117 строки
6.3 KiB
YAML
117 строки
6.3 KiB
YAML
name: Release Branch Pull Request Handler
|
|
on:
|
|
pull_request:
|
|
branches:
|
|
jobs:
|
|
deploy-to-uat-sandbox:
|
|
runs-on: ubuntu-latest
|
|
if: startsWith(github.event.pull_request.base.ref, vars.RELEASE_BRANCH_PREFIX)
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2.5.0
|
|
with:
|
|
token: ${{ secrets.SCOPED_PAT }}
|
|
ref: ${{ github.event.pull_request.head.sha }}
|
|
fetch-depth: 2
|
|
- name: Setup Node
|
|
uses: actions/setup-node@v3.5.1
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
- name: Cache Node Modules
|
|
uses: actions/cache@v3.0.11
|
|
id: npm_cache_id
|
|
with:
|
|
path: node_modules
|
|
key: ${{ runner.os }}-npm-cache-${{ hashFiles('**/package-lock.json') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-npm-cache-
|
|
${{ runner.os }}-
|
|
- name: Install Dependencies
|
|
if: steps.npm_cache_id.outputs.cache-hit != 'true'
|
|
run: npm ci
|
|
- name: Parse Issue Number
|
|
id: branchFilter
|
|
env:
|
|
BRANCH_NAME: ${{ github.head_ref }}
|
|
ISSUE_PREFIX: ${{ vars.ISSUE_BRANCH_PREFIX }}
|
|
run: node ./node-scripts/branch-filter.js
|
|
- name: Did Metadata or Auth Files Change
|
|
if: steps.branchFilter.outputs.matches == 'true'
|
|
uses: rdietrick/did-files-change@12ed863b722bc28052850c22b28a37f38b6eca8d
|
|
id: requires-deploy
|
|
with:
|
|
pathspec: force-app auth
|
|
sha: ${{ github.event.pull_request.head.sha }}
|
|
- name: Recompose Profiles
|
|
if: steps.branchFilter.outputs.matches == 'true' && steps.requires-deploy.outputs.changed == '1' && vars.SALESFORCE_FORMATTED_PROFILES_AND_PERMS == 'false'
|
|
run: |
|
|
echo y | npx sfdx-cli plugins:install @rdietrick/sfdx-profile-decompose
|
|
npx sfdx-cli profiles:aggregate
|
|
rm -rf force-app/main/default/profiles/decomposed force-app/main/default/permissionsets/decomposed
|
|
- name: Check First Deploy
|
|
if: vars.GENERATE_RELEASE == 'true' && steps.branchFilter.outputs.matches == 'true'
|
|
id: check_first_deploy
|
|
run: |
|
|
if [ -f release-notes/${{ vars.ISSUE_BRANCH_PREFIX }}${{ steps.branchFilter.outputs.issueNumber }}.md ]
|
|
then
|
|
echo "FIRST_DEPLOY=false" >> "$GITHUB_OUTPUT"; else echo "FIRST_DEPLOY=true" >> "$GITHUB_OUTPUT";
|
|
fi
|
|
- name: Generate Destructive Changes Param
|
|
if: steps.branchFilter.outputs.matches == 'true' && steps.requires-deploy.outputs.changed == '1' && steps.check_first_deploy.outputs.FIRST_DEPLOY == 'true'
|
|
id: check_for_destructive_changes
|
|
run: |
|
|
if [ -f destructive-changes/destructiveChangesPre.xml ] && [ -f destructive-changes/destructiveChangesPost.xml ]
|
|
then
|
|
echo "DESTRUCTIVE_FILES=--predestructivechanges destructive-changes/destructiveChangesPre.xml --postdestructivechanges destructive-changes/destructiveChangesPost.xml" >> "$GITHUB_OUTPUT";
|
|
elif [ -f destructive-changes/destructiveChangesPre.xml ]
|
|
then
|
|
echo "DESTRUCTIVE_FILES=--predestructivechanges destructive-changes/destructiveChangesPre.xml" >> "$GITHUB_OUTPUT";
