From ce4eff0b52bf036b76e1226bcd96e9b9d4318073 Mon Sep 17 00:00:00 2001 From: Jack Date: Wed, 15 Apr 2026 12:31:13 +0100 Subject: [PATCH 1/6] DI-718 --- .../action.yml | 14 +++ .github/python/add-release/add_release.py | 6 +- .../python/add-release/version_metadata.py | 3 - .github/workflows/package.yml | 98 +++++++++++++++++++ .github/workflows/promote.yml | 97 +++++++++++------- 5 files changed, 175 insertions(+), 43 deletions(-) create mode 100644 .github/actions/get-hazelcast-platform-pr-title/action.yml create mode 100644 .github/workflows/package.yml diff --git a/.github/actions/get-hazelcast-platform-pr-title/action.yml b/.github/actions/get-hazelcast-platform-pr-title/action.yml new file mode 100644 index 0000000..ccd9190 --- /dev/null +++ b/.github/actions/get-hazelcast-platform-pr-title/action.yml @@ -0,0 +1,14 @@ +# To ensure that both setter and getter use the same format +name: Get Hazelcast Platform PR Title + +inputs: + hz-version: + required: true +outputs: + title: + value: Hazelcast platform release ${{ inputs.hz-version }} +runs: + using: "composite" + steps: + - shell: bash + run: exit 0 diff --git a/.github/python/add-release/add_release.py b/.github/python/add-release/add_release.py index 3dbf09c..55c2105 100644 --- a/.github/python/add-release/add_release.py +++ b/.github/python/add-release/add_release.py @@ -45,7 +45,7 @@ def update_hazelcast_open_source_metadata(version_metadata: VersionMetadata): version_block = f"""--- Version: {version_metadata.version} -Date: {version_metadata.date} +Date: ${{TBC_RELEASE_DATE}} Download_ZIP_URL: {version_metadata.os_downloads.full_zip.url} Download_ZIP_Size: {version_metadata.os_downloads.full_zip.size} Download_slim_ZIP_URL: {version_metadata.os_downloads.slim_zip.url} @@ -74,7 +74,7 @@ def update_hazelcast_enterprise_metadata(version_metadata: VersionMetadata): version_block = f"""--- Version: {version_metadata.version} -Date: {version_metadata.date} +Date: ${{TBC_RELEASE_DATE}} Download_ZIP_URL: {version_metadata.ee_downloads.full_zip.url} Download_ZIP_Size: {version_metadata.ee_downloads.full_zip.size} Download_slim_ZIP_URL: {version_metadata.ee_downloads.slim_zip.url} @@ -153,7 +153,7 @@ def update_imdg_clients_metadata(version_metadata: VersionMetadata): version_block = f"""--- Version: {version_metadata.version} -Date: {version_metadata.date} +Date: ${{TBC_RELEASE_DATE}} Download: {version_metadata.os_downloads.slim_zip.url} Download_Size: {version_metadata.os_downloads.slim_zip.size} Github: {version_metadata.sources_url} diff --git a/.github/python/add-release/version_metadata.py b/.github/python/add-release/version_metadata.py index f970fcb..417844f 100644 --- a/.github/python/add-release/version_metadata.py +++ b/.github/python/add-release/version_metadata.py @@ -1,7 +1,6 @@ import logging import os from dataclasses import InitVar, dataclass, field -from datetime import datetime import requests import semver @@ -69,8 +68,6 @@ def __post_init__(self, github_org, ee_release_repo_name): if isinstance(self.version, str): self.version = semver.Version.parse(self.version) - self.date = datetime.now().strftime("%m/%d/%Y") - self.os_downloads = self._build_downloads( f"https://github.com/{github_org}/hazelcast/releases/download/v{self.version}/hazelcast-{self.version}" ) diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml new file mode 100644 index 0000000..7ba9612 --- /dev/null +++ b/.github/workflows/package.yml @@ -0,0 +1,98 @@ +name: Package Hazelcast platform release metadata +description: Creates a draft PR for the updated release metadata, after adding the required Hazelcast platform release +run-name: ${{ github.workflow }} (`${{ inputs.VERSION }}`@${{ inputs.ENVIRONMENT }}) + +on: + # Called from release pipeline + workflow_dispatch: + inputs: + VERSION: + description: 'The version to release (e.g. `5.4.1`)' + required: true + RELEASE_TYPE: + description: 'What should be built' + required: true + type: choice + options: + - ALL + - OSS + - EE + ENVIRONMENT: + description: 'Environment to use' + required: true + type: environment + +jobs: + package: + environment: ${{ inputs.ENVIRONMENT }} + runs-on: ubuntu-slim + permissions: + contents: write + id-token: write + pull-requests: write + steps: + - uses: actions/checkout@v6 + # Required to get the default branch as well, to allow `gh` to accurately determine the diff between branches when deriving PR title from commits + with: + fetch-depth: 0 + + - id: resolve-editions + uses: hazelcast/docker-actions/resolve-editions@master + with: + release-type: ${{ inputs.RELEASE_TYPE }} + + - uses: hazelcast/docker-actions/get-jfrog-credentials@master + # Other environments use public artifacts, where credentials aren't required + if: inputs.ENVIRONMENT == 'sandbox' + id: jfrog + with: + aws-role-to-assume: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }} + jfrog-oidc-provider-name: ${{ github.repository_owner }}-snapshot-internal + + - name: Install dependencies + run: | + pip3 install -r .github/python/add-release/requirements.txt + + - name: Update metadata + run: | + python3 .github/python/add-release/add_release.py \ + --version=${VERSION} \ + --github-org=${GITHUB_REPOSITORY_OWNER} \ + --ee-release-repo-name=${{ vars.EE_RELEASE_REPO_NAME }} \ + --should-build-oss=${{ steps.resolve-editions.outputs.should_build_oss }} \ + --should-build-ee=${{ steps.resolve-editions.outputs.should_build_ee }} + env: + VERSION: ${{ inputs.VERSION }} + RELEASE_REPO_USER: ${{ steps.jfrog.outputs.user }} + RELEASE_REPO_TOKEN: ${{ steps.jfrog.outputs.token }} + + - uses: ./.github/actions/get-hazelcast-platform-pr-title + id: get-pr-title + with: + hz-version: ${{ inputs.VERSION }} + + - name: Create PR for changes + run: | + git config --global user.name "${GITHUB_ACTOR}" + git config --global user.email "${GITHUB_ACTOR}@users.noreply.github.com" + + # Make a new branch from the default one + # The default branch is the ultimate target of the PR, not the current one + # For _typical_ workflow execution this is the same + # But when testing changes, if running from the non-default branch (e.g. a branch with your workflow changes), the resultant version update PR will _also_ include those changes + git checkout \ + -b "${{ github.job }}_run_${{ github.run_id }}" \ + ${{ github.event.repository.default_branch }} + + git commit \ + --all \ + --message="${{ steps.get-pr-title.outputs.title }}" \ + --message="Generated by ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}." + git push -u origin HEAD + + gh pr create \ + --assignee "${GITHUB_ACTOR}" \ + --fill \ + --draft + env: + GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index 54d1d35..b8d4fee 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -1,37 +1,36 @@ -name: Add Hazelcast platform release -run-name: ${{ github.workflow }} (`${{ inputs.VERSION }}`@${{ inputs.ENVIRONMENT }}) +name: Promote Hazelcast platform release metadata +description: Identifies the corresponding PR for the updated release metadata from `package.yml`, updating as required and merging +run-name: ${{ github.workflow }} (`${{ inputs.VERSION }}`) on: # Called from release orchestrator workflow_dispatch: inputs: VERSION: - description: 'The version to release (e.g. `5.4.1`)' + description: 'The version to promote (e.g. `5.4.1`)' required: true RELEASE_TYPE: - description: 'What should be built' - required: true + description: 'Unused, provided for compatibility with a common release