From 93db158c366c5f80b6d80aadd06b2dffc4ff32d1 Mon Sep 17 00:00:00 2001 From: Joao Dordio Date: Tue, 17 Mar 2026 00:01:23 +0000 Subject: [PATCH 1/2] =?UTF-8?q?=F0=9F=9A=A7=20WIP=20added=20prepare=20and?= =?UTF-8?q?=20validate=20release=20automations?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/prepare-for-release.yml | 73 +++++++++++++++++++++++ .github/workflows/validate-release.yml | 60 +++++++++++++++++++ 2 files changed, 133 insertions(+) create mode 100644 .github/workflows/prepare-for-release.yml create mode 100644 .github/workflows/validate-release.yml diff --git a/.github/workflows/prepare-for-release.yml b/.github/workflows/prepare-for-release.yml new file mode 100644 index 000000000..cc3ae942d --- /dev/null +++ b/.github/workflows/prepare-for-release.yml @@ -0,0 +1,73 @@ +name: Prepare For Release + +on: + workflow_dispatch: + inputs: + version: + description: 'Version number (e.g., 2.3.0)' + required: true + type: string + +permissions: + contents: write + pull-requests: write + +jobs: + prepare-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Setup + uses: ./.github/actions/setup + + - name: Validate Version Format + run: | + if ! [[ "${{ github.event.inputs.version }}" =~ ^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9]+)?$ ]]; then + echo "::error::Invalid version format. Use semantic versioning (e.g., 2.3.0 or 2.3.0-beta1)" + exit 1 + fi + + - name: Update Changelog + id: update_changelog + run: | + new_version="${{ github.event.inputs.version }}" + echo "new_version=${new_version}" >> $GITHUB_OUTPUT + + if grep -qF "## ${new_version}" CHANGELOG.md; then + echo "CHANGELOG.md already has an entry for ${new_version}, skipping." + else + tmp=$(mktemp) + echo "## ${new_version}" > "$tmp" + echo "" >> "$tmp" + cat CHANGELOG.md >> "$tmp" + mv "$tmp" CHANGELOG.md + fi + + - name: Update Version + run: npm version "${{ github.event.inputs.version }}" --no-git-tag-version + + - name: Build + run: yarn prepare + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v5 + with: + token: ${{ secrets.GITHUB_TOKEN }} + title: "Prepare for Release ${{ steps.update_changelog.outputs.new_version }}" + body: | + # Prepare for Release ${{ steps.update_changelog.outputs.new_version }} + + ## SDK Release Checklist + - [ ] CHANGELOG.md updated with release notes + - [ ] Version bumped in package.json + - [ ] `yarn prepare` ran successfully (itblBuildInfo.ts updated) + - [ ] All tests passing + - [ ] Documentation updated (if needed) + + branch: "prepare-for-release-${{ steps.update_changelog.outputs.new_version }}" + commit-message: "Prepare for release ${{ steps.update_changelog.outputs.new_version }}" + labels: release + delete-branch: true diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml new file mode 100644 index 000000000..66c1e2e08 --- /dev/null +++ b/.github/workflows/validate-release.yml @@ -0,0 +1,60 @@ +name: Validate Release PR + +on: + pull_request: + types: [labeled, opened, synchronize, edited] + +permissions: + contents: read + pull-requests: read + +jobs: + validate: + if: >- + (github.event.action == 'labeled' && github.event.label.name == 'release') || + (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'release')) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Validate Release PR + env: + PR_BODY: ${{ github.event.pull_request.body }} + run: | + errors=() + + # --- Extract version from source of truth --- + version=$(node -p "require('./package.json').version") + if [ -z "$version" ]; then + echo "::error::Could not extract version from package.json" + exit 1 + fi + echo "Detected version: $version" + + # --- Check: Docs PR linked --- + if ! echo "$PR_BODY" | grep -qiP "github\.com/Iterable/iterable-docs/pull/\d+"; then + errors+=("No docs PR link found in the PR description. Add a link to the iterable-docs PR (e.g. https://github.com/Iterable/iterable-docs/pull/123).") + fi + + # --- Check: CHANGELOG entry (RN uses ## X.Y.Z without brackets) --- + if ! grep -qF "## $version" CHANGELOG.md; then + errors+=("CHANGELOG.md is missing an entry for version $version.") + fi + + # --- Check: Version consistency --- + build_info_ver=$(grep -oP "version:\s*'\K[^']+" src/itblBuildInfo.ts) + + if [ "$build_info_ver" != "$version" ]; then + errors+=("src/itblBuildInfo.ts version is '$build_info_ver', expected '$version'. Did you run 'yarn prepare'?") + fi + + # --- Report --- + if [ ${#errors[@]} -gt 0 ]; then + echo "::error::Release validation failed with ${#errors[@]} issue(s):" + for err in "${errors[@]}"; do + echo "::error:: - $err" + done + exit 1 + fi + + echo "All release validations passed for version $version." From 1fb33c96f35b07fa7e3b30b8ec75a289dbbcb31f Mon Sep 17 00:00:00 2001 From: Joao Dordio Date: Thu, 19 Mar 2026 14:57:40 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=94=90=20Addressed=20security=20vulne?= =?UTF-8?q?rability?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/prepare-for-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-for-release.yml b/.github/workflows/prepare-for-release.yml index cc3ae942d..e750c1b83 100644 --- a/.github/workflows/prepare-for-release.yml +++ b/.github/workflows/prepare-for-release.yml @@ -53,7 +53,7 @@ jobs: run: yarn prepare - name: Create Pull Request - uses: peter-evans/create-pull-request@v5 + uses: peter-evans/create-pull-request@4e1beaa7521e8b457b572c090b25bd3db56bf1c5 # v5 with: token: ${{ secrets.GITHUB_TOKEN }} title: "Prepare for Release ${{ steps.update_changelog.outputs.new_version }}"