Merge branch 'main' into bump_mrsv_1.63

SpringQL · Sep 24, 2022 · ebcb2c9 · ebcb2c9
2 parents eb89f29 + 17b2866
commit ebcb2c9
Show file tree

Hide file tree

Showing 5 changed files with 87 additions and 13 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -8,7 +8,7 @@ on:
         required: true
         type: string
       release_version:
-        description: 'release version number (example `0.15.1`)'
+        description: 'release version number (example `0.16.0`)'
         required: true
         type: string
 
@@ -17,6 +17,7 @@ jobs:
     env:
       CURRENT_VERSION: ${{ github.event.inputs.current_version }}
       RELEASE_VERSION: ${{ github.event.inputs.release_version }}
+      TARGET_BRANCH: main
     permissions:
       contents: write
     runs-on: ubuntu-latest
@@ -25,7 +26,8 @@ jobs:
       - name: checkout code
         uses: actions/checkout@v2
         with:
-          ref: main
+          ref: ${{ env.TARGET_BRANCH }}
+          token: ${{ secrets.GHPAT_FOR_PUSH_RELEASE }}
 
       - name: Show initial git status 
         run: |
@@ -71,7 +73,6 @@ jobs:
           rm Cargo.toml.org
           cd ..
 
-
       - name: commit changes
         run: |
           git add .
@@ -87,8 +88,6 @@ jobs:
       - name: git tag
         run: |
           git tag "v${RELEASE_VERSION}"
-          git tag "springql@${RELASE_VERSION}"
-          git tag "springql-core@${RELASE_VERSION}"
 
       - name: Show final git status 
         run: |
@@ -97,13 +96,35 @@ jobs:
           git status -v >> $GITHUB_STEP_SUMMARY
           echo '```' >> $GITHUB_STEP_SUMMARY
 
+      - name: Turn off enforce admin
+        env: 
+          # We wanted to use PAT of SpringQL-bot account but could not.
+          # SpringQL organization requires 2FA for each member but
+          # SpringQL-bot does not have an appropriate way to finish 2FA.
+          #
+          # So use a PAT from an account eligible as a release manager.
+          GITHUB_TOKEN: ${{ secrets.GHPAT_FOR_PUSH_RELEASE }}
+          REPO: ${{ github.repository }}
+          BRANCH: ${{ env.TARGET_BRANCH }}
+        run: |
+          source .github/workflows/scripts/github-branch-protection.bash
+          enforce_admins_off
+
       - name: git push
         run: |
-          git remote set-url origin https://github-actions:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}
-          git push -v origin main
-          git push -v origin "v${RELEASE_VERSION}"
-          git push -v origin "springql@${RELEASE_VERSION}"
-          git push -v origin "springql-core@${RELEASE_VERSION}"
+          git remote set-url origin "https://github-actions:${{ secrets.GHPAT_FOR_PUSH_RELEASE }}@github.com/${GITHUB_REPOSITORY}"
+          git push -v --force origin ${{ env.TARGET_BRANCH }}
+          git push -v --force origin "v${RELEASE_VERSION}"
+
+      - name: Turn on enforce admin
+        if: always()
+        env: 
+          GITHUB_TOKEN: ${{ secrets.GHPAT_FOR_PUSH_RELEASE }}
+          REPO: ${{ github.repository }}
+          BRANCH: ${{ env.TARGET_BRANCH }}
+        run: |
+          source .github/workflows/scripts/github-branch-protection.bash
+          enforce_admins_on
 
