diff --git a/.github/actions/ctcOpen/action.yml b/.github/actions/ctcOpen/action.yml index 38b10d8..7030021 100644 --- a/.github/actions/ctcOpen/action.yml +++ b/.github/actions/ctcOpen/action.yml @@ -24,8 +24,6 @@ runs: using: composite steps: - uses: actions/checkout@v4 - with: - token: ${{ inputs.SVC_CLI_BOT_GITHUB_TOKEN }} - uses: actions/setup-node@v4 with: @@ -59,5 +57,7 @@ runs: SF_CHANGE_CASE_TEMPLATE_ID: ${{ inputs.SF_CHANGE_CASE_TEMPLATE_ID}} SF_CHANGE_CASE_CONFIGURATION_ITEM: ${{ inputs.SF_CHANGE_CASE_CONFIGURATION_ITEM}} - - run: echo "case id is ${{ steps.ctc.outputs.ctcId }}" + - run: echo "[INFO] Change Case ID is:\ $STEPS_CTC_CTCID" shell: bash + env: + STEPS_CTC_CTCID: ${{ steps.ctc.outputs.ctcId }} diff --git a/.github/actions/determineNodeVersions/action.yml b/.github/actions/determineNodeVersions/action.yml index f5acb1a..2f1087b 100644 --- a/.github/actions/determineNodeVersions/action.yml +++ b/.github/actions/determineNodeVersions/action.yml @@ -14,6 +14,25 @@ outputs: description: Node versions to be consumed by a workflow matrix value: ${{ steps.node-versions.outputs.nodeVersions }} +# Sample output looks like this: +# +# nodeVersions<> "$GITHUB_OUTPUT" - - # Sample output looks like this: - # - # nodeVersions</blob/<%- version %>/<%- commandPath %>" \ || echo "::warning::'oclif readme' failed. Check the logs." + env: + STEPS_NEXT_VERSION_TAG: ${{ steps.next-version.outputs.tag }} diff --git a/.github/actions/get-json-property/action.yml b/.github/actions/get-json-property/action.yml index 80c3383..c62bdeb 100644 --- a/.github/actions/get-json-property/action.yml +++ b/.github/actions/get-json-property/action.yml @@ -1,10 +1,9 @@ name: get-json-property -description: Get a property from a json file using jq +description: Get a property from a json file with dot notation # Examples: # prop_path: version -# prop_path: devDependencies["@salesforce/dev-scripts"] -# ^ Note: double quotes needed here +# prop_path: devDependencies.@salesforce/dev-scripts inputs: path: @@ -12,24 +11,41 @@ inputs: description: Json file to look up prop (package.json) prop_path: required: true - description: jq query to search (version) + description: dot notation property to find (version) outputs: prop: description: The value of the prop_path - value: ${{ steps.jq.outputs.prop }} + value: ${{ steps.parse.outputs.prop }} runs: using: "composite" steps: - name: Get property from json file - id: jq - shell: bash - run: | - PROP=$(jq -r '.${{ inputs.prop_path }}' ${{ inputs.path }}) - echo "prop=$PROP" >> "$GITHUB_OUTPUT" - - name: Exit if prop was not found - if: ${{ steps.jq.outputs.prop == 'null' }} + id: parse uses: actions/github-script@v7 with: - script: core.setFailed("Property '${{ inputs.prop_path }}' not found in ${{ inputs.path }}") + result-encoding: string + script: | + try { + const fs = require('fs') + + var path = process.env.INPUTS_PATH; + var propPath = process.env.INPUTS_PROP_PATH; + + const json = JSON.parse(fs.readFileSync(path)) + + // https://stackoverflow.com/a/43849204 + const result = propPath.split('.').reduce((p,c)=>p&&p[c]||null, json) + + if (result) { + core.setOutput('prop', result) + } else { + core.setFailed(`Property '${propPath}' not found in '${path}'`) + } + } catch(err) { + core.setFailed(err) + } + env: + INPUTS_PATH: ${{ inputs.path }} + INPUTS_PROP_PATH: ${{ inputs.prop_path }} diff --git a/.github/actions/getGithubUserInfo/action.yml b/.github/actions/getGithubUserInfo/action.yml index e3e9586..65c2484 100644 --- a/.github/actions/getGithubUserInfo/action.yml +++ b/.github/actions/getGithubUserInfo/action.yml @@ -22,11 +22,10 @@ runs: uses: actions/github-script@v7 with: script: core.setFailed("You must pass a Github Token with repo write access as SVC_CLI_BOT_GITHUB_TOKEN") + - name: Get Github user info id: user-info shell: bash - env: - GH_TOKEN: ${{ inputs.SVC_CLI_BOT_GITHUB_TOKEN }} run: | USER_INFO=$(gh api user) @@ -44,3 +43,5 @@ runs: fi echo "email=$EMAIL" >> "$GITHUB_OUTPUT" + env: + GH_TOKEN: ${{ inputs.SVC_CLI_BOT_GITHUB_TOKEN }} diff --git a/.github/actions/getPreReleaseTag/action.yml b/.github/actions/getPreReleaseTag/action.yml index 34cc195..48d5ff4 100644 --- a/.github/actions/getPreReleaseTag/action.yml +++ b/.github/actions/getPreReleaseTag/action.yml @@ -6,25 +6,32 @@ outputs: value: ${{ steps.parsed.outputs.prerelease }} description: version suffix (ex 'beta' if x.y.z-beta.0 ), if exists in package.json version: - value: ${{ steps.packageVersion.outputs.prop }} + value: ${{ steps.package-version.outputs.prop }} description: version from pjson runs: using: composite steps: - uses: salesforcecli/github-workflows/.github/actions/get-json-property@main - id: packageVersion + id: package-version with: path: "package.json" prop_path: "version" - - run: echo "found version ${{ steps.packageVersion.outputs.prop }}" + - name: Echo found version shell: bash + run: echo "[INFO] Version found:\ $STEPS_PACKAGE_VERSION_PROP" + env: + STEPS_PACKAGE_VERSION_PROP: ${{ steps.package-version.outputs.prop }} - - uses: salesforcecli/github-workflows/.github/actions/parse-semver@main + - name: Parse semver version + uses: salesforcecli/github-workflows/.github/actions/parse-semver@main id: parsed with: - input_string: ${{ steps.packageVersion.outputs.prop }} + input_string: ${{ steps.package-version.outputs.prop }} - - run: echo "Prerelease tag parsing found '${{ steps.parsed.outputs.prerelease }}'" + - name: Echo found prerelease tag shell: bash + run: echo "[INFO] Prerelease tag is:\ $STEPS_PARSED_PRERELEASE" + env: + STEPS_PARSED_PRERELEASE: ${{ steps.parsed.outputs.prerelease }} diff --git a/.github/actions/gitConfig/action.yml b/.github/actions/gitConfig/action.yml index e3c6a9c..6d18076 100644 --- a/.github/actions/gitConfig/action.yml +++ b/.github/actions/gitConfig/action.yml @@ -12,9 +12,12 @@ inputs: runs: using: composite steps: - - run: git config --global push.default current - shell: bash - - run: git config --global user.name ${{ inputs.username }} - shell: bash - - run: git config --global user.email ${{ inputs.email }} + - name: Set git config shell: bash + run: | + git config --global push.default current + git config --global user.name "$INPUTS_USERNAME" + git config --global user.email "$INPUTS_EMAIL" + env: + INPUTS_USERNAME: ${{ inputs.username }} + INPUTS_EMAIL: ${{ inputs.email }} diff --git a/.github/actions/parse-semver/action.yml b/.github/actions/parse-semver/action.yml index 755cfed..c351aff 100644 --- a/.github/actions/parse-semver/action.yml +++ b/.github/actions/parse-semver/action.yml @@ -31,7 +31,7 @@ runs: id: parse shell: bash run: | - FULL_VERSION="${{ inputs.input_string }}" + FULL_VERSION="$INPUTS_INPUT_STRING" VERSION="${FULL_VERSION#v}" # Filter out non-semver characters @@ -57,8 +57,20 @@ runs: echo "patch=$PATCH" >> "$GITHUB_OUTPUT" echo "prerelease=$PRERELEASE" >> "$GITHUB_OUTPUT" echo "fullversion=$FULL_VERSION" >> "$GITHUB_OUTPUT" + env: + INPUTS_INPUT_STRING: ${{ inputs.input_string }} + - name: Exit if major, minor, or patch not found if: ${{ !steps.parse.outputs.major || !steps.parse.outputs.minor || !steps.parse.outputs.patch }} uses: actions/github-script@v7 with: - script: core.setFailed("Error parsing semver ${{ inputs.input_string }}\nMajor:${{ steps.parse.outputs.major }}\nMinor:${{ steps.parse.outputs.minor }}\nPatch:${{ steps.parse.outputs.patch }}") \ No newline at end of file + script: | + core.setFailed(`Error parsing semver: ${process.env.INPUTS_INPUT_STRING} + Major: ${process.env.STEPS_PARSE_MAJOR} + Minor: ${process.env.STEPS_PARSE_MINOR} + Patch: ${process.env.STEPS_PARSE_PATCH}`) + env: + INPUTS_INPUT_STRING: ${{ inputs.input_string }} + STEPS_PARSE_MAJOR: ${{ steps.parse.outputs.major }} + STEPS_PARSE_MINOR: ${{ steps.parse.outputs.minor }} + STEPS_PARSE_PATCH: ${{ steps.parse.outputs.patch }} \ No newline at end of file diff --git a/.github/actions/renameMacPkg/action.yml b/.github/actions/renameMacPkg/action.yml deleted file mode 100644 index 994d25d..0000000 --- a/.github/actions/renameMacPkg/action.yml +++ /dev/null @@ -1,22 +0,0 @@ -# This action is only needed as long as the developer site and other docs are linking to the old sfdx.pkg file and the mac signing job is only signing the old file as well. -# It can be deleted once those are updated to use the new name, sfdx-x64.pkg. -name: rename-mac-pkg -description: renames the intel mac pkg file created by oclif v3 to match the name of the file created by oclif v2 - -inputs: - cli: - description: which CLI to rename the pkg file for (e.g. sfdx or sf) - required: true - channel: - description: cli channel to target (e.g. stable, stable-rc) - required: true - -runs: - using: "composite" - steps: - - id: download-and-rename-x64-pkg - shell: bash - run: aws s3 cp s3://dfc-data-production/media/salesforce-cli/${{ inputs.cli }}/channels/${{ inputs.channel }}/${{ inputs.cli }}-x64.pkg ./${{ inputs.cli }}.pkg - - id: upload-renamed-pkg - shell: bash - run: aws s3 cp ./${{ inputs.cli }}.pkg s3://dfc-data-production/media/salesforce-cli/${{ inputs.cli }}/channels/${{ inputs.channel }}/ diff --git a/.github/actions/versionInfo/action.yml b/.github/actions/versionInfo/action.yml index 424762c..138f434 100644 --- a/.github/actions/versionInfo/action.yml +++ b/.github/actions/versionInfo/action.yml @@ -26,22 +26,42 @@ runs: steps: - id: getSha shell: bash - run: echo "sha=$(npm view ${{ inputs.npmPackage }}@${{ inputs.version }} --json | jq -r '.gitHead[0:7]')" >> "$GITHUB_OUTPUT" + run: echo "sha=$(npm view $INPUTS_NPM_PACKAGE@$INPUTS_VERSION --json | jq -r '.gitHead[0:7]')" >> "$GITHUB_OUTPUT" + env: + INPUTS_NPM_PACKAGE: ${{ inputs.npmPackage }} + INPUTS_VERSION: ${{ inputs.version }} - id: getNumericalVersion shell: bash - run: echo "version=$(npm view ${{ inputs.npmPackage }}@${{ inputs.version }} --json | jq -r '.version')" >> "$GITHUB_OUTPUT" + run: echo "version=$(npm view $INPUTS_NPM_PACKAGE@$INPUTS_VERSION --json | jq -r '.version')" >> "$GITHUB_OUTPUT" + env: + INPUTS_NPM_PACKAGE: ${{ inputs.npmPackage }} + INPUTS_VERSION: ${{ inputs.version }} - id: getCli shell: bash - run: echo "cli=$(npm view ${{ inputs.npmPackage }}@${{ inputs.version }} --json | jq -r '.oclif.bin')" >> "$GITHUB_OUTPUT" + run: echo "cli=$(npm view $INPUTS_NPM_PACKAGE@$INPUTS_VERSION --json | jq -r '.oclif.bin')" >> "$GITHUB_OUTPUT" + env: + INPUTS_NPM_PACKAGE: ${{ inputs.npmPackage }} + INPUTS_VERSION: ${{ inputs.version }} - id: getS3Folder shell: bash - run: echo "folder=$(npm view ${{ inputs.npmPackage }}@${{ inputs.version }} --json | jq -r '.oclif.update.s3.folder')" >> "$GITHUB_OUTPUT" + run: echo "folder=$(npm view $INPUTS_NPM_PACKAGE@$INPUTS_VERSION --json | jq -r '.oclif.update.s3.folder')" >> "$GITHUB_OUTPUT" + env: + INPUTS_NPM_PACKAGE: ${{ inputs.npmPackage }} + INPUTS_VERSION: ${{ inputs.version }} - - run: echo "regex found version ${{ steps.getNumericalVersion.outputs.version }} with sha ${{ steps.getSha.outputs.sha }} for cli ${{ steps.getCli.outputs.cli }}" - shell: bash - - - run: echo "xz url is https://developer.salesforce.com/${{ steps.getS3Folder.outputs.folder }}/versions/${{ steps.getNumericalVersion.outputs.version }}/${{ steps.getSha.outputs.sha }}/${{ steps.getCli.outputs.cli }}-v${{ steps.getNumericalVersion.outputs.version }}-${{ steps.getSha.outputs.sha }}-linux-x64.tar.xz" + - name: Echo info shell: bash + run: | + echo "[INFO] version-info outputs:" + echo "cli: $STEPS_GETCLI_CLI" + echo "version: $STEPS_GETNUMERICALVERSION_VERSION" + echo "sha: $STEPS_GETSHA_SHA" + echo "folder (xz): https://developer.salesforce.com/$STEPS_GETS3FOLDER_FOLDER/versions/$STEPS_GETNUMERICALVERSION_VERSION/$STEPS_GETSHA_SHA/$STEPS_GETCLI_CLI-v$STEPS_GETNUMERICALVERSION_VERSION-$STEPS_GETSHA_SHA-linux-x64.tar.xz" + env: + STEPS_GETCLI_CLI: ${{ steps.getCli.outputs.cli }} + STEPS_GETNUMERICALVERSION_VERSION: ${{ steps.getNumericalVersion.outputs.version }} + STEPS_GETSHA_SHA: ${{ steps.getSha.outputs.sha }} + STEPS_GETS3FOLDER_FOLDER: ${{ steps.getS3Folder.outputs.folder }} diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml index bf06df4..593f9b5 100644 --- a/.github/workflows/automerge.yml +++ b/.github/workflows/automerge.yml @@ -28,18 +28,17 @@ jobs: - uses: actions/checkout@v4 with: token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} + - uses: actions/setup-node@v4 with: node-version: lts/* cache: npm + - run: npm install -g @salesforce/plugin-release-management --omit=dev + - name: run automerge command - if: ${{ !inputs.skipCI }} - env: - GITHUB_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN}} - run: sf-release dependabot:automerge --merge-method ${{ inputs.mergeMethod}} --max-version-bump ${{ inputs.maxVersionBump}} --owner $GITHUB_REPOSITORY_OWNER --repo $(basename $GITHUB_REPOSITORY) - - name: run automerge command - if: ${{ inputs.skipCI }} + run: sf-release dependabot:automerge --merge-method "$INPUTS_MERGE_METHOD" --max-version-bump "$INPUTS_MAX_VERSION_BUMP" --owner $GITHUB_REPOSITORY_OWNER --repo $(basename $GITHUB_REPOSITORY) ${{ inputs.skipCI && '--skip-ci' || '' }} env: - GITHUB_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN}} - run: sf-release dependabot:automerge --merge-method ${{ inputs.mergeMethod}} --max-version-bump ${{ inputs.maxVersionBump}} --owner $GITHUB_REPOSITORY_OWNER --repo $(basename $GITHUB_REPOSITORY) --skip-ci + GITHUB_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} + INPUTS_MERGE_METHOD: ${{ inputs.mergeMethod }} + INPUTS_MAX_VERSION_BUMP: ${{ inputs.maxVersionBump }} diff --git a/.github/workflows/create-github-release.yml b/.github/workflows/create-github-release.yml index 4bb64f1..e7d0395 100644 --- a/.github/workflows/create-github-release.yml +++ b/.github/workflows/create-github-release.yml @@ -53,16 +53,19 @@ jobs: # This will allow us to merge a prerelease PR into main and have it release as a normal release if: github.ref_name != 'main' run: | - if [ -n "${{ inputs.prerelease }}" ]; then - echo "Prerelease input passed in, using: ${{ inputs.prerelease }}" - echo "tag=${{ inputs.prerelease }}" >> "$GITHUB_OUTPUT" - elif [ -n "${{ steps.distTag.outputs.tag }}" ]; then - echo "Prerelease tag found in package.json, using: ${{ steps.distTag.outputs.tag }}" - echo "tag=${{ steps.distTag.outputs.tag }}" >> "$GITHUB_OUTPUT" - elif [[ ${{ github.ref_name }} =~ ^prerelease/.* ]]; then - echo "Prerelease branch found but no prerelease tag, using default: dev" + if [ -n "$INPUTS_PRERELEASE" ]; then + echo "[INFO] Prerelease input passed in, using: $INPUTS_PRERELEASE" + echo "tag=$INPUTS_PRERELEASE" >> "$GITHUB_OUTPUT" + elif [ -n "$STEPS_DISTTAG_TAG" ]; then + echo "[INFO] Prerelease tag found in package.json, using: $STEPS_DISTTAG_TAG" + echo "tag=$STEPS_DISTTAG_TAG" >> "$GITHUB_OUTPUT" + elif [[ "$GITHUB_REF_NAME" =~ ^prerelease/.* ]]; then + echo "[INFO] Prerelease branch found but no prerelease tag, using default: dev" echo "tag=dev" >> "$GITHUB_OUTPUT" fi + env: + INPUTS_PRERELEASE: ${{ inputs.prerelease }} + STEPS_DISTTAG_TAG: ${{ steps.distTag.outputs.tag }} - name: Generate oclif readme if: ${{ inputs.generate-readme }} diff --git a/.github/workflows/ctcClose.yml b/.github/workflows/ctcClose.yml index 96e99f6..871ca33 100644 --- a/.github/workflows/ctcClose.yml +++ b/.github/workflows/ctcClose.yml @@ -16,8 +16,6 @@ jobs: runs-on: static-ip-ubuntu-runners steps: - uses: actions/checkout@v4 - with: - token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} - uses: actions/setup-node@v4 with: @@ -30,9 +28,11 @@ jobs: echo "Environment not configured for CTC. Your environment needs SF_CHANGE_CASE_SFDX_AUTH_URL, SF_CHANGE_CASE_TEMPLATE_ID, and SF_CHANGE_CASE_CONFIGURATION_ITEM" exit 1 else - sfchangecase close --location ${{ github.repositoryUrl }} --release ${{github.repository}}.$(date +%F) --changecaseid ${{ inputs.changeCaseId}} --status "${{ inputs.status }}" + sfchangecase close --location ${{ github.repositoryUrl }} --release ${{github.repository}}.