SONARIAC-2092 Add "Create REL ticket" Github Action (#1)

yasen-pavlov-sonarsource · web-flow · commit b064b860240b · 2025-07-15T10:38:18.000+02:00
* Add Create Release Ticket action

* remove unecessary package from requirements

* fix Dockerfile paths

* run python script directly

* fix action repo checkout

* remove unecessary files

* set correct action ref

* set correct action ref v2

* switch to self contained action

* fix typo

* add readme

* fix typo in action

* fix typo in readme

* fix review issues

* update input description in example

* remove unecessary comment

* add job name to example

* fix review issues

* refactor get_jira_release_notes_info

* fix typo

* update readme

* move log to correct place

* fix review issues

* fix atlassian prod url
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,159 @@
+### Python template
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#pdm.lock
+#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
+#   in version control.
+#   https://pdm.fming.dev/latest/usage/project/#working-with-version-control
+.pdm.toml
+.pdm-python
+.pdm-build/
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+/tools/tools.iml
+/.idea/
diff --git a/README.md b/README.md
@@ -1,3 +1,7 @@
 # release-github-actions
 
 A centralized collection of reusable GitHub Actions designed to streamline and automate every stage of the analyzer release process. This repository serves as a versatile toolbox, offering modular automations to eliminate manual, repetitive steps and reduce friction across squads managing analyzer projects. Whether standardizing changelog generation, automating version bumps, handling release publishing, or coordinating cross-repository tasks, these actions help teams back away from cumbersome workflows and focus more on code quality. Pick and combine the automations best suited for your analyzer’s unique release requirements, and easily extend the toolbox to cover new scenarios as they arise.
+
+## Available Actions
+
+* [**Create Jira Release Ticket**](create-jira-release-ticket/README.md): Automates the creation of an "Ask for release" ticket in Jira.
diff --git a/create-jira-release-ticket/README.md b/create-jira-release-ticket/README.md
@@ -0,0 +1,105 @@
+# Create Jira Release Ticket Action
+
+This GitHub Action automates the creation of an "Ask for release" ticket in Jira. It is designed to be used in release workflows to standardize the process of requesting a new software release.
+
+The action is self-contained and uses a Python script to interact with the Jira API.
+## Prerequisites
+
+The action requires that the repository needs to have the `development/kv/data/jira` token configured in vault.
+This can done using the SPEED self-service portal ([more info](https://xtranet-sonarsource.atlassian.net/wiki/spaces/Platform/pages/3553787989/Manage+Vault+Policy+-+SPEED)).
+
+## Inputs
+
+The following inputs can be configured for the action:
+
+| Input                  | Description                                                                                                        | Required | Default |
+|------------------------|--------------------------------------------------------------------------------------------------------------------|----------|---------|
+| `jira_user`            | The Jira user (email) for authentication.                                                                          | `true`   |         |
+| `jira_token`           | The Jira API token for authentication.                                                                             | `true`   |         |
+| `project_key`          | The project key (e.g., `SONARIAC`).                                                                                | `true`   |         |
+| `project_name`         | The display name of the project (e.g., `SonarIaC`). Will be used as the prefix of the resulting release ticket.    | `true`   |         |
+| `version`              | The new version string being released (e.g., `1.2.3`).                                                             | `true`   |         |
+| `short_description`    | A brief description of the release.                                                                                | `true`   |         |
+| `targeted_product`     | The targeted product version (e.g., `11.0`).                                                                       | `true`   |         |
+| `sq_compatibility`     | The SonarQube compatibility version (e.g., `2025.3`).                                                              | `true`   |         |
+| `use_sandbox`          | Set to `false` to use the Jira production server.                                                                  | `false`  | `true`  |
+| `documentation_status` | The status of the release documentation.                                                                           | `false`  | `N/A`   |
+| `rule_props_changed`   | Whether rule properties have changed (`Yes` or `No`).                                                              | `false`  | `No`    |
+| `jira_release_name`    | The specific Jira release version to use. If omitted and there is only one unreleased version it will released it. | `false`  | `''`    |
+| `sonarlint_changelog`  | The SonarLint changelog content.                                                                                   | `false`  | `''`    |
+
+## Outputs
+
+| Output       | Description                                    |
+|--------------|------------------------------------------------|
+| `ticket_key` | The key of the jira ticket (e.g., `REL-1234`). |
+
+## Example Usage
+
