-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: Refactor release workflow to allow workflow execution on generated PRs #13095
chore: Refactor release workflow to allow workflow execution on generated PRs #13095
Conversation
@@ -28,7 +28,7 @@ | |||
"unlink-all": "lerna exec --no-bail --parallel -- yarn unlink; exit 0", | |||
"publish:preid": "./scripts/preid-env-vars-exist.sh && lerna publish --canary --force-publish --dist-tag=${PREID_PREFIX} --preid=${PREID_PREFIX}${PREID_HASH_SUFFIX} --yes", | |||
"publish:main": "lerna publish --canary --force-publish --dist-tag=unstable --preid=unstable${PREID_HASH_SUFFIX} --yes", | |||
"publish:release": "lerna publish --conventional-commits --message 'chore(release): Publish [ci skip]' --yes", | |||
"publish:release": "lerna publish --conventional-commits --message 'chore(release): Publish [skip release]' --yes", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit question,
If we have multiple variables would we prefer my commit message [skip release] [skip e2e]
or my commit message [skip release e2e]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a good question, I think I'd prefer to keep it narrowly tailored to the overall "intents" in our CI 🤔 Open to other opinions though
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would be a fan of putting a PR/human into this process to avoid using the write token for security reasons. This isn't changing the existing process, so as an amendment I don't see any risk in moving forward as is.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good
Thanks @jimblanc 🎖️
…on generated PRs (aws-amplify#13095)" This reverts commit 25adcfe.
Description of changes
This PR proposes a change to our usage of
[ci skip]
in releases by introducing a new[skip release]
syntax which will skip thepush-latest-release.yml
workflow specifically (which is what we're achieving with our current usage of[ci skip]
).This is intended to address the following issue:
release
back intomain
instead of force-pushing.[ci skip]
in the "update API docs" & "Publish" commits which are generated during releases, the resulting PR does not trigger thecodeql
&pr
workflows required to actually merge the PR as per the branch protection rules onmain
. As a result, admin intervention or additional commit is required to merge the PR.Alternatives considered:
pull_request_target
instead ofpull_request
for the CodeQL & PR workflows, which bypasses the[ci skip]
checkpull_request_target
changes the security posture of the repo for PRs originating from forksgh pr merge
main
(particularly in the case of hot-fixes) that would require manual intervention anywayOther consequences of this change:
push-main-release
workflow when they're merged back tomain
. I don't believe that this should be an issue, and in fact updatingunstable
with the results of the latest release is arguably more correct.Issue #, if available
Description of how you validated changes
Tested that this logic correctly skips the release workflow when
[skip release]
is present in the head commit of the triggering branch: https://github.com/aws-amplify/amplify-js/actions/runs/8180781321Tested that PRs into
main
containing[skip release]
still trigger the required PR workflows. Also verified that branches containing[ci skip]
exhibit the same behavior we observed in the release (i.e. stuck PR workflows).Checklist
yarn test
passesBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.