promotion interface' + required: false type: choice options: - ALL - OSS - EE ENVIRONMENT: - description: 'Environment to use' - required: true + description: 'Unused, provided for compatibility with a common release promotion interface' + required: false type: environment distinct_id: description: 'Required exclusively for automated execution to track status of workflow execution' required: false jobs: - add-release: - environment: ${{ inputs.ENVIRONMENT }} + promote: runs-on: ubuntu-latest permissions: contents: write - env: - VERSION: ${{ inputs.VERSION }} + pull-requests: write steps: # https://github.com/Codex-/return-dispatch#receiving-repository-action - name: Logging distinct ID (${{ inputs.distinct_id }}) @@ -39,42 +38,66 @@ jobs: env: DISTINCT_ID: ${{ inputs.distinct_id }} - - uses: actions/checkout@v6 + - name: Checkout repo + uses: actions/checkout@v6 - - id: resolve-editions - uses: hazelcast/docker-actions/resolve-editions@master + - uses: ./.github/actions/get-hazelcast-platform-pr-title + id: get-pr-title with: - release-type: ${{ inputs.RELEASE_TYPE }} + hz-version: ${{ inputs.VERSION }} - - uses: hazelcast/docker-actions/get-jfrog-credentials@master - if: inputs.ENVIRONMENT == 'sandbox' - id: jfrog + - name: Find corresponding staged PR + id: find-pr + run: | + source /dev/stdin <<< "$(curl --silent https://raw.githubusercontent.com/hazelcast/github-actions-common-scripts/main/logging.functions.sh)" + + PR_JSON=$(gh pr list \ + --search "'${{ steps.get-pr-title.outputs.title }}' in:title author:app/github-actions" \ + --json number,headRefName \ + --jq '.[0]') + + PR_NUMBER=$(jq -r .number <<< "${PR_JSON}") + PR_BRANCH=$(jq -r .headRefName <<< "${PR_JSON}") + + if [[ -n "${PR_NUMBER}" || -n "${PR_BRANCH}" ]]; then + echo "PR_NUMBER=${PR_NUMBER}" >> ${GITHUB_OUTPUT} + echo "PR_BRANCH=${PR_BRANCH}" >> ${GITHUB_OUTPUT} + else + echoerr "No matching PR found to promote" + exit 1 + fi + env: + GH_TOKEN: ${{ github.token }} + + - name: 'Checkout PR #${{ steps.find-pr.outputs.PR_NUMBER }} (`${{ steps.find-pr.outputs.PR_BRANCH }}`)' + uses: actions/checkout@v6 with: - aws-role-to-assume: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }} - jfrog-oidc-provider-name: ${{ github.repository_owner }}-snapshot-internal + ref: ${{ steps.find-pr.outputs.PR_BRANCH }} - - name: Install dependencies + - name: Update release date in files run: | - pip3 install -r .github/python/add-release/requirements.txt + export TBC_RELEASE_DATE=$(date +%m/%d/%Y) - - name: Update metadata - run: | - python3 .github/python/add-release/add_release.py \ - --version=${VERSION} \ - --github-org=${GITHUB_REPOSITORY_OWNER} \ - --ee-release-repo-name=${{ vars.EE_RELEASE_REPO_NAME }} \ - --should-build-oss=${{ steps.resolve-editions.outputs.should_build_oss }} \ - --should-build-ee=${{ steps.resolve-editions.outputs.should_build_ee }} - env: - RELEASE_REPO_USER: ${{ steps.jfrog.outputs.user }} - RELEASE_REPO_TOKEN: ${{ steps.jfrog.outputs.token }} + find . -type f -name "*.txt" -print0 | while IFS= read -r -d '' file; do + envsubst < "${file}" > "${file}.tmp" && mv "${file}.tmp" "${file}" + done - - name: Push back changes + - name: 'Commit changes to PR #${{ steps.find-pr.outputs.PR_NUMBER }}' run: | git config --global user.name "${GITHUB_ACTOR}" git config --global user.email "${GITHUB_ACTOR}@users.noreply.github.com" - - git commit --all \ - --message="Hazelcast platform release ${VERSION}" \ + + git commit \ + --all \ + --message="Updating release date" \ --message="Generated by ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}." git push + + - name: 'Merge PR #${{ steps.find-pr.outputs.PR_NUMBER }}' + run: | + gh pr ready + + gh pr merge \ + --squash + env: + GH_TOKEN: ${{ github.token }} From 0875dc340efaebec80082e8744c1e86231e5d523 Mon Sep 17 00:00:00 2001 From: Jack Green Date: Thu, 7 May 2026 13:05:26 +0100 Subject: [PATCH 2/6] Update .github/workflows/promote.yml Co-authored-by: Nishaat Rajabali <12186256+nishaatr@users.noreply.github.com> --- .github/workflows/promote.