feat(cd)!: allow releasing to prod from non-main branches #378
Conversation
github-project-automation
bot
moved this to 📬 Triage
in Plugins Platform / Grafana Community
xnyo
moved this from 📬 Triage
to 🧑💻 In development
in Plugins Platform / Grafana Community
This reverts commit 62004e6.
xnyo
changed the title
| # Options for deploying PRs. Those values should come from the PR event and should not be set manually. | ||
| branch: | ||
| description: Branch to publish from. Can be used to deploy PRs to dev. | ||
| description: Branch or tag to publish from. Can be used to deploy PRs to dev. |
There was a problem hiding this comment.
Maybe update "Can be used to deploy PRs to dev" so it's clearer that this will now be able to be used on the rare instance need to deploy to another env?
| If true, allows branches with open PRs to deploy to `prod` environment. | ||
| It's recommended to keep this false to avoid deploying unreviewed code to production. | ||
| Default is false. | ||
| default: false |
There was a problem hiding this comment.
Is there a possibility to input the prod instance we'd want to deploy to? Just wondering what the workflow would look like to deploy to a single prod instance, especially compared to a gcom CLI command like this, where we have the zip file and tell it which instance to deploy to:
gcom /instances/catperry/provisioned-plugins/grafana-collector-app --data-urlencode urlTemplate='https://storage.googleapis.com/integration-artifacts/grafana-collector-app/4.3.0/catperry-create-reader-rbac-role/34c8cb05/artifacts/grafana-collector-app-4.3.0.any.zip' --data-urlencode version='4.3.0+34c8cb05'
| echo "plugin_version_suffix=" >> "$GITHUB_OUTPUT" | ||
| fi | ||
| fi | ||
| - name: Define variables |
There was a problem hiding this comment.
Most of the code of this step has been moved from the "define-variables" step. This step now runs before CI and has been changed to output values that are used for detecting release branches
| plugin-version-suffix: ${{ steps.vars.outputs.plugin-version-suffix }} | ||
| platforms: ${{ steps.vars.outputs.platforms }} | ||
| steps: | ||
| - name: Check environment |
There was a problem hiding this comment.
These checks have been moved into the new "Define variables" step below
| with: | ||
| subject-path: /tmp/dist-artifacts/*.zip | ||
|
|
||
| define-variables: |
There was a problem hiding this comment.
As per the other comment, this job has been moved into a step of the "setup" job instead, and it now runs before CI
xnyo
requested review from
Ukochka,
academo,
briangann,
oshirohugo,
s4kh and
toddtreece
2 participants
Add support for publishing to prod from non-main branches, including tags.
Adds two new inputs to
cd.yml:release-reference-regex: a regex that will be used to match against the providedbranchinput (which can be a branch or tag, e.g.:v1.2.4orrelease/v1.2.4). If it matches, releasing to prod or prod-canary is allowed, otherwise it fails the job when targeting prod or prod-canary. Defaults tomain.allow-publishing-prs-to-prod: if true, allow releasing to prod or prod-canary from a release branch even if there is an open (unmerged) PR for that branch. Defaults to false (which will fail the workflow) as a fail-safePart of #133 and https://github.com/grafana/grafana-community-team/issues/534
Example run is in the grafana-pluginsplatformprovisioned-app repository: Example run releasing tag
v1.2.4to prod: https://github.com/grafana/grafana-pluginsplatformprovisioned-app/actions/runs/19370162660In the test run,
release-branch-regexis set to(main)|(giuseppe\/.+)|(v\d+\.\d+\.\d+): https://github.com/grafana/grafana-pluginsplatformprovisioned-app/blob/cd58518042c316f479b0c73a7934421c597549ab/.github/workflows/publish.yaml#L35Calls to
cd.ymlmust be adjusted to include an additional permission:pull-requests: read, otherwise the workflow will fail with the following error:Example on the required changes to
cd.yml:jobs: cd: name: CD uses: grafana/plugin-ci-workflows/.github/workflows/cd.yml@main permissions: contents: write + pull-requests: read id-token: write attestations: write