-
Notifications
You must be signed in to change notification settings - Fork 421
128 lines (121 loc) · 4.79 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
name: Publish to PyPi
# RELEASE PROCESS
#
# === Manual activities ===
#
# 1. Document human readable changes in CHANGELOG (pre-generate unreleased changes with `make changelog`)
# 2. Bump package version using poetry version <major|minor|patch|specific version>
# 3. Merge version changes to develop branch
# 4. Edit the current draft release notes
# 5. If not already set, use `v<new version>` as a tag, and select develop as target branch
#
# === Automated activities ===
#
# 1. Extract release notes tag that was published
# 2. Ensure release notes tag match what's in CHANGELOG and pyproject
# 3. Run tests, linting, security and complexity base line
# 4. Publish package to PyPi test repository
# 5. Publish package to PyPi prod repository
# 6. Kick off Lambda Layer pipeline to publish latest version with minimal dependencies as a SAR App
# 7. Kick off Lambda Layer pipeline to publish latest version with extra dependencies as a SAR App
# 8. Builds a fresh version of docs including Changelog updates
# 9. Push latest release source code to master using release title as the commit message
# 10. Builds latest documentation for new release, and update latest alias pointing to the new release tag
# 11. Close and notify all issues labeled "status/staged-next-release" about the release details
#
# === Fallback mechanism due to external failures ===
#
# 1. Trigger "Publish to PyPi" workflow manually: https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow
# 2. Use the version released under Releases e.g. v1.13.0
#
#
# === Documentation hotfix ===
#
# Look for rebuild latest docs workflow
on:
release:
types: [published]
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v3
with:
python-version: "3.8"
- name: Set release notes tag
run: |
RELEASE_TAG_VERSION=${{ github.event.release.tag_name }}
echo "RELEASE_TAG_VERSION=${RELEASE_TAG_VERSION:1}" >> $GITHUB_ENV
- name: Ensure new version is also set in pyproject and CHANGELOG
run: |
grep --regexp "${RELEASE_TAG_VERSION}" CHANGELOG.md
grep --regexp "version \= \"${RELEASE_TAG_VERSION}\"" pyproject.toml
- name: Install dependencies
run: make dev
- name: Run all tests, linting and baselines
run: make pr
- name: Build python package and wheel
run: poetry build
- name: Upload to PyPi test
run: make release-test
env:
PYPI_USERNAME: __token__
PYPI_TEST_TOKEN: ${{ secrets.PYPI_TEST_TOKEN }}
- name: Upload to PyPi prod
run: make release-prod
env:
PYPI_USERNAME: __token__
PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}
- name: publish lambda layer in SAR by triggering the internal codepipeline
run: |
aws ssm put-parameter --name "powertools-python-release-version" --value $RELEASE_TAG_VERSION --overwrite
aws codepipeline start-pipeline-execution --name ${{ secrets.CODEPIPELINE_NAME }}
env:
# Maintenance: Migrate to new OAuth mechanism
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: eu-west-1
AWS_DEFAULT_OUTPUT: json
- name: Setup doc deploy
run: |
git config --global user.name Docs deploy
git config --global user.email [email protected]
- name: Build docs website and API reference
run: |
make release-docs VERSION=${RELEASE_TAG_VERSION} ALIAS="latest"
poetry run mike set-default --push latest
- name: Release API docs to release version
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./api
keep_files: true
destination_dir: ${{ env.RELEASE_TAG_VERSION }}/api
- name: Release API docs to latest
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./api
keep_files: true
destination_dir: latest/api
- name: Close issues related to this release
uses: actions/github-script@v6
with:
script: |
const post_release = require('.github/workflows/post_release.js')
await post_release({github, context, core})
sync_master:
needs: release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Sync master from detached head
# If version matches CHANGELOG and pyproject.toml
# If it passes all checks, successfully releases to test and prod
# Then sync up master with latest source code release
# where commit message will be Release notes title
run: git push origin HEAD:refs/heads/master --force