Separate release drafting from publishing

[sarayourfriend]

Fixes

Fixes #2264 by @sarayourfriend

Description

Splits release drafting into its own workflow that runs on every push to main.

Updates the release-app to have a single "release" trigger, to always use the latest staging image to deploy production. It derives which app to release based on the released tag.

As the trigger is the release being published, there's nothing we need to do with the release in the release-app workflow, everything is now exclusively about (a) getting the images tagged, (b) deploying them (if API or frontend), and (c) opening the changelog PR.

Testing Instructions

This is annoyingly hard to test. I've tried to write the release drafting workflow in such a way that it will get tested, but I don't know if it will work. There is no way to really test the release app workflow changes without merging and trying it on main, and then fixing things as we go.

Checklist

• My pull request has a descriptive title (not a vague title likeUpdate index.md).
• My pull request targets the default branch of the repository (main) or a parent feature branch.
• My commit messages follow best practices.
• My code follows the established code style of the repository.
• [N/A] I added or updated tests for the changes I made (if applicable).
• I added or updated documentation (if applicable).
• I tried running the project locally and verified that there are no visible errors.
• [N/A] I ran the DAG documentation generator (if applicable).

Developer Certificate of Origin

Developer Certificate of Origin

Developer Certificate of Origin
Version 1.1

Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
1 Letterman Drive
Suite D4700
San Francisco, CA, 94129

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.


Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
    have the right to submit it under the open source license
    indicated in the file; or

(b) The contribution is based upon previous work that, to the best
    of my knowledge, is covered under an appropriate open source
    license and I have the right under that license to submit that
    work with modifications, whether created in whole or in part
    by me, under the same open source license (unless I am
    permitted to submit under a different license), as indicated
    in the file; or

(c) The contribution was provided directly to me by some other
    person who certified (a), (b) or (c) and I have not modified
    it.

(d) I understand and agree that this project and the contribution
    are public and that a record of the contribution (including all
    personal information I submit with it, including my sign-off) is
    maintained indefinitely and may be redistributed consistent with
    this project or the open source license(s) involved.

[sarayourfriend]

The new workflow successfully created the draft releases:

This is possible to test because I've set it to do so on pull_request. But for the actual release workflow, there's no way to test that without putting the workflow on main.

[github-actions]

Full-stack documentation: https://docs.openverse.org/_preview/3755

Please note that GitHub pages takes a little time to deploy newly pushed code, if the links above don't work or you see old versions, wait 5 minutes and try again.

You can check the GitHub pages deployment action list to see the current status of the deployments.

Changed files 🔄:

• https://docs.openverse.org/_preview/3755/api/guides/deploy.html
• https://docs.openverse.org/_preview/3755/catalog/guides/deploy.html
• https://docs.openverse.org/_preview/3755/frontend/guides/deploy.html
• https://docs.openverse.org/_preview/3755/general/deployment.html
• https://docs.openverse.org/_preview/3755/ingestion_server/guides/deploy.html

[AetherUnbound]

This makes sense! One editorial note for the release documents.

Rephrasing this for my own understanding: The release drafts for every service are made on each commit to main. When we want to deploy a release, we are now only able to deploy the latest image. That's done by publishing the draft, which creates a release and kicks off the deployment. We can still perform rollbacks by using the deployment workflows in the infrastructure repo with a specific tag.

Is that all correct?

[sarayourfriend]

Yes, everything else remains the same, the only difference is that now you publish a release instead of manually dispatching the release app workflow.

Using the latest tag is the only reasonable option I can think of, and the release notes were always based on that anyway, they didn't, for example, try to only include changes up to the SHA passed in, it always used the latest changes. In any case, the release notes will let us know what is actually in that SHA now, which is more useful than a random guess of "I guess whatever is in staging now is probably fine".

From my perspective there is no good reason to release something that is not the current staging version, unless staging is for some reason broken, in which case it needs to be fixed before we cut a release! If we absolutely need to deploy a specific SHA to production, which includes rollbacks but that is just a side effect of being able to deploy any arbitrary image tag, we can still do so using the processes that already existed.

[AetherUnbound]

Awesome, totally aligned with your perspective there! Just wanted to make sure I understood the new approach :)

[obulat]

It's so nice to be able to see what you're deploying!
Would you still be able to edit the drafted release notes as you can do it now? Sometimes the PRs are categorized incorrectly, and I update the notes.

[sarayourfriend]

Would you still be able to edit the drafted release notes as you can do it now? Sometimes the PRs are categorized incorrectly, and I update the notes.

It should be, right before releasing. Whenever a new change is pushed to main I think it always re-writes the body and fully replaces it. But if you edit the draft release body, then publish it (which you can do from the same page), that's the body that will get used when generating the changelog PR. The release app workflow no longer interacts directly with the drafted release, it only reads the body from the github event payload in context, so it's always working from the published release's body. That more flexibility than we have now, where we (technically) have to edit the PR and the GitHub release body. I know that I've edited changelog PRs before and never did it occur to me to also update the GitHub release body (!), so it'll be nice that future ones should match.

Thanks for the reviews, y'all. I'll push this to main on Monday and test it out then.