Merge remote-tracking branch 'origin' into release/2.2.13 #23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Will create a draft release page and keep updating it as we push new changes to release branch. | |
| # If the title of the PR has QPPxx-xxxx pattern, then it will convert that to a link. | |
| # | |
| # Usecase : A change is pushed to release branch, eventually will get released. | |
| # So, this workflow will create a draft release page and keep it up to date. | |
| # | |
| name: Prepare - Release Notes | |
| on: | |
| push: | |
| branches: | |
| - release/** | |
| permissions: | |
| id-token: write # Required for OIDC | |
| contents: read | |
| jobs: | |
| # Generate new release notes | |
| update_release_draft: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Configure AWS Credentials via OIDC | |
| uses: aws-actions/configure-aws-credentials@v6 | |
| with: | |
| role-to-assume: arn:aws:iam::730335206644:role/delegatedadmin/developer/qppa-github-actions-role-1 | |
| aws-region: us-east-1 | |
| - name: Retrieve GitHub service account token from secops account | |
| id: get-token | |
| run: | | |
| SECRET_VALUE=$(aws secretsmanager get-secret-value \ | |
| --secret-id "arn:aws:secretsmanager:us-east-1:863249929524:secret:qpp/qppa/github/token/automation-bhLO2e" \ | |
| --query SecretString \ | |
| --output text | jq -r ".GITHUB_TOKEN") | |
| echo "::add-mask::$SECRET_VALUE" | |
| echo "GITHUB_TOKEN=$SECRET_VALUE" >> $GITHUB_OUTPUT | |
| - name: Checkout Codebase | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.get-token.outputs.GITHUB_TOKEN }} | |
| fetch-depth: 0 | |
| - name: Detect new tag version from package.json | |
| id: package-version | |
| uses: salsify/action-detect-and-tag-new-version@68bbe8670f415d304e02942186441939c4692aa6 # pin@v1.0.3 | |
| - name: Throw error if version is not modified | |
| if: steps.package-version.outputs.previous-version != steps.package-version.outputs.current-version | |
| run: | | |
| echo Package version is not modified! | |
| exit 0 | |
| - name: Draft release notes | |
| uses: release-drafter/release-drafter@de081b0226069b074ca60ce8eaa3771d5c46f799 # pin@v5 | |
| with: | |
| config-name: release-drafter.yml | |
| version: v${{ steps.package-version.outputs.current-version }} | |
| tag: v${{ steps.package-version.outputs.current-version }} | |
| env: | |
| GITHUB_TOKEN: ${{ steps.get-token.outputs.GITHUB_TOKEN }} |