Payment issue for E/App PR#49937 #30891
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Prepare production deploy | |
on: | |
issues: | |
types: [closed] | |
# The updateProduction and createNewStagingDeployCash jobs are executed when a StagingDeployCash is closed. | |
jobs: | |
validate: | |
runs-on: ubuntu-latest | |
if: contains(github.event.issue.labels.*.name, 'StagingDeployCash') | |
outputs: | |
isValid: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && !fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: main | |
token: ${{ secrets.OS_BOTIFY_TOKEN }} | |
- name: Setup git for OSBotify | |
uses: ./.github/actions/composite/setupGitForOSBotifyApp | |
id: setupGitForOSBotify | |
with: | |
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} | |
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} | |
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} | |
- name: Validate actor is deployer | |
id: isDeployer | |
run: | | |
if gh api /orgs/Expensify/teams/mobile-deployers/memberships/${{ github.actor }} --silent; then | |
echo "IS_DEPLOYER=true" >> "$GITHUB_OUTPUT" | |
else | |
echo "IS_DEPLOYER=false" >> "$GITHUB_OUTPUT" | |
fi | |
env: | |
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} | |
- name: Reopen and comment on issue (not a team member) | |
if: ${{ !fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }} | |
uses: ./.github/actions/javascript/reopenIssueWithComment | |
with: | |
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} | |
ISSUE_NUMBER: ${{ github.event.issue.number }} | |
COMMENT: | | |
Sorry, only members of @Expensify/Mobile-Deployers can close deploy checklists. | |
Reopening! | |
- name: Check for any deploy blockers | |
if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }} | |
id: checkDeployBlockers | |
uses: ./.github/actions/javascript/checkDeployBlockers | |
with: | |
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} | |
ISSUE_NUMBER: ${{ github.event.issue.number }} | |
- name: Reopen and comment on issue (has blockers) | |
if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS || 'false') }} | |
uses: ./.github/actions/javascript/reopenIssueWithComment | |
with: | |
GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} | |
ISSUE_NUMBER: ${{ github.event.issue.number }} | |
COMMENT: | | |
This issue either has unchecked items or has not yet been marked with the `:shipit:` emoji of approval. | |
Reopening! | |
- name: Announce failed workflow in Slack | |
if: ${{ failure() }} | |
uses: ./.github/actions/composite/announceFailedWorkflowInSlack | |
with: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
# Update the production branch to trigger the production deploy. | |
updateProduction: | |
runs-on: ubuntu-latest | |
needs: validate | |
if: ${{ fromJSON(needs.validate.outputs.isValid) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: staging | |
token: ${{ secrets.OS_BOTIFY_TOKEN }} | |
- name: Setup git for OSBotify | |
id: setupGitForOSBotify | |
uses: ./.github/actions/composite/setupGitForOSBotifyApp | |
with: | |
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} | |
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} | |
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} | |
- name: Update production branch | |
run: | | |
# Re-create the production branch from staging | |
git switch -c production | |
# Force-update the remote production branch. | |
git push --force origin production | |
- name: Announce failed workflow in Slack | |
if: ${{ failure() }} | |
uses: ./.github/actions/composite/announceFailedWorkflowInSlack | |
with: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
# Create a new patch version to prep for next release cycle | |
createNewPatchVersion: | |
needs: validate | |
if: ${{ fromJSON(needs.validate.outputs.isValid) }} | |
uses: ./.github/workflows/createNewVersion.yml | |
secrets: inherit | |
with: | |
SEMVER_LEVEL: PATCH | |
# Update the staging branch to trigger a staging deploy | |
updateStaging: | |
runs-on: ubuntu-latest | |
needs: [updateProduction, createNewPatchVersion] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: main | |
token: ${{ secrets.OS_BOTIFY_TOKEN }} | |
- name: Setup git for OSBotify | |
uses: ./.github/actions/composite/setupGitForOSBotifyApp | |
with: | |
GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} | |
OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} | |
OS_BOTIFY_PRIVATE_KEY: ${{ secrets.OS_BOTIFY_PRIVATE_KEY }} | |
- name: Update staging branch to trigger staging deploy | |
run: | | |
# Re-create the staging branch from main | |
git switch -c staging | |
# Force-update the remote staging branch | |
git push --force origin staging | |
- name: Announce failed workflow in Slack | |
if: ${{ failure() }} | |
uses: ./.github/actions/composite/announceFailedWorkflowInSlack | |
with: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} |