Skip to content

chore(deps): upgrade dependencies (#489) #425

chore(deps): upgrade dependencies (#489)

chore(deps): upgrade dependencies (#489) #425

Workflow file for this run

# ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen".
name: release
on:
push:
branches:
- main
workflow_dispatch: {}
jobs:
release:
runs-on: ubuntu-latest
permissions:
contents: write
outputs:
latest_commit: ${{ steps.git_remote.outputs.latest_commit }}
tag_exists: ${{ steps.check_tag_exists.outputs.exists }}
env:
CI: "true"
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
fetch-depth: 0
- name: Set git config safe.directory
run: git config --global --add safe.directory $(pwd)
- name: Set git identity
run: |-
git config user.name "github-actions"
git config user.email "[email protected]"
- name: Setup Node.js
uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8
with:
node-version: 18.12.0
- name: Install dependencies
run: yarn install --check-files --frozen-lockfile
- name: release
run: npx projen release
- name: Check if version has already been tagged
id: check_tag_exists
run: |-
if [ ! -f dist/dist/releasetag.txt ]; then (echo "exists=true" >> $GITHUB_OUTPUT) && exit 0; fi
TAG=$(cat dist/dist/releasetag.txt)
([ ! -z "$TAG" ] && git ls-remote -q --exit-code --tags origin $TAG && (echo "exists=true" >> $GITHUB_OUTPUT)) || (echo "exists=false" >> $GITHUB_OUTPUT)
cat $GITHUB_OUTPUT
- name: Check for new commits or cancel via faking a SHA if release was cancelled
id: git_remote
run: node ./scripts/should-release.js && (echo "latest_commit=$(git ls-remote origin -h ${{ github.ref }} | cut -f1)" >> $GITHUB_OUTPUT && cat $GITHUB_OUTPUT) || echo "latest_commit=release_cancelled" >> $GITHUB_OUTPUT
- name: Backup artifact permissions
if: ${{ steps.git_remote.outputs.latest_commit == github.sha }}
run: cd dist && getfacl -R . > permissions-backup.acl
continue-on-error: true
- name: Upload artifact
if: ${{ steps.git_remote.outputs.latest_commit == github.sha }}
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
with:
name: build-artifact
path: dist
overwrite: true
deprecate:
name: Deprecate the package in package managers if needed
needs:
- release
- release_npm
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Install
run: yarn install
- name: Check deprecation status
id: check_status
run: |-
IS_DEPRECATED=$(cat package.json | jq .cdktf.isDeprecated -r)
echo "is_deprecated=$IS_DEPRECATED"
echo "is_deprecated=$IS_DEPRECATED" >> $GITHUB_OUTPUT
- name: Deprecate the package on NPM
if: steps.check_status.outputs.is_deprecated == 'true' || steps.check_status.outputs.is_deprecated == true
env:
NPM_REGISTRY: registry.npmjs.org
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |-
npm set "//$NPM_REGISTRY/:_authToken=$NPM_TOKEN"
npm deprecate @cdktf/provider-hcp "See https://cdk.tf/imports for details on how to continue to use the hcp provider in your CDK for Terraform (CDKTF) projects by generating the bindings locally."
release_github:
name: Publish to GitHub Releases
needs: release
runs-on: ubuntu-latest
permissions:
contents: write
issues: write
if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
steps:
- uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8
with:
node-version: 18.12.0
- name: Download build artifacts
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Collect GitHub Metadata
run: mv .repo/dist dist
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REPOSITORY: ${{ github.repository }}
GITHUB_REF: ${{ github.ref }}
run: errout=$(mktemp); gh release create $(cat dist/releasetag.txt) -R $GITHUB_REPOSITORY -F dist/changelog.md -t $(cat dist/releasetag.txt) --target $GITHUB_REF 2> $errout && true; exitcode=$?; if [ $exitcode -ne 0 ] && ! grep -q "Release.tag_name already exists" $errout; then cat $errout; exit $exitcode; fi
- name: Extract Version
id: extract-version
if: ${{ failure() }}
run: echo "VERSION=$(cat dist/version.txt)" >> $GITHUB_OUTPUT
- name: Create Issue
if: ${{ failure() }}
uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
labels: failed-release
title: Publishing v${{ steps.extract-version.outputs.VERSION }} to GitHub Releases failed
body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
release_npm:
name: Publish to npm
needs: release
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
steps:
- uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8
with:
node-version: 18.12.0
- name: Download build artifacts
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Install Dependencies
run: cd .repo && yarn install --check-files --frozen-lockfile
- name: Create js artifact
run: cd .repo && npx projen package:js
- name: Collect js Artifact
run: mv .repo/dist dist
- name: Release
env:
NPM_DIST_TAG: latest
NPM_REGISTRY: registry.npmjs.org
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npx -p publib@latest publib-npm
- name: Extract Version
id: extract-version
if: ${{ failure() }}
run: echo "VERSION=$(cat dist/version.txt)" >> $GITHUB_OUTPUT
- name: Create Issue
if: ${{ failure() }}
uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
labels: failed-release
title: Publishing v${{ steps.extract-version.outputs.VERSION }} to npm failed
body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
release_maven:
name: Publish to Maven Central
needs: release
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
steps:
- uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8
with:
distribution: temurin
java-version: 11.x
- uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8
with:
node-version: 18.12.0
- name: Download build artifacts
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Install Dependencies
