Add workflow to complete 1.33.6 to main (#12107)

laurit · web-flow · commit 35ea26d1a3bd · 2024-08-26T10:09:43.000+03:00
diff --git a/.github/workflows/release-1.33.6.yml b/.github/workflows/release-1.33.6.yml
@@ -0,0 +1,238 @@
+name: Release 1.33.6
+on:
+  workflow_dispatch:
+
+jobs:
+  required-jobs:
+    uses: ./.github/workflows/build-common.yml
+
+  # test-latest-deps is intentionally not included in the release workflows
+  # because any time a new library version is released to maven central
+  # it can fail due to test code incompatibility with the new library version,
+  # or due to slight changes in emitted telemetry
+
+  # muzzle is intentionally not included in the release workflows
+  # because any time a new library version is released to maven central it can fail,
+  # and this is not a reason to hold up the release
+
+  release:
+    runs-on: ubuntu-latest
+    needs:
+      - required-jobs
+    outputs:
+      version: ${{ steps.create-github-release.outputs.version }}
+    steps:
+      - run: |
+          if [[ $GITHUB_REF_NAME != release/* ]]; then
+            echo this workflow should only be run against release branches
+            exit 1
+          fi
+
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+      - name: Set environment variables
+        run: |
+          version=$(.github/scripts/get-version.sh)
+          if [[ $version =~ ^([0-9]+)\.([0-9]+)\.([0-9]+) ]]; then
+            major="${BASH_REMATCH[1]}"
+            minor="${BASH_REMATCH[2]}"
+            patch="${BASH_REMATCH[3]}"
+          else
+            echo "unexpected version: $version"
+            exit 1
+          fi
+          if [[ $patch == 0 ]]; then
+            if [[ $minor == 0 ]]; then
+              prior_major=$((major - 1))
+              prior_minor=$(grep -Po "^## Version $prior_major.\K[0-9]+" CHANGELOG.md | head -1)
+              prior_version="$prior_major.$prior_minor"
+            else
+              prior_version="$major.$((minor - 1)).0"
+            fi
+          else
+            prior_version="$major.$minor.$((patch - 1))"
+          fi
+          echo "VERSION=$version" >> $GITHUB_ENV
+          echo "PRIOR_VERSION=$prior_version" >> $GITHUB_ENV
+
+        # check out main branch to verify there won't be problems with merging the change log
+        # at the end of this workflow
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          ref: main
+
+      - name: Check that change log update was merged to main
+        run: |
+          if [[ $VERSION == *.0 ]]; then
+            # not making a patch release
+            if ! grep --quiet "^## Version $VERSION " CHANGELOG.md; then
+              echo the pull request generated by prepare-release-branch.yml needs to be merged first
+              exit 1
+            fi
+          fi
+
+        # back to the release branch
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          # tags are needed for the generate-release-contributors.sh script
+          fetch-depth: 0
+
+      - name: Free disk space
+        run: .github/scripts/gha-free-disk-space.sh
+
+      - uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
+        with:
+          distribution: temurin
+          java-version-file: .java-version
+
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0
+
+      - name: Build and publish artifacts
+        env:
+          SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
+          SONATYPE_KEY: ${{ secrets.SONATYPE_KEY }}
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+          GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }}
+        # Skip publishing, it was already done with the previous release attempt. We need to run
+        # the steps that follow to complete the release.
+        # run: ./gradlew assemble spdxSbom publishToSonatype closeAndReleaseSonatypeStagingRepository
+        run: ./gradlew assemble spdxSbom
+
+      - name: Build and publish gradle plugins
+        env:
+          SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
+          SONATYPE_KEY: ${{ secrets.SONATYPE_KEY }}
+          GRADLE_PUBLISH_KEY: ${{ secrets.GRADLE_PUBLISH_KEY }}
+          GRADLE_PUBLISH_SECRET: ${{ secrets.GRADLE_PUBLISH_SECRET }}
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+          GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }}
+        # Don't use publishToSonatype since we don't want to publish the marker artifact
+        run: ./gradlew build publishPlugins publishPluginMavenPublicationToSonatypeRepository closeAndReleaseSonatypeStagingRepository
+        working-directory: gradle-plugins
+
+      - name: Collect SBOMs
+        run: |
+          mkdir sboms
+          cp javaagent/build/spdx/*.spdx.json sboms
+          zip opentelemetry-java-instrumentation-SBOM.zip sboms/*
+
+      - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+        name: Upload SBOMs
+        with:
+          name: opentelemetry-java-instrumentation-SBOM
+          path: "sboms/*.json"
+
+      - name: Generate release notes
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          sdk_version=$(grep -Po "val otelSdkVersion = \"\K[0-9]+.[0-9]+.[0-9]+" dependencyManagement/build.gradle.kts)
+
+          # conditional blocks not indented because of the heredoc
+          if [[ $VERSION == *.0 ]]; then
+          cat > /tmp/release-notes.txt << EOF
+          This release targets the OpenTelemetry SDK $sdk_version.
