Current Setup and Requirement:
AS IS:
Pipeline which needs direct commit - https://github.com/SafiBank/SaFiMono/blob/main/.github/workflows/safi-mobile-app-ci.yml
Semantic versioning like - Major.Minor.Patch
On every build version bumped automatically
bumped version updated in app/app_safi/pubspec.yaml and then tagged.
updated file pushed to main branch and tag also pushed
Requirement:
Need Semantic version for easy remembrance
Concern/Best practice of Devops:
Block direct commit to main branch
By the same time find a way which will not block their CI pipeline current flow.
Working With:
Ropiudin (Unlicensed) Andre Laksmana (Unlicensed)
Code Snippet:
- name: update patch version working-directory: ./app/app_safi run: | releaseNotes="${{ github.event.head_commit.message }}" git pull -pr dart pub global activate cider export PATH="$PATH":"$HOME/.pub-cache/bin" cider bump patch --bump-build bumpedVersion="$(yq eval '.version' pubspec.yaml)" regex="^([0-9]{1,}\.[0-9]{1,}\.[0-9]{1,})\+([0-9]{1,})$" if [[ $bumpedVersion =~ $regex ]]; then VERSION=${BASH_REMATCH[1]} BUILD_NUMBER=${BASH_REMATCH[2]} nextTag="${VERSION}+${BUILD_NUMBER}" if [ $(git tag --list "${tagName}") ]; then echo "ERROR: The tag ${tagName} already exists..." exit 1 fi git config --global user.email 'ropiudin@dkatalis.com' git config --global user.name 'ropiDK' NEXT_COMMIT_MESSAGE="Bump Version to ${VERSION}+${BUILD_NUMBER} : ${releaseNotes}" git add . git commit -m "${NEXT_COMMIT_MESSAGE}" git tag "${nextTag}" git commit --amend -m "${NEXT_COMMIT_MESSAGE} [skip ci]" git push git push origin ${nextTag} else echo "ERROR: The version in pubspec.yaml doesn't match the pattern X.Y.Z+W"; exit 1; fi
Alternative Solutions:
Option 1 - Using Git Tag:
jobs: mobile_versioning: name: mobile versioning if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: token: "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" - uses: actions/setup-java@v3 with: distribution: "zulu" java-version: "11" - uses: subosito/flutter-action@v2 with: flutter-version: "3.0.1" - name: update patch version working-directory: ./app/app_safi run: | releaseNotes="${{ github.event.head_commit.message }}" git fetch --all --tags date githubBumpedVersion=$(git tag --sort=creatordate -l "sma*" | tail -1 | cut -d'-' -f2) echo githubBumpedVersion:$githubBumpedVersion version=".version=\"${githubBumpedVersion}\"" echo version:$version yq -i "${version}" pubspec.yaml echo updated version in pubspec.yaml:$(yq eval '.version' pubspec.yaml) dart pub global activate cider export PATH="$PATH":"$HOME/.pub-cache/bin" cider bump patch --bump-build bumpedVersion="$(yq eval '.version' pubspec.yaml)" echo bumpedVersion:${bumpedVersion} regex="^([0-9]{1,}\.[0-9]{1,}\.[0-9]{1,})\+([0-9]{1,})$" if [[ $bumpedVersion =~ $regex ]]; then echo BASH_REMATCH:$BASH_REMATCH VERSION=${BASH_REMATCH[1]} BUILD_NUMBER=${BASH_REMATCH[2]} echo VERSION:$VERSION echo BUILD_NUMBER:$BUILD_NUMBER nextTag="sma-${VERSION}+${BUILD_NUMBER}" NEXT_COMMIT_MESSAGE="Bump Version to ${VERSION}+${BUILD_NUMBER} : ${releaseNotes} [skip ci]" git config --global user.email "gnanasekaran.gajendi@advancegroup.com" git config --global user.name "Gnanasekaran G" git tag -a "${nextTag}" -m "${NEXT_COMMIT_MESSAGE}" git push origin "${nextTag}" else echo "ERROR: The version in pubspec.yaml doesn't match the pattern X.Y.Z+W"; exit 1; fi
Option 2 - Using Vault:
