Fix release pipeline to work with branch protections

Question

Fix release pipeline to work with branch protections

Closed this issue 9 months ago · 5 comments

The release.yml workflow relies on the Maven Release Plugin to push commits to main. It does this using the https://github.com/tbd-releases account. Because of branch protections and the way we cannot bypass them in GitHub configs, we have to adapt the release workflow to initiatlize the release process off a branch, push changes to that branch, create a PR, then merge that PR/branch back into main.

Answer 1 · 2024-04-07T23:39:54.000Z

WIP in issue-296/release-with-branch-protections

Answer 2 · 2024-04-08T00:22:41.000Z

Also WIP for testing in https://github.com/ALRubinger/web5-kt.

To be ported upstream when working there.

Answer 3 · 2024-04-08T00:23:32.000Z

Using prerelease branch to stage release commits looks good so far:

Version to be released: 1.0.0-maven-rc-3
Setting next development version back to original in pom.xml: 0.0.0-main-SNAPSHOT
Staging release commits in branch: prerelease-c85ccd9-1.0.0-maven-rc-3
Switched to a new branch 'prerelease-c85ccd9-1.0.0-maven-rc-3'

https://github.com/ALRubinger/web5-kt/actions/runs/8592653569/job/23542981631#step:6:48

Answer 4 · 2024-04-08T00:25:33.000Z

Excellent, release commits nicely seated in a branch:

https://github.com/ALRubinger/web5-kt/commits/prerelease-c85ccd9-1.0.0-maven-rc-3/

Now to use GH REST API to make a PR and merge it into main so branch protections are honored.

Answer 5 · 2024-04-08T04:07:17.000Z

Replaced by #297 - no more work to be done here.