From 39069f89e472cde16ea2c9486978ef2dca1bd5e7 Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 08:45:34 -0600 Subject: [PATCH 01/10] ci: adjusted the pipeline for release to essentially only release if the approver condition is met. Removed the action way of doing approvers for github enterprise way of doing approvers. --- .github/workflows/publish-release.yml | 26 +++++--------------------- 1 file changed, 5 insertions(+), 21 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index f414c0003d..77600cd8e5 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -353,9 +353,10 @@ jobs: run: | make start-upgrade-test - approval: - runs-on: ubuntu-latest - timeout-minutes: 10 + + publish-release: + runs-on: buildjet-4vcpu-ubuntu-2004 + timeout-minutes: 60 needs: - gosec - gosec-cosmos @@ -366,24 +367,7 @@ jobs: - build-test - e2e-admin-tests - e2e-upgrade-test - steps: - - - uses: trstringer/manual-approval@v1 - with: - secret: ${{ github.TOKEN }} - approvers: kingpinXD,lumtis,brewmaster012,CharlieMc0 - minimum-approvals: 1 - issue-title: "[Release] Approval, version: ${{ github.event.inputs.version }}" - issue-body: "Once approved the release pipeline will continue." - exclude-workflow-initiator-as-approver: true - additional-approved-words: '' - additional-denied-words: '' - publish-release: - runs-on: buildjet-4vcpu-ubuntu-2004 - timeout-minutes: 60 - needs: - - approval - + environment: release steps: - uses: actions/checkout@v3 From 85aafc9b2ac787c820b6706252277031b1869bd1 Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 08:51:39 -0600 Subject: [PATCH 02/10] updated --- .github/workflows/publish-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 77600cd8e5..74e795bb32 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -353,8 +353,8 @@ jobs: run: | make start-upgrade-test - publish-release: + if: (github.ref_name =~ /^release\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/ || github.ref_name =~ /^hotfix\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/) }} runs-on: buildjet-4vcpu-ubuntu-2004 timeout-minutes: 60 needs: From 7c9669985eef4f63bb036c339b4bb99938760a8c Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 08:58:42 -0600 Subject: [PATCH 03/10] updated --- .github/workflows/publish-release.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 74e795bb32..a49b1c2f1e 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -12,12 +12,18 @@ on: required: false default: false description: 'Use this to skip: gosec, gosec-cosmos, check-changelog, check-upgrade-uandler-updated, build-test, smoke-test and go straight to approval step.' + run_just_checks: + type: boolean + required: false + default: false + description: 'If this is true it will simply execute all the steps for a release prior to actually cutting the release, then stop' concurrency: group: publish-release cancel-in-progress: false jobs: + if: (github.ref_name =~ /^release\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/ || github.ref_name =~ /^hotfix\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/) }} gosec: runs-on: ubuntu-latest env: @@ -354,7 +360,7 @@ jobs: make start-upgrade-test publish-release: - if: (github.ref_name =~ /^release\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/ || github.ref_name =~ /^hotfix\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/) }} + if: ${{ github.event.inputs.run_just_checks == 'false' }} runs-on: buildjet-4vcpu-ubuntu-2004 timeout-minutes: 60 needs: From a7a953cb42ddf87fb9802e2057f0a1f7588b9255 Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 08:59:37 -0600 Subject: [PATCH 04/10] updated --- .github/workflows/publish-release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index a49b1c2f1e..6ba05b880a 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -23,8 +23,8 @@ concurrency: cancel-in-progress: false jobs: - if: (github.ref_name =~ /^release\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/ || github.ref_name =~ /^hotfix\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/) }} gosec: + if: (github.ref_name =~ /^release\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/ || github.ref_name =~ /^hotfix\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/) }} runs-on: ubuntu-latest env: GO111MODULE: on @@ -54,6 +54,7 @@ jobs: gosec-cosmos: + if: (github.ref_name =~ /^release\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/ || github.ref_name =~ /^hotfix\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/) }} runs-on: ubuntu-latest env: GO111MODULE: on From d7666b7d2b4eea679842c35e34ac5cf214ba6857 Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 09:03:13 -0600 Subject: [PATCH 05/10] updated --- .github/workflows/publish-release.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 6ba05b880a..2f1570a8d7 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -24,7 +24,7 @@ concurrency: jobs: gosec: - if: (github.ref_name =~ /^release\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/ || github.ref_name =~ /^hotfix\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/) }} + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: ubuntu-latest env: GO111MODULE: on @@ -52,9 +52,8 @@ jobs: run: | echo "Check Skipped, Mark Green for Pipeline Execution" - gosec-cosmos: - if: (github.ref_name =~ /^release\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/ || github.ref_name =~ /^hotfix\/v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}$/) }} + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: ubuntu-latest env: GO111MODULE: on From 6f07348d03b681a1927d9d9016a308148ed0cd69 Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 09:05:42 -0600 Subject: [PATCH 06/10] updated --- .github/workflows/publish-release.