Merge pull request #1823 from salesforcecli/ew/gha-updates

Remove deprecated inputs
salesforcecli · Aug 27, 2024 · 9aa8e88 · 9aa8e88
2 parents acf1bf4 + 7dee702
commit 9aa8e88
Show file tree

Hide file tree

Showing 12 changed files with 113 additions and 71 deletions.
diff --git a/.github/workflows/build-docker-full.yml b/.github/workflows/build-docker-full.yml
@@ -38,7 +38,7 @@ jobs:
       - name: Collect Node checksum
         id: node-checksum
         run: |
-          NODE_VERSION="${{ steps.setup-node.outputs.node-version }}"
+          NODE_VERSION="$STEPS_SETUP_NODE_NODE_VERSION"
 
           URL="https://nodejs.org/dist/$NODE_VERSION/SHASUMS256.txt"
           echo "Retrieving SHA data from: $URL"
@@ -47,6 +47,8 @@ jobs:
           echo "Checksum found: $SHA"
 
           echo "sha=$SHA" >> "$GITHUB_OUTPUT"
+        env:
+          STEPS_SETUP_NODE_NODE_VERSION: ${{ steps.setup-node.outputs.node-version }}
 
       - name: Build and push Docker image
         uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25

diff --git a/.github/workflows/create-cli-release.yml b/.github/workflows/create-cli-release.yml
@@ -36,14 +36,19 @@ jobs:
       - name: Get release channel for s3
         id: s3-release-channel
         run: |
-          CHANNEL=${{ steps.release-channel.outputs.group1 }}
+          CHANNEL="$STEPS_RELEASE_CHANNEL_GROUP1"
           S3_CHANNEL=${CHANNEL/latest/stable}
           echo "s3-channel=$S3_CHANNEL" >> "$GITHUB_OUTPUT"
+        env:
+          STEPS_RELEASE_CHANNEL_GROUP1: ${{ steps.release-channel.outputs.group1 }}
 
       - name: Channel Notice
         run: |
-          echo "::notice title=Channel::Channel found in Github Release: ${{ steps.release-channel.outputs.group1 }}"
-          echo "::notice title=S3 Channel::Channel that will be used in S3: ${{ steps.s3-release-channel.outputs.s3-channel }}"
+          echo "::notice title=Channel::Channel found in Github Release: $STEPS_RELEASE_CHANNEL_GROUP1"
+          echo "::notice title=S3 Channel::Channel that will be used in S3: $STEPS_S3_RELEASE_CHANNEL_S3_CHANNEL"
+        env:
+          STEPS_RELEASE_CHANNEL_GROUP1: ${{ steps.release-channel.outputs.group1 }}
+          STEPS_S3_RELEASE_CHANNEL_S3_CHANNEL: ${{ steps.s3-release-channel.outputs.s3-channel }}
 
   npm-release:
     uses: salesforcecli/github-workflows/.github/workflows/npmPublish.yml@main
@@ -59,7 +64,6 @@ jobs:
     uses: salesforcecli/github-workflows/.github/workflows/tarballs.yml@main
     with:
       upload: true
-      cli: sf
       version: ${{ github.event.release.tag_name }}
       channel: ${{ needs.get-channel.outputs.s3-channel }}
       nodeVersion: ${{ vars.NODE_VERSION_OVERRIDE || 'lts/*' }}
@@ -94,7 +98,6 @@ jobs:
     needs: [get-channel, pack-verify-upload-tarballs]
     uses: salesforcecli/github-workflows/.github/workflows/packUploadMac.yml@main
     with:
-      cli: sf
       version: ${{ github.event.release.tag_name }}
       channel: ${{ needs.get-channel.outputs.s3-channel }}
       nodeVersion: ${{ vars.NODE_VERSION_OVERRIDE || 'lts/*' }}
@@ -104,7 +107,6 @@ jobs:
     needs: [get-channel, pack-verify-upload-tarballs]
     uses: salesforcecli/github-workflows/.github/workflows/packUploadWindows.yml@main
     with:
-      cli: sf
       version: ${{ github.event.release.tag_name }}
       channel: ${{ needs.get-channel.outputs.s3-channel }}
       nodeVersion: ${{ vars.NODE_VERSION_OVERRIDE || 'lts/*' }}
@@ -116,8 +118,6 @@ jobs:
     secrets: inherit
     with:
       version: ${{ github.event.release.tag_name }}
-      cli: sf
-      clipkg: '@salesforce/cli'
 
