diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index 28e68503b21..ced847c1bc4 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -4,7 +4,7 @@ description: 'Installs node, driver dependencies, and builds source' runs: using: composite steps: - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: node-version: 'lts/*' cache: 'npm' diff --git a/.github/workflows/build_docs.yml b/.github/workflows/build_docs.yml index 99ac28823e9..de47ba9028f 100644 --- a/.github/workflows/build_docs.yml +++ b/.github/workflows/build_docs.yml @@ -18,14 +18,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: actions/setup uses: ./.github/actions/setup - run: sudo apt-get install hugo - name: Build Docs run: npm run build:docs -- --yes - name: Open Pull Request - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v6 with: title: 'docs: generate docs from latest main [skip-ci]' delete-branch: true diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml index 75284c359cd..eab5170f259 100644 --- a/.github/workflows/dependencies.yml +++ b/.github/workflows/dependencies.yml @@ -13,7 +13,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: actions/setup uses: ./.github/actions/setup - run: npm run check:dependencies diff --git a/.github/workflows/release-4.x.yml b/.github/workflows/release-4.x.yml deleted file mode 100644 index dcda4e2d822..00000000000 --- a/.github/workflows/release-4.x.yml +++ /dev/null @@ -1,38 +0,0 @@ -on: - push: - branches: [4.x] - workflow_dispatch: {} - -permissions: - contents: write - pull-requests: write - id-token: write - -name: release-4x - -jobs: - release-please: - runs-on: ubuntu-latest - steps: - - id: release - uses: google-github-actions/release-please-action@v3 - with: - release-type: node - package-name: mongodb - # Example: chore(main): release 5.7.0 [skip-ci] - # ${scope} - parenthesis included, base branch name - pull-request-title-pattern: 'chore${scope}: release ${version} [skip-ci]' - pull-request-header: 'Please run the release_notes action before releasing to generate release highlights' - changelog-path: HISTORY.md - default-branch: 4.x - - # If release-please created a release, publish to npm - - if: ${{ steps.release.outputs.release_created }} - uses: actions/checkout@v3 - - if: ${{ steps.release.outputs.release_created }} - name: actions/setup - uses: ./.github/actions/setup - - if: ${{ steps.release.outputs.release_created }} - run: npm publish --provenance --tag=4x - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/release-5.x.yml b/.github/workflows/release-5.x.yml index f909eefc7d9..d0958648b1e 100644 --- a/.github/workflows/release-5.x.yml +++ b/.github/workflows/release-5.x.yml @@ -15,20 +15,13 @@ jobs: runs-on: ubuntu-latest steps: - id: release - uses: google-github-actions/release-please-action@v3 + uses: google-github-actions/release-please-action@v4 with: - release-type: node - package-name: mongodb - # Example: chore(main): release 5.7.0 [skip-ci] - # ${scope} - parenthesis included, base branch name - pull-request-title-pattern: 'chore${scope}: release ${version} [skip-ci]' - pull-request-header: 'Please run the release_notes action before releasing to generate release highlights' - changelog-path: HISTORY.md - default-branch: 5.x + target-branch: 5.x # If release-please created a release, publish to npm - if: ${{ steps.release.outputs.release_created }} - uses: actions/checkout@v3 + uses: actions/checkout@v4 - if: ${{ steps.release.outputs.release_created }} name: actions/setup uses: ./.github/actions/setup diff --git a/.github/workflows/release-alpha.yml b/.github/workflows/release-alpha.yml index 937ba537f2f..e3b024ccd52 100644 --- a/.github/workflows/release-alpha.yml +++ b/.github/workflows/release-alpha.yml @@ -19,13 +19,13 @@ jobs: steps: - shell: bash run: | - ALPHA_SEMVER_REGEXP="-alpha(\.(0|[1-9][0-9]+))?$" + ALPHA_SEMVER_REGEXP="-alpha(\.([0-9]|[1-9][0-9]+))?