Fix relnotes script
- Update GitHub token retrieval
- Allow checking out tags (final releases) in addition to branches (RCs)
PiperOrigin-RevId: 534851155
Change-Id: I8b92898a8f5dd20139ca2467bb8604c6a8eabd67
diff --git a/scripts/release/relnotes.py b/scripts/release/relnotes.py
index 66581cf..402475a 100644
--- a/scripts/release/relnotes.py
+++ b/scripts/release/relnotes.py
@@ -14,7 +14,6 @@
"""Script to generate release notes."""
-import os
import re
import subprocess
import sys
@@ -87,13 +86,13 @@
def get_label(issue_id):
"""Get team-X label added to issue."""
- auth = os.system(
+ auth = subprocess.check_output(
"gsutil cat"
" gs://bazel-trusted-encrypted-secrets/github-trusted-token.enc |"
" gcloud kms decrypt --project bazel-public --location global"
" --keyring buildkite --key github-trusted-token --ciphertext-file"
- " - --plaintext-file -"
- )
+ " - --plaintext-file -", shell=True
+ ).decode("utf-8").strip().split("\n")[0]
headers = {
"Authorization": "Bearer " + auth,
"Accept": "application/vnd.github+json",
@@ -159,11 +158,16 @@
# e.g. if current_release is 5.3.3, last_release should be 5.3.2 even if
# latest release is 6.1.1
current_release = git("rev-parse", "--abbrev-ref", "HEAD")[0]
- if not current_release.startswith("release-"):
- print("Error: Not a release- branch")
- sys.exit(1)
- current_release = re.sub(r"rc\d", "", current_release[len("release-"):])
+ if current_release.startswith("release-"):
+ current_release = re.sub(r"rc\d", "", current_release[len("release-"):])
+ else:
+ try:
+ current_release = git("describe", "--tags")[0]
+ except Exception: # pylint: disable=broad-exception-caught
+ print("Error: Not a release branch.")
+ sys.exit(1)
+
is_major = bool(re.fullmatch(r"\d+.0.0", current_release))
tags = [tag for tag in git("tag", "--sort=refname") if "pre" not in tag]