   build-docker-slim:
     needs: [get-channel, pack-verify-upload-tarballs]
@@ -151,9 +151,6 @@ jobs:
     steps:
       - name: Announce patch in Slack
         uses: slackapi/[email protected]
-        env:
-          SLACK_WEBHOOK_URL: ${{ secrets.PLATFORM_CLI_CHANNEL_SLACK_INCOMING_WEBHOOK }}
-          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
         with:
           payload: |
             {
@@ -165,6 +162,9 @@ jobs:
                 }
               }]
             }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.PLATFORM_CLI_CHANNEL_SLACK_INCOMING_WEBHOOK }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
 
   run-just-nuts:
     needs:

diff --git a/.github/workflows/get-signed-from-stampy.yml b/.github/workflows/get-signed-from-stampy.yml
@@ -13,11 +13,6 @@ jobs:
         uses: actions/checkout@v4
 
       - name: download
-        env:
-          STAMPY_ARN: ${{ secrets.STAMPY_ARN }}
-          AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
-          AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
-          AWS_EC2_METADATA_DISABLED: true
         # switch AWS identity to the one that can access stampy
         run: |
           ACCOUNT_ID=$(aws sts get-caller-identity | jq -r '.Account')
@@ -26,13 +21,14 @@ jobs:
           export AWS_SECRET_ACCESS_KEY=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.SecretAccessKey')
           export AWS_SESSION_TOKEN=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.SessionToken')
           aws s3 cp --recursive ${{ secrets.STAMPY_SIGNED_BUCKET }}/ .
-
-      - name: upload to CLI s3
-        id: upload
         env:
+          STAMPY_ARN: ${{ secrets.STAMPY_ARN }}
           AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
           AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
           AWS_EC2_METADATA_DISABLED: true
+
+      - name: upload to CLI s3
+        id: upload
         run: |
           # Run script and redirect stderr to stdout
           OUTPUT=$(node scripts/stampy-signed-upload.js 2>&1)
@@ -47,22 +43,26 @@ jobs:
           # Set multiline string output
           # https://stackoverflow.com/questions/74137120/how-to-fix-or-avoid-error-unable-to-process-file-command-output-successfully#comment131739699_74232400
           echo -e "output<<EOF\n$OUTPUT\nEOF" >> "$GITHUB_OUTPUT"
-
-      - name: clean up stampy in/out buckets
         env:
-          STAMPY_ARN: ${{ secrets.STAMPY_ARN }}
-          STAMPY_UNSIGNED_BUCKET: ${{ secrets.STAMPY_UNSIGNED_BUCKET }}
-          STAMPY_SIGNED_BUCKET: ${{ secrets.STAMPY_SIGNED_BUCKET }}
           AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
           AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
           AWS_EC2_METADATA_DISABLED: true
+
+      - name: clean up stampy in/out buckets
         run: |
           ACCOUNT_ID=$(aws sts get-caller-identity | jq -r '.Account')
           TEMP_ROLE=$(aws sts assume-role --role-arn $STAMPY_ARN --role-session-name artifact-signing)
           export AWS_ACCESS_KEY_ID=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.AccessKeyId')
           export AWS_SECRET_ACCESS_KEY=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.SecretAccessKey')
           export AWS_SESSION_TOKEN=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.SessionToken')
           node scripts/stampy-signed-delete.js
+        env:
+          STAMPY_ARN: ${{ secrets.STAMPY_ARN }}
+          STAMPY_UNSIGNED_BUCKET: ${{ secrets.STAMPY_UNSIGNED_BUCKET }}
+          STAMPY_SIGNED_BUCKET: ${{ secrets.STAMPY_SIGNED_BUCKET }}
+          AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
+          AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
+          AWS_EC2_METADATA_DISABLED: true
 
       - name: notify
         uses: slackapi/[email protected]

diff --git a/.github/workflows/jit-install-smoke.yml b/.github/workflows/jit-install-smoke.yml
@@ -69,6 +69,6 @@ jobs:
       - name: Install JIT plugin
         uses: salesforcecli/github-workflows/.github/actions/retry@main
         with:
-          command: yarn sf-release cli:install:jit:test --jit-plugin ${{matrix.jitPlugins}}
+          command: yarn sf-release cli:install:jit:test --jit-plugin ${{ matrix.jitPlugins }}
         env:
           SF_DISABLE_TELEMETRY: true
diff --git a/.github/workflows/just-nut.yml b/.github/workflows/just-nut.yml
@@ -101,5 +101,3 @@ jobs:
         with:
           retry_wait_seconds: 1
           command: ${{ inputs.command }}
-          # TODO: any reason we dont retry on errors AND timeouts? (any)
-          retry_on: error
diff --git a/.github/workflows/just-nuts.yml b/.github/workflows/just-nuts.yml
@@ -36,9 +36,9 @@ jobs:
           - salesforcecli/plugin-user
     uses: ./.github/workflows/just-nut.yml
     with:
-      repository: ${{matrix.repository}}
+      repository: ${{ matrix.repository }}
       channel-or-version: ${{ inputs.channel-or-version }}
-      os: ${{matrix.os}}
+      os: ${{ matrix.os }}
     secrets: inherit
 
   jit:
@@ -62,9 +62,9 @@ jobs:
             repository: salesforcecli/plugin-dev # These are flakey on Windows
     uses: ./.github/workflows/just-nut.yml
     with:
-      repository: ${{matrix.repository}}
+      repository: ${{ matrix.repository }}
       channel-or-version: ${{ inputs.channel-or-version }}
-      os: ${{matrix.os}}
+      os: ${{ matrix.os }}
       jit: true
     secrets: inherit
 
@@ -81,8 +81,8 @@ jobs:
     with:
       repository: salesforcecli/plugin-packaging
       channel-or-version: ${{ inputs.channel-or-version }}
-      os: ${{matrix.os}}
-      command: ${{matrix.command}}
+      os: ${{ matrix.os }}
+      command: ${{ matrix.command }}
     secrets: inherit
 
   source:
@@ -107,8 +107,8 @@ jobs:
     with:
       repository: salesforcecli/plugin-source
       channel-or-version: ${{ inputs.channel-or-version }}
-      os: ${{matrix.os}}
-      command: ${{matrix.command}}
+      os: ${{ matrix.os }}
+      command: ${{ matrix.command }}
     secrets: inherit
 
   deploy-retrieve:
@@ -135,6 +135,6 @@ jobs:
     with:
       repository: salesforcecli/plugin-deploy-retrieve
       channel-or-version: ${{ inputs.channel-or-version }}
-      os: ${{matrix.os}}
-      command: ${{matrix.command}}
+      os: ${{ matrix.os }}
+      command: ${{ matrix.command }}
     secrets: inherit
diff --git a/.github/workflows/make-pr-for-nightly.yml b/.github/workflows/make-pr-for-nightly.yml
@@ -20,7 +20,6 @@ jobs:
   make-pr-for-nightly:
     env:
       GITHUB_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }}
-      SF_HIDE_RELEASE_NOTES: true
     runs-on: 'ubuntu-latest'
     steps:
       - name: Check out repository as our bot user
@@ -60,12 +59,17 @@ jobs:
           input_string: ${{ steps.package-json-version.outputs.prop }}
 
