diff --git a/.github/workflows/changelog-preview.yml b/.github/workflows/changelog-preview.yml new file mode 100644 index 0000000000..5883c004c0 --- /dev/null +++ b/.github/workflows/changelog-preview.yml @@ -0,0 +1,17 @@ +name: Changelog Preview +on: + pull_request: + types: + - opened + - synchronize + - reopened + - edited + - labeled +permissions: + contents: write + pull-requests: write + +jobs: + changelog-preview: + uses: getsentry/craft/.github/workflows/changelog-preview.yml@v2 + secrets: inherit diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 44fe331b34..8443b5dcd7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,7 +24,7 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 with: python-version: 3.14 @@ -39,7 +39,7 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 with: python-version: 3.12 @@ -70,7 +70,7 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 with: python-version: 3.12 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 79af0a3039..e7690ef409 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -48,7 +48,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/release-comment-issues.yml b/.github/workflows/release-comment-issues.yml index 8870f25bc0..e18aeab155 100644 --- a/.github/workflows/release-comment-issues.yml +++ b/.github/workflows/release-comment-issues.yml @@ -10,6 +10,11 @@ on: required: false # This workflow is triggered when a release is published +permissions: + issues: write + contents: write + pull-requests: write + jobs: release-comment-issues: runs-on: ubuntu-20.04 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a5b89d2734..3778d36816 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,38 +1,40 @@ name: Release - on: workflow_dispatch: inputs: version: - description: Version to release - required: true + description: Version to release (or "auto") + required: false force: - description: Force a release even when there are release-blockers (optional) + description: Force a release even when there are release-blockers required: false merge_target: - description: Target branch to merge into. Uses the default branch as a fallback (optional) + description: Target branch to merge into required: false +permissions: + contents: write + pull-requests: write jobs: release: runs-on: ubuntu-latest - name: "Release a new version" + name: Release a new version steps: - - name: Get auth token - id: token - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 - with: - app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }} - private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }} - - uses: actions/checkout@v6.0.1 - with: - token: ${{ steps.token.outputs.token }} - fetch-depth: 0 - - name: Prepare release - uses: getsentry/action-prepare-release@v1 - env: - GITHUB_TOKEN: ${{ steps.token.outputs.token }} - with: - version: ${{ github.event.inputs.version }} - force: ${{ github.event.inputs.force }} - merge_target: ${{ github.event.inputs.merge_target }} + - name: Get auth token + id: token + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2 # v2 # v2 + with: + app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }} + private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }} + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2 + with: + token: ${{ steps.token.outputs.token }} + fetch-depth: 0 + - name: Prepare release + uses: getsentry/craft@39ee616a6a58dc64797feecb145d66770492b66c # v2 + env: + GITHUB_TOKEN: ${{ steps.token.outputs.token }} + with: + version: ${{ inputs.version }} + force: ${{ inputs.force }} + merge_target: ${{ inputs.merge_target }} diff --git a/.github/workflows/test-integrations-agents.yml b/.github/workflows/test-integrations-agents.yml index e2be8508ea..c5fa5b2bb5 100644 --- a/.github/workflows/test-integrations-agents.yml +++ b/.github/workflows/test-integrations-agents.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-ai-workflow.yml b/.github/workflows/test-integrations-ai-workflow.yml index d641becd25..55fe95c3ee 100644 --- a/.github/workflows/test-integrations-ai-workflow.yml +++ b/.github/workflows/test-integrations-ai-workflow.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-ai.yml b/.github/workflows/test-integrations-ai.yml index fc1a9f7b90..a0e9c973a4 100644 --- a/.github/workflows/test-integrations-ai.yml +++ b/.github/workflows/test-integrations-ai.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-cloud.yml b/.github/workflows/test-integrations-cloud.yml index d655af0a1a..420a98e921 100644 --- a/.github/workflows/test-integrations-cloud.yml +++ b/.github/workflows/test-integrations-cloud.yml @@ -42,7 +42,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-common.yml b/.github/workflows/test-integrations-common.yml index b87b8e56d2..67f19700b8 100644 --- a/.github/workflows/test-integrations-common.yml +++ b/.github/workflows/test-integrations-common.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-dbs.yml b/.github/workflows/test-integrations-dbs.yml index 4638525be7..e0ca6150bb 100644 --- a/.github/workflows/test-integrations-dbs.yml +++ b/.github/workflows/test-integrations-dbs.yml @@ -56,7 +56,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-flags.yml b/.github/workflows/test-integrations-flags.yml index 9c3c647937..0698e5b949 100644 --- a/.github/workflows/test-integrations-flags.yml +++ b/.github/workflows/test-integrations-flags.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-gevent.yml b/.github/workflows/test-integrations-gevent.yml index 0d57e14224..89e119783d 100644 --- a/.github/workflows/test-integrations-gevent.yml +++ b/.github/workflows/test-integrations-gevent.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-graphql.yml b/.github/workflows/test-integrations-graphql.yml index 8e27210148..932d62c1e3 100644 --- a/.github/workflows/test-integrations-graphql.yml +++ b/.github/workflows/test-integrations-graphql.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-mcp.yml b/.github/workflows/test-integrations-mcp.yml index e986d1e358..84da1873b9 100644 --- a/.github/workflows/test-integrations-mcp.yml +++ b/.github/workflows/test-integrations-mcp.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-misc.yml b/.github/workflows/test-integrations-misc.yml index 16d8a5f1a9..396ac17eb1 100644 --- a/.github/workflows/test-integrations-misc.yml +++ b/.github/workflows/test-integrations-misc.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-network.yml b/.github/workflows/test-integrations-network.yml index af0ed3cd09..e1c1cfe68e 100644 --- a/.github/workflows/test-integrations-network.yml +++ b/.github/workflows/test-integrations-network.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-tasks.yml b/.github/workflows/test-integrations-tasks.yml index bf464d8f5c..61b176146d 100644 --- a/.github/workflows/test-integrations-tasks.yml +++ b/.github/workflows/test-integrations-tasks.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-web-1.yml b/.github/workflows/test-integrations-web-1.yml index 7f4c3d681f..cd02687a26 100644 --- a/.github/workflows/test-integrations-web-1.yml +++ b/.github/workflows/test-integrations-web-1.yml @@ -56,7 +56,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/test-integrations-web-2.yml b/.github/workflows/test-integrations-web-2.yml index 7de840df55..632b4fe953 100644 --- a/.github/workflows/test-integrations-web-2.yml +++ b/.github/workflows/test-integrations-web-2.yml @@ -38,7 +38,7 @@ jobs: # Use Docker container only for Python 3.6 container: ${{ matrix.python-version == '3.6' && 'python:3.6' || null }} steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 - uses: actions/setup-python@v6 if: ${{ matrix.python-version != '3.6' }} with: diff --git a/.github/workflows/update-tox.yml b/.github/workflows/update-tox.yml index 5d3931cf9e..f18e108d82 100644 --- a/.github/workflows/update-tox.yml +++ b/.github/workflows/update-tox.yml @@ -23,7 +23,7 @@ jobs: python-version: 3.14t - name: Checkout repo - uses: actions/checkout@v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 # v6 # v2.0.1 with: token: ${{ secrets.GITHUB_TOKEN }}