Skip to content

Simplify create-release-branch workflow #9954

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Nov 13, 2025
Merged

Simplify create-release-branch workflow #9954

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5dfb7d3
Simplify create-release-branch workflow
sarahchen6 Nov 13, 2025
a5e41d8
Checkout release branch at tag
sarahchen6 Nov 13, 2025
a08227c
Update name
sarahchen6 Nov 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 0 additions & 12 deletions .github/chainguard/self.update-system-tests.create-pr.sts.yaml
View file
Open in desktop

This file was deleted.

92 changes: 20 additions & 72 deletions .github/workflows/create-release-branch.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Create Release Branch and Pin System-Tests
name: Create Release Branch

on:
push:
Expand All @@ -15,24 +15,8 @@ jobs:
create-release-branch:
runs-on: ubuntu-latest
permissions:
contents: write # Allow pushing the empty release branch
id-token: write # Required for OIDC token federation
contents: write # Allow pushing the release branch
steps:
- uses: DataDog/dd-octo-sts-action@acaa02eee7e3bb0839e4272dacb37b8f3b58ba80 # v1.0.3
id: octo-sts
with:
scope: DataDog/dd-trace-java
policy: self.update-system-tests.create-pr

- name: Checkout dd-trace-java master branch
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # 5.0.0
with:
ref: master

- name: Get head SHA of master branch
id: get-head-sha
run: echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT

- name: Determine tag
id: determine-tag
run: |
Expand All @@ -53,61 +37,25 @@ jobs:
TAG=${{ steps.determine-tag.outputs.tag }}
echo "branch=release/${TAG%.0}.x" >> "$GITHUB_OUTPUT"

# - name: Check if branch already exists
# id: check-branch
# run: |
# BRANCH=${{ steps.define-branch.outputs.branch }}
# if git ls-remote --heads origin "$BRANCH" | grep -q "$BRANCH"; then
# echo "creating_new_branch=false" >> "$GITHUB_OUTPUT"
# echo "Branch $BRANCH already exists - skipping following steps"
# else
# echo "creating_new_branch=true" >> "$GITHUB_OUTPUT"
# echo "Branch $BRANCH does not exist - proceeding with following steps"
# fi

# - name: Create and push empty release branch
# if: steps.check-branch.outputs.creating_new_branch == 'true'
# run: |
# git checkout -b "${{ steps.define-branch.outputs.branch }}"
# git push -u origin "${{ steps.define-branch.outputs.branch }}"

- name: Update system-tests references to latest commit SHA on main
# if: steps.check-branch.outputs.creating_new_branch == 'true'
run: BRANCH=main ./tooling/update_system_test_reference.sh

- name: Define temp branch name
# if: steps.check-branch.outputs.creating_new_branch == 'true'
id: define-temp-branch
run: echo "temp-branch=ci/pin-system-tests-$(date +'%Y%m%d')" >> $GITHUB_OUTPUT
- name: Checkout dd-trace-java at tag
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # 5.0.0
with:
ref: ${{ steps.determine-tag.outputs.tag }}

- name: Commit changes
# if: steps.check-branch.outputs.creating_new_branch == 'true'
id: create-commit
- name: Check if branch already exists
id: check-branch
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git commit -m "chore: Pin system-tests for release branch" .github/workflows/run-system-tests.yaml
echo "commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT

- name: Push changes to temp branch
# if: steps.check-branch.outputs.creating_new_branch == 'true'
uses: DataDog/commit-headless@5a0f3876e0fbdd3a86b3e008acf4ec562db59eee # action/v2.0.1
with:
token: "${{ steps.octo-sts.outputs.token }}"
branch: "${{ steps.define-temp-branch.outputs.temp-branch }}"
head-sha: "${{ steps.get-head-sha.outputs.sha }}"
create-branch: true
command: push
commits: "${{ steps.create-commit.outputs.commit }}"
BRANCH=${{ steps.define-branch.outputs.branch }}
if git ls-remote --heads origin "$BRANCH" | grep -q "$BRANCH"; then
echo "creating_new_branch=false" >> "$GITHUB_OUTPUT"
echo "Branch $BRANCH already exists - skipping creation"
else
echo "creating_new_branch=true" >> "$GITHUB_OUTPUT"
echo "Branch $BRANCH does not exist - creating it now"
fi

- name: Create pull request from temp branch to release branch
# if: steps.check-branch.outputs.creating_new_branch == 'true'
env:
GH_TOKEN: ${{ steps.octo-sts.outputs.token }}
- name: Create and push release branch
if: steps.check-branch.outputs.creating_new_branch == 'true'
run: |
gh pr create --title "Pin system-tests for ${{ steps.define-branch.outputs.branch }}" \
--base "${{ steps.define-branch.outputs.branch }}" \
--head "${{ steps.define-temp-branch.outputs.temp-branch }}" \
--label "tag: dependencies" \
--label "tag: no release notes" \
--body "This PR pins the system-tests reference for the release branch."
git checkout -b "${{ steps.define-branch.outputs.branch }}"
git push -u origin "${{ steps.define-branch.outputs.branch }}"