From 1dcc43332efb2372d6267ba02836e3af5acee48e Mon Sep 17 00:00:00 2001 From: Alexander Melnyk Date: Tue, 11 Jan 2022 15:17:24 +0100 Subject: [PATCH 1/2] chore: update workflow with new projen version --- .github/workflows/build.yml | 138 +++++++++++++++++++++++------ .github/workflows/release.yml | 48 +++++++--- .github/workflows/upgrade-main.yml | 63 +++++-------- 3 files changed, 169 insertions(+), 80 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dd35f41..c135279 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -6,9 +6,9 @@ jobs: build: runs-on: ubuntu-latest permissions: - checks: write contents: write - actions: write + outputs: + self_mutation_happened: ${{ steps.self_mutation.outputs.self_mutation_happened }} env: CI: "true" steps: @@ -17,39 +17,119 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} - - name: Set git identity - run: |- - git config user.name "github-actions" - git config user.email "github-actions@github.com" - name: Setup Node.js uses: actions/setup-node@v2.2.0 with: - node-version: "14" + node-version: 14 - name: Install dependencies - run: yarn install --check-files --frozen-lockfile + run: yarn install --check-files - name: give user docker permission so we can run tests run: sudo chown $(whoami) /var/run/docker.sock - name: build run: npx projen build - - name: Check for changes - id: git_diff - run: git diff --exit-code || echo "::set-output name=has_changes::true" - - if: steps.git_diff.outputs.has_changes - name: Commit and push changes (if changed) - run: 'git add . && git commit -m "chore: self mutation" && git push origin - HEAD:${{ github.event.pull_request.head.ref }}' - - if: steps.git_diff.outputs.has_changes - name: Update status check (if changed) - run: gh api -X POST /repos/${{ github.event.pull_request.head.repo.full_name - }}/check-runs -F name="build" -F head_sha="$(git rev-parse HEAD)" -F - status="completed" -F conclusion="success" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - if: steps.git_diff.outputs.has_changes - name: Cancel workflow (if changed) - run: gh api -X POST /repos/${{ github.event.pull_request.head.repo.full_name - }}/actions/runs/${{ github.run_id }}/cancel - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - id: self_mutation + name: Find mutations + run: >- + git add . + + git diff --staged --patch --exit-code > .repo.patch || echo "::set-output name=self_mutation_happened::true" + - if: steps.self_mutation.outputs.self_mutation_happened + name: Upload patch + uses: actions/upload-artifact@v2 + with: + name: .repo.patch + path: .repo.patch + - name: Fail build on mutation + if: steps.self_mutation.outputs.self_mutation_happened + run: >- + echo "::error::Files were changed during build (see build log). If + this was triggered from a fork, you will need to update your branch." + + cat .repo.patch + + exit 1 + - name: Upload artifact + uses: actions/upload-artifact@v2.1.1 + with: + name: build-artifact + path: dist container: - image: jsii/superchain:1-buster-slim + image: jsii/superchain:1-buster-slim-node14 + self-mutation: + needs: build + runs-on: ubuntu-latest + permissions: + contents: write + if: always() && needs.build.outputs.self_mutation_happened && + !(github.event.pull_request.head.repo.full_name != github.repository) + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + token: ${{ secrets.PROJEN_GITHUB_TOKEN }} + ref: ${{ github.event.pull_request.head.ref }} + repository: ${{ github.event.pull_request.head.repo.full_name }} + - name: Download patch + uses: actions/download-artifact@v2 + with: + name: .repo.patch + path: ${{ runner.temp }} + - name: Apply patch + run: '[ -s ${{ runner.temp }}/.repo.patch ] && git apply ${{ runner.temp + }}/.repo.patch || echo "Empty patch. Skipping."' + - name: Set git identity + run: |- + git config user.name "github-actions" + git config user.email "github-actions@github.com" + - name: Push changes + run: |-2 + git add . + git commit -m -s "chore: self