Skip to content

ci(DCP-2422): automate CLI release process#322

Merged
script-this merged 6 commits intomainfrom
chore/dcp-2422-automate-cli-release-process-conventional-commits
Mar 2, 2026
Merged

ci(DCP-2422): automate CLI release process#322
script-this merged 6 commits intomainfrom
chore/dcp-2422-automate-cli-release-process-conventional-commits

Conversation

@script-this
Copy link
Copy Markdown
Contributor

@script-this script-this commented Feb 27, 2026
edited
Loading

Summary

Automates the release process from a multi-step manual procedure to a two-step flow: trigger a workflow dispatch → review and merge the generated release PR.

Part 1 (conventional commits enforcement) was completed in #321. This PR adds the changelog generation and release workflow (Part 2):

  • Add cliff.toml for git-cliff changelog generation from conventional commits
  • Add create-release.yml workflow with two jobs:
    • create-release-pr: calculates version, generates changelog, opens release PR
    • finalize-release: on merge, creates tag + GitHub Release, triggers binary/Docker builds
  • Add ## next section to CHANGELOG.md for manual release notes
  • Update DEVELOPMENT.md and README.md with new release process docs
  • Extract inline shell/Python release scripts to testable Go tool (scripts/changelog/)
    • extract: replaces awk/sed for changelog section extraction
    • merge: replaces bash merge logic for combining manual + generated notes
    • update: replaces Python script for updating CHANGELOG.md with new version entries
    • Removes Python dependency from CI

Test plan

  • make test, make lint, git-cliff local run, manual go run ./scripts/changelog integration tests all pass
  • After merge: trigger "Create Release" workflow with patch from Actions UI
  • Verify release PR is created on release/v0.0.60 with generated changelog
  • Merge release PR → verify tag v0.0.60, GitHub Release, and downstream workflows trigger

@script-this script-this requested a review from a team as a code owner February 27, 2026 13:48
@prolific-snyk
Copy link
Copy Markdown

prolific-snyk commented Feb 27, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@script-this
ci(DCP-2422): add automated changelog and release workflow
1b9908f 
Add git-cliff config and create-release workflow that automates the
release process into a two-step flow: trigger workflow dispatch to
create a release PR with auto-generated changelog, then merge to
publish the release with tag, GitHub Release, binaries, and Docker.
@script-this script-this force-pushed the chore/dcp-2422-automate-cli-release-process-conventional-commits branch from c960cdb to 1b9908f Compare February 27, 2026 13:50
@script-this
fix(DCP-2422): use body-file for release PR to avoid heredoc indentation
f485254 
The inline heredoc inside gh pr create inherited YAML indentation,
causing 10 leading spaces on every line of the PR body.
@script-this
chore(DCP-2422): harden release workflow and cliff config
febfb94 
- Pin git-cliff-action to SHA for supply-chain security
- Remove unused NOTES shell variable in changelog update step
- Use awk string comparison instead of regex for version extraction
- Tighten docs commit pattern from ^doc to ^docs?
@script-this
chore(DCP-2422): clean up release workflow and cliff config
abbc2c4 
- Remove dead shell variable NEW_VERSION in changelog update step
- Guard CLIFF_NOTES.md read against missing file
- Remove unused step IDs (manual, notes) and has_manual output
- Warn on empty release notes in finalize-release job
- Align cliff.toml docs pattern with commitlint (^docs)
@script-this
refactor(DCP-2422): extract release scripts to testable Go tool
3c8a6f7 
Replace inline shell/Python in create-release.yml with a Go CLI tool
at scripts/changelog/ that provides extract, merge, and update
subcommands. Removes Python dependency from CI and makes changelog
manipulation logic testable with go test.
prolific-snyk
prolific-snyk reviewed Feb 27, 2026
View reviewed changes
@script-this script-this force-pushed the chore/dcp-2422-automate-cli-release-process-conventional-commits branch from f1c053d to 922c489 Compare February 27, 2026 15:25
prolific-snyk
prolific-snyk reviewed Feb 27, 2026
View reviewed changes
@script-this
fix(DCP-2422): address review feedback for changelog tool
7129605 
- Hoist regexps to package-level vars to avoid recompilation
- Switch flag sets to ContinueOnError so error handling is live
- Guard against duplicate ## next headings (match first only)
- Quote workflow step output interpolations for safety
- Add path traversal prevention with base-directory containment
- Exclude scripts/changelog/ from Snyk Code (internal CI tool
  with hardcoded paths, taint analysis false positives)
@script-this script-this force-pushed the chore/dcp-2422-automate-cli-release-process-conventional-commits branch from 7a69a77 to 7129605 Compare February 27, 2026 15:41
@script-this script-this added team-dct dct-ready-for-review Triggers Slack notification when PR is ready for review labels Feb 27, 2026
SeanAlexanderHarris
SeanAlexanderHarris approved these changes Feb 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@SeanAlexanderHarris SeanAlexanderHarris left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

praise: nice

question (non-blocking): how does it stand up against some conventional commits in the git history if there are enough to test with?

@script-this
Copy link
Copy Markdown
Contributor Author

script-this commented Mar 1, 2026

praise: nice

question (non-blocking): how does it stand up against some conventional commits in the git history if there are enough to test with?

So if I'm understanding the question correctly:

  • Existing entries are fully preserved: all 40+ historical versions remain untouched
  • The tool only works forward — it resets ## next, inserts the new version entry, and leaves everything below it alone
  • Then git-cliff generates notes from new conventional commits going forward

Meaning existing history regardless of commit style shouldn't matter.

@script-this script-this merged commit b52e67f into main Mar 2, 2026
7 checks passed
@script-this script-this deleted the chore/dcp-2422-automate-cli-release-process-conventional-commits branch March 2, 2026 15:33
@script-this script-this mentioned this pull request Mar 18, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prolific-snyk prolific-snyk prolific-snyk left review comments

@SeanAlexanderHarris SeanAlexanderHarris SeanAlexanderHarris approved these changes

Assignees

No one assigned

Labels

dct-ready-for-review Triggers Slack notification when PR is ready for review team-dct

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@script-this @prolific-snyk @SeanAlexanderHarris