-
Notifications
You must be signed in to change notification settings - Fork 284
175 lines (151 loc) · 6.6 KB
/
release-pr.yml
File metadata and controls
175 lines (151 loc) · 6.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
# Release PR
#
# Creates a PR with an updated CHANGELOG.md for a new release.
# The changelog is generated from conventional commits using git-cliff.
#
# When the PR is merged, tag-on-merge.yml automatically tags the merge commit,
# which triggers release.yml (draft release) and codebuild.yml (build artifacts).
#
# Usage:
# 1. Run this workflow via workflow_dispatch (optionally specify a version)
# 2. Review and merge the resulting PR
# 3. The tag is created automatically — review and publish the draft release
name: Release PR
on:
workflow_dispatch:
inputs:
version:
description: 'Release version (e.g., 0.2.0). Leave empty to auto-determine from conventional commits.'
required: false
type: string
permissions: {}
jobs:
release-pr:
name: Create Release PR
permissions:
contents: write
pull-requests: write
issues: write
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0
- name: Install git-cliff
uses: orhun/git-cliff-action@c93ef52f3d0ddcdcc9bd5447d98d458a11cd4f72 # v4.7.1
with:
config: cliff.toml
args: --version
env:
OUTPUT: /dev/null
- name: Determine version
id: version
env:
INPUT_VERSION: ${{ inputs.version }}
run: |
if [[ -n "$INPUT_VERSION" ]]; then
# Strip leading v if present for validation
VERSION="${INPUT_VERSION#v}"
if [[ ! "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "ERROR: Version '$INPUT_VERSION' is not valid semver (expected: MAJOR.MINOR.PATCH, e.g. 0.2.0)"
exit 1
fi
else
VERSION=$(git-cliff --bumped-version 2>/dev/null || echo "")
if [[ -z "$VERSION" ]]; then
# Fall back to patch bump from latest tag
LATEST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "")
if [[ -n "$LATEST_TAG" ]]; then
LATEST="${LATEST_TAG#v}"
MAJOR="${LATEST%%.*}"
REST="${LATEST#*.}"
MINOR="${REST%%.*}"
PATCH="${REST#*.}"
PATCH=$((PATCH + 1))
VERSION="${MAJOR}.${MINOR}.${PATCH}"
echo "WARNING: No conventional commits detected — falling back to patch bump: $VERSION"
else
echo "::error::No conventional commits and no existing tags — nothing to release"
exit 1
fi
fi
fi
# Strip leading v if present
VERSION="${VERSION#v}"
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "tag=v$VERSION" >> "$GITHUB_OUTPUT"
echo "Determined version: $VERSION (tag: v$VERSION)"
- name: Check tag does not exist
env:
TAG: ${{ steps.version.outputs.tag }}
run: |
if git rev-parse "refs/tags/$TAG" &>/dev/null; then
echo "ERROR: Tag $TAG already exists"
exit 1
fi
- name: Generate changelog
uses: orhun/git-cliff-action@c93ef52f3d0ddcdcc9bd5447d98d458a11cd4f72 # v4.7.1
with:
config: cliff.toml
args: --tag ${{ steps.version.outputs.tag }}
env:
OUTPUT: CHANGELOG.md
GITHUB_REPO: ${{ github.repository }}
- name: Create release PR
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VERSION: ${{ steps.version.outputs.version }}
TAG: ${{ steps.version.outputs.tag }}
run: |
BRANCH="release/$TAG"
# Check if branch already exists (local or remote)
if git ls-remote --exit-code --heads origin "$BRANCH" &>/dev/null; then
echo "::error::Branch '$BRANCH' already exists. A release PR may already be open — close it and delete the branch to re-run."
exit 1
fi
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
echo "$VERSION" > aidlc-rules/VERSION
git add CHANGELOG.md aidlc-rules/VERSION
if git diff --cached --quiet CHANGELOG.md; then
echo "::error::No releasable commits since last tag – CHANGELOG.md is already up to date. Push new conventional commits or adjust the requested version before rerunning this workflow."
exit 1
fi
git checkout -b "$BRANCH"
git commit -m "docs: update changelog for $TAG"
git push origin "$BRANCH"
label_args=()
for LABEL in "release" "rules"; do
if gh label list --search "$LABEL" --json name --jq '.[].name' | grep -qx "$LABEL"; then
label_args+=("--label" "$LABEL")
fi
done
# Draft PR because the github-actions[bot] does not trigger a pull_request_target workflow
gh pr create \
--title "docs: update changelog for $TAG" \
--draft \
--body "$(cat <<EOF
# Release $TAG
> [!WARNING]
> All other pull requests are blocked until merged or closed
This pull request is for the $TAG release.
## Checklist (in order)
1. [ ] Mark the pull request "Ready for review" and label with "codebuild" to trigger required workflows
2. [ ] Inspect the CHANGELOG.md and "Approve" or "Reject" the pending [CodeBuild](https://github.com/awslabs/aidlc-workflows/actions/workflows/codebuild.yml) GitHub Action
3. [ ] Evaluate the artifacts
4. [ ] Review the pull request (if approved set the "Merge when ready")
## Post Merge
* [ ] Verify $TAG tag
* [ ] Approve "Approve" or "Reject" the pending [CodeBuild](https://github.com/awslabs/aidlc-workflows/actions/workflows/codebuild.yml) GitHub Action
* [ ] Review the drafted release artifacts for completion
* [ ] Publish the release
> [!CAUTION]
> Simply closing this will block a subsequent $TAG release, so delete the branch or reopen the pull request if necessary
**When merged**, the merge commit will be automatically tagged as \`$TAG\`, which triggers:
- \`release.yml\` — creates a draft GitHub Release with the rules zip
- \`codebuild.yml\` — runs CodeBuild and attaches build artifacts to the draft
After both workflows complete, review and publish the draft release.
EOF
)" \
"${label_args[@]}"