ci(release): automate release steps for the minor (#12233) (#12367)

* ci(release): automate release steps * refactor a bit * report non supported versions * rename make goals and add some docs * cosmetic changes in the slack messages * support slack threads * fix * chore * chore * refactor: patch * refactor: minor * fix * use slack channel env * use output slack-thread * avoid concurrency * support full checkout and validaitons * notify what's the error if any failure * fix * chore * initial * exclude * chore * enable mergify and yq * update mergify if required * Revert "update mergify if required" This reverts commit 299e6d8. * update mergify if required * use RELEASE_BRANCH add create make goal * fix * support prs * run only if things were created correctly * fix * force branch * refactor * refactor * github warn * enable * set makefile and use variable * fix * fix * create head * update changelog * replace compare * modify * partial * fix * fix * refactor * docs * test * action: grant permissions * notify if failrues * use base branch * fix hardcoded value * remove leaving directory * cannot user github bot to create PRs * chore * enable * chore * fix * production * use release version * support for #12251 --------- Co-authored-by: Silvia Mitter <silvia.mitter@elastic.co> Co-authored-by: Carson Ip <carsonip@users.noreply.github.com> (cherry picked from commit 7f98e30) # Conflicts: # .github/workflows/run-minor-release.yml # .github/workflows/run-patch-release.yml Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
elastic · Jan 9, 2024 · 3e0d0cc · 3e0d0cc
1 parent ab02a1e
commit 3e0d0cc
Show file tree

Hide file tree

Showing 6 changed files with 540 additions and 4 deletions.
diff --git a/.github/workflows/prepare-release/action.yml b/.github/workflows/prepare-release/action.yml
@@ -0,0 +1,109 @@
+---
+name: prepare-release
+description: Common tasks for preparing minor and patch releases
+
+inputs:
+  type:
+    description: 'Release type (minor or patch)'
+    required: true
+  version:
+    description: 'The version'
+    required: true
+  vault-url:
+    description: 'Vault URL'
+    required: true
+  vault-role-id:
+    description: 'Vault role ID'
+    required: true
+  vault-secret-id:
+    description: 'Vault secret ID'
+    required: true
+
+outputs:
+  release-branch:
+    description: "Release branch (relevant for minor releases)"
+    value: ${{ steps.generate.outputs.release-branch }}
+  release-version:
+    description: "Release version"
+    value: ${{ steps.generate.outputs.release-version }}
+  slack-thread:
+    description: "Slack thread id"
+    value: ${{ steps.slack-thread.outputs.threadTimestamp }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Send slack message when started
+      id: slack-thread
+      uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+      with:
+        url: ${{ inputs.vault-url }}
+        roleId: ${{ inputs.vault-role-id }}
+        secretId: ${{ inputs.vault-secret-id }}
+        channel: ${{ env.SLACK_CHANNEL }}
+        message: ":wave: This is the thread for the ${{ inputs.type }} release `${{ github.repository }}@${{ env.VERSION }}`. (<${{ env.JOB_URL }}|workflow run>)"
+      env:
+        VERSION: ${{ inputs.version }}
+        JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+    - id: generate
+      run: |-
+        echo "release-branch=${VERSION%.*}" >> "${GITHUB_OUTPUT}"
+        echo "release-version=${VERSION}" >> "${GITHUB_OUTPUT}"
+      env:
+        VERSION: ${{ inputs.version }}
+      shell: 'bash'
+
+    - name: validate version format (minor only)
+      if: ${{ inputs.type == 'minor' && ! endsWith(inputs.version, '0') }}
+      run: |-
+        FAILURE_MESSAGE='version is not a minor one but a patch (only support for <major>.<minor>.0)'
+        echo "FAILURE_MESSAGE=${FAILURE_MESSAGE}" >> "$GITHUB_ENV"
+        echo "::error::${FAILURE_MESSAGE}" ; exit 1
+      shell: 'bash'
+
+    - name: validate version format (patch only)
+      if: ${{ inputs.type == 'patch' && endsWith(inputs.version, '0') }}
+      run: |-
+        FAILURE_MESSAGE='version is not a patch one but a minor (only support for <major>.<minor>.[1-9]+[0-9]*)'
+        echo "FAILURE_MESSAGE=${FAILURE_MESSAGE}" >> "$GITHUB_ENV"
+        echo "::error::${FAILURE_MESSAGE}" ; exit 1
+      shell: 'bash'
+
+    - name: validate if branch already exists (minor only)
+      if: ${{ inputs.type == 'minor' }}
+      run: |-
+        if git ls-remote --exit-code --heads https://github.com/${{ github.repository }}.git "$BRANCH" > /dev/null ; then
+          FAILURE_MESSAGE='Branch already exists. This is not a minor release.'
+          echo "FAILURE_MESSAGE=${FAILURE_MESSAGE}" >> "$GITHUB_ENV"
+          echo "::error::${FAILURE_MESSAGE}" ; exit 1
+        fi
+      shell: 'bash'
+      env:
+        BRANCH: ${{ steps.generate.outputs.release-branch }}
+
+    - name: validate if tag already exists
+      run: |-
+        if git ls-remote --exit-code https://github.com/${{ github.repository }}.git "$TAG" > /dev/null ; then
+          FAILURE_MESSAGE='Tag already exists.'
+          echo "FAILURE_MESSAGE=${FAILURE_MESSAGE}" >> "$GITHUB_ENV"
+          echo "::error::${FAILURE_MESSAGE}" ; exit 1
+        fi
+      shell: 'bash'
+      env:
+        TAG: 'refs/tags/v${{ steps.generate.outputs.release-version }}'
+
+    - uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+      if: failure()
+      with:
+        url: ${{ inputs.vault-url }}
+        roleId: ${{ inputs.vault-role-id }}
+        secretId: ${{ inputs.vault-secret-id }}
+        channel: ${{ env.SLACK_CHANNEL }}
+        threadTimestamp: ${{ steps.slack-thread.outputs.threadTimestamp || '' }}
+        message: |-
+          :fire: Something went wrong with the ${{ inputs.type }} release preparation. It failed with the below error message:
+          `${{ env.FAILURE_MESSAGE }}`.
+          See <${{ env.JOB_URL }}|logs>.
+      env:
+        JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
diff --git a/.github/workflows/run-minor-release.yml b/.github/workflows/run-minor-release.yml
@@ -5,18 +5,105 @@ on:
   workflow_dispatch:
     inputs:
       version:
-        description: 'The version (semver format: major.minor.patch)'
+        description: 'The version (semver format: major.minor.0)'
         required: true
         type: string
 