+
+          Note that many artifacts have the \`-alpha\` suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the [VERSIONING.md](https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning) for more details.
+
+          EOF
+          else
+          cat > /tmp/release-notes.txt << EOF
+          This is a patch release on the previous $PRIOR_VERSION release, fixing the issue(s) below.
+
+          EOF
+          fi
+
+          # CHANGELOG_SECTION.md is also used at the end of the release workflow
+          # for copying the change log updates to main
+          sed -n "0,/^## Version $VERSION /d;/^## Version /q;p" CHANGELOG.md \
+            > /tmp/CHANGELOG_SECTION.md
+
+          # the complex perl regex is needed because markdown docs render newlines as soft wraps
+          # while release notes render them as line breaks
+          perl -0pe 's/(?<!\n)\n *(?!\n)(?![-*] )(?![1-9]+\. )/ /g' /tmp/CHANGELOG_SECTION.md \
+            >> /tmp/release-notes.txt
+
+          # conditional block not indented because of the heredoc
+          if [[ $VERSION == *.0 ]]; then
+          cat >> /tmp/release-notes.txt << EOF
+          ### 🙇 Thank you
+
+          This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:
+
+          EOF
+
+          .github/scripts/generate-release-contributors.sh v$PRIOR_VERSION >> /tmp/release-notes.txt
+          fi
+
+      - id: create-github-release
+        name: Create GitHub release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          cp javaagent/build/libs/opentelemetry-javaagent-${VERSION}.jar opentelemetry-javaagent.jar
+          gh release create --target $GITHUB_REF_NAME \
+                            --title "Version $VERSION" \
+                            --notes-file /tmp/release-notes.txt \
+                            v$VERSION \
+                            opentelemetry-javaagent.jar \
+                            opentelemetry-java-instrumentation-SBOM.zip
+
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+  merge-change-log-to-main:
+    runs-on: ubuntu-latest
+    needs:
+      - release
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+      - name: Copy change log section from release branch
+        env:
+          VERSION: ${{ needs.release.outputs.version }}
+        run: |
+          sed -n "0,/^## Version $VERSION /d;/^## Version /q;p" CHANGELOG.md \
+            > /tmp/changelog-section.md
+
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          ref: main
+
+      - name: Merge change log to main
+        env:
+          VERSION: ${{ needs.release.outputs.version }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          release_date=$(gh release view v$VERSION --json publishedAt --jq .publishedAt | sed 's/T.*//')
+          RELEASE_DATE=$release_date .github/scripts/merge-change-log-after-release.sh
+
+      - name: Use CLA approved github bot
+        run: .github/scripts/use-cla-approved-github-bot.sh
+
+      - name: Create pull request against main
+        env:
+          VERSION: ${{ needs.release.outputs.version }}
+          # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows
+          GH_TOKEN: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }}
+        run: |
+          if git diff --quiet; then
+            if [[ $VERSION == *.0 ]]; then
+              echo there are no updates to merge, not creating pull request
+              exit 0 # success
+            else
+              echo patch release notes did not get applied for some reason
+              exit 1 # failure
+            fi
+          fi
+
+          message="Merge change log updates from $GITHUB_REF_NAME"
+          body="Merge change log updates from \`$GITHUB_REF_NAME\`."
+          branch="opentelemetrybot/merge-change-log-updates-from-${GITHUB_REF_NAME//\//-}"
+
+          git checkout -b $branch
+          git commit -a -m "$message"
+          git push --set-upstream origin $branch
+          gh pr create --title "$message" \
+                       --body "$body" \
+                       --base main
