diff --git a/.github/workflows/auth-react-test-1-django.yml b/.github/workflows/auth-react-test-1-django.yml index 3f4a1fb11..205d888c8 100644 --- a/.github/workflows/auth-react-test-1-django.yml +++ b/.github/workflows/auth-react-test-1-django.yml @@ -6,9 +6,11 @@ on: - opened - reopened - synchronize + - labeled + - unlabeled push: - tags: - - dev-v[0-9]+.[0-9]+.[0-9]+ + branches: + - '[0-9]+.[0-9]+' # Only one instance of this workflow will run on the same ref (PR/Branch/Tag) # Previous runs will be cancelled. @@ -18,6 +20,7 @@ concurrency: jobs: define-versions: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest outputs: fdiVersions: ${{ steps.versions.outputs.fdiVersions }} @@ -49,6 +52,7 @@ jobs: fdi-versions: ${{ steps.versions.outputs.fdiVersions }} setup-auth-react: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest needs: define-versions strategy: @@ -93,6 +97,7 @@ jobs: spec: ${{ steps.envs.outputs.specs }} launch-fdi-workflows: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') uses: ./.github/workflows/auth-react-test-2.yml needs: - define-versions diff --git a/.github/workflows/auth-react-test-1-fastapi.yml b/.github/workflows/auth-react-test-1-fastapi.yml index 1afba68a3..d437f3883 100644 --- a/.github/workflows/auth-react-test-1-fastapi.yml +++ b/.github/workflows/auth-react-test-1-fastapi.yml @@ -6,9 +6,11 @@ on: - opened - reopened - synchronize + - labeled + - unlabeled push: - tags: - - dev-v[0-9]+.[0-9]+.[0-9]+ + branches: + - '[0-9]+.[0-9]+' # Only one instance of this workflow will run on the same ref (PR/Branch/Tag) # Previous runs will be cancelled. @@ -18,6 +20,7 @@ concurrency: jobs: define-versions: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest outputs: fdiVersions: ${{ steps.versions.outputs.fdiVersions }} @@ -49,6 +52,7 @@ jobs: fdi-versions: ${{ steps.versions.outputs.fdiVersions }} setup-auth-react: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest needs: define-versions strategy: @@ -93,6 +97,7 @@ jobs: spec: ${{ steps.envs.outputs.specs }} launch-fdi-workflows: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') uses: ./.github/workflows/auth-react-test-2.yml needs: - define-versions diff --git a/.github/workflows/auth-react-test-1-flask.yml b/.github/workflows/auth-react-test-1-flask.yml index 241945588..43957e223 100644 --- a/.github/workflows/auth-react-test-1-flask.yml +++ b/.github/workflows/auth-react-test-1-flask.yml @@ -6,9 +6,11 @@ on: - opened - reopened - synchronize + - labeled + - unlabeled push: - tags: - - dev-v[0-9]+.[0-9]+.[0-9]+ + branches: + - '[0-9]+.[0-9]+' # Only one instance of this workflow will run on the same ref (PR/Branch/Tag) # Previous runs will be cancelled. @@ -18,6 +20,7 @@ concurrency: jobs: define-versions: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest outputs: fdiVersions: ${{ steps.versions.outputs.fdiVersions }} @@ -49,6 +52,7 @@ jobs: fdi-versions: ${{ steps.versions.outputs.fdiVersions }} setup-auth-react: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest needs: define-versions strategy: @@ -93,6 +97,7 @@ jobs: spec: ${{ steps.envs.outputs.specs }} launch-fdi-workflows: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') uses: ./.github/workflows/auth-react-test-2.yml needs: - define-versions diff --git a/.github/workflows/auth-react-test-2.yml b/.github/workflows/auth-react-test-2.yml index 174f5851f..dc08f1929 100644 --- a/.github/workflows/auth-react-test-2.yml +++ b/.github/workflows/auth-react-test-2.yml @@ -40,6 +40,7 @@ on: jobs: retrieve-matrix: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest outputs: @@ -55,6 +56,7 @@ jobs: echo "matrix=$matrix" | tee -a "$GITHUB_OUTPUT" launch-test-workflows: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') needs: - retrieve-matrix diff --git a/.github/workflows/auth-react-test-3.yml b/.github/workflows/auth-react-test-3.yml index 0736f1d78..d8818c890 