diff --git a/.github/workflows/create-release-proposal.yml b/.github/workflows/create-release-proposal.yml index 5f0f80eed24c950..c5f60096080c8d7 100644 --- a/.github/workflows/create-release-proposal.yml +++ b/.github/workflows/create-release-proposal.yml @@ -1,7 +1,6 @@ # This action requires the following secrets to be set on the repository: # GH_USER_NAME: GitHub user whose Jenkins and GitHub token are defined below # GH_USER_TOKEN: GitHub user token, to be used by ncu and to push changes -# JENKINS_TOKEN: Jenkins token, to be used to check CI status name: Create Release Proposal @@ -26,6 +25,7 @@ env: permissions: contents: write + pull-requests: write jobs: releasePrepare: @@ -39,9 +39,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: ${{ env.STAGING_BRANCH }} - # Needs the whole git history for ncu to work - # See https://github.com/nodejs/node-core-utils/pull/486 - fetch-depth: 0 + persist-credentials: false # Install dependencies - name: Install Node.js @@ -58,29 +56,33 @@ jobs: ncu-config set upstream origin ncu-config set username "$USERNAME" ncu-config set token "$GH_TOKEN" - ncu-config set jenkins_token "$JENKINS_TOKEN" ncu-config set repo "$(echo "$GITHUB_REPOSITORY" | cut -d/ -f2)" ncu-config set owner "${GITHUB_REPOSITORY_OWNER}" env: USERNAME: ${{ secrets.JENKINS_USER }} - GH_TOKEN: ${{ secrets.GH_USER_TOKEN }} - JENKINS_TOKEN: ${{ secrets.JENKINS_TOKEN }} + GH_TOKEN: ${{ github.token }} - name: Set up ghauth config (Ubuntu) run: | - mkdir -p ~/.config/changelog-maker/ - echo '{ - "user": "'$(ncu-config get username)'", - "token": "'$(ncu-config get token)'" - }' > ~/.config/changelog-maker/config.json + mkdir -p "${XDG_CONFIG_HOME:-~/.config}/changelog-maker" + echo '{}' | jq '{user: env.USERNAME, token: env.TOKEN}' > "${XDG_CONFIG_HOME:-~/.config}/changelog-maker/config.json" + env: + USERNAME: ${{ secrets.JENKINS_USER }} + TOKEN: ${{ github.token }} - name: Setup git author run: | git config --local user.email "github-bot@iojs.org" git config --local user.name "Node.js GitHub Bot" + # Workaround, see https://github.com/nodejs/node-core-utils/pull/876 + git fetch origin --shallow-exclude v${{ inputs.release-line }}.0.0 "$STAGING_BRANCH" - name: Start git node release prepare + # The curl command is to make sure we run the version of the script corresponding to the current workflow. run: | + curl -L https://github.com/${GITHUB_REPOSITORY}/raw/${GITHUB_SHA}/tools/actions/create-release.sh > tools/actions/create-release.sh ./tools/actions/create-release.sh "${RELEASE_DATE}" "${RELEASE_LINE}" env: - GH_TOKEN: ${{ secrets.GH_USER_TOKEN }} + GH_TOKEN: ${{ github.token }} + # We want the bot to push the push the release commit so Ci runs on it. + BOT_TOKEN: ${{ secrets.GH_USER_TOKEN }} diff --git a/doc/contributing/releases.md b/doc/contributing/releases.md index 32e9880b444dcbf..12a72b0e00ed98c 100644 --- a/doc/contributing/releases.md +++ b/doc/contributing/releases.md @@ -33,7 +33,8 @@ official release builds for Node.js, hosted on . * [17. Create a blog post](#17-create-a-blog-post) * [18. Create the release on GitHub](#18-create-the-release-on-github) * [19. Announce](#19-announce) - * [20. Celebrate](#20-celebrate) + * [20. Re-enable the backport-queue workflow](#20-re-enable-the-backport-queue-workflow) + * [21. Celebrate](#21-celebrate) * [LTS releases](#lts-releases) * [Major releases](#major-releases) @@ -140,6 +141,11 @@ of the `nodejs-private/node-private` repository a day or so before the [CI lockdown procedure][] begins. This is to confirm that Jenkins can properly access the private repository. +### 1. Disable the backport-queue workflow + +Having the staging branch and the proposal branch starting to differ will make +the release work harder. + ### 1. Update the staging branch Checkout the staging branch locally. @@ -1096,7 +1102,9 @@ Let the security release steward know the releases are available. -### 20. Celebrate +### 20. Re-enable the backport-queue workflow + +### 21. Celebrate _In whatever form you do this..._ diff --git a/tools/actions/create-release.sh b/tools/actions/create-release.sh index 3a69b3f5602ffc4..cf442ebd47d55fb 100755 --- a/tools/actions/create-release.sh +++ b/tools/actions/create-release.sh @@ -10,24 +10,87 @@ if [ -z "$RELEASE_DATE" ] || [ -z "$RELEASE_LINE" ]; then exit 1 fi +createCommitAPICall() { + commit="${1:-HEAD}" + cat - <<'EOF' +mutation ($repo: String! $branch: String!, $parent: GitObjectID!, $commit_title: String!, $commit_body: String) { + createCommitOnBranch(input: { + branch: { + repositoryNameWithOwner: $repo, + branchName: $branch + }, + message: { + headline: $commit_title, + body: $commit_body + }, + expectedHeadOid: $parent, + fileChanges: { + additions: [ +EOF + git show "$commit" --diff-filter=d --name-only --format= | while read -r FILE; do + printf " { path: " + node -p 'JSON.stringify(process.argv[1])' "$FILE" + printf " , contents: \"" + base64 -w 0 -i "$FILE" + echo "\"}," + done + echo ' ], deletions: [' + git show "$commit" --diff-filter=D --name-only --format= | while read -r FILE; do + echo " $(node -p 'JSON.stringify(process.argv[1])' "$FILE")," + done + cat - <<'EOF' + ] + } + }) { + commit { + url + } + } +} +EOF +} + git node release --prepare --skipBranchDiff --yes --releaseDate "$RELEASE_DATE" -# We use it to not specify the branch name as it changes based on -# the commit list (semver-minor/semver-patch) -git config push.default current -git push + +HEAD_BRANCH="$(git rev-parse --abbrev-ref HEAD)" +HEAD_SHA="$(git rev-parse HEAD^)" TITLE=$(awk "/^## ${RELEASE_DATE}/ { print substr(\$0, 4) }" "doc/changelogs/CHANGELOG_V${RELEASE_LINE}.md") # Use a temporary file for the PR body TEMP_BODY="$(awk "/## ${RELEASE_DATE}/,/^