134 lines (121 loc) · 5.82 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: release
on:
workflow_dispatch:
inputs:
versionNumber:
description: 'Release version number (v#.#.#)'
type: string
required: true
permissions:
contents: read # Changelog commit operations use service account PAT
jobs:
major-version:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.major-version.outputs.version }}
steps:
- id: major-version
run: echo "version=$(echo "${{ inputs.versionNumber }}" | cut -d. -f1)" >> "$GITHUB_OUTPUT"
changelog-version:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.changelog-version.outputs.version }}
steps:
- id: changelog-version
run: echo "version=$(echo "${{ inputs.versionNumber }}" | cut -c 2-)" >> "$GITHUB_OUTPUT"
changelog:
needs: changelog-version
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
fetch-depth: 0
# Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations
# More details: https://github.com/actions/checkout/blob/b4626ce19ce1106186ddf9bb20e706842f11a7c3/adrs/0153-checkout-v2.md#persist-credentials
persist-credentials: false
- name: Batch changes
uses: miniscruff/changie-action@6dcc2533cac0495148ed4046c438487e4dceaa23 # v2.0.0
with:
version: latest
args: batch ${{ needs.changelog-version.outputs.version }}
- name: Merge changes
uses: miniscruff/changie-action@6dcc2533cac0495148ed4046c438487e4dceaa23 # v2.0.0
with:
version: latest
args: merge
- name: Git push changelog
run: |
git config --global user.name "${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}"
git config --global user.email "${{ vars.TF_DEVEX_CI_COMMIT_EMAIL }}"
git add .
git commit -a -m "Update changelog"
git push "https://${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}:${{ secrets.TF_DEVEX_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git"
update-package-version:
needs: changelog
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
fetch-depth: 0
# Default input is the SHA that initially triggered the workflow. As we created a new commit in the previous job,
# to ensure we get the latest commit we use the ref for checkout: 'refs/heads/<branch_name>'
ref: ${{ github.ref }}
# Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations
# More details: https://github.com/actions/checkout/blob/b4626ce19ce1106186ddf9bb20e706842f11a7c3/adrs/0153-checkout-v2.md#persist-credentials
persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: 20
- name: Update package version
run: npm version "${{ inputs.versionNumber }}" --git-tag-version false
- name: Git push
run: |
git config --global user.name "${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}"
git config --global user.email "${{ vars.TF_DEVEX_CI_COMMIT_EMAIL }}"
git add .
git commit -a -m "Update package version"
git push "https://${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}:${{ secrets.TF_DEVEX_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git"
release-tag:
needs: [ update-package-version, major-version ]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
fetch-depth: 0
# Default input is the SHA that initially triggered the workflow. As we created a new commit in the previous job,
# to ensure we get the latest commit we use the ref for checkout: 'refs/heads/<branch_name>'
ref: ${{ github.ref }}
# Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations
# More details: https://github.com/actions/checkout/blob/b4626ce19ce1106186ddf9bb20e706842f11a7c3/adrs/0153-checkout-v2.md#persist-credentials
persist-credentials: false
- name: Git push release tag
run: |
git config --global user.name "${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}"
git config --global user.email "${{ vars.TF_DEVEX_CI_COMMIT_EMAIL }}"
git tag "${{ inputs.versionNumber }}"
git tag -f "${{ needs.major-version.outputs.version }}"
git push "https://${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}:${{ secrets.TF_DEVEX_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" "${{ inputs.versionNumber }}"
git push "https://${{ vars.TF_DEVEX_CI_COMMIT_AUTHOR }}:${{ secrets.TF_DEVEX_COMMIT_GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" -f "${{ needs.major-version.outputs.version }}"
release:
needs: [ changelog-version, release-tag ]
runs-on: ubuntu-latest
permissions:
contents: write # Needed to create GitHub release
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
ref: ${{ inputs.versionNumber }}
fetch-depth: 0
- name: Generate Release Notes
run: |
cd .changes
sed -e "1{/# /d;}" -e "2{/^$/d;}" ${{ needs.changelog-version.outputs.version }}.md > /tmp/release-notes.txt
- name: GH Release
run: |
gh release create "${{ inputs.versionNumber }}" --notes-file /tmp/release-notes.txt --title "${{ inputs.versionNumber }}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}