       - name: cargo publish
         run: |

diff --git a/.github/workflows/scripts/github-branch-protection.bash b/.github/workflows/scripts/github-branch-protection.bash
@@ -0,0 +1,46 @@
+function get_current_branch_protection_setting() {
+    #
+    # gets branch protections setting, reformats put api body json
+    #
+    # environment variables
+    #
+    # REPO : github repository name for Owner/RepoName syntax
+    # BRANCH:
+    gh api --method GET repos/${REPO}/branches/${BRANCH}/protection | jq '
+    {
+        required_status_checks: null,
+        restrictions: { 
+            users: .restrictions.users | [.[].login],
+            teams: .restrictions.teams | [.[].slug],
+            apps: .restrictions.apps | [.[].slug]
+        },
+        enforce_admins: .enforce_admins.enabled ,
+        required_pull_request_reviews: {
+            dismiss_stale_reviews: .required_pull_request_reviews.dismiss_stale_reviews,
+            require_code_owner_reviews: .required_pull_request_reviews.require_code_owner_reviews,
+            required_approving_review_count: .required_pull_request_reviews.required_approving_review_count
+        },
+        required_linear_history: .required_linear_history.enabled,
+        required_signatures: .required_signatures.enabled,
+        allow_force_pushes: .allow_force_pushes.enabled,
+        allow_deletions: .allow_deletions.enabled,
+        block_reations: .block_creations.enabled,
+        required_conversation_resolution: .required_conversation_resolution.enabled
+    }'
+}
+
+function apply_branch_protection_setting() {
+    gh api --method PUT -H "Accept: application/vnd.github+json" --input - repos/${REPO}/branches/${BRANCH}/protection
+}
+
+function enforce_admins_off() {
+    get_current_branch_protection_setting | jq '.enforce_admins = false' | apply_branch_protection_setting
+}
+
+export -f enforce_admins_off
+
+function enforce_admins_on() {
+    get_current_branch_protection_setting | jq '.enforce_admins = true' | apply_branch_protection_setting
+}
+
+export -f enforce_admins_on
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,12 @@ All other sections are for end-users.
 
 - Bump Minnimum Support Rust Version (MSRV) to 1.63 ([#241](https://github.com/SpringQL/SpringQL/pull/241))
 
+## [v0.18.0] - 2022-09-21
+
+### For developers
+
+- Introduced automated release ([#215](https://github.com/SpringQL/SpringQL/pull/215), [#226](https://github.com/SpringQL/SpringQL/pull/226), [#238](https://github.com/SpringQL/SpringQL/pull/238))
+
 ## [v0.17.2] - 2022-08-03
 
 ### Fixed
@@ -282,6 +288,7 @@ All other sections are for end-users.
 <!-- Versions -->
 [Unreleased]: https://github.com/SpringQL/SpringQL/compare/v0.17.1...HEAD
 [Released]: https://github.com/SpringQL/SpringQL/releases
+[v0.18.0]: https://github.com/SpringQL/SpringQL/compare/v0.17.2...v0.18.0
 [v0.17.1]: https://github.com/SpringQL/SpringQL/compare/v0.17.0...v0.17.1
 [v0.17.0]: https://github.com/SpringQL/SpringQL/compare/v0.16.1...v0.17.0
 [v0.16.1]: https://github.com/SpringQL/SpringQL/compare/v0.16.0...v0.16.1

diff --git a/springql-core/Cargo.toml b/springql-core/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "springql-core"
-version = "0.17.1"
+version = "0.18.0"
 
 authors = ["Sho Nakatani <lay.sakura@gmail.com>"]
 license = "MIT OR Apache-2.0"

diff --git a/springql/Cargo.toml b/springql/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "springql"
-version = "0.17.1"
+version = "0.18.0"
 
 authors = ["Sho Nakatani <lay.sakura@gmail.com>"]
 license = "MIT OR Apache-2.0"
@@ -15,7 +15,7 @@ readme = "../README.md"
 repository = "https://github.com/SpringQL/SpringQL"
 
 [dependencies]
-springql-core =  {version="0.17.1", path="../springql-core"}
+springql-core =  { version = "0.18.0", path="../springql-core"}
 
 [dev-dependencies]
 springql-foreign-service = {path = "../foreign-service"}