100644 --- a/.github/workflows/auth-react-test-3.yml +++ b/.github/workflows/auth-react-test-3.yml @@ -45,7 +45,7 @@ on: jobs: test: - if: ${{ inputs.matrix != '{"include":[]}' }} + if: inputs.matrix != '{"include":[]}' && (github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests')) runs-on: ubuntu-latest strategy: max-parallel: 10 diff --git a/.github/workflows/backend-sdk-testing.yml b/.github/workflows/backend-sdk-testing.yml index 41cba1724..4f9516cfa 100644 --- a/.github/workflows/backend-sdk-testing.yml +++ b/.github/workflows/backend-sdk-testing.yml @@ -6,9 +6,11 @@ on: - opened - reopened - synchronize + - labeled + - unlabeled push: - tags: - - dev-v[0-9]+.[0-9]+.[0-9]+ + branches: + - '[0-9]+.[0-9]+' # Only one instance of this workflow will run on the same ref (PR/Branch/Tag) # Previous runs will be cancelled. @@ -18,6 +20,7 @@ concurrency: jobs: define-versions: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest outputs: fdiVersions: ${{ steps.versions.outputs.fdiVersions }} @@ -42,6 +45,7 @@ jobs: cdi-versions: ${{steps.versions.outputs.cdiVersions }} test: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest needs: define-versions diff --git a/.github/workflows/check-docs.yml b/.github/workflows/check-docs.yml new file mode 100644 index 000000000..a5884f995 --- /dev/null +++ b/.github/workflows/check-docs.yml @@ -0,0 +1,89 @@ +name: "Check if docs need an update" + +on: + push: + branches: + - '[0-9]+.[0-9]+' + +permissions: + contents: write + +# Only one instance of this workflow will run on the same ref (PR/Branch/Tag) +# Previous runs will be cancelled. +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + check-docs: + name: Check if docs need an update + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.ref }} + # Need a complete fetch to make the master merge check work + fetch-depth: 0 + fetch-tags: true + token: ${{ secrets.ALL_REPO_PAT }} + + + - name: Setup git + run: | + # NOTE: The user email is {user.id}+{user.login}@users.noreply.github.com. + # See users API: https://api.github.com/users/github-actions%5Bbot%5D + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + + git fetch origin master + + - uses: actions/setup-python@v5 + with: + python-version: 3.13 + + - name: Populate variables + id: versions + run: | + . ./hooks/populate-hook-constants.sh + + echo "constantsVersion=$constantsVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" + echo "constantsVersionXy=$constantsVersionXy" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" + echo "setupVersion=$setupVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" + echo "setupVersionXy=$setupVersionXy" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" + echo "newestVersion=$newestVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" + echo "targetBranch=$targetBranch" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" + + - name: Check tag and branch correctness + run: | + if [[ "${{ steps.versions.outputs.constantsVersion }}" != "${{ steps.versions.outputs.setupVersion }}" ]]; + then + echo "Constants version and setup version mismatch" + exit 1 + fi + + if [[ "refs/heads/${{ steps.versions.outputs.setupVersion }}" != ${{ github.ref }}* ]] + then + echo "Branch name and setup version mismatch" + exit 1 + fi + + - name: Install dependencies + run: make dev-install + + - name: Build docs + run: make build-docs + + + - name: Check for changes in docs and create a commit if necessary + run: | + git update-index --really-refresh + + if git diff-index --quiet HEAD; then + # No-op, docs are updated + else + # Update docs and create a commit on the branch + git add --all + git commit -nm "doc: update docs for v${{ steps.versions.outputs.setupVersion }}" + git push + fi diff --git a/.github/workflows/lint-code.yml b/.github/workflows/lint-code.yml index 7f78aff05..385a4c05d 100644 --- a/.github/workflows/lint-code.yml +++ b/.github/workflows/lint-code.yml @@ -6,9 +6,11 @@ on: - opened - reopened - synchronize + - labeled + - unlabeled push: - tags: - - dev-v[0-9]+.[0-9]+.[0-9]+ + branches: + - '[0-9]+.[0-9]+' # Only one instance of this workflow will run on the same ref (PR/Branch/Tag) # Previous runs will be cancelled. diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index 72175a5aa..84a40db53 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -7,6 +7,8 @@ on: - reopened - edited - synchronize + - labeled + - unlabeled # Only one instance of this workflow will run on the same ref (PR/Branch/Tag) # Previous runs will be cancelled. diff --git a/.github/workflows/pipeline-dev-tag.yml b/.github/workflows/pipeline-dev-tag.yml deleted file mode 100644 index f10e36a02..000000000 --- a/.github/workflows/pipeline-dev-tag.yml +++ /dev/null @@ -1,145 +0,0 @@ -name: "Dev Tag Pipeline" - -on: - workflow_dispatch: - inputs: - branch: - description: The branch to create the dev tag on - type: string - required: true - -permissions: - contents: write - -jobs: - setup: - runs-on: ubuntu-latest - - outputs: - constantsVersion: ${{ steps.versions.outputs.constantsVersion }} - constantsVersionXy: ${{ steps.versions.outputs.constantsVersionXy }} - setupVersion: ${{ steps.versions.outputs.setupVersion }} - setupVersionXy: ${{ steps.versions.outputs.setupVersionXy }} - newestVersion: ${{ steps.versions.outputs.newestVersion }} - targetBranch: ${{ steps.versions.outputs.targetBranch }} - devTag: ${{ steps.versions.outputs.devTag }} - releaseTag: ${{ steps.versions.outputs.releaseTag }} - - - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ inputs.branch }} - # Need a complete fetch to make the master merge check work - fetch-depth: 0 - fetch-tags: true - token: ${{ secrets.ALL_REPO_PAT }} - - - - name: Setup git - run: | - # NOTE: The user email is {user.id}+{user.login}@users.noreply.github.com. - # See users API: https://api.github.com/users/github-actions%5Bbot%5D - git config user.name "github-actions[bot]" - git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - - git fetch origin master - - name: Check if branch needs master merge - run: | - if [[ $(git log origin/master ^HEAD) != "" ]]; then - echo "You need to merge master into this branch." - exit 1 - fi - - - name: Populate variables - id: versions - run: | - . ./hooks/populate-hook-constants.sh - - echo "constantsVersion=$constantsVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - echo "constantsVersionXy=$constantsVersionXy" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - echo "setupVersion=$setupVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - echo "setupVersionXy=$setupVersionXy" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - echo "newestVersion=$newestVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - echo "targetBranch=$targetBranch" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - - echo "devTag=dev-v$setupVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - echo "releaseTag=v$setupVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - - - name: Check tag and branch correctness - run: | - if [[ "${{ steps.versions.outputs.setupVersion }}" != ${{ inputs.branch }}* ]] - then - echo "Adding tag to wrong branch" - exit 1 - fi - - if git rev-parse ${{ steps.versions.outputs.releaseTag }} >/dev/null 2>&1 - then - echo "The released version of this tag already exists." - exit 1 - fi - - - name: Delete tag if already tagged - run: | - git tag --delete ${{ steps.versions.outputs.devTag }} || true - git push --delete origin ${{ steps.versions.outputs.devTag }} || true - - - name: Install dependencies - run: make dev-install - - - name: Build docs - run: make build-docs - - - name: Commit doc changes - run: | - git add --all - git commit --allow-empty -nm "doc: update docs for ${{ steps.versions.outputs.releaseTag }} tag" - git push - - - name: Create and push