From fb4952271041f1b09af4cbe99670f98a5410d049 Mon Sep 17 00:00:00 2001
From: phgermanov <phgermanov@gmail.com>
Date: Tue, 18 Feb 2025 13:09:53 +0200
Subject: [PATCH] feat: enhance release workflow with integration test status
 and dry run option (#5273)

* feat: enhance release workflow with integration test status and dry run option

* fix: pass secrets
---
 .github/workflows/integration-tests.yml | 19 ++++++++++++
 .github/workflows/release-go.yml        | 39 ++++++++++++++++++++-----
 2 files changed, 50 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml
index edefc99b80..2a2844c416 100644
--- a/.github/workflows/integration-tests.yml
+++ b/.github/workflows/integration-tests.yml
@@ -5,6 +5,20 @@ on:
     branches:
       - master
       - it/**
+  workflow_call:
+    secrets:
+      INTEGRATION_TEST_VOTING_TOKEN:
+        required: true
+      PIPER_INTEGRATION_GITHUB_TOKEN:
+        required: true
+      PIPER_INTEGRATION_SONAR_TOKEN:
+        required: true
+      PIPER_TMSSERVICEKEY:
+        required: true
+    outputs:
+      test_status:
+        description: "Integration test status (success/failure)"
+        value: ${{ jobs.finish.outputs.status }}
 
 jobs:
   start:
@@ -134,8 +148,11 @@ jobs:
       - build_integration_tests
       - run_integration_tests
     runs-on: ubuntu-latest
+    outputs:
+      status: ${{ steps.set_status.outputs.status }}
     steps:
       - name: Update status
+        id: set_status
         run: |
           if [[ "${{ needs.run_integration_tests.result }}" == "success" ]]
           then
@@ -147,6 +164,7 @@ jobs:
                       "context": "Go / integration-tests",
                       "target_url": "https://github.com/SAP/jenkins-library/actions/runs/${{ github.run_id }}"}' \
               -H 'Authorization: token ${{secrets.INTEGRATION_TEST_VOTING_TOKEN}}' && \
+            echo "status=success" >> "$GITHUB_OUTPUT" && \
             exit 0
           else
             curl \
@@ -157,5 +175,6 @@ jobs:
                       "context": "Go / integration-tests",
                       "target_url": "https://github.com/SAP/jenkins-library/actions/runs/${{ github.run_id }}"}' \
               -H 'Authorization: token ${{secrets.INTEGRATION_TEST_VOTING_TOKEN}}' && \
+            echo "status=failure" >> "$GITHUB_OUTPUT" && \
             exit 1
           fi
diff --git a/.github/workflows/release-go.yml b/.github/workflows/release-go.yml
index e4ab18b585..58fce273e1 100644
--- a/.github/workflows/release-go.yml
+++ b/.github/workflows/release-go.yml
@@ -2,19 +2,40 @@ name: Create new Release
 
 on:
   workflow_dispatch:
+    inputs:
+      dry_run:
+        description: 'Test integration without publishing (dry run)'
+        type: boolean
+        required: false
+        default: false
   repository_dispatch:
     types: perform-release
   schedule:
     - cron: '0 9 * * 1'
 
 jobs:
-  build:
+  run_integration_tests:
+    name: Run Integration Tests
+    uses: ./.github/workflows/integration-tests.yml
+    permissions:
+      contents: read
+      actions: read
+    secrets:
+      INTEGRATION_TEST_VOTING_TOKEN: ${{ secrets.INTEGRATION_TEST_VOTING_TOKEN }}
+      PIPER_INTEGRATION_GITHUB_TOKEN: ${{ secrets.PIPER_INTEGRATION_GITHUB_TOKEN }}
+      PIPER_INTEGRATION_SONAR_TOKEN: ${{ secrets.PIPER_INTEGRATION_SONAR_TOKEN }}
+      PIPER_TMSSERVICEKEY: ${{ secrets.PIPER_TMSSERVICEKEY }}
+
+  publish:
+    needs: run_integration_tests
+    if: |
+      needs.run_integration_tests.outputs.test_status == 'success' &&
+      github.event.inputs.dry_run != 'true'
     permissions: write-all
-    name: Publish
+    name: Publish Release
     runs-on: ubuntu-latest
     steps:
       - uses: styfle/cancel-workflow-action@0.11.0
-
       - uses: actions/checkout@v4
 
       - name: Prepare assets and increment version
@@ -26,7 +47,9 @@ jobs:
           cp ./piper_master-darwin.x86_64 ./piper-darwin.x86_64
           cp ./piper_master-darwin.arm64 ./piper-darwin.arm64
           npm install semver --quiet
-          echo "PIPER_version=v$(node_modules/.bin/semver -i minor $(curl --silent "https://api.github.com/repos/$GITHUB_REPOSITORY/releases/latest" | jq -r .tag_name))" >> $GITHUB_ENV
+          VERSION="v$(node_modules/.bin/semver -i minor $(curl --silent "https://api.github.com/repos/$GITHUB_REPOSITORY/releases/latest" | jq -r .tag_name))"
+          echo "PIPER_version=$VERSION" >> $GITHUB_ENV
+          echo "piper_version=$VERSION" >> "$GITHUB_OUTPUT"
 
       - uses: SAP/project-piper-action@master
         name: Publish prerelease
@@ -67,7 +90,7 @@ jobs:
 
           echo "release_id=$(jq 'first(.[] | select(.tag_name == "${{ env.PIPER_version }}")).id' resp.json)" >> "$GITHUB_OUTPUT"
 
-      - name: Convert prereleae to Release
+      - name: Convert prerelease to Release
         run: >
           curl --fail-with-body -L -X PATCH
           -H "Accept: application/vnd.github+json"
@@ -92,10 +115,10 @@ jobs:
   post:
     name: Post Action
     runs-on: ubuntu-latest
-    needs: [build]
-    if: always()
+    needs: [publish]
+    if: always() && github.event.inputs.dry_run != 'true'
     steps:
-      # Check status of the worklfow
+      # Check status of the workflow
       - uses: martialonline/workflow-status@v4
         id: check