$(date +%F) --changecaseid "$INPUTS_CHANGE_CASE_ID" --status "$INPUTS_STATUS" fi env: + INPUTS_CHANGE_CASE_ID: ${{ inputs.changeCaseId}} + INPUTS_STATUS: ${{ inputs.status}} SF_CHANGE_CASE_SFDX_AUTH_URL: ${{ secrets.SF_CHANGE_CASE_SFDX_AUTH_URL}} SF_CHANGE_CASE_TEMPLATE_ID: ${{ secrets.SF_CHANGE_CASE_TEMPLATE_ID}} SF_CHANGE_CASE_CONFIGURATION_ITEM: ${{ secrets.SF_CHANGE_CASE_CONFIGURATION_ITEM}} diff --git a/.github/workflows/ctcOpen.yml b/.github/workflows/ctcOpen.yml index a81c4cc..b03c218 100644 --- a/.github/workflows/ctcOpen.yml +++ b/.github/workflows/ctcOpen.yml @@ -12,14 +12,14 @@ jobs: runs-on: static-ip-ubuntu-runners steps: - uses: actions/checkout@v4 - with: - token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} - uses: actions/setup-node@v4 with: node-version: lts/* cache: npm + - run: npm install -g @salesforce/change-case-management --omit=dev + - name: Open CTC case id: ctc shell: bash @@ -45,4 +45,7 @@ jobs: SF_CHANGE_CASE_SFDX_AUTH_URL: ${{ secrets.SF_CHANGE_CASE_SFDX_AUTH_URL}} SF_CHANGE_CASE_TEMPLATE_ID: ${{ secrets.SF_CHANGE_CASE_TEMPLATE_ID}} SF_CHANGE_CASE_CONFIGURATION_ITEM: ${{ secrets.SF_CHANGE_CASE_CONFIGURATION_ITEM}} - - run: echo "case id is ${{ steps.ctc.outputs.ctcId }}" + + - run: echo "[INFO] Change Case ID is:\ $STEPS_CTC_ID" + env: + STEPS_CTC_ID: ${{ steps.ctc.outputs.ctcId }} diff --git a/.github/workflows/devScriptsUpdate.yml b/.github/workflows/devScriptsUpdate.yml index f79ef40..e31c6d0 100644 --- a/.github/workflows/devScriptsUpdate.yml +++ b/.github/workflows/devScriptsUpdate.yml @@ -14,28 +14,36 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + - uses: salesforcecli/github-workflows/.github/actions/versionInfo@main id: version-info with: version: latest npmPackage: "@salesforce/dev-scripts" - - run: echo "dev scripts latest is ${{ steps.version-info.outputs.version }}" + + - run: echo "[INFO] dev-scripts latest is:\ $STEPS_VERSION_INFO_VERSION" + env: + STEPS_VERSION_INFO_VERSION: ${{ steps.version-info.outputs.version }} + - uses: salesforcecli/github-workflows/.github/actions/get-json-property@main id: packageVersion with: path: "package.json" - prop_path: 'devDependencies["@salesforce/dev-scripts"]' + prop_path: 'devDependencies.@salesforce/dev-scripts' + + - run: echo "[INFO] This repo's dev-scripts version is:\ $STEPS_PACKAGE_VERSION_PROP" + env: + STEPS_PACKAGE_VERSION_PROP: ${{ steps.packageVersion.outputs.prop }} - - run: echo "this repo has version is ${{ steps.packageVersion.outputs.prop }}" - - run: echo "output value will be ${{ !endsWith(steps.packageVersion.outputs.prop, steps.version-info.outputs.version) }}" + - run: echo "[INFO] shouldUpdate value will be:\ ${{ !endsWith(steps.packageVersion.outputs.prop, steps.version-info.outputs.version) }}" updateDevScripts: needs: [compareVersions] if: ${{ needs.compareVersions.outputs.shouldUpdate == 'true' }} runs-on: "ubuntu-latest" steps: - - run: echo "previous job output was ${{ needs.compareVersions.outputs.shouldUpdate }}" - uses: actions/checkout@v4 with: token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} @@ -55,12 +63,13 @@ jobs: with: node-version: lts/* cache: yarn + # TODO: Do we need this? Isn't that why we use npx? - run: npm install -g yarn-deduplicate - run: yarn upgrade @salesforce/dev-scripts@latest + # TODO: What does this mean? Would yarnInstallWithRetries work here? # this may fail because that's how dev-scripts does things - run: yarn install --network-timeout 600000 continue-on-error: true - - run: yarn install --network-timeout 600000 - run: npx yarn-deduplicate - run: yarn install --network-timeout 600000 diff --git a/.github/workflows/externalCompile.yml b/.github/workflows/externalCompile.yml index 356f0c7..61b226a 100644 --- a/.github/workflows/externalCompile.yml +++ b/.github/workflows/externalCompile.yml @@ -61,33 +61,47 @@ jobs: name: ${{ inputs.command }} runs-on: ${{ inputs.os }} steps: - - run: git config --system core.longpaths true + - name: Configure git longpaths if on Windows if: ${{ runner.os == 'Windows' }} + run: git config --system core.longpaths true + - uses: actions/setup-node@v4 with: node-version: ${{ inputs.nodeVersion }} - - uses: salesforcecli/github-workflows/.github/actions/retry@main - name: git clone + + - name: Git clone + uses: salesforcecli/github-workflows/.github/actions/retry@main with: max_attempts: 20 - command: git clone -b ${{ inputs.branch}} --single-branch ${{ inputs.externalProjectGitUrl}} $(pwd) + command: git clone -b "$INPUTS_BRANCH" --single-branch "$INPUTS_EXTERNAL_PROJECT_GIT_URL" $(pwd) timeout_minutes: 20 + env: + INPUTS_BRANCH: ${{ inputs.branch }} + INPUTS_EXTERNAL_PROJECT_GIT_URL: ${{ inputs.externalProjectGitUrl }} + - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main - - run: ${{inputs.preSwapCommands}} - - name: swap this dependency for the version on this branch + + - run: ${{ inputs.preSwapCommands }} + + - name: Swap this dependency for the version on this branch run: | - yarn remove ${{ inputs.packageName }} + yarn remove "$INPUTS_PACKAGE_NAME" yarn add ${{ github.repository }}#${{ github.sha }} npx yarn-deduplicate yarn install --network-timeout 600000 - - name: install/build ${{ inputs.packageName}} in node_modules + env: + INPUTS_PACKAGE_NAME: ${{ inputs.packageName }} + + - name: Install/build ${{ inputs.packageName }} in node_modules working-directory: node_modules/${{ inputs.packageName }} run: | yarn install --network-timeout 600000 ${{ inputs.ignoreScripts && '--ignore-scripts' || '' }} ${{ inputs.preBuildCommands }} yarn compile ${{ inputs.postBuildCommands }} - - name: preExternalBuildCommands + + - name: Run preExternalBuildCommands run: ${{ inputs.preExternalBuildCommands }} + - name: Build the external project (where the NUTs are) run: ${{ inputs.command }} diff --git a/.github/workflows/externalNut.yml b/.github/workflows/externalNut.yml index 7e078e2..cb3d454 100644 --- a/.github/workflows/externalNut.yml +++ b/.github/workflows/externalNut.yml @@ -85,46 +85,59 @@ jobs: name: ${{ inputs.command }} runs-on: ${{ inputs.os }} steps: - - run: git config --system core.longpaths true + - name: Configure git longpaths if on Windows if: ${{ runner.os == 'Windows' }} + run: git config --system core.longpaths true + - uses: actions/setup-node@v4 with: node-version: ${{ inputs.nodeVersion }} + - uses: salesforcecli/github-workflows/.github/actions/retry@main name: cli install with: max_attempts: ${{ inputs.attempts }} command: npm install -g @salesforce/cli@nightly shx yarn-deduplicate --omit=dev timeout_minutes: 20 + - uses: salesforcecli/github-workflows/.github/actions/retry@main name: git clone with: max_attempts: 20 - command: git clone -b ${{ inputs.branch}} --single-branch ${{ inputs.externalProjectGitUrl}} $(pwd) + command: git clone -b "$INPUTS_BRANCH" --single-branch "$INPUTS_EXTERNAL_PROJECT_GIT_URL" $(pwd) timeout_minutes: 20 + env: + INPUTS_BRANCH: ${{ inputs.branch }} + INPUTS_EXTERNAL_PROJECT_GIT_URL: ${{ inputs.externalProjectGitUrl }} + - name: Cache node modules if: inputs.useCache id: cache-nodemodules uses: actions/cache@v4 - env: - cache-name: cache-node-modules with: - # caching node_modules path: node_modules key: ${{ runner.os }}-externalNuts-${{ env.cache-name }}-${{ inputs.externalProjectGitUrl}}-${{ inputs.branch}}-${{ github.sha }} + env: + cache-name: cache-node-modules + - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main if: ${{ steps.cache-nodemodules.outputs.cache-hit != 'true' }} - - run: ${{inputs.preSwapCommands}} + + - name: Run preSwapCommands + run: ${{ inputs.preSwapCommands }} if: ${{ steps.cache-nodemodules.outputs.cache-hit != 'true' }} - - name: swap this dependency for the version on this branch + - name: Swap this dependency for the version on this branch if: ${{ steps.cache-nodemodules.outputs.cache-hit != 'true' }} run: | - yarn remove ${{ inputs.packageName }} + yarn remove "$INPUTS_PACKAGE_NAME" yarn add ${{ github.repository }}#${{ github.sha }} npx yarn-deduplicate yarn install --network-timeout 600000 - - name: install/build ${{ inputs.packageName}} in node_modules + env: + INPUTS_PACKAGE_NAME: ${{ inputs.packageName }} + + - name: Install/build ${{ inputs.packageName }} in node_modules if: ${{ steps.cache-nodemodules.outputs.cache-hit != 'true' }} working-directory: node_modules/${{ inputs.packageName }} run: | @@ -132,13 +145,20 @@ jobs: ${{ inputs.preBuildCommands }} yarn compile ${{ inputs.postBuildCommands }} - - name: preExternalBuildCommands + + - name: Run preExternalBuildCommands if: ${{ steps.cache-nodemodules.outputs.cache-hit != 'true' }} run: ${{ inputs.preExternalBuildCommands }} + - name: Build the external project (where the NUTs are) run: yarn compile - - run: echo "TESTKIT_EXECUTABLE_PATH=${{inputs.sfdxExecutablePath}}" >> $GITHUB_ENV + + - name: Set optional sf executable path if: inputs.sfdxExecutablePath + run: echo "TESTKIT_EXECUTABLE_PATH=$INPUTS_SF_EXECUTABLE_PATH" >> $GITHUB_ENV + env: + INPUTS_SF_EXECUTABLE_PATH: ${{ inputs.sfdxExecutablePath }} + - name: NUTs with ${{ inputs.attempts }} attempts uses: salesforcecli/github-workflows/.github/actions/retry@main with: diff --git a/.github/workflows/notify-slack-on-pr-open.yml b/.github/workflows/notify-slack-on-pr-open.yml index 13b5c9e..fbe8cab 100644 --- a/.github/workflows/notify-slack-on-pr-open.yml +++ b/.github/workflows/notify-slack-on-pr-open.yml @@ -1,5 +1,9 @@ name: Pull Request Slack Notification +# NOTE: This workflow in github-workflows is not intended to be used externally +# It is used when Pull Requests are opened on this repository itself +# All of our repositories have their own copy of this workflow + on: pull_request: types: [opened, reopened] @@ -9,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Notify Slack on PR open - env: + env: WEBHOOK_URL : ${{ secrets.CLI_TEAM_SLACK_WEBHOOK_URL }} PULL_REQUEST_AUTHOR_ICON_URL : ${{ github.event.pull_request.user.avatar_url }} PULL_REQUEST_AUTHOR_NAME : ${{ github.event.pull_request.user.login }} diff --git a/.github/workflows/npmPublish.yml b/.github/workflows/npmPublish.yml index a0419c3..386b7a7 100644 --- a/.github/workflows/npmPublish.yml +++ b/.github/workflows/npmPublish.yml @@ -59,27 +59,37 @@ jobs: - uses: actions/checkout@v4 with: ref: ${{ inputs.githubTag }} + - uses: actions/setup-node@v4 with: node-version: ${{ inputs.nodeVersion }} + - name: Is published id: is-published run: | - RESPONSE=$(npm view .@${{ inputs.githubTag }} version --json --silent || echo "Not published") + RESPONSE=$(npm view .@$INPUTS_GITHUB_TAG version --json --silent || echo "Not published") - if [ "$RESPONSE" = "\"${{ inputs.githubTag }}\"" ]; then + # The response is wrapped in double quotes, so we need to compare it with (escaped) quotes + if [ "$RESPONSE" = "\"$INPUTS_GITHUB_TAG\"" ]; then echo "published=true" >> "$GITHUB_OUTPUT" else echo "published=false" >> "$GITHUB_OUTPUT" fi env: + INPUTS_GITHUB_TAG: ${{ inputs.githubTag }} NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - run: echo "published said ${{ steps.is-published.outputs.published }}" + + - run: echo "[INFO] Is package published:\ $STEPS_IS_PUBLISHED_PUBLISHED" + env: + STEPS_IS_PUBLISHED_PUBLISHED: ${{ steps.is-published.outputs.published }} + - name: Fail if published if: steps.is-published.outputs.published == 'true' uses: actions/github-script@v7 with: - script: core.setFailed("The version '${{ inputs.githubTag }}' has already been published to npm") + script: core.setFailed(`The version '${process.env.INPUTS_GITHUB_TAG}' has already been published to npm`) + env: + INPUTS_GITHUB_TAG: ${{ inputs.githubTag }} ctc-open: needs: [check-publish] @@ -95,23 +105,30 @@ jobs: - uses: actions/checkout@v4 with: ref: ${{ inputs.githubTag }} + - uses: actions/setup-node@v4 with: node-version: ${{ inputs.nodeVersion }} cache: yarn + - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main + - run: yarn build + - run: npm install -g @salesforce/plugin-release-management + - name: NPM Release run: | sf-release npm:package:release \ - --githubtag ${{ inputs.githubTag}} \ - --npmtag ${{ inputs.tag }} \ + --githubtag "$INPUTS_GITHUB_TAG" \ + --npmtag "$INPUTS_TAG" \ --no-install \ ${{ inputs.dryrun && '--dryrun' || '' }} \ ${{ inputs.prerelease && format('--prerelease {0}', github.ref_name) || '' }} \ ${{ inputs.sign && '--sign' || '' }} env: + INPUTS_GITHUB_TAG: ${{ inputs.githubTag }} + INPUTS_TAG: ${{ inputs.tag }} NPM_TOKEN: ${{secrets.NPM_TOKEN}} AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}} AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}} diff --git a/.github/workflows/nut.yml b/.github/workflows/nut.yml index dc1f9b8..81a572b 100644 --- a/.github/workflows/nut.yml +++ b/.github/workflows/nut.yml @@ -59,15 +59,19 @@ jobs: name: ${{ inputs.command }} runs-on: ${{ inputs.os }} steps: - - run: git config --system core.longpaths true + - name: Configure git longpaths if on Windows if: ${{ runner.os == 'Windows' }} + run: git config --system core.longpaths true - uses: actions/checkout@v4 + - uses: google/wireit@setup-github-actions-caching/v1 + - uses: actions/setup-node@v4 with: node-version: ${{ inputs.nodeVersion }} cache: yarn + - name: Cache node modules id: cache-nodemodules uses: actions/cache@v4 @@ -76,21 +80,31 @@ jobs: with: path: "**/node_modules" key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/yarn.lock') }} + - name: add CLI as global dependency uses: salesforcecli/github-workflows/.github/actions/retry@main with: max_attempts: ${{ inputs.retries }} command: npm install @salesforce/cli@nightly -g + - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main if: ${{ steps.cache-nodemodules.outputs.cache-hit != 'true' }} + - run: yarn compile + - name: Check that oclif config exists id: is-oclif-plugin run: echo "bool=$(jq 'if .oclif then true else false end' package.json)" >> "$GITHUB_OUTPUT" + - run: yarn oclif manifest if: ${{ steps.is-oclif-plugin.outputs.bool == 'true' }} - - run: echo "TESTKIT_EXECUTABLE_PATH=${{inputs.sfdxExecutablePath}}" >> $GITHUB_ENV + + - name: Set optional sf executable path if: inputs.sfdxExecutablePath + run: echo "TESTKIT_EXECUTABLE_PATH=$INPUTS_SF_EXECUTABLE_PATH" >> $GITHUB_ENV + env: + INPUTS_SF_EXECUTABLE_PATH: ${{ inputs.sfdxExecutablePath }} + - name: NUTs with ${{ inputs.retries }} attempts uses: salesforcecli/github-workflows/.github/actions/retry@main with: diff --git a/.github/workflows/packUploadMac.yml b/.github/workflows/packUploadMac.yml index 372e0ff..4ca5095 100644 --- a/.github/workflows/packUploadMac.yml +++ b/.github/workflows/packUploadMac.yml @@ -1,10 +1,6 @@ on: workflow_call: inputs: - cli: - type: string - required: true - description: only needed if upload. sfdx or sf version: type: string required: true @@ -20,28 +16,39 @@ on: jobs: macos: env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - SFDX_HIDE_RELEASE_NOTES: true SF_DISABLE_TELEMETRY: true runs-on: macos-latest steps: - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: ${{ inputs.nodeVersion }} cache: yarn + - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main - # todo: download the macos tarball and pass that to the oclif pack:macos command - - name: pack:macos + + - name: Pack for macos uses: salesforcecli/github-workflows/.github/actions/retry@main with: command: yarn pack:macos - - run: yarn upload:macos - - run: yarn channel:promote --cli ${{ inputs.cli }} --version ${{ inputs.version }} --target ${{ inputs.channel }} --platform macos - name: Promote macos to ${{ inputs.channel }} channel - - name: upload artifacts to github release - run: | - gh release upload ${{ inputs.version }} ./dist/macos/sf-*.pkg --clobber --repo ${{ github.repository}} + + - name: Upload macos + run: yarn upload:macos + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Promote macos to ${{ inputs.channel }} channel + run: yarn channel:promote --cli sf --version "$INPUTS_VERSION" --target "$INPUTS_CHANNEL" --platform macos + env: + INPUTS_VERSION: ${{ inputs.version }} + INPUTS_CHANNEL: ${{ inputs.channel }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Upload artifacts to Github release + run: gh release upload "$INPUTS_VERSION" ./dist/macos/sf-*.pkg --clobber --repo "$GIT_REPOSITORY" env: + INPUTS_VERSION: ${{ inputs.version }} GH_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/packUploadWindows.yml b/.github/workflows/packUploadWindows.yml index 43f8425..5721f09 100644 --- a/.github/workflows/packUploadWindows.yml +++ b/.github/workflows/packUploadWindows.yml @@ -1,10 +1,6 @@ on: workflow_call: inputs: - cli: - type: string - required: true - description: only needed if upload. sfdx or sf version: type: string required: true @@ -22,30 +18,42 @@ jobs: win: runs-on: ubuntu-latest env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - WINDOWS_SIGNING_KEY: ${{ secrets.WINDOWS_SIGNING_KEY }} - SFDX_WINDOWS_SIGNING_PASS: ${{ secrets.SFDX_WINDOWS_SIGNING_PASS }} - SF_WINDOWS_SIGNING_PASS: ${{ secrets.SF_WINDOWS_SIGNING_PASS }} - SFDX_HIDE_RELEASE_NOTES: true SF_DISABLE_TELEMETRY: true steps: - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: ${{ inputs.nodeVersion }} cache: yarn + - name: Set up Homebrew - id: set-up-homebrew uses: Homebrew/actions/setup-homebrew@e05416b42376bcda221f9102c4f595f4994016be + + # TODO: It would be nice if we chould ditch homebrew for this install - run: brew install makensis + - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main - - run: yarn pack:win - - run: yarn upload:win - - run: yarn channel:promote --cli ${{ inputs.cli }} --version ${{ inputs.version }} --target ${{ inputs.channel }} --platform win - name: Promote win to ${{ inputs.channel }} channel - - name: upload artifacts to github release - run: | - gh release upload ${{ inputs.version }} ./dist/win32/sf-*.exe --clobber --repo ${{ github.repository}} + + - name: Pack for Windows + run: yarn pack:win + + - name: Upload Windows + run: yarn upload:win + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Promote win to ${{ inputs.channel }} channel + run: yarn channel:promote --cli sf --version "$INPUTS_VERSION" --target "$INPUTS_CHANNEL" --platform win + env: + INPUTS_VERSION: ${{ inputs.version }} + INPUTS_CHANNEL: ${{ inputs.channel }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Upload artifacts to Github release + run: gh release upload "$INPUTS_VERSION" ./dist/win32/sf-*.exe --clobber --repo "$GITHUB_REPOSITORY" env: + INPUTS_VERSION: ${{ inputs.version }} GH_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/publishTypedoc.yml b/.github/workflows/publishTypedoc.yml index 7e31ecd..795c8f7 100644 --- a/.github/workflows/publishTypedoc.yml +++ b/.github/workflows/publishTypedoc.yml @@ -7,7 +7,6 @@ on: jobs: publish: - # todo: parameterize this as input if anyone ever needs ip-restricted runner runs-on: "ubuntu-latest" env: GITHUB_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} @@ -15,28 +14,34 @@ jobs: - uses: actions/checkout@v4 with: token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} + - uses: actions/setup-node@v4 with: node-version: lts/* cache: yarn + - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main + - name: Get Github user info id: github-user-info uses: salesforcecli/github-workflows/.github/actions/getGithubUserInfo@main with: SVC_CLI_BOT_GITHUB_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} + - uses: salesforcecli/github-workflows/.github/actions/gitConfig@main with: username: ${{ steps.github-user-info.outputs.username }} email: ${{ steps.github-user-info.outputs.email }} - - name: build docs + + - name: Build docs run: | rm -rf docs git worktree prune git fetch origin gh-pages:gh-pages git worktree add docs gh-pages yarn docs - - name: send to git + + - name: Send to git run: | cd docs git add . diff --git a/.github/workflows/stampyUpload.yml b/.github/workflows/stampyUpload.yml index 1fe8149..adbc037 100644 --- a/.github/workflows/stampyUpload.yml +++ b/.github/workflows/stampyUpload.yml @@ -1,15 +1,6 @@ on: workflow_call: inputs: - cli: - type: string - required: true - description: sf or sfdx - default: sf - clipkg: - type: string - description: npm package name for cli - default: "@salesforce/cli" version: type: string required: true @@ -22,33 +13,43 @@ jobs: - uses: salesforcecli/github-workflows/.github/actions/versionInfo@main id: version-info with: - version: ${{inputs.version}} - npmPackage: ${{inputs.clipkg}} - - name: save filename (without arch/extension) for reuse + version: ${{ inputs.version }} + npmPackage: "@salesforce/cli" + + - name: Save filename (without arch/extension) for reuse id: filename - run: echo "FILEBASE=${{inputs.cli}}-v${{inputs.version}}-${{steps.version-info.outputs.sha}}" >> "$GITHUB_OUTPUT" - - name: download from s3 + run: echo "FILEBASE=sf-v$INPUTS_VERSION-$STEPS_VERSION_INFO_SHA" >> "$GITHUB_OUTPUT" env: - # workaround for AWS CLI not having its region set. see https://github.com/actions/runner-images/issues/2791 - AWS_EC2_METADATA_DISABLED: true - AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}} + INPUTS_VERSION: ${{ inputs.version }} + STEPS_VERSION_INFO_SHA: ${{ steps.version-info.outputs.sha }} + + - name: Download from s3 run: | - aws s3 cp s3://dfc-data-production/media/salesforce-cli/${{inputs.cli}}/versions/${{inputs.version}}/${{steps.version-info.outputs.sha}}/${{steps.filename.outputs.FILEBASE}}-x86.exe . - aws s3 cp s3://dfc-data-production/media/salesforce-cli/${{inputs.cli}}/versions/${{inputs.version}}/${{steps.version-info.outputs.sha}}/${{steps.filename.outputs.FILEBASE}}-x64.exe . - - name: upload to unsigned bucket + aws s3 cp "s3://dfc-data-production/media/salesforce-cli/sf/versions/$INPUTS_VERSION/$STEPS_VERSION_INFO_SHA/$STEPS_FILENAME_FILEBASE-x86.exe" . + aws s3 cp "s3://dfc-data-production/media/salesforce-cli/sf/versions/$INPUTS_VERSION/$STEPS_VERSION_INFO_SHA/$STEPS_FILENAME_FILEBASE-x64.exe" . env: - STAMPY_ARN: ${{ secrets.STAMPY_ARN }} - STAMPY_UNSIGNED_BUCKET: ${{ secrets.STAMPY_UNSIGNED_BUCKET }} - AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}} - AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}} + INPUTS_VERSION: ${{ inputs.version }} + STEPS_VERSION_INFO_SHA: ${{ steps.version-info.outputs.sha }} + STEPS_FILENAME_FILEBASE: ${{ steps.filename.outputs.FILEBASE }} + # workaround for AWS CLI not having its region set (see https://github.com/actions/runner-images/issues/2791) AWS_EC2_METADATA_DISABLED: true - # switch AWS identity to the one that can access stampy + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + # Note: we first need to switch AWS identity to the one that can access stampy + - name: Upload to unsigned bucket run: | ACCOUNT_ID=$(aws sts get-caller-identity | jq -r '.Account') TEMP_ROLE=$(aws sts assume-role --role-arn $STAMPY_ARN --role-session-name artifact-signing) export AWS_ACCESS_KEY_ID=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.AccessKeyId') export AWS_SECRET_ACCESS_KEY=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.SecretAccessKey') export AWS_SESSION_TOKEN=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.SessionToken') - aws s3 cp ${{steps.filename.outputs.FILEBASE}}-x86.exe $STAMPY_UNSIGNED_BUCKET/${{steps.filename.outputs.FILEBASE}}-x86.exe - aws s3 cp ${{steps.filename.outputs.FILEBASE}}-x64.exe $STAMPY_UNSIGNED_BUCKET/${{steps.filename.outputs.FILEBASE}}-x64.exe + aws s3 cp "$STEPS_FILENAME_FILEBASE-x86.exe" "$STAMPY_UNSIGNED_BUCKET/$STEPS_FILENAME_FILEBASE-x86.exe" + aws s3 cp "$STEPS_FILENAME_FILEBASE-x64.exe" "$STAMPY_UNSIGNED_BUCKET/$STEPS_FILENAME_FILEBASE-x64.exe" + env: + STEPS_FILENAME_FILEBASE: ${{ steps.filename.outputs.FILEBASE }} + STAMPY_ARN: ${{ secrets.STAMPY_ARN }} + STAMPY_UNSIGNED_BUCKET: ${{ secrets.STAMPY_UNSIGNED_BUCKET }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_EC2_METADATA_DISABLED: true diff --git a/.github/workflows/tarballs.yml b/.github/workflows/tarballs.yml index 4ecef3c..25d902d 100644 --- a/.github/workflows/tarballs.yml +++ b/.github/workflows/tarballs.yml @@ -5,10 +5,6 @@ on: type: boolean description: true means test, then upload them AWS required: false - cli: - type: string - required: false - description: only needed if upload. sfdx or sf version: type: string required: false @@ -25,38 +21,46 @@ on: jobs: tarballs: env: - SFDX_HIDE_RELEASE_NOTES: true SF_DISABLE_TELEMETRY: true runs-on: ubuntu-20-8core steps: - uses: actions/checkout@v4 - with: - token: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} + - uses: actions/setup-node@v4 with: node-version: ${{ inputs.nodeVersion }} cache: yarn + - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main + - name: pack tarballs uses: salesforcecli/github-workflows/.github/actions/retry@main with: command: yarn pack:tarballs retry_on: error + - run: yarn pack:verify + - run: yarn test:smoke-unix + - if: inputs.upload run: yarn upload:tarballs env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - - if: inputs.upload && inputs.cli && inputs.version && inputs.channel - run: yarn channel:promote --cli ${{ inputs.cli }} --version ${{ inputs.version }} --target ${{ inputs.channel }} + + - if: inputs.upload && inputs.version && inputs.channel + run: yarn channel:promote --cli sf --version "$INPUTS_VERSION" --target "$INPUTS_CHANNEL" env: + INPUTS_VERSION: ${{ inputs.version }} + INPUTS_CHANNEL: ${{ inputs.channel }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + - if: inputs.upload run: | - gh release upload ${{ inputs.version }} ./dist/*.gz --clobber --repo ${{ github.repository}} - gh release upload ${{ inputs.version }} ./dist/*.xz --clobber --repo ${{ github.repository}} + gh release upload "$INPUTS_VERSION" ./dist/*.gz --clobber --repo "$GITHUB_REPOSITORY" + gh release upload "$INPUTS_VERSION" ./dist/*.xz --clobber --repo "$GITHUB_REPOSITORY" env: + INPUTS_VERSION: ${{ inputs.version }} GH_TOKEN: ${{ secrets.SVC_CLI_BOT_GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/unitTestsLinux.yml b/.github/workflows/unitTestsLinux.yml index 61ea26c..513e92f 100644 --- a/.github/workflows/unitTestsLinux.yml +++ b/.github/workflows/unitTestsLinux.yml @@ -22,12 +22,15 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: ${{ matrix.node_version }} cache: yarn + - uses: google/wireit@setup-github-actions-caching/v1 continue-on-error: true + - name: Cache node modules id: cache-nodemodules uses: actions/cache@v4 @@ -39,7 +42,9 @@ jobs: - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main if: ${{ steps.cache-nodemodules.outputs.cache-hit != 'true' }} + - run: yarn build + - name: yarn test uses: salesforcecli/github-workflows/.github/actions/retry@main with: diff --git a/.github/workflows/unitTestsWindows.yml b/.github/workflows/unitTestsWindows.yml index 3382d9d..55c8ee3 100644 --- a/.github/workflows/unitTestsWindows.yml +++ b/.github/workflows/unitTestsWindows.yml @@ -22,13 +22,17 @@ jobs: runs-on: windows-latest steps: - run: git config --system core.longpaths true + - uses: actions/checkout@v4 + - uses: google/wireit@setup-github-actions-caching/v1 continue-on-error: true + - uses: actions/setup-node@v4 with: node-version: ${{ matrix.node_version }} cache: yarn + - name: Cache node modules id: cache-nodemodules uses: actions/cache@v4 @@ -40,7 +44,9 @@ jobs: - uses: salesforcecli/github-workflows/.github/actions/yarnInstallWithRetries@main if: ${{ steps.cache-nodemodules.outputs.cache-hit != 'true' }} + - run: yarn build + - name: yarn test uses: salesforcecli/github-workflows/.github/actions/retry@main with: diff --git a/.github/workflows/validatePR.yml b/.github/workflows/validatePR.yml index f20b0bf..94e1f50 100644 --- a/.github/workflows/validatePR.yml +++ b/.github/workflows/validatePR.yml @@ -1,5 +1,3 @@ -# test push - on: workflow_call jobs: @@ -49,9 +47,9 @@ jobs: steps.regex-match-gha-run.outputs.match != '' || steps.regex-match-cli-gh-issue.match != '' run: | - echo "Gus Work Item: $STEPS_GUS_WI" - echo "Github Action Run: $STEPS_GHA_RUN" - echo "CLI Github Issue: $STEPS_CLI_GH_ISSUE" + echo "[INFO] Gus Work Item: $STEPS_GUS_WI" + echo "[INFO] Github Action Run: $STEPS_GHA_RUN" + echo "[INFO] CLI Github Issue: $STEPS_CLI_GH_ISSUE" env: STEPS_GUS_WI: ${{ steps.regex-match-gus-wi.outputs.match }} STEPS_GHA_RUN: ${{ steps.regex-match-gha-run.outputs.match }}