ci(release): Switch from action-prepare-release to Craft #4129
Conversation
This PR migrates from the deprecated action-prepare-release to the new Craft GitHub Actions (reusable workflow or composite action). Changes: - Migrate .github/workflows/release.yml to Craft composite action - Update .craft.yml with versioning.policy: calver
Semver Impact of This PR🟢 Patch (bug fixes) 📋 Changelog PreviewThis is how your changes will appear in the changelog. New Features ✨
Build / dependencies / internal 🔧
Other
🤖 This preview updates automatically when you update the PR. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
The previous migration incorrectly removed the GitHub App token authentication step. This commit restores it by switching to the composite action pattern which preserves the auth flow.
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
.github/workflows/release.yml
Outdated
| - id: prepare | ||
| uses: getsentry/craft@39ee616a6a58dc64797feecb145d66770492b66c # v2 | ||
| env: | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
| with: | ||
| version: ${{ inputs.version }} | ||
| force: ${{ inputs.force }} |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
aldy505
left a comment
aldy505
left a comment
There was a problem hiding this comment.
I would recommend you to use this for updating GHA tags https://github.com/azat-io/actions-up
.github/workflows/release.yml
Outdated
| needs: release | ||
| steps: | ||
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | ||
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 |
There was a problem hiding this comment.
I don't know why but this is very inconsistent. Why did you lower the version for actions/checkout?
.github/workflows/shellcheck.yml
Outdated
| steps: | ||
| - name: Repository checkout | ||
| uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | ||
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.0 |
There was a problem hiding this comment.
The version comment should be updated to v6.0.1 too.
| uses: getsentry/action-prepare-release@3cea80dc3938c0baf5ec4ce752ecb311f8780cdc # v1.6.4 | ||
| uses: getsentry/craft@1c58bfd57bfd6a967b6f3fc92bead2c42ee698ce # v2 | ||
| env: | ||
| GITHUB_TOKEN: ${{ steps.token.outputs.token }} |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
| token: ${{ steps.token.outputs.token }} | ||
| fetch-depth: 0 | ||
| - name: Prepare release | ||
| id: prepare-release |
There was a problem hiding this comment.
Bug: The release job's output release-version references an environment variable env.RELEASE_VERSION, which may not be reliably passed to downstream jobs.
Severity: HIGH
Suggested Fix
Verify the outputs of the getsentry/craft action. If it provides a step output (e.g., version), update the job output to use it: release-version: ${{ steps.prepare-release.outputs.version }}. This ensures data is passed reliably between jobs according to GitHub Actions best practices.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: .github/workflows/release.yml#L35
Potential issue: The `release` job defines an output `release-version` by referencing
the environment variable `env.RELEASE_VERSION`. Environment variables set within a step
are not guaranteed to be available for job-level outputs. If the `getsentry/craft`
action in the `prepare-release` step does not set this environment variable in a way
that's accessible at the job scope, the `release-version` output will be empty.
Consequently, the downstream `dogfood-release` job will receive an empty version,
potentially causing the release process to fail or proceed with an incorrect version.
Did we get this right? 👍 / 👎 to inform future reviews.
Summary
This PR migrates from the deprecated
action-prepare-releaseto the new Craft GitHub Actions.Changes
.github/workflows/release.ymlto Craft composite action.craft.ymlwithversioning.policy: calverDocumentation
See https://getsentry.github.io/craft/github-actions/ for more information.