+# Avoid concurrency so we can watch the releases correctly
+concurrency:
+  group: ${{ github.workflow }}
+
 permissions:
   contents: read
 
 env:
-  SLACK_CHANNEL: "#apm-server-test-release"
-
+  JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+  SLACK_CHANNEL: "#apm-server"
+
 jobs:
+  prepare:
+    runs-on: ubuntu-latest
+    outputs:
+      release-branch: ${{ steps.prepare.outputs.release-branch }}
+      release-version: ${{ steps.prepare.outputs.release-version }}
+      slack-thread: ${{ steps.prepare.outputs.slack-thread }}
+    steps:
+      - uses: actions/checkout@v4
+      - id: prepare
+        uses: ./.github/workflows/prepare-release
+        with:
+          vault-url: ${{ secrets.VAULT_ADDR }}
+          vault-role-id: ${{ secrets.VAULT_ROLE_ID }}
+          vault-secret-id: ${{ secrets.VAULT_SECRET_ID }}
+          version: ${{ inputs.version }}
+          type: 'minor'
+
   run-minor:
     runs-on: ubuntu-latest
+    needs: [ prepare ]
+    env:
+      RELEASE_BRANCH: ${{ needs.prepare.outputs.release-branch }}
+      RELEASE_VERSION: ${{ needs.prepare.outputs.release-version }}
+    permissions:
+      contents: write
     steps:
+
+      - uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+        with:
+          url: ${{ secrets.VAULT_ADDR }}
+          roleId: ${{ secrets.VAULT_ROLE_ID }}
+          secretId: ${{ secrets.VAULT_SECRET_ID }}
+          channel: ${{ env.SLACK_CHANNEL }}
+          threadTimestamp: ${{ needs.prepare.outputs.slack-thread || '' }}
+          message: |-
+            Feature freeze for `${{ github.repository }}@${{ env.RELEASE_VERSION }}` just started.
+            The `${{ github.repository }}@${{ env.RELEASE_BRANCH }}` branch will be created Today.
+
       - uses: actions/checkout@v4
+        with:
+          # 0 indicates all history for all branches and tags.
+          fetch-depth: 0
+
+      # Required to use a service account, otherwise PRs created by
+      # GitHub bot won't trigger any CI builds.
+      # See https://github.com/peter-evans/create-pull-request/issues/48#issuecomment-537478081
+      - name: Configure github token
+        uses: elastic/apm-pipeline-library/.github/actions/github-token@current
+        with:
+          url: ${{ secrets.VAULT_ADDR }}
+          roleId: ${{ secrets.VAULT_ROLE_ID }}
+          secretId: ${{ secrets.VAULT_SECRET_ID }}
+
+      - name: Configure git user
+        uses: elastic/apm-pipeline-library/.github/actions/setup-git@current
+        with:
+          username: ${{ env.GIT_USER }}
+          email: ${{ env.GIT_EMAIL }}
+          token: ${{ env.GITHUB_TOKEN }}
+
+      - run: make minor-release
+        env:
+          GH_TOKEN: ${{ env.GITHUB_TOKEN }}
+
+      - uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+        if: success()
+        with:
+          url: ${{ secrets.VAULT_ADDR }}
+          roleId: ${{ secrets.VAULT_ROLE_ID }}
+          secretId: ${{ secrets.VAULT_SECRET_ID }}
+          channel: ${{ env.SLACK_CHANNEL }}
+          threadTimestamp: ${{ needs.prepare.outputs.slack-thread || '' }}
+          message: |-
+            `${{ github.repository }}@${{ env.RELEASE_BRANCH }}` is now available.
+            The docs and other references are updated. You can start using it.
+
+      - uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+        if: failure()
+        with:
+          url: ${{ secrets.VAULT_ADDR }}
+          roleId: ${{ secrets.VAULT_ROLE_ID }}
+          secretId: ${{ secrets.VAULT_SECRET_ID }}
+          channel: ${{ env.SLACK_CHANNEL }}
+          threadTimestamp: ${{ needs.prepare.outputs.slack-thread || '' }}
+          message: |-
+            :fire: Something went wrong with the release. See <${{ env.JOB_URL }}|logs>.
diff --git a/.github/workflows/run-patch-release.yml b/.github/workflows/run-patch-release.yml
@@ -9,14 +9,55 @@ on:
         required: true
         type: string
 
+# Avoid concurrency so we can watch the releases correctly
+concurrency:
+  group: ${{ github.workflow }}
+
 permissions:
   contents: read
 
 env:
-  SLACK_CHANNEL: "#apm-server-test-release"
+  JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+  SLACK_CHANNEL: "#apm-server"
 
 jobs:
+  prepare:
+    runs-on: ubuntu-latest
+    outputs:
+      release-version: ${{ steps.prepare.outputs.release-version }}
+      slack-thread: ${{ steps.prepare.outputs.slack-thread }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - id: prepare
+        uses: ./.github/workflows/prepare-release
+        with:
+          vault-url: ${{ secrets.VAULT_ADDR }}
+          vault-role-id: ${{ secrets.VAULT_ROLE_ID }}
+          vault-secret-id: ${{ secrets.VAULT_SECRET_ID }}
+          version: ${{ inputs.version }}
+          type: 'patch'
+
   run-patch:
     runs-on: ubuntu-latest
+    needs: [ prepare ]
+    env:
+      RELEASE_VERSION: ${{ needs.prepare.outputs.release-version }}
     steps:
       - uses: actions/checkout@v4
+        with:
+          # 0 indicates all history for all branches and tags.
+          fetch-depth: 0
+
+      - run: make patch-release
+
+      - uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
+        with:
+          url: ${{ secrets.VAULT_ADDR }}
+          roleId: ${{ secrets.VAULT_ROLE_ID }}
+          secretId: ${{ secrets.VAULT_SECRET_ID }}
+          channel: ${{ env.SLACK_CHANNEL }}
+          threadTimestamp: ${{ needs.prepare.outputs.slack-thread || '' }}
+          message: |-
+            Feature freeze for `${{ github.repository }}@${{ env.RELEASE_VERSION }}` is Today.
+            All the relevant PRs and issues have been created.
diff --git a/.gitignore b/.gitignore
@@ -50,3 +50,4 @@ testing/smoke/**/main.tf
 !testing/smoke/supported-os/main.tf
 !testing/smoke/managed/main.tf
 testing/rally-cloud/build
+.bck
diff --git a/Makefile b/Makefile
@@ -4,6 +4,7 @@
 
 include go.mk
 include packaging.mk
+include release.mk
 
 # By default we run tests with verbose output. This may be overridden, e.g.
 # scripts may set GOTESTFLAGS=-json to format test output for processing.