New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci: release automation #4083
base: main
Are you sure you want to change the base?
ci: release automation #4083
Conversation
bc09e51
to
39a22e7
Compare
I think we should start with "on tag". How do rc/beta releases work? |
Semantic release is the one that creates the tag (and GitHub release). It is possible to have semantic release create a tag, and then have the build be triggered by that. However, this can leave broken release where the release is created but the images aren't pushed (although I'm not sure how the release artifacts would work here). I'd appreciate if you can also have a look at https://semantic-release.gitbook.io/semantic-release/usage/workflow-configuration. That describes how rc/beta releases work and can be configured. I'm still in the process of figuring out what the best setup for this will be and appreciate any help and input. |
Right, I guess by "on tag" I really meant I don't think we should start with an automatic monthly release. We should be building main into :edge/:main, and be able to trigger 3.0.0-rc1 manually. When we get to a stable state we could consider monthly. |
Looking at the doc, I guess we would need to cut the 3.x branch and use:
|
Playing with it all in your org might be best for now. I guess you can manually trigger the release action in the GitHub UI? |
The v3 release (and the default release branch) will be I've just started playing with creating an |
Why wouldn't we make a 3.0 release branch? Isn't that where we would want fixes/patches? 3.1 would be for features, so after 3.0 is released, main would become 3.1. |
We don't need to create a release branch until we have a reason to backport something. For example:
Now a CVE is discovered that we want to backport to
So we don't need to pre-create release branches for backporting fixes, they can get created once they are needed. I think that will also make the Git tree more understandable. |
OK, I can see how that would work. We should decide what level of patching we support. Will we support 3.0.x after 3.1.0 is released? |
If we adhere to proper SemVer I don't think that would be necessary, since a minor version only includes new features. We might still want to support patch fixes for whatever reason, since the release automation is setup to be able to. |
Is there a pr gate that stops a FEAT going into a patch branch? |
bbfdd50
to
1d67796
Compare
FYI, first successful test release has worked. https://github.com/DavidSpek/distribution/releases. There isn't a PR gate, but semantic release will give the |
Isn't it too late once the commit is in the branch, unless we start to allow force push to remove it? |
Good point. Need to check how you deal with that exactly. I do remember reading about that in the semantic release docs somewhere. |
I guess something like dry-run for prs? https://semantic-release.gitbook.io/semantic-release/usage/configuration#dryrun |
I'm already using Also, this seems like it might have some interesting info in it. https://shinesolutions.com/2021/07/21/learning-to-use-semantic-release-the-hard-way/ |
02e046a
to
4aa2c0f
Compare
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
4aa2c0f
to
bd17d09
Compare
@milosgajdos @Jamstah @thaJeztah @wy65701436 @deleteriousEffect What needs to be done to get this over the line? |
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
b905654
to
8158186
Compare
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
Signed-off-by: David van der Spek <vanderspek.david@gmail.com>
@@ -0,0 +1,46 @@ | |||
name: scheduled release |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This workflow is not needed imo, The metadata-action in build workflow already sets the right tags based on semver: https://github.com/docker/metadata-action#typesemver
@@ -0,0 +1,128 @@ | |||
name: release |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why a new workflow? This adds so much fragmentation. Build workflow already handles properly pr,push,tags events and sets the right tags based on these events through the metadata action: https://github.com/docker/metadata-action#typesemver
See for example latest beta tags: https://github.com/distribution/distribution/actions/runs/7264017733/job/19790726671#step:3:54
@@ -0,0 +1,51 @@ | |||
name: release-validation |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure why we would need this workflow? Do we not trust GH events?
@@ -35,10 +31,10 @@ jobs: | |||
steps: | |||
- | |||
name: Checkout | |||
uses: actions/checkout@v3 | |||
uses: actions/checkout@v4 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't think this is needed for this PR. I think we should use dependabot to update actions.
Closes: #4025
This PR adds automation for generating release as described in #4025. Semantic Release is set to run when it is manually trigger, with it intended to be scheduled to run monthly in the future. Some tests of the release automation and how it will behave exactly can be found on my fork.
It also configures the current
build
github action to push to GHCR on PRs, which should make testing changes from a PR easier for contributors since they can simple deploy the image that's built for them.