search

OpenBankingToolkit / openbanking-reference-implementation

ForgeRock OpenBanking Reference Implementation is an example of how you can bundle all the micro-services together to create an Open Banking eco-system
Apache License 2.0
7 stars 4 forks source link

Github actions are failing to increment versions (release) on merge-master actions #153

Closed BohoCode closed 4 years ago

BohoCode commented 4 years ago

Describe the bug When a PR is merged github actions should trigger a workflow (merge-master) that will do a maven release. This should result in two commits, one of the non-snapshot version of the existing release version, and a second one of the snapshot of the next version. e.g. if the commit is made on 1.0.26-SNAPSHOT, then the merge-master github action should, on merging a PR, create a 1.0.26 release, and then set the maven release version to 1.0.27-SNAPSHOT

Instead, during the workflow Release step of the workflow we see the following error;

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on project forgerock-openbanking-starter-commons: Unable to commit files
[ERROR] Provider message:
[ERROR] The git-commit command failed.
[ERROR] Command output:
[ERROR] error: gpg failed to sign the data
[ERROR] fatal: failed to write commit object
[ERROR] -> [Help 1]

Affected repositories

Check when fixed...

useful links

The github action performing the release is here; https://github.com/qcastel/github-actions-maven-release/blob/master/action.yml an example workflow using the action is here; https://github.com/OpenBankingToolkit/openbanking-common/blob/master/.github/workflows/merge-master.yml an example failure of the action is here; https://github.com/OpenBankingToolkit/openbanking-common/actions/runs/44914967

To Reproduce Steps to reproduce the behaviour:

  1. Create an empty commit on a branch in openbanking-commons for example, push and create a PR. git commit --allow-empty
  2. Merge the PR once approved
  3. Check the github actions tab, choose the merge-master and observe if the Release step succeeds
  4. When it fails click on the step to see the error messages.

Expected behaviour The merge-master workflow succeeds with no errors.

Current behaviour No commits are made and the merge-master workflow fails

Analysis

It would seem that there is a mix of accounts being used to perform the workflow. Firstly, the github access token belongs to fropenbanking. However the email and name used for git commits is that of the openbankbot account. We should use the fropenbanking account for everything.

Release Notes

Affected App: X

Description: X

BohoCode commented 4 years ago

I've done the following;

BohoCode commented 4 years ago

Yesterday I span up the https://github.com/qcastel/github-actions-maven-release/blob/master/action.yml docker image using a secrets file with these newly generated secrets and ran the release.sh script on a mounted folder containing openbanking-aspsp and it got to the point where it was trying to push the release commit to master (which failed due to branch protection). This makes me believe that the signing using these new secrets will work fine as initially when I had problems with the secrets formats I was getting errors prior to the push.

BohoCode commented 4 years ago

Now trying new secrets with openbanking-commons; https://github.com/OpenBankingToolkit/openbanking-common/pull/41

BohoCode commented 4 years ago

Changed the following secrets for the repo; GITHUB_ACCESS_TOKEN GITHUB_GPG_KEY GITHUB_GPG_KEY_ID

All to use values found in CICD-secrets.tar.gz.gpg fropenbanking-github-secrets directory. i.e. all related to the fropenbanking github user.

BohoCode commented 4 years ago

Yay!!!! It works!!!!! https://github.com/OpenBankingToolkit/openbanking-common/runs/472497569?check_suite_focus=true

BohoCode commented 4 years ago

I think our work here is done!