       - name: Log version info
-        run: |
-          echo "INFO | Semver version in 'latest-rc' is ${{ steps.latest-rc-version.outputs.version }}"
-          echo "INFO | Semver minor in 'latest-rc' is ${{ steps.latest-rc-semver-info.outputs.minor }}"
-          echo "INFO | Semver version in 'main' is ${{ steps.package-json-version.outputs.prop  }}"
-          echo "INFO | Semver minor in 'main' is ${{ steps.package-json-semver-info.outputs.minor }}"
         shell: bash
+        run: |
+          echo "[INFO] Semver version in 'latest-rc' is: $STEPS_LATEST_RC_VERSION_VERSION"
+          echo "[INFO] Semver minor in 'latest-rc' is: $STEPS_LATEST_RC_SEMVER_INFO_MINOR"
+          echo "[INFO] Semver version in 'main' is: $STEPS_PACKAGE_JSON_VERSION_PROP"
+          echo "[INFO] Semver minor in 'main' is: $STEPS_PACKAGE_JSON_SEMVER_INFO_MINOR"
+        env:
+          STEPS_LATEST_RC_VERSION_VERSION: ${{ steps.latest-rc-version.outputs.version }}
+          STEPS_LATEST_RC_SEMVER_INFO_MINOR: ${{ steps.latest-rc-semver-info.outputs.minor }}
+          STEPS_PACKAGE_JSON_VERSION_PROP: ${{ steps.package-json-version.outputs.prop }}
+          STEPS_PACKAGE_JSON_SEMVER_INFO_MINOR: ${{ steps.package-json-semver-info.outputs.minor }}
 
       - name: Install @salesforce/plugin-release-management
         run: npm install -g @salesforce/plugin-release-management --omit=dev

diff --git a/.github/workflows/make-pr-for-release.yml b/.github/workflows/make-pr-for-release.yml
@@ -41,7 +41,6 @@ jobs:
   make-pr:
     env:
       GITHUB_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }}
-      SF_HIDE_RELEASE_NOTES: true
     runs-on: 'ubuntu-latest'
     steps:
       - uses: actions/checkout@v4
@@ -68,7 +67,7 @@ jobs:
 
       - run: |
           sf-release cli:release:build \
-            --release-channel ${{ inputs.release-channel }} \
+            --release-channel "$INPUTS_RELEASE_CHANNEL" \
             ${{ inputs.pinned-deps && '--pinned-deps' || '--no-pinned-deps' }} \
             ${{ inputs.resolutions && '--resolutions' || '--no-resolutions' }} \
             ${{ inputs.jit && '--jit' || '--no-jit' }} \
@@ -77,3 +76,5 @@ jobs:
             ${{ inputs.patch && '--patch' || '' }} \
             ${{ inputs.only && format('--only {0}', inputs.only) || '' }} \
             ${{ inputs.empty && '--empty' || '' }}
+        env:
+          INPUTS_RELEASE_CHANNEL: ${{ inputs.release-channel }}
diff --git a/.github/workflows/promote-nightly-to-rc.yml b/.github/workflows/promote-nightly-to-rc.yml
@@ -59,29 +59,36 @@ jobs:
         run: |
           VERSION=$(npm view @salesforce/cli@latest-rc --json | jq -r '.version')
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
+
       - name: Get docker-full CLI version
         id: docker-full-version
         run: |
           docker pull salesforce/cli:latest-rc-full
           VERSION=$(docker run --rm salesforce/cli:latest-rc-full sf version --json | jq -r '.cliVersion' | cut -d'/' -f 3)
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
+
       - name: Get docker-slim CLI version
         id: docker-slim-version
         run: |
           docker pull salesforce/cli:latest-rc-slim
           VERSION=$(docker run --rm salesforce/cli:latest-rc-slim sf version --json | jq -r '.cliVersion' | cut -d'/' -f 3)
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
+
       - name: Compare Docker versions against npm
         run: |
-          echo "NPM latest-rc version is: ${{ steps.latest-rc-version.outputs.version }}"
-          echo "Docker-full version is: ${{ steps.docker-full-version.outputs.version }}"
-          echo "Docker-slim version is: ${{ steps.docker-slim-version.outputs.version }}"
-          if [ "${{ steps.latest-rc-version.outputs.version }}" == "${{ steps.docker-full-version.outputs.version }}" ] && [ "${{ steps.docker-full-version.outputs.version }}" == "${{ steps.docker-slim-version.outputs.version }}" ]; then
+          echo "[INFO] NPM latest-rc version is: $STEPS_LATEST_RC_VERSION_VERSION"
+          echo "[INFO] Docker-full version is: $STEPS_DOCKER_FULL_VERSION_VERSION"
+          echo "[INFO] Docker-slim version is: $STEPS_DOCKER_SLIM_VERSION_VERSION"
+          if [ "$STEPS_LATEST_RC_VERSION_VERSION" == "$STEPS_DOCKER_FULL_VERSION_VERSION" ] && [ "$STEPS_DOCKER_FULL_VERSION_VERSION" == "$STEPS_DOCKER_SLIM_VERSION_VERSION" ]; then
             echo "Docker versions match npm version. Proceeding..."
           else
             echo "Version mismatch! Exiting..."
             exit 1
           fi
+        env:
+          STEPS_LATEST_RC_VERSION_VERSION: ${{ steps.latest-rc-version.outputs.version }}
+          STEPS_DOCKER_FULL_VERSION_VERSION: ${{ steps.docker-full-version.outputs.version }}
+          STEPS_DOCKER_SLIM_VERSION_VERSION: ${{ steps.docker-slim-version.outputs.version }}
 
