket-key: ${{ steps.create-sc-ticket.outputs.ticket-key }}
195+
sqc-ticket-url: ${{ steps.create-sc-ticket.outputs.ticket-url }}
196+
sqs-ticket-key: ${{ steps.create-sonar-ticket.outputs.ticket-key }}
197+
sqs-ticket-url: ${{ steps.create-sonar-ticket.outputs.ticket-url }}
198+
steps:
199+
- name: Release in Jira
200+
uses: SonarSource/release-github-actions/release-jira-version@v1
201+
with:
202+
jira-version-name: ${{ needs.prepare-release.outputs.jira-version-name }}
203+
204+
- name: Create new release in jira
205+
id: create-jira-version
206+
uses: SonarSource/release-github-actions/create-jira-version@v1
207+
with:
208+
jira-version-name: ${{ needs.prepare-release.outputs.jira-version-name }}
209+
jira-new-version-name: ${{ inputs.new-version }}
210+
211+
- name: Move release ticket to Technical release Done
212+
uses: SonarSource/release-github-actions/update-release-ticket-status@v1
213+
with:
214+
release-ticket-key: ${{ needs.create-release-ticket.outputs.release-ticket-key }}
215+
status: "Technical Release Done"
216+
assignee: ${{ inputs.pm-email }}
217+
218+
# TODO: Add step to post artifact links comment to Jira release ticket
219+
# Per DBD release instructions: "For clarity, add a comment in the Jira REL ticket with links
220+
# pointing to the three artifacts in JFrog"
221+
# Required artifacts:
222+
# - sonar-dbd-java-frontend-plugin
223+
# - sonar-dbd-python-frontend-plugin
224+
# - sonar-dbd-plugin
225+
# See manual ABD/DBD release instructions on Xtranet
226+
227+
- name: Create SC Ticket
228+
id: create-sc-ticket
229+
uses: SonarSource/release-github-actions/create-integration-ticket@v1
230+
with:
231+
plugin-name: ${{ inputs.project-name }}
232+
release-version: ${{ needs.prepare-release.release-version }}
233+
release-ticket-key: ${{ needs.create-release-ticket.outputs.release-ticket-key }}
234+
target-jira-project: "SC"
235+
ticket-description: ${{ inputs.short-description }}
236+
jira-release-url: ${{ needs.prepare-release.outputs.jira-release-url }}
237+
238+
- name: Create SONAR Ticket
239+
id: create-sonar-ticket
240+
uses: SonarSource/release-github-actions/create-integration-ticket@v1
241+
with:
242+
plugin-name: ${{ inputs.project-name }}
243+
release-version: ${{ needs.prepare-release.release-version }}
244+
release-ticket-key: ${{ needs.create-release-ticket.outputs.release-ticket-key }}
245+
target-jira-project: "SONAR"
246+
ticket-description: ${{ inputs.short-description }}
247+
jira-release-url: ${{ needs.prepare-release.outputs.jira-release-url }}
248+
249+
update-analyzers:
250+
name: Update Analyzers in SQS and SQC
251+
runs-on: ubuntu-latest
252+
needs: [ prepare-release, release-in-jira ]
253+
permissions:
254+
id-token: write
255+
outputs:
256+
sqs-pull-request-url: ${{ steps.update-sqs.outputs.pull-request-url }}
257+
sqc-pull-request-url: ${{ steps.update-sqc.outputs.pull-request-url }}
258+
steps:
259+
- name: Update analyzer in SQS
260+
id: update-sqs
261+
uses: SonarSource/release-github-actions/update-analyzer@v1
262+
with:
263+
release-version: ${{ needs.prepare-release.outputs.release-version }}
264+
ticket-key: ${{ needs.release-in-jira.outputs.sqs-ticket-key }}
265+
plugin-name: ${{ inputs.project-name }}
266+
secret-name: ${{ inputs.release-automation-secret-name }}
267+
plugin-artifacts: ${{inputs.plugin-artifacts }}
268+
draft: ${{ inputs.is-draft-release }}
269+
reviewers: ${{ github.actor }}
270+
271+
- name: Update analyzer in SQC
272+
id: update-sqc
273+
uses: SonarSource/release-github-actions/update-analyzer@v1
274+
with:
275+
release-version: ${{ needs.prepare-release.outputs.release-version }}
276+
ticket-key: ${{ needs.release-in-jira.outputs.sqc-ticket-key }}
277+
plugin-name: ${{ inputs.project-name }}
278+
secret-name: ${{ inputs.release-automation-secret-name }}
279+
plugin-artifacts: ${{inputs.plugin-artifacts }}
280+
draft: ${{ inputs.is-draft-release }}
281+
reviewers: ${{ github.actor }}
282+
283+
284+
summarize_release:
285+
name: Release
286+
runs-on: ubuntu-latest
287+
if: always()
288+
needs: [ pre-release-checks, prepare-release, publish-github-release, create-release-ticket, release-in-jira, update-analyzers ]
289+
steps:
290+
- name: Post Summary to Workflow
291+
run: |
292+
ALL_SUCCESS=$([[ "${{ needs.pre-release-checks.result }}" == "success" && \
293+
"${{ needs.prepare-release.result }}" == "success" && \
294+
"${{ needs.publish-github-release.result }}" == "success" && \
295+
"${{ needs.create-release-ticket.result }}" == "success" && \
296+
"${{ needs.release-in-jira.result }}" == "success" && \
297+
"${{ needs.update-analyzers.result }}" == "success" ]] && echo "true" || echo "false")
298+
299+
if [[ "$ALL_SUCCESS" == "true" ]]; then
300+
echo "### 🎉🚀 Congratulations! Release Successful! 🚀🎉" >> $GITHUB_STEP_SUMMARY
301+
echo "" >> $GITHUB_STEP_SUMMARY
302+
echo "**Summary of the release:**" >> $GITHUB_STEP_SUMMARY
303+
else
304+
echo "### ❌💥 Release Failed! 💥❌" >> $GITHUB_STEP_SUMMARY
305+
echo "" >> $GITHUB_STEP_SUMMARY
306+
echo "**Summary of the failed release:**" >> $GITHUB_STEP_SUMMARY
307+
fi
308+
309+
echo "- **Released Version:** ${{ needs.prepare-release.outputs.release-version }}" >> $GITHUB_STEP_SUMMARY
310+
echo "- **New Version:** ${{ needs.release-in-jira.outputs.new-version }}" >> $GITHUB_STEP_SUMMARY
311+
echo "- **Jira Release URL:** ${{ needs.prepare-release.outputs.jira-release-url }}" >> $GITHUB_STEP_SUMMARY
312+
echo "- **Release Ticket URL:** ${{ needs.create-release-ticket.outputs.release-ticket-url }}" >> $GITHUB_STEP_SUMMARY
313+
echo "- **GitHub Release URL:** ${{ needs.publish-github-release.outputs.github-release-url }}" >> $GITHUB_STEP_SUMMARY
314+
echo "- **SQS Integration Ticket URL:** ${{ needs.release-in-jira.outputs.sqs-ticket-url }}" >> $GITHUB_STEP_SUMMARY
315+
echo "- **SQC Integration Ticket URL:** ${{ needs.release-in-jira.outputs.sqc-ticket-url }}" >> $GITHUB_STEP_SUMMARY
316+
echo "- **SQS Analyzer PR URL:** ${{ needs.update-analyzers.outputs.sqs-pull-request-url }}" >> $GITHUB_STEP_SUMMARY
317+
echo "- **SQC Analyzer PR URL:** ${{ needs.update-analyzers.outputs.sqc-pull-request-url }}" >> $GITHUB_STEP_SUMMARY
318+
319+
if [[ "$ALL_SUCCESS" == "true" ]]; then
320+
echo "" >> $GITHUB_STEP_SUMMARY
321+
echo "PS: Don't forget to review and merge the bump version, SQS and SQC!" >> $GITHUB_STEP_SUMMARY
322+
echo "You should also update the relevant integration ticket statuses (don't forget to set the SQS ticket fix versions!)" >> $GITHUB_STEP_SUMMARY
323+
echo "For more information please check the release instructions at:" >> $GITHUB_STEP_SUMMARY
324+
echo "https://xtranet-sonarsource.atlassian.net/wiki/spaces/CodeQualit/pages/2824634385/DBD+Release+Instructions#Manual-Release" >> $GITHUB_STEP_SUMMARY
325+
else
326+
echo "" >> $GITHUB_STEP_SUMMARY
327+
echo "For fixes to common issues and other useful information please check the release instructions at:" >> $GITHUB_STEP_SUMMARY
328+
echo "https://xtranet-sonarsource.atlassian.net/wiki/spaces/CodeQualit/pages/2824634385/DBD+Release+Instructions" >> $GITHUB_STEP_SUMMARY
329+
fi

0 commit comments

Comments
 (0)