Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(NODE-6243): move Node release tooling to drivers-github-tools #4159

Merged
merged 13 commits into from
Jun 27, 2024
Merged

chore(NODE-6243): move Node release tooling to drivers-github-tools #4159

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
1325f57
use shared actions
baileympearson Jun 24, 2024
e0d2165
use generated release action
baileympearson Jun 24, 2024
5cbc5b3
fix pub report integration
baileympearson Jun 24, 2024
c156562
add evergreen patch info
baileympearson Jun 24, 2024
e14bfd3
upload package info
baileympearson Jun 24, 2024
03585ef
incorporate changes
baileympearson Jun 25, 2024
8111790
replace usages of setup
baileympearson Jun 25, 2024
883e3d8
use latest template for testing
baileympearson Jun 26, 2024
fe0a98e
add empty build step
baileympearson Jun 26, 2024
22d6dc4
use env
baileympearson Jun 26, 2024
9c44272
use shared actions
baileympearson Jun 27, 2024
b847143
correct tag
baileympearson Jun 27, 2024
566dc6b
fix name
baileympearson Jun 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 0 additions & 59 deletions .github/actions/compress_sign_and_upload/action.yml
View file
Open in desktop

This file was deleted.

15 changes: 0 additions & 15 deletions .github/actions/setup/action.yml
View file
Open in desktop

This file was deleted.

16 changes: 16 additions & 0 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
on:
workflow_call: {}

name: Build

permissions:
contents: write
pull-requests: write
id-token: write

jobs:
build:
runs-on: ubuntu-latest
steps:
- run: echo "nothing to do."
shell: bash
4 changes: 2 additions & 2 deletions .github/workflows/build_docs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,8 @@ jobs:

steps:
- uses: actions/checkout@v4
- name: actions/setup
uses: ./.github/actions/setup
- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2
- run: sudo apt-get install hugo
- name: Build Docs
run: npm run build:docs -- --yes
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/dependencies.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: actions/setup
uses: ./.github/actions/setup
- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2
- run: npm run check:dependencies
65 changes: 44 additions & 21 deletions .github/workflows/release-5.x.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,13 @@ jobs:
with:
target-branch: 5.x

ssdlc:
build:
needs: [release_please]
name: "Perform any build or bundling steps, as necessary."
uses: ./.github/workflows/build.yml

ssdlc:
needs: [release_please, build]
permissions:
# required for all workflows
security-events: write
Expand All @@ -32,51 +37,69 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: actions/setup
uses: ./.github/actions/setup
- name: Get release version and release package file name
id: get_vars
shell: bash
run: |
package_version=$(jq --raw-output '.version' package.json)
echo "package_version=${package_version}" >> "$GITHUB_OUTPUT"
echo "package_file=mongodb-${package_version}.tgz" >> "$GITHUB_OUTPUT"

- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2
with:
ignore_install_scripts: false

- name: Load version and package info
uses: mongodb-labs/drivers-github-tools/node/get_version_info@v2
with:
npm_package_name: mongodb

- name: actions/compress_sign_and_upload
uses: ./.github/actions/compress_sign_and_upload
uses: mongodb-labs/drivers-github-tools/node/sign_node_package@v2
with:
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
aws_region_name: 'us-east-1'
aws_region_name: us-east-1
aws_secret_id: ${{ secrets.AWS_SECRET_ID }}
npm_package_name: 'mongodb'
npm_package_name: mongodb
dry_run: ${{ needs.release_please.outputs.release_created == '' }}

- name: Copy sbom file to release assets
shell: bash
if: ${{ '' == '' }}
run: cp sbom.json ${{ env.S3_ASSETS }}/sbom.json

# only used for mongodb-client-encryption
- name: Augment SBOM and copy to release assets
if: ${{ '' != '' }}
uses: mongodb-labs/drivers-github-tools/sbom@v2
with:
silk_asset_group: ''
sbom_file_name: sbom.json

- name: Generate authorized pub report
uses: mongodb-labs/drivers-github-tools/full-report@v2
with:
release_version: ${{ steps.get_version.outputs.package_version }}
release_version: ${{ env.package_version }}
product_name: mongodb
sarif_report_target_ref: 5.x
third_party_dependency_tool: n/a
# <package> and <package>.sig
dist_filenames: ${{ steps.get_vars.outputs.package_file }}*
token: ${{ github.token }}
dist_filenames: artifacts/*
token: ${{ github.token }}
sbom_file_name: sbom.json
evergreen_project: mongo-node-driver-next
evergreen_commit: ${{ env.commit }}