+Here is an example of how to use this action in a workflow. This job will be triggered manually and will create a Jira release ticket using the provided inputs and secrets from HashiCorp Vault.
+
+```yaml
+name: Create Release Ticket
+
+# Define environment variables for project-specific settings
+env:
+  PROJECT_KEY: 'SONARIAC'
+  PROJECT_NAME: 'SonarIaC'
+
+on:
+  workflow_dispatch:
+    inputs:
+     version:
+        description: 'Version'
+        required: true
+        default: '1.0.0'
+      short_description:
+        description: 'Short Description'
+        required: true
+      targeted_product:
+        description: 'Targeted Product'
+        required: true
+      sq_compatibility:
+        description: 'SonarQube Compatibility'
+        required: true
+      jira_release:
+        description: 'Jira release version'
+        required: false
+      sonarlint_changelog:
+        description: 'SonarLint changelog content'
+        required: false
+
+jobs:
+  create_release_ticket:
+    name: Create release ticket
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+
+    steps:
+      - name: Get Jira Credentials from Vault
+        id: secrets
+        uses: SonarSource/vault-action-wrapper@v3
+        with:
+          secrets: |
+            development/kv/data/jira user | JIRA_USER;
+            development/kv/data/jira token | JIRA_TOKEN;
+
+      - name: Create Jira Release Ticket
+        id: create_ticket
+        uses: SonarSource/release-github-actions/.github/actions/create-jira-release-ticket
+        with:
+          jira_user: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }}
+          jira_token: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }}
+          project_key: ${{ env.PROJECT_KEY }}
+          project_name: ${{ env.PROJECT_NAME }}
+          version: ${{ github.event.inputs.version }}
+          short_description: ${{ github.event.inputs.short_description }}
+          targeted_product: ${{ github.event.inputs.targeted_product }}
+          sq_compatibility: ${{ github.event.inputs.sq_compatibility }}
+          jira_release_name: ${{ github.event.inputs.jira_release }}
+          sonarlint_changelog: ${{ github.event.inputs.sonarlint_changelog }}
+
+      - name: Echo Ticket Key
+        run: echo "The created Jira ticket key is ${{ steps.create_ticket.outputs.ticket_key }}"
diff --git a/create-jira-release-ticket/action.yml b/create-jira-release-ticket/action.yml
@@ -0,0 +1,93 @@
+name: 'Create Jira Release Ticket'
+description: 'Creates a Jira release ticket.'
+author: 'SonarSource'
+
+inputs:
+  jira_user:
+    description: 'Jira user for authentication'
+    required: true
+  jira_token:
+    description: 'Jira API token for authentication'
+    required: true
+  project_key:
+    description: 'The key of the project (e.g., SONARIAC)'
+    required: true
+  project_name:
+    description: 'The display name of the project (e.g., SonarIaC)'
+    required: true
+  version:
+    description: 'The version being released (e.g., 11.44.2)'
+    required: true
+  short_description:
+    description: 'A short description for the release'
+    required: true
+  targeted_product:
+    description: 'The targeted product version (e.g., 11.0)'
+    required: true
+  sq_compatibility:
+    description: 'SonarQube compatibility version (e.g., 2025.3)'
+    required: true
+  use_sandbox:
+    description: "Use the sandbox server instead of the production Jira."
+    required: false
+    default: 'true'
+  documentation_status:
+    description: 'Status of the documentation'
+    required: false
+    default: 'N/A'
+  rule_props_changed:
+    description: 'Whether rule properties have changed'
+    required: false
+    default: 'No'
+  jira_release_name:
+    description: 'The specific Jira release version to use.'
+    required: false
+    default: ''
+  sonarlint_changelog:
+    description: 'The SonarLint changelog content.'
+    required: false
+    default: ''
+
+outputs:
+  ticket_key:
+    description: 'The key of the created Jira ticket (e.g., REL-123)'
+    value: ${{ steps.run_python_script.outputs.ticket_key }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.8'
+
+    - name: Install dependencies
+      shell: bash
+      run: pip install -r ${{ github.action_path }}/requirements.txt
+
+    - name: Run Python Script to Create Ticket
+      id: run_python_script
+      shell: bash
+      run: |
+        SANDBOX_FLAG=""
+        if [[ "${{ inputs.use_sandbox }}" == "true" ]]; then
+          SANDBOX_FLAG="--use-sandbox"
+        fi
+
+        TICKET_KEY=$(python ${{ github.action_path }}/create_release_ticket.py \
+          --project-key="${{ inputs.project_key }}" \
+          --project-name="${{ inputs.project_name }}" \
+          --version="${{ inputs.version }}" \
+          --short-description="${{ inputs.short_description }}" \
+          --targeted-product="${{ inputs.targeted_product }}" \
+          --sq-compatibility="${{ inputs.sq_compatibility }}" \
+          ${SANDBOX_FLAG} \
+          --documentation-status="${{ inputs.documentation_status }}" \
+          --rule-props-changed="${{ inputs.rule_props_changed }}" \
+          --jira-release-name="${{ inputs.jira_release_name }}" \
+          --sonarlint-changelog="${{ inputs.sonarlint_changelog }}"
+        )
+        echo "ticket_key=${TICKET_KEY}" >> $GITHUB_OUTPUT
+      env:
+        JIRA_USER: ${{ inputs.jira_user }}
+        JIRA_TOKEN: ${{ inputs.jira_token }}
diff --git a/create-jira-release-ticket/create_release_ticket.py b/create-jira-release-ticket/create_release_ticket.py
diff --git a/create-jira-release-ticket/requirements.txt b/create-jira-release-ticket/requirements.txt
