-
Notifications
You must be signed in to change notification settings - Fork 455
135 lines (132 loc) · 6.02 KB
/
release-checks.yaml
File metadata and controls
135 lines (132 loc) · 6.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Release Checks
on:
pull_request:
types: [opened, synchronize, reopened, edited]
branches: ['main']
permissions:
contents: read
jobs:
# More info at https://github.com/Roave/BackwardCompatibilityCheck.
backwards-compatibility-check:
name: Breaking Change Detector
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: "Install PHP"
uses: shivammathur/setup-php@v2
with:
php-version: "8.1"
- name: "Install dependencies"
run: composer global require "roave/backward-compatibility-check:^8.2"
- name: "Check for BC breaks"
if: github.event.pull_request.user.login != 'release-please[bot]'
# Ensure the build still passes by adding BREAKING_CHANGE_REASON=[reason] to the PR description.
continue-on-error: ${{ contains(github.event.pull_request.body, 'BREAKING_CHANGE_REASON=') }}
run: |
~/.composer/vendor/bin/roave-backward-compatibility-check --from=origin/main --format=github-actions
- name: "Check for BC label"
# Ensure the build still passes by adding BREAKING_CHANGE_REASON=[reason] to the PR description.
continue-on-error: ${{ contains(github.event.pull_request.body, 'BREAKING_CHANGE_REASON=') }}
run: |
if [[ "true" == "${{ contains(github.event.pull_request.title, '!:') }}" ]]; then
echo "Breaking change label found in PR title"
exit 1
fi
- name: Get Latest Release
if: github.event.pull_request.user.login == 'release-please[bot]'
id: latest-release
uses: pozetroninc/github-action-get-latest-release@master
with:
repository: ${{ github.repository }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: "Check for BC breaks (Next Release)"
if: github.event.pull_request.user.login == 'release-please[bot]'
# We've already approved and justified the breaking changes. Run the check but continue on error
continue-on-error: true
run: |
~/.composer/vendor/bin/roave-backward-compatibility-check \
--from=${{ steps.latest-release.outputs.release }} \
--to=origin/main --format=github-actions
# Ensure the release PR does not contain an unexpected (e.g. 2.0.0) major version release
# Add "MAJOR_VERSION_ALLOWED=component1,component2" to the PR description to allow major version
# releases for those components
unexpected-major-version-check:
name: Unexpected Major Version Check
runs-on: ubuntu-latest
if: github.event.pull_request.user.login == 'release-please[bot]'
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Parse allowed major versions
uses: actions-ecosystem/action-regex-match@v2
id: allowed-major-versions
with:
text: ${{ github.event.pull_request.body }}
regex: '^MAJOR_VERSION_ALLOWED=(.*)$'
flags: gm
- name: "Check for unexpected major version"
run: |
# parse allowed major versions into an array
IFS=', ' read -r -a ALLOWED_MAJOR_VERSIONS <<< "${{ steps.allowed-major-versions.outputs.group1 }}"
# get all changed components
COMPONENTS=$(git diff origin/main --name-only | grep VERSION | xargs dirname)
FAIL=""
for COMPONENT in ${COMPONENTS}; do {
if [[ "$(cat $COMPONENT/VERSION)" == [123456789].0.0 ]]; then
# A new version is being released - make sure it's allowed
if [[ ${ALLOWED_MAJOR_VERSIONS[@]} =~ $COMPONENT ]]; then
echo "Major version release allowed: $COMPONENT"
else
echo "Unexpected major version release found: $COMPONENT"
FAIL="true"
fi
fi
}; done
if [[ "$FAIL" == "true" ]]; then
echo "⚠️ IMPORTANT ⚠️ This check is meant to prevent the accidental release of new major versions. New "
echo "major versions should only be released intentionally. If you are not explicitly trying to release a "
echo "new major version and you don't have explicit approval from the Language Lead, "
echo "⚠️ DO NOT BYPASS THIS CHECK ⚠️"
echo -e "\nAdd \"MAJOR_VERSION_ALLOWED=component1,component2\" to the PR description to allow "
echo "major version releases for those components"
exit 1
fi
# Ensure that if the release PR contains any NEW components, the new component's corresponding
# sub-repo exists
new-component-subrepo-check:
name: New Component Sub-Repo Check
runs-on: ubuntu-latest
if: github.event.pull_request.user.login == 'release-please[bot]'
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: "Verify the subrepos exist for new components"
run: |
COMPONENTS=$(git diff origin/main --name-only | grep VERSION | xargs dirname)
FAIL=""
for COMPONENT in ${COMPONENTS}; do {
if [[ "$(cat $COMPONENT/VERSION)" == "0.1.0" ]]; then
SUBREPO=$(cat $COMPONENT/composer.json | jq -r '.extra.component.target')
echo "New component found: $COMPONENT"
if curl --head --silent --fail "https://api.github.com/repos/$SUBREPO" -H 'Authorization: Bearer ${{secrets.SPLIT_TOKEN}}' > /dev/null; then
echo "✅ Target Repo '$SUBREPO' exists"
else
echo "❌ Target Repo '$SUBREPO' DOES NOT EXIST"
FAIL="true"
fi
fi
}; done
if [[ "$FAIL" == "true" ]]; then
echo "Missing repositories for one or more new components"
exit 1
fi
next-release-label-check:
name: Check for "next release" label
uses: GoogleCloudPlatform/php-tools/.github/workflows/release-checks.yml@main
if: github.event.pull_request.user.login == 'release-please[bot]'
with:
next-release-label-check: true