jobs: mobile_versioning: name: mobile versioning if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest env: VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} steps: - uses: actions/checkout@v3 with: token: "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" - uses: actions/setup-java@v3 with: distribution: "zulu" java-version: "11" - uses: subosito/flutter-action@v2 with: flutter-version: "3.0.1" - name: Install Vault CLI uses: eLco/setup-vault@v1 with: vault_version: 1.11.0 - name: update patch version working-directory: ./app/app_safi run: | releaseNotes="${{ github.event.head_commit.message }}" vaultBumpedVersion=$(vault kv get -mount=secret -field=bumped_version dev/apps/mobile-app/ci/cider) echo vaultBumpedVersion:$vaultBumpedVersion version=".version=\"${vaultBumpedVersion}\"" echo version:$version yq -i "${version}" pubspec.yaml echo updated version in pubspec.yaml:$(yq eval '.version' pubspec.yaml) dart pub global activate cider export PATH="$PATH":"$HOME/.pub-cache/bin" cider bump patch --bump-build bumpedVersion="$(yq eval '.version' pubspec.yaml)" echo bumpedVersion:${bumpedVersion} regex="^([0-9]{1,}\.[0-9]{1,}\.[0-9]{1,})\+([0-9]{1,})$" if [[ $bumpedVersion =~ $regex ]]; then echo BASH_REMATCH:$BASH_REMATCH VERSION=${BASH_REMATCH[1]} BUILD_NUMBER=${BASH_REMATCH[2]} echo VERSION:$VERSION echo BUILD_NUMBER:$BUILD_NUMBER nextTag="${VERSION}+${BUILD_NUMBER}" shortCommitID=$(git rev-parse --short "$GITHUB_SHA") vault kv patch -mount=secret dev/apps/mobile-app/ci/cider bumped_version=${nextTag} short_commit_id=${shortCommitID} else echo "ERROR: The version in pubspec.yaml doesn't match the pattern X.Y.Z+W"; exit 1; fi
Option 3 - Using Vault and Git tag:
Can be considered this case by doing double validation
Can be compared it tag version and vault version are same
jobs: mobile_versioning: name: mobile versioning if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest env: VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} steps: - uses: actions/checkout@v3 with: token: "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" - uses: actions/setup-java@v3 with: distribution: "zulu" java-version: "11" - uses: subosito/flutter-action@v2 with: flutter-version: "3.0.1" - name: Install Vault CLI uses: eLco/setup-vault@v1 with: vault_version: 1.11.0 - name: update patch version working-directory: ./app/app_safi run: | releaseNotes="${{ github.event.head_commit.message }}" vaultBumpedVersion=$(vault kv get -mount=secret -field=bumped_version dev/apps/mobile-app/ci/cider) echo vaultBumpedVersion:$vaultBumpedVersion version=".version=\"${vaultBumpedVersion}\"" echo version:$version yq -i "${version}" pubspec.yaml echo updated version in pubspec.yaml:$(yq eval '.version' pubspec.yaml) dart pub global activate cider export PATH="$PATH":"$HOME/.pub-cache/bin" cider bump patch --bump-build bumpedVersion="$(yq eval '.version' pubspec.yaml)" echo bumpedVersion:${bumpedVersion} regex="^([0-9]{1,}\.[0-9]{1,}\.[0-9]{1,})\+([0-9]{1,})$" if [[ $bumpedVersion =~ $regex ]]; then echo BASH_REMATCH:$BASH_REMATCH VERSION=${BASH_REMATCH[1]} BUILD_NUMBER=${BASH_REMATCH[2]} echo VERSION:$VERSION echo BUILD_NUMBER:$BUILD_NUMBER nextTag="${VERSION}+${BUILD_NUMBER}" NEXT_COMMIT_MESSAGE="Bump Version to ${VERSION}+${BUILD_NUMBER} : ${releaseNotes} [skip ci]" shortCommitID=$(git rev-parse --short "$GITHUB_SHA") vault kv patch -mount=secret dev/apps/mobile-app/ci/cider bumped_version=${nextTag} short_commit_id=${shortCommitID} git config --global user.email "gnanasekaran.gajendi@advancegroup.com" git config --global user.name "Gnanasekaran G" git tag -a "${nextTag}" -m "${NEXT_COMMIT_MESSAGE}" git push origin "${nextTag}" else echo "ERROR: The version in pubspec.yaml doesn't match the pattern X.Y.Z+W"; exit 1; fi
Implemented Solution:
Discussed with app team and decided to go with git tag based solution. Sample code snippet can be found below.
jobs: mobile_versioning: name: mobile versioning needs: - analyze_test_main_app - analyze_test_feature_account - analyze_test_feature_cards - analyze_test_feature_dashboard - analyze_test_feature_loans - analyze_test_feature_login - analyze_test_feature_mobile_data - analyze_test_feature_onboarding - analyze_test_feature_transactions - analyze_test_feature_transactions_hive_example - analyze_test_generic_analytics - analyze_test_generic_app_config - analyze_test_generic_module_common - analyze_test_generic_monitoring - analyze_test_generic_template - analyze_test_generic_ui - analyze_test_library_device_fingeprint_plugin - analyze_test_library_extensions - analyze_test_library_forgerock_plugin - analyze_test_library_injection - analyze_test_library_iqa_plugin - analyze_test_library_liveness_plugin - analyze_test_library_logger - analyze_test_library_performance_monitoring - analyze_test_library_video_kyc #TODO: change with main branch if: github.ref == 'refs/heads/main' runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: token: "${{ secrets.SMA_GITHUB_TOKEN }}" - uses: actions/setup-java@v3 with: distribution: "zulu" java-version: "11" - uses: subosito/flutter-action@v2 with: flutter-version: "3.0.1" - name: update patch version working-directory: ./app/app_safi env: SMA_GITHUB_TAG_PREFIX: "sma" run: | releaseNotes="${{ github.event.head_commit.message }}" git fetch --all --tags githubBumpedVersion=$(git tag --sort=creatordate -l "${SMA_GITHUB_TAG_PREFIX}*" | tail -1 | cut -d'-' -f2) echo githubBumpedVersion:$githubBumpedVersion version=".version=\"${githubBumpedVersion}\"" echo version:$version yq -i "${version}" pubspec.yaml echo updated version in pubspec.yaml:$(yq eval '.version' pubspec.yaml) dart pub global activate cider export PATH="$PATH":"$HOME/.pub-cache/bin" cider bump patch --bump-build bumpedVersion="$(yq eval '.version' pubspec.yaml)" regex="^([0-9]{1,}\.[0-9]{1,}\.[0-9]{1,})\+([0-9]{1,})$" if [[ $bumpedVersion =~ $regex ]]; then VERSION=${BASH_REMATCH[1]} BUILD_NUMBER=${BASH_REMATCH[2]} nextTag="${SMA_GITHUB_TAG_PREFIX}-${VERSION}+${BUILD_NUMBER}" if [ $(git tag --list "${tagName}") ]; then echo "ERROR: The tag ${tagName} already exists..." exit 1 fi git config --global user.email 'ropiudin@dkatalis.com' git config --global user.name 'ropiDK' NEXT_COMMIT_MESSAGE="Bump Version to ${VERSION}+${BUILD_NUMBER} : ${releaseNotes}" git add . git commit -m "${NEXT_COMMIT_MESSAGE}" git tag "${nextTag}" git commit --amend -m "${NEXT_COMMIT_MESSAGE}" git push origin ${nextTag} else echo "ERROR: The version in pubspec.yaml doesn't match the pattern X.Y.Z+W"; exit 1; fi