- uses: mongodb-labs/drivers-github-tools/upload-s3-assets@v2
with:
version: ${{ env.package_version }}
product_name: mongodb
dry_run: ${{ needs.release_please.outputs.release_created == '' }}

publish:
needs: [release_please, ssdlc]
needs: [release_please, ssdlc, build]
environment: release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: actions/setup
uses: ./.github/actions/setup

- run: npm publish --provenance --tag=5.x
- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2

- run: npm publish --provenance --tag=5x
if: ${{ needs.release_please.outputs.release_created }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
4 changes: 2 additions & 2 deletions .github/workflows/release-alpha.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@ jobs:
exit 1
fi
- uses: actions/checkout@v4
- name: actions/setup
uses: ./.github/actions/setup
- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2
- run: npm version "${{ inputs.alphaVersion }}" --git-tag-version=false
- run: npm publish --provenance --tag=alpha
env:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/release-nightly.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: actions/setup
uses: ./.github/actions/setup
- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2
- id: build_nightly
run: npm run build:nightly
- if: ${{ steps.build_nightly.outputs.publish == 'yes' }}
Expand Down
67 changes: 43 additions & 24 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ permissions:
pull-requests: write
id-token: write

name: release
name: release-latest

jobs:
release_please:
Expand All @@ -18,9 +18,16 @@ jobs:
steps:
- id: release
uses: googleapis/release-please-action@v4
with:
target-branch: main

ssdlc:
build:
needs: [release_please]
name: "Perform any build or bundling steps, as necessary."
uses: ./.github/workflows/build.yml

ssdlc:
needs: [release_please, build]
permissions:
# required for all workflows
security-events: write
Expand All @@ -30,55 +37,67 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: actions/setup
uses: ./.github/actions/setup
- name: Get release version and release package file name
id: get_vars
shell: bash
run: |
package_version=$(jq --raw-output '.version' package.json)
echo "package_version=${package_version}" >> "$GITHUB_OUTPUT"
echo "package_file=mongodb-${package_version}.tgz" >> "$GITHUB_OUTPUT"

- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2
with:
ignore_install_scripts: false

- name: Load version and package info
uses: mongodb-labs/drivers-github-tools/node/get_version_info@v2
with:
npm_package_name: mongodb

- name: actions/compress_sign_and_upload
uses: ./.github/actions/compress_sign_and_upload
uses: mongodb-labs/drivers-github-tools/node/sign_node_package@v2
with:
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
aws_region_name: 'us-east-1'
aws_region_name: us-east-1
aws_secret_id: ${{ secrets.AWS_SECRET_ID }}
npm_package_name: 'mongodb'
npm_package_name: mongodb
dry_run: ${{ needs.release_please.outputs.release_created == '' }}

- name: Copy sbom file to release assets
shell: bash
if: ${{ '' == '' }}
run: cp sbom.json ${{ env.S3_ASSETS }}/sbom.json

# only used for mongodb-client-encryption
- name: Augment SBOM and copy to release assets
if: ${{ '' != '' }}
uses: mongodb-labs/drivers-github-tools/sbom@v2
with:
silk_asset_group: ''
sbom_file_name: sbom.json

- name: Generate authorized pub report
uses: mongodb-labs/drivers-github-tools/full-report@v2
with:
release_version: ${{ steps.get_version.outputs.package_version }}
release_version: ${{ env.package_version }}
product_name: mongodb
sarif_report_target_ref: main
third_party_dependency_tool: n/a
# <package> and <package>.sig
dist_filenames: ${{ steps.get_vars.outputs.package_file }}*
token: ${{ github.token }}
dist_filenames: artifacts/*
token: ${{ github.token }}
sbom_file_name: sbom.json
evergreen_project: mongo-node-driver-next
evergreen_commit: ${{ env.commit }}

- uses: mongodb-labs/drivers-github-tools/upload-s3-assets@v2
with:
version: ${{ inputs.version }}
product_name: ${{ inputs.product_name }}
dry_run: ${{ needs.release_please.outputs.release_created == '' }}
version: ${{ env.package_version }}
product_name: mongodb
dry_run: ${{ needs.release_please.outputs.release_created == '' }}

publish:
needs: [release_please, ssdlc]
needs: [release_please, ssdlc, build]
environment: release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: actions/setup
uses: ./.github/actions/setup

- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2

- run: npm publish --provenance --tag=latest
if: ${{ needs.release_please.outputs.release_created }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/release_notes.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ jobs:


# Setup Node.js and npm install
- name: actions/setup
uses: ./.github/actions/setup
- name: Install Node and dependencies
uses: mongodb-labs/drivers-github-tools/node/setup@v2

# See: https://github.com/googleapis/release-please/issues/1274

Expand Down