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index b8d4fee..3072baf 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -79,7 +79,7 @@ jobs: export TBC_RELEASE_DATE=$(date +%m/%d/%Y) find . -type f -name "*.txt" -print0 | while IFS= read -r -d '' file; do - envsubst < "${file}" > "${file}.tmp" && mv "${file}.tmp" "${file}" + envsubst '$TBC_RELEASE_DATE' < "${file}" > "${file}.tmp" && mv "${file}.tmp" "${file}" done - name: 'Commit changes to PR #${{ steps.find-pr.outputs.PR_NUMBER }}' From b08c8e07d720a1c629f7c89ffc4b4db2cecdab0d Mon Sep 17 00:00:00 2001 From: Jack Date: Wed, 20 May 2026 13:15:09 +0100 Subject: [PATCH 3/6] https://github.com/hazelcast/rel-scripts/pull/61#discussion_r3273193375 --- .github/workflows/promote.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index 3072baf..9524888 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -49,6 +49,8 @@ jobs: - name: Find corresponding staged PR id: find-pr run: | + set -o errexit -o nounset -o pipefail ${RUNNER_DEBUG:+-x} + source /dev/stdin <<< "$(curl --silent https://raw.githubusercontent.com/hazelcast/github-actions-common-scripts/main/logging.functions.sh)" PR_JSON=$(gh pr list \ From 8224a7fd13e242cafffe4bc3b9e53cb869afecaf Mon Sep 17 00:00:00 2001 From: Jack Date: Thu, 21 May 2026 16:34:43 +0100 Subject: [PATCH 4/6] Add logging --- .github/workflows/promote.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index 9524888..3f5328c 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -58,9 +58,13 @@ jobs: --json number,headRefName \ --jq '.[0]') + echodebug "PR search result - ${PR_JSON}" + PR_NUMBER=$(jq -r .number <<< "${PR_JSON}") PR_BRANCH=$(jq -r .headRefName <<< "${PR_JSON}") + echo "Found PR = #${PR_NUMBER}, branch = ${PR_BRANCH}" + if [[ -n "${PR_NUMBER}" || -n "${PR_BRANCH}" ]]; then echo "PR_NUMBER=${PR_NUMBER}" >> ${GITHUB_OUTPUT} echo "PR_BRANCH=${PR_BRANCH}" >> ${GITHUB_OUTPUT} @@ -79,6 +83,7 @@ jobs: - name: Update release date in files run: | export TBC_RELEASE_DATE=$(date +%m/%d/%Y) + echo "Updating TBC_RELEASE_DATE -> ${TBC_RELEASE_DATE}..." find . -type f -name "*.txt" -print0 | while IFS= read -r -d '' file; do envsubst '$TBC_RELEASE_DATE' < "${file}" > "${file}.tmp" && mv "${file}.tmp" "${file}" From f23b44af67325182dfccb93b7c4f4d631e848d59 Mon Sep 17 00:00:00 2001 From: Jack Green Date: Thu, 28 May 2026 10:18:55 +0100 Subject: [PATCH 5/6] Secrets --- .github/workflows/package.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 7ba9612..5561a0c 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -46,7 +46,7 @@ jobs: if: inputs.ENVIRONMENT == 'sandbox' id: jfrog with: - aws-role-to-assume: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }} + aws-role-to-assume: ${{ vars.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }} jfrog-oidc-provider-name: ${{ github.repository_owner }}-snapshot-internal - name: Install dependencies From a05f81c978586728690aefffc1a0d10afad480ec Mon Sep 17 00:00:00 2001 From: Jack Green Date: Fri, 29 May 2026 15:46:04 +0100 Subject: [PATCH 6/6] Refactor environment configuration in package.yml --- .github/workflows/package.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 5561a0c..56648df 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -24,7 +24,9 @@ on: jobs: package: - environment: ${{ inputs.ENVIRONMENT }} + environment: + name: ${{ inputs.ENVIRONMENT }} + deployment: false runs-on: ubuntu-slim permissions: contents: write