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 2f1570a8d7..0be6ee4af4 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -80,6 +80,7 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" lint: + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: ubuntu-latest timeout-minutes: 15 env: @@ -111,6 +112,7 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" check-changelog: + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: ubuntu-latest steps: @@ -151,6 +153,7 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" check-upgrade-handler-updated: + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: ubuntu-latest timeout-minutes: 10 steps: @@ -180,6 +183,7 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" build-test: + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: buildjet-4vcpu-ubuntu-2004 timeout-minutes: 15 concurrency: @@ -254,6 +258,7 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" smoke-test: + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: buildjet-4vcpu-ubuntu-2204 timeout-minutes: 25 steps: @@ -332,6 +337,7 @@ jobs: e2e-admin-tests: + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: buildjet-4vcpu-ubuntu-2204 timeout-minutes: 120 steps: @@ -346,6 +352,7 @@ jobs: make start-e2e-admin-test e2e-upgrade-test: + if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: buildjet-4vcpu-ubuntu-2204 timeout-minutes: 120 steps: From e8a0474aada88c6b316d583726233eeabd673b3c Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 10:03:02 -0600 Subject: [PATCH 07/10] ci: adding change log entry after testing --- changelog.md | 1 + 1 file changed, 1 insertion(+) diff --git a/changelog.md b/changelog.md index bde84d208f..38847ef299 100644 --- a/changelog.md +++ b/changelog.md @@ -31,6 +31,7 @@ ### CI * [2070](https://github.com/zeta-chain/node/pull/2070) - Added commands to build binaries from the working branch as a live full node rpc to test non-governance changes. +* []() - Updated the release pipeline to only run on hotfix/ and release/ branches. Added option to only run pre-checks and not cut release as well. Switched approval steps to use environments. ## v16.0.0 From aa3b69d1f1b7afcc5a7a3861038127b2ce37c8a7 Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 10:10:42 -0600 Subject: [PATCH 08/10] updated --- changelog.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog.md b/changelog.md index 38847ef299..81a255550a 100644 --- a/changelog.md +++ b/changelog.md @@ -31,7 +31,7 @@ ### CI * [2070](https://github.com/zeta-chain/node/pull/2070) - Added commands to build binaries from the working branch as a live full node rpc to test non-governance changes. -* []() - Updated the release pipeline to only run on hotfix/ and release/ branches. Added option to only run pre-checks and not cut release as well. Switched approval steps to use environments. +* [2119](https://github.com/zeta-chain/node/pull/2119) - Updated the release pipeline to only run on hotfix/ and release/ branches. Added option to only run pre-checks and not cut release as well. Switched approval steps to use environments. ## v16.0.0 From e2073ae814856236964777e744220fe3c330ac61 Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 11:55:56 -0600 Subject: [PATCH 09/10] ci: fixing comments --- .github/workflows/publish-release.yml | 47 ++++++++++++++++++--------- 1 file changed, 31 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 0be6ee4af4..ef6a5b8871 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -12,7 +12,7 @@ on: required: false default: false description: 'Use this to skip: gosec, gosec-cosmos, check-changelog, check-upgrade-uandler-updated, build-test, smoke-test and go straight to approval step.' - run_just_checks: + skip_release: type: boolean required: false default: false @@ -23,9 +23,18 @@ concurrency: cancel-in-progress: false jobs: - gosec: + check_branch: if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: ubuntu-latest + steps: + - name: Branch + run: | + echo "${{ github.ref }}" + + gosec: + needs: + - check_branch + runs-on: ubuntu-latest env: GO111MODULE: on steps: @@ -53,7 +62,8 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" gosec-cosmos: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + needs: + - check_branch runs-on: ubuntu-latest env: GO111MODULE: on @@ -80,7 +90,8 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" lint: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + needs: + - check_branch runs-on: ubuntu-latest timeout-minutes: 15 env: @@ -112,7 +123,8 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" check-changelog: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + needs: + - check_branch runs-on: ubuntu-latest steps: @@ -153,7 +165,8 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" check-upgrade-handler-updated: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + needs: + - check_branch runs-on: ubuntu-latest timeout-minutes: 10 steps: @@ -183,7 +196,8 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" build-test: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + needs: + - check_branch runs-on: buildjet-4vcpu-ubuntu-2004 timeout-minutes: 15 concurrency: @@ -258,7 +272,8 @@ jobs: echo "Check Skipped, Mark Green for Pipeline Execution" smoke-test: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + needs: + - check_branch runs-on: buildjet-4vcpu-ubuntu-2204 timeout-minutes: 25 steps: @@ -333,11 +348,9 @@ jobs: run: | echo "Check Skipped, Mark Green for Pipeline Execution" - - - e2e-admin-tests: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + needs: + - check_branch runs-on: buildjet-4vcpu-ubuntu-2204 timeout-minutes: 120 steps: @@ -352,7 +365,8 @@ jobs: make start-e2e-admin-test e2e-upgrade-test: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + needs: + - check_branch runs-on: buildjet-4vcpu-ubuntu-2204 timeout-minutes: 120 steps: @@ -367,9 +381,7 @@ jobs: make start-upgrade-test publish-release: - if: ${{ github.event.inputs.run_just_checks == 'false' }} - runs-on: buildjet-4vcpu-ubuntu-2004 - timeout-minutes: 60 + if: ${{ github.event.inputs.skip_release == 'false' }} needs: - gosec - gosec-cosmos @@ -380,6 +392,9 @@ jobs: - build-test - e2e-admin-tests - e2e-upgrade-test + - check_branch + runs-on: buildjet-4vcpu-ubuntu-2004 + timeout-minutes: 60 environment: release steps: - uses: actions/checkout@v3 From 4439580b32bcdd032e5be0e4c7695637a24e7337 Mon Sep 17 00:00:00 2001 From: Grant Zukel Date: Mon, 6 May 2024 14:11:19 -0600 Subject: [PATCH 10/10] fixing comments --- .github/workflows/publish-release.yml | 50 ++++++++++++++++++--------- 1 file changed, 34 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index ef6a5b8871..532962d547 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -24,7 +24,7 @@ concurrency: jobs: check_branch: - if: ${{ github.event.inputs.skip_checks != 'true' && (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} + if: ${{ (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} runs-on: ubuntu-latest steps: - name: Branch @@ -56,10 +56,11 @@ jobs: with: args: ./... - - name: Skip Checks Succeed for Needs. + - name: Mark Job Complete Skipped if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash run: | - echo "Check Skipped, Mark Green for Pipeline Execution" + echo "continue" gosec-cosmos: needs: @@ -84,10 +85,11 @@ jobs: if: ${{ github.event.inputs.skip_checks != 'true' }} run: make lint-cosmos-gosec - - name: Skip Checks Succeed for Needs. + - name: Mark Job Complete Skipped if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash run: | - echo "Check Skipped, Mark Green for Pipeline Execution" + echo "continue" lint: needs: @@ -117,10 +119,11 @@ jobs: skip-cache: true args: --out-format=json - - name: Skip Checks Succeed for Needs. + - name: Mark Job Complete Skipped if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash run: | - echo "Check Skipped, Mark Green for Pipeline Execution" + echo "continue" check-changelog: needs: @@ -142,7 +145,6 @@ jobs: https://api.github.com/repos/${{ github.repository }}/git/ref/heads/develop | jq -r '.object.sha') echo "DEVELOP_SHA=${SHA}" >> ${GITHUB_ENV} echo "CURRENT_BRANCH_SHA=${{ github.sha }}" >> ${GITHUB_ENV} - - name: Check for CHANGELOG.md changes if: ${{ github.event.inputs.skip_checks != 'true' }} @@ -159,10 +161,11 @@ jobs: echo "CHANGELOG.md has been updated." fi - - name: Skip Checks Succeed for Needs. + - name: Mark Job Complete Skipped if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash run: | - echo "Check Skipped, Mark Green for Pipeline Execution" + echo "continue" check-upgrade-handler-updated: needs: @@ -190,10 +193,11 @@ jobs: fi echo "The major version found in 'releaseVersion' in app/setup_handlers.go matches this tagged release - Moving Forward!" - - name: Skip Checks Succeed for Needs. + - name: Mark Job Complete Skipped if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash run: | - echo "Check Skipped, Mark Green for Pipeline Execution" + echo "continue" build-test: needs: @@ -266,10 +270,11 @@ jobs: shell: bash run: rm -rf * - - name: Skip Checks Succeed for Needs. + - name: Mark Job Complete Skipped if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash run: | - echo "Check Skipped, Mark Green for Pipeline Execution" + echo "continue" smoke-test: needs: @@ -343,10 +348,11 @@ jobs: shell: bash run: sudo rm -rf * - - name: Skip Checks Succeed for Needs. + - name: Mark Job Complete Skipped if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash run: | - echo "Check Skipped, Mark Green for Pipeline Execution" + echo "continue" e2e-admin-tests: needs: @@ -364,6 +370,12 @@ jobs: run: | make start-e2e-admin-test + - name: Mark Job Complete Skipped + if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash + run: | + echo "continue" + e2e-upgrade-test: needs: - check_branch @@ -380,6 +392,12 @@ jobs: run: | make start-upgrade-test + - name: Mark Job Complete Skipped + if: ${{ github.event.inputs.skip_checks == 'true' }} + shell: bash + run: | + echo "continue" + publish-release: if: ${{ github.event.inputs.skip_release == 'false' }} needs: