Skip to content

DAT-20906 DevOps :: Create Automated Release Workflow for Liquibase Secure Extensions (BigQuery, Databricks, MongoDB, Azure, AWS) #419

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Nov 7, 2025
Merged

DAT-20906 DevOps :: Create Automated Release Workflow for Liquibase Secure Extensions (BigQuery, Databricks, MongoDB, Azure, AWS) #419

Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
2a7ec66
refactor: comment out artifact handling steps in extension-automated-…
jandroav Oct 16, 2025
0b72585
fix: update Dependabot token usage in extension-automated-release wor…
jandroav Oct 16, 2025
d6f3309
fix: update Dependabot token usage in extension-automated-release wor…
jandroav Oct 16, 2025
7d78a7a
fix: enhance Dependabot update handling in extension-automated-releas…
jandroav Oct 16, 2025
aa74cf3
fix: enhance Dependabot update handling in extension-automated-releas…
jandroav Oct 16, 2025
fb8215b
refactor: uncomment artifact handling steps in extension-automated-re…
jandroav Oct 16, 2025
9e1988a
Merge branch 'main' into DAT-20906-test
jandroav Nov 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 30 additions & 3 deletions .github/workflows/extension-automated-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,6 @@ jobs:
app-id: ${{ env.LIQUIBASE_GITHUB_APP_ID }}
private-key: ${{ env.LIQUIBASE_GITHUB_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: ${{ matrix.repository }}

- name: Install Dependabot CLI
env:
Expand All @@ -127,8 +126,36 @@ jobs:
REPOSITORY: ${{ matrix.repository }}
run: |
echo "INFO: Running Dependabot on repository: $REPOSITORY"
dependabot update maven "liquibase/$REPOSITORY"
echo "INFO: Dependabot update completed for $REPOSITORY"

set +e
output=$(dependabot update maven "liquibase/$REPOSITORY" 2>&1)
exit_code=$?
set -e

echo "$output"

if [ $exit_code -ne 0 ]; then
# Check if there were any successful updates
if echo "$output" | grep -q "Changes to Dependabot Pull Requests"; then
echo "INFO: Some dependencies were successfully updated"

# Check if only known problematic dependencies failed
if echo "$output" | grep -qE "(com\.simba\.googlebigquery\.jdbc:GoogleBigQueryJDBC42|com\.liquibase:liquibase-extension-testing).*private_source_authentication_failure"; then
echo "WARNING: Known authentication issues with private dependencies:"
echo "$output" | grep -A 5 "Dependencies failed to update" || true
echo "INFO: These dependencies will be skipped. Please update manually if needed."
echo "INFO: Continuing with other successfully updated dependencies for $REPOSITORY"
# Exit successfully to continue the workflow
exit 0
fi
fi

# Other error - fail the step
echo "ERROR: Dependabot failed with unexpected error for $REPOSITORY"
exit $exit_code
fi

echo "INFO: Dependabot update completed successfully for $REPOSITORY"

update-pom:
needs: check-security-vulnerabilities
Expand Down