release-branch #74
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Release Branch | |
| # | |
| # Execute version bump, changelog, and pull request operations on release branch creation. | |
| # | |
| # References: | |
| # | |
| # - https://cli.github.com/manual/gh_auth_status | |
| # - https://cli.github.com/manual/gh_pr_create | |
| # - https://docs.github.com/actions/learn-github-actions/contexts | |
| # - https://docs.github.com/actions/learn-github-actions/expressions | |
| # - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#create | |
| # - https://docs.github.com/actions/using-workflows/using-github-cli-in-workflows | |
| # - https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions | |
| # - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#create | |
| # - https://github.com/actions/checkout | |
| # - https://github.com/actions/create-github-app-token | |
| # - https://github.com/hmarr/debug-action | |
| # - https://github.com/kaisugi/action-regex-match | |
| # - https://github.com/tohgarashi/verified-commit | |
| # - https://regex101.com/r/OwpOr2 | |
| --- | |
| name: release-branch | |
| on: create | |
| concurrency: | |
| cancel-in-progress: true | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| jobs: | |
| preflight: | |
| if: | | |
| github.ref_type == 'branch' && | |
| startsWith(github.ref_name, 'release/') && | |
| contains(vars.MAINTAINERS, github.actor) | |
| runs-on: ubuntu-latest | |
| outputs: | |
| message: ${{ steps.message.outputs.result }} | |
| tag: ${{ steps.tag.outputs.result }} | |
| version: ${{ steps.version.outputs.match }} | |
| steps: | |
| - id: debug | |
| name: Print environment variables and event payload | |
| uses: hmarr/[email protected] | |
| - id: checkout | |
| name: Checkout ${{ github.ref_name }} | |
| uses: actions/[email protected] | |
| with: | |
| persist-credentials: false | |
| ref: ${{ github.ref }} | |
| - id: version | |
| name: Get release version | |
| uses: kaisugi/[email protected] | |
| with: | |
| regex: ${{ vars.RELEASE_BRANCH_REGEX }} | |
| text: ${{ github.ref_name }} | |
| - id: version-fail | |
| if: steps.version.outputs.match == '' | |
| name: Fail on invalid release version | |
| run: | | |
| ERR='**Invalid release branch: ${{ github.ref_name }}** | |
| Branch must match [`${{ vars.RELEASE_BRANCH_REGEX }}`](https://regex101.com/r/OwpOr2)' | |
| echo "$ERR" >>$GITHUB_STEP_SUMMARY | |
| exit 1 | |
| - id: tag | |
| name: Get release tag | |
| run: | | |
| echo "result=$(jq .tagprefix grease.config.json -r)${{ steps.version.outputs.match }}" >>$GITHUB_OUTPUT | |
| - id: message | |
| name: Get release message | |
| run: | | |
| echo "result=release: ${{ steps.tag.outputs.result }}" >>$GITHUB_OUTPUT | |
| prepare: | |
| needs: preflight | |
| permissions: | |
| packages: read | |
| runs-on: ubuntu-latest | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - id: bot-token | |
| name: Get bot token | |
| uses: actions/[email protected] | |
| with: | |
| app-id: ${{ secrets.BOT_APP_ID }} | |
| private-key: ${{ secrets.BOT_PRIVATE_KEY }} | |
| - id: checkout | |
| name: Checkout ${{ github.ref_name }} | |
| uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| ref: ${{ github.ref }} | |
| token: ${{ steps.bot-token.outputs.token }} | |
| - id: yarn | |
| name: Install dependencies | |
| env: | |
| HUSKY: 0 | |
| run: yarn && echo "$GITHUB_WORKSPACE/node_modules/.bin" >>$GITHUB_PATH | |
| - id: build | |
| name: Build project | |
| env: | |
| NODE_NO_WARNINGS: 1 | |
| run: yarn build | |
| - id: bump | |
| name: Bump manifest version to ${{ needs.preflight.outputs.version }} | |
| run: grease bump -w ${{ needs.preflight.outputs.version }} | |
| - id: changelog | |
| name: Add CHANGELOG entry for ${{ needs.preflight.outputs.tag }} | |
| run: | | |
| echo "$(grease changelog)" >>$GITHUB_STEP_SUMMARY | |
| grease changelog -sw | |
| - id: commit | |
| name: Commit release preparation | |
| uses: tohgarashi/[email protected] | |
| env: | |
| GH_TOKEN: ${{ steps.bot-token.outputs.token }} | |
| with: | |
| commit-message: | | |
| ${{ needs.preflight.outputs.message }} | |
| Signed-off-by: ${{ vars.BOT_NAME }} <${{ vars.BOT_EMAIL }}> | |
| detect-changed: true | |
| ref: ${{ github.ref }} | |
| pr: | |
| needs: | |
| - preflight | |
| - prepare | |
| runs-on: ubuntu-latest | |
| steps: | |
| - id: bot-token | |
| name: Get bot token | |
| uses: actions/[email protected] | |
| with: | |
| app-id: ${{ secrets.BOT_APP_ID }} | |
| private-key: ${{ secrets.BOT_PRIVATE_KEY }} | |
| - id: github-token | |
| name: Set env.GITHUB_TOKEN | |
| run: echo "GITHUB_TOKEN=${{ steps.bot-token.outputs.token }}" >>$GITHUB_ENV | |
| - id: gh-auth | |
| name: Check gh authentication state | |
| run: gh auth status | |
| - id: checkout | |
| name: Checkout ${{ github.ref_name }} | |
| uses: actions/[email protected] | |
| with: | |
| persist-credentials: false | |
| ref: ${{ github.ref }} | |
| token: ${{ steps.bot-token.outputs.token }} | |
| - id: pr | |
| name: Create pull request | |
| run: | | |
| gh pr create --title='${{ needs.preflight.outputs.message }}' --label=scope:release --assignee=${{ github.actor }} --reviewer=${{ github.actor }} --body='## Description | |
| <!-- A clear and concise description of your changes. --> | |
| - bumped manifest version to `${{ needs.preflight.outputs.version }}` | |
| - added `CHANGELOG` entry for `${{ needs.preflight.outputs.tag }}` | |
| ## Linked issues | |
| <!-- | |
| A list of linked issues and/or pull requests. | |
| - <closes|fixes|resolves> #<issue-number> | |
| - <prereleases|releases> #<pr-number> | |
| --> | |
| N/A | |
| ## Related documents | |
| <!-- A list of related documents (e.g. docs, proposals, specs, etc), if any. --> | |
| N/A | |
| ## Additional context | |
| <!-- | |
| Include additional details here. Be sure to note if any tolerable vulnerabilities or warnings have been introduced. | |
| --> | |
| N/A | |
| ## Submission checklist | |
| - [x] self-review performed | |
| - [x] tests added and/or updated | |
| - [x] documentation added or updated | |
| - [x] new, **tolerable** vulnerabilities and/or warnings documented, if any | |
| - [x] [pr naming conventions][1] | |
| [1]: https://github.com/${{ github.repository }}/blob/main/CONTRIBUTING.md#pull-request-titles' |