mutation" + git push origin HEAD:${{ github.event.pull_request.head.ref }} + package-js: + needs: build + runs-on: ubuntu-latest + permissions: {} + if: "! needs.build.outputs.self_mutation_happened" + steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x + - name: Download build artifacts + uses: actions/download-artifact@v2 + with: + name: build-artifact + path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create js artifact + run: cd .repo && npx projen package:js + - name: Collect js Artifact + run: mv .repo/dist dist + package-python: + needs: build + runs-on: ubuntu-latest + permissions: {} + if: "! needs.build.outputs.self_mutation_happened" + steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x + - uses: actions/setup-python@v2 + with: + python-version: 3.x + - name: Download build artifacts + uses: actions/download-artifact@v2 + with: + name: build-artifact + path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create python artifact + run: cd .repo && npx projen package:python + - name: Collect python Artifact + run: mv .repo/dist dist diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ce0711f..b2bc6b9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,7 +25,7 @@ jobs: - name: Setup Node.js uses: actions/setup-node@v2.2.0 with: - node-version: "14" + node-version: 14 - name: Install dependencies run: yarn install --check-files --frozen-lockfile - name: give user docker permission so we can run tests @@ -40,10 +40,10 @@ jobs: if: ${{ steps.git_remote.outputs.latest_commit == github.sha }} uses: actions/upload-artifact@v2.1.1 with: - name: dist + name: build-artifact path: dist container: - image: jsii/superchain:1-buster-slim + image: jsii/superchain:1-buster-slim-node14 release_github: name: Publish to GitHub Releases needs: release @@ -52,11 +52,18 @@ jobs: contents: write if: needs.release.outputs.latest_commit == github.sha steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x - name: Download build artifacts uses: actions/download-artifact@v2 with: - name: dist + name: build-artifact path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Collect GitHub Metadata + run: mv .repo/dist dist - name: Release run: errout=$(mktemp); gh release create $(cat dist/releasetag.txt) -R $GITHUB_REPOSITORY -F dist/changelog.md -t $(cat dist/releasetag.txt) @@ -75,19 +82,28 @@ jobs: contents: read if: needs.release.outputs.latest_commit == github.sha steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x - name: Download build artifacts uses: actions/download-artifact@v2 with: - name: dist + name: build-artifact path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create js artifact + run: cd .repo && npx projen package:js + - name: Collect js Artifact + run: mv .repo/dist dist - name: Release run: npx -p jsii-release@latest jsii-release-npm env: NPM_DIST_TAG: latest NPM_REGISTRY: registry.npmjs.org NPM_TOKEN: ${{ secrets.NPM_TOKEN }} - container: - image: jsii/superchain:1-buster-slim-node14 release_pypi: name: Publish to PyPI needs: release @@ -96,15 +112,27 @@ jobs: contents: read if: needs.release.outputs.latest_commit == github.sha steps: + - uses: actions/setup-node@v2 + with: + node-version: 14.x + - uses: actions/setup-python@v2 + with: + python-version: 3.x - name: Download build artifacts uses: actions/download-artifact@v2 with: - name: dist + name: build-artifact path: dist + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create python artifact + run: cd .repo && npx projen package:python + - name: Collect python Artifact + run: mv .repo/dist dist - name: Release run: npx -p jsii-release@latest jsii-release-pypi env: TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} - container: - image: jsii/superchain:1-buster-slim-node14 diff --git a/.github/workflows/upgrade-main.yml b/.github/workflows/upgrade-main.yml index 26ac33c..bed1ed3 100644 --- a/.github/workflows/upgrade-main.yml +++ b/.github/workflows/upgrade-main.yml @@ -1,5 +1,3 @@ -# ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". - name: upgrade-main on: workflow_dispatch: {} @@ -12,39 +10,34 @@ jobs: permissions: contents: read outputs: - conclusion: ${{ steps.build.outputs.conclusion }} + patch_created: ${{ steps.create_patch.outputs.patch_created }} steps: - name: Checkout uses: actions/checkout@v2 with: ref: main - - name: Set git identity - run: |- - git config user.name "github-actions" - git config user.email "github-actions@github.com" - name: Setup Node.js uses: actions/setup-node@v2.2.0 with: - node-version: "14" + node-version: 14 - name: Install dependencies run: yarn install --check-files --frozen-lockfile - name: Upgrade dependencies run: npx projen upgrade - - name: Build - id: build - run: npx projen build && echo "::set-output name=conclusion::success" || echo - "::set-output name=conclusion::failure" - - name: Create Patch - run: |- + - id: create_patch + name: Find mutations + run: >- git add . - git diff --patch --staged > .upgrade.tmp.patch - - name: Upload patch + + git diff --staged --patch --exit-code > .repo.patch || echo "::set-output name=patch_created::true" + - if: steps.create_patch.outputs.patch_created + name: Upload patch uses: actions/upload-artifact@v2 with: - name: .upgrade.tmp.patch - path: .upgrade.tmp.patch + name: .repo.patch + path: .repo.patch container: - image: jsii/superchain:1-buster-slim + image: jsii/superchain:1-buster-slim-node14 pr: name: Create Pull Request needs: upgrade @@ -52,29 +45,30 @@ jobs: permissions: contents: write pull-requests: write - checks: write + if: ${{ needs.upgrade.outputs.patch_created }} steps: - name: Checkout uses: actions/checkout@v2 with: + token: ${{ secrets.PROJEN_GITHUB_TOKEN }} ref: main - - name: Set git identity - run: |- - git config user.name "github-actions" - git config user.email "github-actions@github.com" - name: Download patch uses: actions/download-artifact@v2 with: - name: .upgrade.tmp.patch + name: .repo.patch path: ${{ runner.temp }} - name: Apply patch - run: '[ -s ${{ runner.temp }}/.upgrade.tmp.patch ] && git apply ${{ runner.temp - }}/.upgrade.tmp.patch || echo "Empty patch. Skipping."' + run: '[ -s ${{ runner.temp }}/.repo.patch ] && git apply ${{ runner.temp + }}/.repo.patch || echo "Empty patch. Skipping."' + - name: Set git identity + run: |- + git config user.name "github-actions" + git config user.email "github-actions@github.com" - name: Create Pull Request id: create-pr uses: peter-evans/create-pull-request@v3 with: - token: ${{ secrets.GITHUB_TOKEN }} + token: ${{ secrets.PROJEN_GITHUB_TOKEN }} commit-message: >- chore(deps): upgrade dependencies @@ -105,16 +99,3 @@ jobs: author: github-actions committer: github-actions signoff: true - - name: Update status check - if: steps.create-pr.outputs.pull-request-url != '' - run: "curl -i --fail -X POST -H \"Accept: application/vnd.github.v3+json\" -H - \"Authorization: token ${GITHUB_TOKEN}\" - https://api.github.com/repos/${{ github.repository }}/check-runs -d - '{\"name\":\"build\",\"head_sha\":\"github-actions/upgrade-main\",\"s\ - tatus\":\"completed\",\"conclusion\":\"${{ - needs.upgrade.outputs.conclusion }}\",\"output\":{\"title\":\"Created - via the upgrade-main workflow.\",\"summary\":\"Action run URL: - https://github.com/${{ github.repository }}/actions/runs/${{ - github.run_id }}\"}}'" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From e43393c42467ec2327c9d62540fbdf1b1c67fe81 Mon Sep 17 00:00:00 2001 From: Alexander Melnyk Date: Tue, 11 Jan 2022 15:43:36 +0100 Subject: [PATCH 2/2] chore: change back to 0.0.0 in jsii --- .jsii | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.jsii b/.jsii index d3f0394..a3ebb5e 100644 --- a/.jsii +++ b/.jsii @@ -3029,6 +3029,6 @@ "symbolId": "src/lambda-powertools-layer:PowertoolsLayerProps" } }, - "version": "2.0.1", - "fingerprint": "2+Mxho53JarS/CuSO41JV12xFEM9raTO6d5PO/NOmW8=" + "version": "0.0.0", + "fingerprint": "ZOXqlBA8ovzkzVpQUPgfqo7z7wPVh6CZrwedIJhp3F8=" }