$" if ! [[ "${{ inputs.alphaVersion }}" =~ $ALPHA_SEMVER_REGEXP ]]; then echo "Invalid alphaVersion string" exit 1 fi - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: actions/setup uses: ./.github/actions/setup - run: npm version "${{ inputs.alphaVersion }}" --git-tag-version=false diff --git a/.github/workflows/release-nightly.yml b/.github/workflows/release-nightly.yml index 0be13e3c125..649b6c760af 100644 --- a/.github/workflows/release-nightly.yml +++ b/.github/workflows/release-nightly.yml @@ -1,10 +1,9 @@ on: - # TODO: We can reenable cron when needed - # schedule: - # # Timezone is UTC - # # https://crontab.guru/#0_0_*_*_* - # # At 00:00 every day. - # - cron: '0 0 * * *' + schedule: + # Timezone is UTC + # https://crontab.guru/#0_0_*_*_* + # At 00:00 every day. + - cron: '0 0 * * *' # Allows us to manually trigger a nightly # Since npm prevents duplicate releases we can run this at any time @@ -20,7 +19,7 @@ jobs: release-nightly: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: actions/setup uses: ./.github/actions/setup - id: build_nightly diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7cc1ca92af0..b58b4a44195 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,20 +15,11 @@ jobs: runs-on: ubuntu-latest steps: - id: release - uses: google-github-actions/release-please-action@v3 - with: - release-type: node - package-name: mongodb - # Example: chore(main): release 5.7.0 [skip-ci] - # ${scope} - parenthesis included, base branch name - pull-request-title-pattern: 'chore${scope}: release ${version} [skip-ci]' - pull-request-header: 'Please run the release_notes action before releasing to generate release highlights' - changelog-path: HISTORY.md - default-branch: main + uses: google-github-actions/release-please-action@v4 # If release-please created a release, publish to npm - if: ${{ steps.release.outputs.release_created }} - uses: actions/checkout@v3 + uses: actions/checkout@v4 - if: ${{ steps.release.outputs.release_created }} name: actions/setup uses: ./.github/actions/setup diff --git a/.github/workflows/release_notes.yml b/.github/workflows/release_notes.yml index de99223bb31..3293db7ef33 100644 --- a/.github/workflows/release_notes.yml +++ b/.github/workflows/release_notes.yml @@ -7,13 +7,44 @@ on: description: 'Enter release PR number' required: true type: number + issue_comment: + types: [created] + +permissions: + contents: write + pull-requests: write jobs: release_notes: runs-on: ubuntu-latest + # Run only if dispatched or comment on a pull request + if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'issue_comment' && github.event.issue.pull_request && github.event.comment.body == 'run release_notes') }} steps: - - uses: actions/checkout@v3 + # Determine if the triggering_actor is allowed to run this action + # We only permit maintainers + # Not only is 'triggering_actor' common between the trigger events it will also change if someone re-runs an old job + - name: check if triggering_actor is allowed to generate notes + env: + GITHUB_TOKEN: ${{ github.token }} + COMMENTER: ${{ github.triggering_actor && github.triggering_actor || 'empty_triggering_actor' }} + API_ENDPOINT: /repos/${{ github.repository }}/collaborators?permission=maintain + shell: bash + run: | + if [ $COMMENTER = "empty_triggering_actor" ]; then exit 1; fi + set -o pipefail + if gh api "$API_ENDPOINT" --paginate --jq ".[].login" | grep -q "^$COMMENTER\$"; then + echo "$COMMENTER permitted to trigger notes!" && exit 0 + else + echo "$COMMENTER not permitted to trigger notes" && exit 1 + fi + + # checkout the HEAD ref from prNumber + - uses: actions/checkout@v4 + with: + ref: refs/pull/${{ github.event_name == 'issue_comment' && github.event.issue.number || inputs.releasePr }}/head + + # Setup Node.js and npm install - name: actions/setup uses: ./.github/actions/setup @@ -42,7 +73,7 @@ jobs: HIGHLIGHTS: ${{ steps.highlights.outputs.highlights }} # Update the release PR body - - run: gh pr edit ${{ inputs.releasePr }} --body-file ${{ steps.release_notes.outputs.release_notes_path }} + - run: gh pr edit ${{ github.event_name == 'issue_comment' && github.event.issue.number || inputs.releasePr }} --body-file ${{ steps.release_notes.outputs.release_notes_path }} shell: bash env: GITHUB_TOKEN: ${{ github.token }} diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 00000000000..0eebf4fc35a --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "5.9.2" +} diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 00000000000..2655c66b861 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,16 @@ +{ + "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json", + "pull-request-title-pattern": "chore${scope}: release ${version} [skip-ci]", + "pull-request-header": "Please run the release_notes action before releasing to generate release highlights", + "packages": { + ".": { + "include-component-in-tag": false, + "changelog-path": "HISTORY.md", + "release-type": "node", + "bump-minor-pre-major": false, + "bump-patch-for-minor-pre-major": false, + "draft": false, + "prerelease": false + } + } +}