|
|
elif [ -f destructive-changes/destructiveChangesPost.xml ]
|
|
then
|
|
echo "DESTRUCTIVE_FILES=--postdestructivechanges destructive-changes/destructiveChangesPost.xml" >> "$GITHUB_OUTPUT";
|
|
fi
|
|
- name: Authenticate to UAT Sandbox
|
|
if: steps.branchFilter.outputs.matches == 'true' && steps.requires-deploy.outputs.changed == '1'
|
|
env:
|
|
LOGIN_ENC_FILE: auth/sandbox-login-url-${{ steps.branchFilter.outputs.branchName }}-uat.txt
|
|
SFDX_AUTH_SECRET_KEY: ${{ secrets.SFDX_AUTH_SECRET_KEY }}
|
|
run: |
|
|
sudo apt install age
|
|
echo "$SFDX_AUTH_SECRET_KEY" >> key.txt
|
|
age --decrypt -i key.txt ${LOGIN_ENC_FILE}.age > ${LOGIN_ENC_FILE}
|
|
rm key.txt
|
|
npx sfdx force:auth:sfdxurl:store -f ${LOGIN_ENC_FILE} -a is${{ steps.branchFilter.outputs.issueNumber }}uat
|
|
- name: Deploy Source to Sandbox
|
|
if: steps.branchFilter.outputs.matches == 'true' && steps.requires-deploy.outputs.changed == '1'
|
|
env:
|
|
LOGIN_ENC_FILE: auth/sandbox-login-url-${{ steps.branchFilter.outputs.branchName }}-uat.txt
|
|
run: |
|
|
npx sfdx project generate manifest -p force-app -n temp-deploy-manifest
|
|
npx sfdx project deploy start -o is${{ steps.branchFilter.outputs.issueNumber }}uat -x temp-deploy-manifest.xml ${{ steps.check_for_destructive_changes.outputs.DESTRUCTIVE_FILES }} -w ${{ vars.DEPLOYMENT_TIMEOUT }} -l RunLocalTests --ignore-conflicts
|
|
- name: Init Release Notes
|
|
id: init-release-notes
|
|
if: vars.GENERATE_RELEASE == 'true' && steps.check_first_deploy.outputs.FIRST_DEPLOY == 'true' && steps.branchFilter.outputs.matches == 'true'
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.SCOPED_PAT }}
|
|
ISSUE_URL: https://api.github.com/repos/${{ github.repository }}/issues/${{ steps.branchFilter.outputs.issueNumber }}
|
|
HEAD_REF: ${{ github.head_ref }}
|
|
run: |
|
|
git fetch origin $HEAD_REF
|
|
curl -H "Authorization: Bearer ${GITHUB_TOKEN}" -s ${ISSUE_URL} > issue.json
|
|
ISSUE_HTML_URL=$(jq -r '.html_url' issue.json)
|
|
ISSUE_TITLE=$(jq -r '.title' issue.json)
|
|
touch release-notes/${{ vars.ISSUE_BRANCH_PREFIX }}${{ steps.branchFilter.outputs.issueNumber }}.md
|
|
echo -e "1. [#${{ steps.branchFilter.outputs.issueNumber }} - ${ISSUE_TITLE}](${ISSUE_HTML_URL})\n" > release-notes/${{ vars.ISSUE_BRANCH_PREFIX }}${{ steps.branchFilter.outputs.issueNumber }}.md
|
|
ISSUE_JSON="$(cat issue.json)"
|
|
ISSUE_JSON="${ISSUE_JSON//'%'/'%25'}"
|
|
ISSUE_JSON="${ISSUE_JSON//$'\n'/'%0A'}"
|
|
ISSUE_JSON="${ISSUE_JSON//$'\r'/'%0D'}"
|
|
echo "ISSUE=$ISSUE_JSON" >> "$GITHUB_OUTPUT";
|
|
rm issue.json
|
|
- uses: stefanzweifel/git-auto-commit-action@v4.15.4
|
|
if: vars.GENERATE_RELEASE == 'true' && steps.check_first_deploy.outputs.FIRST_DEPLOY == 'true' && steps.branchFilter.outputs.matches == 'true'
|
|
with:
|
|
branch: ${{ github.head_ref }}
|
|
commit_message: Issue release note
|
|
file_pattern: release-notes/${{ vars.ISSUE_BRANCH_PREFIX }}${{ steps.branchFilter.outputs.issueNumber }}.md
|