run: cd .repo && yarn install --check-files --frozen-lockfile
- name: Create java artifact
run: cd .repo && npx projen package:java
- name: Collect java Artifact
run: mv .repo/dist dist
- name: Release
env:
MAVEN_ENDPOINT: https://hashicorp.oss.sonatype.org
MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSPHRASE }}
MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }}
MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
MAVEN_STAGING_PROFILE_ID: ${{ secrets.MAVEN_STAGING_PROFILE_ID }}
MAVEN_OPTS: --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED
run: npx -p publib@latest publib-maven
- name: Extract Version
id: extract-version
if: ${{ failure() }}
run: echo "VERSION=$(cat dist/version.txt)" >> $GITHUB_OUTPUT
- name: Create Issue
if: ${{ failure() }}
uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
labels: failed-release
title: Publishing v${{ steps.extract-version.outputs.VERSION }} to Maven Central failed
body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
release_pypi:
name: Publish to PyPI
needs: release
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
steps:
- uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8
with:
node-version: 18.12.0
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c
with:
python-version: 3.x
- name: Download build artifacts
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Install Dependencies
run: cd .repo && yarn install --check-files --frozen-lockfile
- name: Create python artifact
run: cd .repo && npx projen package:python
- name: Collect python Artifact
run: mv .repo/dist dist
- name: Release
env:
TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }}
TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
run: npx -p publib@latest publib-pypi
- name: Extract Version
id: extract-version
if: ${{ failure() }}
run: echo "VERSION=$(cat dist/version.txt)" >> $GITHUB_OUTPUT
- name: Create Issue
if: ${{ failure() }}
uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
labels: failed-release
title: Publishing v${{ steps.extract-version.outputs.VERSION }} to PyPI failed
body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
release_nuget:
name: Publish to NuGet Gallery
needs: release
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
steps:
- uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8
with:
node-version: 18.12.0
- uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3
with:
dotnet-version: 3.x
- name: Download build artifacts
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Install Dependencies
run: cd .repo && yarn install --check-files --frozen-lockfile
- name: Create dotnet artifact
run: cd .repo && npx projen package:dotnet
- name: Collect dotnet Artifact
run: mv .repo/dist dist
- name: Release
env:
NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
run: npx -p publib@latest publib-nuget
- name: Extract Version
id: extract-version
if: ${{ failure() }}
run: echo "VERSION=$(cat dist/version.txt)" >> $GITHUB_OUTPUT
- name: Create Issue
if: ${{ failure() }}
uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
labels: failed-release
title: Publishing v${{ steps.extract-version.outputs.VERSION }} to NuGet Gallery failed
body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
release_golang:
name: Publish to GitHub Go Module Repository
needs: release
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
steps:
- uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8
with:
node-version: 18.12.0
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
with:
go-version: ^1.16.0
- name: Download build artifacts
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Install Dependencies
run: cd .repo && yarn install --check-files --frozen-lockfile
- name: Create go artifact
run: cd .repo && npx projen package:go
- name: Setup Copywrite tool
uses: hashicorp/setup-copywrite@867a1a2a064a0626db322392806428f7dc59cb3e
- name: Copy copywrite hcl file
run: cp .repo/.copywrite.hcl .repo/dist/go/.copywrite.hcl
- name: Add headers using Copywrite tool
run: cd .repo/dist/go && copywrite headers
- name: Remove copywrite hcl file
run: rm -f .repo/dist/go/.copywrite.hcl
- name: Remove some text from the README that doesn't apply to Go
run: |-
sed -i 's/# CDKTF prebuilt bindings for/# CDKTF Go bindings for/' .repo/dist/go/*/README.md
sed -i -e '/## Available Packages/,/### Go/!b' -e '/### Go/!d;p; s/### Go/## Go Package/' -e 'd' .repo/dist/go/*/README.md
sed -i 's/### Go/## Go Package/' .repo/dist/go/*/README.md
sed -i -e '/API.typescript.md/,/You can also visit a hosted version/!b' -e 'd' .repo/dist/go/*/README.md
sed -i 's|Find auto-generated docs for this provider here:|Find auto-generated docs for this provider [here](https://github.com/cdktf/cdktf-provider-hcp/blob/main/docs/API.go.md).|' .repo/dist/go/*/README.md
sed -i -e '/### Provider Version/,/The provider version can be adjusted/!b' -e 'd' .repo/dist/go/*/README.md
- name: Copy the README file to the parent directory
run: cp .repo/dist/go/*/README.md .repo/dist/go/README.md
- name: Collect go Artifact
run: mv .repo/dist dist
- name: Release
env:
GIT_USER_NAME: CDK for Terraform Team
GIT_USER_EMAIL: [email protected]
GITHUB_TOKEN: ${{ secrets.GO_GITHUB_TOKEN }}
run: npx -p publib@latest publib-golang
- name: Extract Version
id: extract-version
if: ${{ failure() }}
run: echo "VERSION=$(cat dist/version.txt)" >> $GITHUB_OUTPUT
- name: Create Issue
if: ${{ failure() }}
uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
labels: failed-release
title: Publishing v${{ steps.extract-version.outputs.VERSION }} to GitHub Go Module Repository failed
body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}