Draft release 6.1.4 #272
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Draft release | |
| run-name: Draft release ${{ inputs.next_version }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| next_version: | |
| required: true | |
| type: string | |
| description: 'Version name' | |
| permissions: | |
| contents: write | |
| jobs: | |
| draft_release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Generate GitHub App token | |
| id: generate-token | |
| uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 | |
| with: | |
| app-id: ${{ secrets.CI_CAL_APP_ID }} | |
| private-key: ${{ secrets.CI_CAL_APP_PRIVATE_KEY }} | |
| repositories: 'cal.com' | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: 'main' | |
| token: ${{ steps.generate-token.outputs.token }} | |
| - name: Configure git | |
| run: | | |
| # Define authorized users and their emails using organization secret | |
| # Expected format: JSON object with username -> email mapping | |
| # Example: {"zomars": "zomars@cal.com", "peer": "peer@cal.com", "username3": "email3@cal.com"} | |
| USER_EMAILS='${{ secrets.RELEASE_USER_EMAILS }}' | |
| # Extract email for the triggering user | |
| USER_EMAIL=$(echo "$USER_EMAILS" | jq -r --arg user "${{ github.actor }}" '.[$user] // empty') | |
| # Fail if user is not authorized or not in mapping | |
| if [ -z "$USER_EMAIL" ] || [ "$USER_EMAIL" = "null" ]; then | |
| echo "Error: User '${{ github.actor }}' is not authorized to run the release workflow." | |
| echo "Only authorized team members can trigger releases." | |
| echo "Contact your administrator to be added to the authorized users list." | |
| exit 1 | |
| fi | |
| git config --local user.email "$USER_EMAIL" | |
| git config --local user.name "${{ github.actor }}" | |
| - uses: ./.github/actions/yarn-install | |
| # 1. Generate Prisma Client | |
| # This is required so Trigger.dev can find the database types during bundling | |
| - name: Generate Prisma Client | |
| run: yarn prisma generate | |
| # 2. Deploy Trigger.dev tasks | |
| # We use --skip-promotion to get a version without making it live yet | |
| - name: Deploy Trigger.dev | |
| id: deploy-trigger | |
| env: | |
| TRIGGER_ACCESS_TOKEN: ${{ secrets.TRIGGER_ACCESS_TOKEN }} | |
| TRIGGER_DEV_PROJECT_REF: ${{ secrets.TRIGGER_DEV_PROJECT_REF }} | |
| run: | | |
| # The CLI outputs the version; id allows us to access outputs.deploymentVersion | |
| cd packages/features | |
| yarn deploy:trigger:ci | |
| - name: Bump version | |
| env: | |
| VERSION: ${{ inputs.next_version }} | |
| run: | | |
| cd apps/web | |
| yarn version "$VERSION" | |
| # 3. Update .env.production files | |
| # We inject the Trigger version into the apps so they stay in sync | |
| - name: Update Env Files | |
| run: | | |
| VERSION="${{ steps.deploy-trigger.outputs.deploymentVersion }}" | |
| echo "TRIGGER_VERSION=$VERSION" > apps/web/.env.production | |
| echo "TRIGGER_VERSION=$VERSION" > apps/api/v2/.env.production | |
| git add -f apps/web/.env.production apps/api/v2/.env.production | |
| # 4. Commit everything together | |
| - name: Commit changes | |
| env: | |
| VERSION: ${{ inputs.next_version }} | |
| GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} | |
| run: | | |
| gh auth setup-git | |
| git add . | |
| git commit -m "chore: release v$VERSION" | |
| git push | |
| - name: Draft release | |
| run: gh release create v$VERSION --generate-notes --draft | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} | |
| VERSION: ${{ inputs.next_version }} |