-
Notifications
You must be signed in to change notification settings - Fork 200
154 lines (142 loc) · 5.13 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
name: Release
permissions:
id-token: write # Required for AWS OIDC auth.
contents: write # Required to tag
concurrency:
group: ${{ github.event.repository.name }}-deploy
cancel-in-progress: true
on:
workflow_dispatch:
push:
branches:
- main
- github-actions-release # TESTING
env:
# S3 bucket that hosts the client's assets
S3_BUCKET: cdn.hypothes.is
# URL that the client's assets are served from
CDN_URL: https://cdn.hypothes.is/hypothesis
jobs:
continuous-integration:
uses: ./.github/workflows/continuous-integration.yml
name: continuous integration
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
release-staging:
needs: continuous-integration
runs-on: ubuntu-latest
# This presently uses the AWS / Sentry auth from the old "QA" environment.
# We should eventually rename that environment or create a new one.
environment: qa
env:
NOTEBOOK_APP_URL: https://staging.hypothes.is/notebook
PROFILE_APP_URL: https://staging.hypothes.is/user-profile
SIDEBAR_APP_URL: https://staging.hypothes.is/app.html
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.CLIENT_RELEASE_ROLE_ARN }}
aws-region: us-east-1
- name: Checkout
uses: actions/checkout@v4
- name: Cache the node_modules dir
uses: actions/cache@v4
with:
path: node_modules
key: ${{ runner.os }}-node_modules-${{ hashFiles('yarn.lock') }}
- name: Install
run: yarn install --immutable
- name: Get version
run: |
git fetch --tags --quiet
LAST_COMMIT_HASH=$(git show HEAD --no-patch --format="%h")
STAGING_VERSION=$(git tag --list | sort --version-sort --reverse | head -n1 | tail -c +2)-stg-$LAST_COMMIT_HASH
echo "STAGING_VERSION=$STAGING_VERSION" >> $GITHUB_ENV
- name: Build app
run: |
yarn version "$STAGING_VERSION"
make clean build
- name: Upload files to Sentry
env:
SENTRY_AUTH_TOKEN: ${{ secrets.sentry_auth_token }}
run: |
SENTRY_CMD="yarn run sentry-cli releases --org hypothesis --project client"
$SENTRY_CMD new $STAGING_VERSION
$SENTRY_CMD files $STAGING_VERSION upload-sourcemaps --url-prefix $CDN_URL/$STAGING_VERSION/build/scripts/ build/scripts
$SENTRY_CMD finalize $STAGING_VERSION
- name: Deploy to S3
run: scripts/deploy-to-s3.js --bucket ${{ env.S3_BUCKET }} --tag staging --no-cache-entry
release-prod:
if: github.ref_name == 'main'
needs: release-staging
runs-on: ubuntu-latest
environment: production
env:
NOTEBOOK_APP_URL: https://hypothes.is/notebook
PROFILE_APP_URL: https://hypothes.is/user-profile
SIDEBAR_APP_URL: https://hypothes.is/app.html
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.CLIENT_RELEASE_ROLE_ARN }}
aws-region: us-east-1
- name: Checkout
uses: actions/checkout@v4
- name: Cache the node_modules dir
uses: actions/cache@v4
with:
path: node_modules
key: ${{ runner.os }}-node_modules-${{ hashFiles('yarn.lock') }}
- name: Install
run: yarn install --immutable
- name: Determine release version
run: |
git fetch --tags --quiet
PREV_VERSION=$(git tag --list | sort --version-sort --reverse | head -n1 | tail -c +2)
NEW_VERSION=$(node scripts/bump-version.js minor $PREV_VERSION)
echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
- name: Tag new version
run: |
git tag v$NEW_VERSION
git push https://github.com/hypothesis/client.git v$NEW_VERSION
sleep 2 # Wait for GitHub to see new tag
- name: Build app
run: |
yarn version $NEW_VERSION
make clean build
- name: Upload files to Sentry
env:
SENTRY_AUTH_TOKEN: ${{ secrets.sentry_auth_token }}
run: |
SENTRY_CMD="yarn run sentry-cli releases --org hypothesis --project client"
$SENTRY_CMD new $NEW_VERSION
$SENTRY_CMD files $NEW_VERSION upload-sourcemaps --url-prefix $CDN_URL/$NEW_VERSION/build/scripts/ build/scripts
$SENTRY_CMD finalize $NEW_VERSION
- name: Create GitHub release
run: scripts/create-github-release.js v$NEW_VERSION
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
- name: Publish npm package
env:
NPM_TOKEN: ${{ secrets.npm_token }}
run: |
echo 'npmAuthToken: "${{ env.NPM_TOKEN }}"' >> $HOME/.yarnrc.yml
yarn npm publish
scripts/wait-for-npm-release.sh latest
- name: Deploy to S3
run: scripts/deploy-to-s3.js --bucket ${{ env.S3_BUCKET }}
update-extension:
needs: release-prod
runs-on: ubuntu-latest
steps:
- name: Update extension
uses: actions/github-script@v7
with:
github-token: ${{ secrets.cross_repo_workflow_trigger_token }}
script: |
await github.rest.actions.createWorkflowDispatch({
owner: 'hypothesis',
repo: 'browser-extension',
workflow_id: 'update-client.yml',
ref: 'main',
});