releasing container image before github release

.github/workflows/release.yaml

@@ -32,60 +32,8 @@ jobs:
           git tag -a ${{ steps.release-version.outputs.version }} -m ${{ steps.release-version.outputs.version }}
           git push origin tag ${{ steps.release-version.outputs.version }}
 
-  goreleaser:
-    runs-on: ubuntu-latest
-    needs: tag-release
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-      - name: Unshallow
-        run: |
-          git fetch --prune --unshallow
-          git fetch --tags -f
-      - name: Setup Go
-        uses: actions/setup-go@v4
-        with:
-          go-version: 1.20.X
-      - name: Use Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: 16.X
-      - name: Set env var
-        run: |
-          echo "BRANCH=${{ github.event.pull_request.head.ref }}" >> $GITHUB_ENV
-          echo "GORELEASER_PREVIOUS_TAG=$(git describe --abbrev=0 --tags $(git rev-list --tags --skip=1 --max-count=1))" >> $GITHUB_ENV
-          echo "GORELEASER_CURRENT_TAG=${{ needs.tag-release.outputs.version }}" >> $GITHUB_ENV
-          echo "DEV_BUCKET_CONTAINER_IMAGE=$(make echo-dev-bucket-container)" >> $GITHUB_ENV
-          echo "FLUX_VERSION=$(make echo-flux-version)" >> $GITHUB_ENV
-          echo "CHART_VERSION=$(yq e '.version' charts/gitops-server/Chart.yaml)" >> $GITHUB_ENV
-      - name: "Make All"
-        run: make all
-      - name: Check Git State
-        run: git diff --no-ext-diff --exit-code
-      - name: Include brew publishing
-        run: cat .goreleaser.brew.yml >> .goreleaser.yml
-        if: ${{ !contains(github.event.pull_request.head.ref, '-') }}
-      - name: Store changelog
-        run: |
-          cat > ${{ runner.temp }}/changelog.md <<'END_OF_CHANGELOG'
-          ${{ github.event.pull_request.body }}
-          END_OF_CHANGELOG
-      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v3
-        with:
-          version: latest
-          args: release --rm-dist --skip-validate --release-notes=${{ runner.temp }}/changelog.md
-        env:
-          GITHUB_TOKEN: ${{ secrets.WEAVE_GITOPS_BOT_ACCESS_TOKEN }}
-          BOT_TOKEN: ${{ secrets.WEAVE_GITOPS_BOT_ACCESS_TOKEN }}
-          BRANCH: ${{ env.BRANCH }}
-          GORELEASER_PREVIOUS_TAG: ${{ env.GORELEASER_PREVIOUS_TAG }}
-          GORELEASER_CURRENT_TAG: ${{ env.GORELEASER_CURRENT_TAG }}
-
   publish_npm_package:
-    needs: goreleaser
+    needs: tag-release
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -102,9 +50,7 @@ jobs:
         env:
           NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   build-and-push-image:
-    needs:
-      - goreleaser
-      - tag-release
+    needs: tag-release
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -156,13 +102,63 @@ jobs:
             LDFLAGS=${{ env.LDFLAGS }}
             GIT_COMMIT=${{ github.sha }}
 
-  merge-pr:
+  goreleaser:
     runs-on: ubuntu-latest
     needs:
-      - tag-release
-      - goreleaser
       - publish_npm_package
       - build-and-push-image
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Unshallow
+        run: |
+          git fetch --prune --unshallow
+          git fetch --tags -f
+      - name: Setup Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: 1.20.X
+      - name: Use Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16.X
+      - name: Set env var
+        run: |
+          echo "BRANCH=${{ github.event.pull_request.head.ref }}" >> $GITHUB_ENV
+          echo "GORELEASER_PREVIOUS_TAG=$(git describe --abbrev=0 --tags $(git rev-list --tags --skip=1 --max-count=1))" >> $GITHUB_ENV
+          echo "GORELEASER_CURRENT_TAG=${{ needs.tag-release.outputs.version }}" >> $GITHUB_ENV
+          echo "DEV_BUCKET_CONTAINER_IMAGE=$(make echo-dev-bucket-container)" >> $GITHUB_ENV
+          echo "FLUX_VERSION=$(make echo-flux-version)" >> $GITHUB_ENV
+          echo "CHART_VERSION=$(yq e '.version' charts/gitops-server/Chart.yaml)" >> $GITHUB_ENV
+      - name: "Make All"
+        run: make all
+      - name: Check Git State
+        run: git diff --no-ext-diff --exit-code
+      - name: Include brew publishing
+        run: cat .goreleaser.brew.yml >> .goreleaser.yml
+        if: ${{ !contains(github.event.pull_request.head.ref, '-') }}
+      - name: Store changelog
+        run: |
+          cat > ${{ runner.temp }}/changelog.md <<'END_OF_CHANGELOG'
+          ${{ github.event.pull_request.body }}
+          END_OF_CHANGELOG
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v3
+        with:
+          version: latest
+          args: release --rm-dist --skip-validate --release-notes=${{ runner.temp }}/changelog.md
+        env:
+          GITHUB_TOKEN: ${{ secrets.WEAVE_GITOPS_BOT_ACCESS_TOKEN }}
+          BOT_TOKEN: ${{ secrets.WEAVE_GITOPS_BOT_ACCESS_TOKEN }}
+          BRANCH: ${{ env.BRANCH }}
+          GORELEASER_PREVIOUS_TAG: ${{ env.GORELEASER_PREVIOUS_TAG }}
+          GORELEASER_CURRENT_TAG: ${{ env.GORELEASER_CURRENT_TAG }}
+
+  merge-pr:
+    runs-on: ubuntu-latest
+    needs: goreleaser
     steps:
       - name: Checkout
         uses: actions/checkout@v3

doc/adr/0016-release-ordering.md

@@ -0,0 +1,30 @@
+# 0016. Change release ordering to only publish GitHub release when container image is available 
+
+## Status
+
+Proposed
+
+## Context
+
+Current [release workflow](../../.github/workflows/release.yaml) ordering publishes a GitHub release before the artifacts are available. That flags users 
+that there is a new release available when in reality the container image is not yet available. It has different undesired outcomes:
+1. an upgrade following the notification will fail as the artifacts are not available.
+2. given our current release failure handling, we release a patch version for releases that were not actually released. For example see in image below 
+release 0.31.0, 0.31.1:
+
+![release-failures-slack-notifications.png](imgs%2Frelease-failures-slack-notifications.png)
+
+
+## Decision
+
+Change release ordering to ensure that we only publish the GitHub release after the container image is published.
+
+
+## Consequences
+
+Weave Gitops users that upgrades after a GitHub release has been publishes will not fail the upgrade. It also, in case 
+of issues in building container image, there won't be need to delete or patch releases as it won't be yet released.
+
+There is a consideration/limitation to consider: the helm chart is published in [a workflow](../../.github/workflows/chart.yaml) that only 
+is triggered once the PR is merged. Therefore, there is still a gap between when the GitHub Release is published  and all the artifacts are available. 
+This gap  in terms of time is small to compare the one that this ADR addresses, but it also needs to be addressed.