Skip to content

fix: refactor mfa validation into functions (#1780) #1049

fix: refactor mfa validation into functions (#1780)

fix: refactor mfa validation into functions (#1780) #1049

Workflow file for this run

name: Release
on:
push:
branches:
- master
- release/*
jobs:
release_please:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
outputs:
MAIN_RELEASE_VERSION: ${{ steps.versions.outputs.MAIN_RELEASE_VERSION }}
RELEASE_VERSION: ${{ steps.versions.outputs.RELEASE_VERSION }}
RELEASE_CANDIDATE: ${{ steps.versions.outputs.RELEASE_CANDIDATE }}
RELEASE_NAME: ${{ steps.versions.outputs.RELEASE_NAME }}
steps:
- uses: google-github-actions/release-please-action@v4
id: release
with:
release-type: go
target-branch: ${{ github.ref_name }}
- uses: actions/checkout@v4
if: ${{ steps.release.outputs.release_created == 'true' || steps.release.outputs.prs_created == 'true' }}
with:
fetch-depth: 0
- if: ${{ steps.release.outputs.release_created == 'true' || steps.release.outputs.prs_created == 'true' }}
id: versions
run: |
set -ex
RELEASE_CANDIDATE=true
NOT_RELEASE_CANDIDATE='${{ steps.release.outputs.release_created }}'
if [ "$NOT_RELEASE_CANDIDATE" == "true" ]
then
RELEASE_CANDIDATE=false
fi
MAIN_RELEASE_VERSION=x
RELEASE_VERSION=y
if [ "$RELEASE_CANDIDATE" == "true" ]
then
# Release please doesn't tell you the candidate version when it
# creates the PR, so we have to take it from the title.
MAIN_RELEASE_VERSION=$(node -e "console.log('${{ steps.release.outputs.pr && fromJSON(steps.release.outputs.pr).title }}'.split(' ').reverse().find(x => x.match(/[0-9]+[.][0-9]+[.][0-9]+/)))")
# Use git describe tags to identify the number of commits the branch
# is ahead of the most recent non-release-candidate tag, which is
# part of the rc.<commits> value.
RELEASE_VERSION=$MAIN_RELEASE_VERSION-rc.$(node -e "console.log('$(git describe --tags --exclude rc*)'.split('-')[1])")
# release-please only ignores releases that have a form like [A-Z0-9]<version>, so prefixing with rc<version>
RELEASE_NAME="rc$RELEASE_VERSION"
else
MAIN_RELEASE_VERSION=${{ steps.release.outputs.major }}.${{ steps.release.outputs.minor }}.${{ steps.release.outputs.patch }}
RELEASE_VERSION="$MAIN_RELEASE_VERSION"
RELEASE_NAME="v$RELEASE_VERSION"
fi
echo "MAIN_RELEASE_VERSION=${MAIN_RELEASE_VERSION}" >> "${GITHUB_ENV}"
echo "RELEASE_VERSION=${RELEASE_VERSION}" >> "${GITHUB_ENV}"
echo "RELEASE_CANDIDATE=${RELEASE_CANDIDATE}" >> "${GITHUB_ENV}"
echo "RELEASE_NAME=${RELEASE_NAME}" >> "${GITHUB_ENV}"
echo "MAIN_RELEASE_VERSION=${MAIN_RELEASE_VERSION}" >> "${GITHUB_OUTPUT}"
echo "RELEASE_VERSION=${RELEASE_VERSION}" >> "${GITHUB_OUTPUT}"
echo "RELEASE_CANDIDATE=${RELEASE_CANDIDATE}" >> "${GITHUB_OUTPUT}"
echo "RELEASE_NAME=${RELEASE_NAME}" >> "${GITHUB_OUTPUT}"
- uses: actions/setup-go@v5
if: ${{ steps.release.outputs.release_created == 'true' || steps.release.outputs.prs_created == 'true' }}
with:
go-version: "^1.22.0" # The Go version to download (if necessary) and use.
- name: Build release artifacts
if: ${{ steps.release.outputs.release_created == 'true' || steps.release.outputs.prs_created == 'true' }}
run: |
set -ex
RELEASE_VERSION=$RELEASE_VERSION make deps
RELEASE_VERSION=$RELEASE_VERSION make all
ln -s auth gotrue
tar -czvf auth-v$RELEASE_VERSION-x86.tar.gz auth gotrue migrations/
mv auth-arm64 auth
tar -czvf auth-v$RELEASE_VERSION-arm64.tar.gz auth gotrue migrations/
- name: Upload release artifacts
if: ${{ steps.release.outputs.release_created == 'true' || steps.release.outputs.prs_created == 'true' }}
run: |
set -ex
if [ "$RELEASE_CANDIDATE" == "true" ]
then
PR_NUMBER='${{ steps.release.outputs.pr && fromJSON(steps.release.outputs.pr).number }}'
GH_TOKEN='${{ github.token }}' gh release \
create $RELEASE_NAME \
--title "v$RELEASE_VERSION" \
--prerelease \
-n "This is a release candidate. See release-please PR #$PR_NUMBER for context."
GH_TOKEN='${{ github.token }}' gh pr comment "$PR_NUMBER" \
-b "Release candidate [v$RELEASE_VERSION](https://github.com/supabase/gotrue/releases/tag/$RELEASE_NAME) published."
else
if [ "$GITHUB_REF" == "refs/heads/main" ] || [ "$GITHUB_REF" == "refs/heads/master" ]
then
IS_PATCH_ZERO=$(node -e "console.log('$RELEASE_VERSION'.endsWith('.0'))")
if [ "$IS_PATCH_ZERO" == "true" ]
then
# Only create release branch if patch version is 0, as this
# means that the release can be patched in the future.
GH_TOKEN='${{ github.token }}' gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/repos/supabase/gotrue/git/refs \
-f "ref=refs/heads/release/${RELEASE_VERSION}" \
-f "sha=$GITHUB_SHA"
fi
fi
fi
GH_TOKEN='${{ github.token }}' gh release upload $RELEASE_NAME ./auth-v$RELEASE_VERSION-x86.tar.gz ./auth-v$RELEASE_VERSION-arm64.tar.gz
publish:
needs:
- release_please
if: ${{ success() && needs.release_please.outputs.RELEASE_VERSION }}
uses: ./.github/workflows/publish.yml
secrets: inherit
with:
version: ${{ needs.release_please.outputs.RELEASE_VERSION }}