   announce-promotion-to-slack:
     needs: [promote-verify, verify-docker-version]

diff --git a/.github/workflows/promote-rc-to-latest.yml b/.github/workflows/promote-rc-to-latest.yml
@@ -57,29 +57,36 @@ jobs:
         run: |
           VERSION=$(npm view @salesforce/cli@latest --json | jq -r '.version')
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
+
       - name: Get docker-full CLI version
         id: docker-full-version
         run: |
           docker pull salesforce/cli:latest-full
           VERSION=$(docker run --rm salesforce/cli:latest-full sf version --json | jq -r '.cliVersion' | cut -d'/' -f 3)
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
+
       - name: Get docker-slim CLI version
         id: docker-slim-version
         run: |
           docker pull salesforce/cli:latest-slim
           VERSION=$(docker run --rm salesforce/cli:latest-slim sf version --json | jq -r '.cliVersion' | cut -d'/' -f 3)
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
+
       - name: Compare Docker versions against npm
         run: |
-          echo "NPM latest version is: ${{ steps.latest-version.outputs.version }}"
-          echo "Docker-full version is: ${{ steps.docker-full-version.outputs.version }}"
-          echo "Docker-slim version is: ${{ steps.docker-slim-version.outputs.version }}"
-          if [ "${{ steps.latest-version.outputs.version }}" == "${{ steps.docker-full-version.outputs.version }}" ] && [ "${{ steps.docker-full-version.outputs.version }}" == "${{ steps.docker-slim-version.outputs.version }}" ]; then
+          echo "[INFO] NPM latest version is: $STEPS_LAST_VERSION_VERSION"
+          echo "[INFO] Docker-full version is: $STEPS_DOCKER_FULL_VERSION_VERSION"
+          echo "[INFO] Docker-slim version is: $STEPS_DOCKER_SLIM_VERSION_VERSION"
+          if [ "$STEPS_LAST_VERSION_VERSION" == "$STEPS_DOCKER_FULL_VERSION_VERSION" ] && [ "$STEPS_DOCKER_FULL_VERSION_VERSION" == "$STEPS_DOCKER_SLIM_VERSION_VERSION" ]; then
             echo "Docker versions match npm version. Proceeding..."
           else
             echo "Version mismatch! Exiting..."
             exit 1
           fi
+        env:
+          STEPS_LAST_VERSION_VERSION: ${{ steps.latest-version.outputs.version }}
+          STEPS_DOCKER_FULL_VERSION_VERSION: ${{ steps.docker-full-version.outputs.version }}
+          STEPS_DOCKER_SLIM_VERSION_VERSION: ${{ steps.docker-slim-version.outputs.version }}
 
   announce-promotion-to-slack:
     runs-on: ubuntu-latest