tag - run: | - # NOTE: The user email is {user.id}+{user.login}@users.noreply.github.com. - # See users API: https://api.github.com/users/github-actions%5Bbot%5D - git config user.name "github-actions[bot]" - git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - - git tag ${{ steps.versions.outputs.devTag }} - git push --tags --follow-tags - - mark-dev-tag-as-not-passed: - runs-on: ubuntu-latest - needs: - - setup - - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ needs.setup.outputs.devTag }} - fetch-tags: true - - - id: versions - uses: supertokens/get-supported-versions-action@main - with: - has-cdi: true - has-fdi: true - - - id: escape-versions - run: | - echo "fdiVersions=$(sed 's/"/\\"/g' <<< '${{ steps.versions.outputs.fdiVersions }}')" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - echo "cdiVersions=$(sed 's/"/\\"/g' <<< '${{ steps.versions.outputs.cdiVersions }}')" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" - - - run: | - ./hooks/populate-hook-constants.sh - - curl --fail-with-body -X PUT \ - https://api.supertokens.io/0/driver \ - -H 'Content-Type: application/json' \ - -H 'api-version: 0' \ - -d "{ - \"password\": \"${{ secrets.SUPERTOKENS_API_KEY }}\", - \"version\":\"${{ needs.setup.outputs.setupVersion }}\", - \"name\": \"python\", - \"frontendDriverInterfaces\": ${{ steps.escape-versions.outputs.fdiVersions }}, - \"coreDriverInterfaces\": ${{ steps.escape-versions.outputs.cdiVersions }} - }" diff --git a/.github/workflows/pipeline-release-tag.yml b/.github/workflows/pipeline-release-tag.yml index 706f770f1..f0474856f 100644 --- a/.github/workflows/pipeline-release-tag.yml +++ b/.github/workflows/pipeline-release-tag.yml @@ -44,6 +44,8 @@ jobs: - uses: actions/checkout@v4 with: ref: ${{ inputs.branch }} + # Need a complete fetch to make the master merge check work + fetch-depth: 0 fetch-tags: true token: ${{ secrets.ALL_REPO_PAT }} @@ -65,6 +67,42 @@ jobs: echo "versionFolder=$setupVersionXy.X" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" echo "artifactName=python-docs-$setupVersion" | tee -a "$GITHUB_OUTPUT" "$GITHUB_ENV" + - name: Setup git + run: | + # NOTE: The user email is {user.id}+{user.login}@users.noreply.github.com. + # See users API: https://api.github.com/users/github-actions%5Bbot%5D + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + + git fetch origin master + + - name: Check if branch needs master merge + run: | + if [[ $(git log origin/master ^HEAD) != "" ]]; then + echo "You need to merge master into this branch." + exit 1 + fi + + - name: Check tag and branch correctness + run: | + if [[ "${{ steps.versions.outputs.constantsVersion }}" != "${{ steps.versions.outputs.setupVersion }}" ]]; + then + echo "Constants version and setup version mismatch" + exit 1 + fi + + if [[ "${{ steps.versions.outputs.setupVersion }}" != ${{ inputs.branch }}* ]] + then + echo "Adding tag to wrong branch" + exit 1 + fi + + if git rev-parse ${{ steps.versions.outputs.releaseTag }} >/dev/null 2>&1 + then + echo "The released version of this tag already exists." + exit 1 + fi + mark-as-success: runs-on: ubuntu-latest @@ -80,72 +118,14 @@ jobs: run: | pip install httpx - - if: ${{ inputs.skip-test-checks == 'false' || inputs.skip-test-checks == false }} - name: Get commit status - run: | - python3 -c "$(cat << EOF - - from collections import defaultdict - import httpx - import sys - - check_runs_url = "https://api.github.com/repos/${{ github.repository }}/commits/tags/${{ needs.setup.outputs.devTag }}/check-runs?per_page=100&page={page}" - jobs_url="https://api.github.com/repos/supertokens/supertokens-python/actions/runs/${{ github.run_id }}/jobs" - - current_jobs_response = httpx.get(jobs_url).json() - current_job_ids = [job["id"] for job in current_jobs_response["jobs"]] - - page = 1 - total = 0 - - status_map = defaultdict(int) - conclusion_map = defaultdict(int) - failures = [] - - while True: - response = httpx.get(check_runs_url.format(page=page)).json() - - if len(response["check_runs"]) == 0: - break - - for run_info in response["check_runs"]: - # Release pipeline jobs also show up in check-runs - # We skip them from the checks to avoid pipeline failures - if run_info["id"] in current_job_ids: - continue - - if run_info["conclusion"] == "failure": - failures.append(run_info["html_url"]) - - status_map[run_info["status"]] += 1 - conclusion_map[run_info["conclusion"]] += 1 - total += 1 - - page += 1 - - print(f"{page=}") - print(f"{total=}") - print("Status Map =", dict(status_map)) - print("Conclusion Map =", dict(conclusion_map)) - print() - - # Possible values (from docs): - # [completed, action_required, cancelled, failure, neutral, skipped, stale, success, - # timed_out, in_progress, queued, requested, waiting, pending] - if status_map["completed"] < total: - print("Some checks not completed.") - print(failures) - sys.exit(1) - - # Possible values (from testing): - # None, success, skipped, failure - if conclusion_map.get("failure", 0) > 0: - print("Some checks not successful.") - print(failures) - sys.exit(1) - - EOF - )" + - name: Get commit status + uses: supertokens/actions/check-tests-passed@main + with: + ref: ${{ inputs.branch }} + ref-type: branch + repository: ${{ github.repository }} + run_id: ${{ github.run_id }} + skip-test-checks: ${{ inputs.skip-test-checks }} - run: | curl --fail-with-body -X PATCH \ @@ -206,20 +186,6 @@ jobs: exit 1 fi - - name: Check if current commit is dev-tagged - run: | - currentCommit=$(git log --format="%H" -n 1) - currentTag=`git tag -l --points-at $currentCommit` - expectedTag="${{ needs.setup.outputs.devTag }}" - - if [[ $currentTag != $expectedTag ]] - then - echo "Commit does not have the correct dev tag for this release" - echo "Current: $currentTag" - echo "Expected: $expectedTag" - exit 1 - fi - - name: Mark for release run: | curl --fail-with-body -X PATCH \ @@ -233,16 +199,12 @@ jobs: \"release\": true }" - - name: Create release tag, delete dev tag + - name: Create release tag run: | # Add new release tag git tag ${{ needs.setup.outputs.releaseTag }} git push --tags - # Delete current dev tag - git tag --delete ${{ needs.setup.outputs.devTag }} - git push --delete origin ${{ needs.setup.outputs.devTag }} - merge: runs-on: ubuntu-latest diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index 5163e2c50..ae2c8d445 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -6,9 +6,11 @@ on: - opened - reopened - synchronize + - labeled + - unlabeled push: - tags: - - dev-v[0-9]+.[0-9]+.[0-9]+ + branches: + - '[0-9]+.[0-9]+' # Only one instance of this workflow will run on the same ref (PR/Branch/Tag) # Previous runs will be cancelled. @@ -18,6 +20,7 @@ concurrency: jobs: define-versions: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest outputs: @@ -43,6 +46,7 @@ jobs: cdi-versions: ${{steps.versions.outputs.cdiVersions }} test: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest needs: define-versions diff --git a/.github/workflows/website-test.yml b/.github/workflows/website-test.yml index dfe99e5ca..9d2f3151c 100644 --- a/.github/workflows/website-test.yml +++ b/.github/workflows/website-test.yml @@ -6,9 +6,11 @@ on: - opened - reopened - synchronize + - labeled + - unlabeled push: - tags: - - dev-v[0-9]+.[0-9]+.[0-9]+ + branches: + - '[0-9]+.[0-9]+' # Only one instance of this workflow will run on the same ref (PR/Branch/Tag) # Previous runs will be cancelled. @@ -18,6 +20,7 @@ concurrency: jobs: define-versions: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest outputs: fdiVersions: ${{ steps.versions.outputs.fdiVersions }} @@ -57,6 +60,7 @@ jobs: cdi-versions: ${{steps.versions.outputs.cdiVersions }} test: + if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'run-tests') runs-on: ubuntu-latest needs: define-versions strategy: