-
Notifications
You must be signed in to change notification settings - Fork 708
109 lines (101 loc) · 2.83 KB
/
_reusable-production-release-process.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
# Production Release Process Workflow
#
# This reusable workflow manages the production release process, including
# validation, preparation, and publication steps.
#
# Key Features:
# - Release readiness validation
# - RC approval verification
# - Production deployment
# - Artifact management
# - Release publication
#
# Process Stages:
# 1. Release Validation:
# - RC approval verification
# - Version compatibility check
# - Release readiness assessment
#
# 2. Release Preparation:
# - Artifact collection
# - Production bundle creation
# - Documentation updates
#
# 3. Publication:
# - Production PyPI deployment
# - GitHub release creation
# - Documentation publishing
#
# Required Inputs:
# - version: Release version
# - artifact-name: Name of validated artifact
#
# Required Secrets:
# - pypi-token: Production PyPI token
#
# Example Usage:
# 1. Production Release:
# jobs:
# release:
# uses: ./.github/workflows/_reusable-production-release-process.yaml
# with:
# version: "v1.2.3"
# artifact-name: "dist-123456789"
# secrets:
# pypi-token: ${{ secrets.PYPI_TOKEN }}
#
# Note: Should only be triggered after successful RC process completion
name: Production Release Process
on:
workflow_call:
inputs:
version:
required: true
type: string
artifact-name:
required: true
type: string
secrets:
pypi-token:
required: true
jobs:
validate-release-readiness:
runs-on: ubuntu-latest
steps:
- name: Check for approved RC
run: |
VERSION="${{ inputs.version }}"
ARTIFACTS_JSON=$(curl -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
"$GITHUB_API_URL/repos/$GITHUB_REPOSITORY/actions/artifacts")
RC_APPROVAL=$(echo "$ARTIFACTS_JSON" | jq -r --arg ver "${VERSION%-*}" \
'.artifacts[] | select(.name | startswith("rc-approval-v" + $ver))')
if [ -z "$RC_APPROVAL" ]; then
echo "::error::No approved RC found for version $VERSION"
exit 1
fi
prepare-release:
needs: [validate-release-readiness]
environment:
name: production
runs-on: ubuntu-latest
steps:
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: ${{ inputs.artifact-name }}
path: dist
- name: Upload for production release
uses: actions/upload-artifact@v4
with:
name: production-release-artifacts
path: dist/
retention-days: 1
publish:
needs: [prepare-release]
uses: ./.github/workflows/_reusable-release-publisher.yaml
with:
version: ${{ inputs.version }}
artifact-name: production-release-artifacts
is-prerelease: false
secrets:
pypi-token: ${{ secrets.pypi-token }}