-
Notifications
You must be signed in to change notification settings - Fork 430
126 lines (123 loc) · 5.09 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: Create Release
on:
push:
branches:
- main
paths:
- 'CHANGELOG/*.md'
permissions: # added using https://github.com/step-security/secure-repo
contents: read
jobs:
push_release_tag:
permissions:
pull-requests: read # for tj-actions/changed-files
contents: write # for "Create Release Tag" step
runs-on: ubuntu-latest
outputs:
release_tag: ${{ steps.release-version.outputs.release_version }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # tag=v4.1.3
with:
fetch-depth: 0
- name: Get changed files
id: changed-markdown-files
uses: tj-actions/changed-files@0874344d6ebbaa00a27da73276ae7162fadcaf69 # tag=v44.3.0
with:
files: CHANGELOG/**.md
- name: Get release version
id: release-version
run: |
if [[ ${{ steps.changed-markdown-files.outputs.all_changed_files_count }} != 1 ]]; then
echo "1 release notes file should be changed to create a release tag, found ${{ steps.changed-markdown-files.outputs.all_changed_files_count }}"
exit 1
fi
for changed_file in ${{ steps.changed-markdown-files.outputs.all_changed_files }}; do
export RELEASE_VERSION=$(echo "${changed_file}" | grep -oP '(?<=/)[^/]+(?=\.md)')
echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV
echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_OUTPUT
if [[ "$RELEASE_VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?(\+[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?$ ]]; then
echo "Valid semver: $RELEASE_VERSION"
else
echo "Invalid semver: $RELEASE_VERSION"
exit 1
fi
done
- name: Determine the release branch to use
run: |
if [[ $RELEASE_VERSION =~ beta ]] || [[ $RELEASE_VERSION =~ alpha ]]; then
export RELEASE_BRANCH=main
echo "RELEASE_BRANCH=$RELEASE_BRANCH" >> $GITHUB_ENV
echo "This is a beta or alpha release, will use release branch $RELEASE_BRANCH"
else
export RELEASE_BRANCH=release-$(echo $RELEASE_VERSION | sed -E 's/^v([0-9]+)\.([0-9]+)\..*$/\1.\2/')
echo "RELEASE_BRANCH=$RELEASE_BRANCH" >> $GITHUB_ENV
echo "This is not a beta or alpha release, will use release branch $RELEASE_BRANCH"
fi
- name: Create or checkout release branch
run: |
if git show-ref --verify --quiet "refs/remotes/origin/$RELEASE_BRANCH"; then
echo "Branch $RELEASE_BRANCH already exists"
git checkout "$RELEASE_BRANCH"
else
git checkout -b "$RELEASE_BRANCH"
git push origin "$RELEASE_BRANCH"
echo "Created branch $RELEASE_BRANCH"
fi
- name: Validate tag does not already exist
run: |
if [[ $(git tag -l $RELEASE_VERSION) ]]; then
echo "Tag $RELEASE_VERSION already exists, exiting"
exit 1
fi
- name: Create Release Tag
run: |
git config user.name "${GITHUB_ACTOR}"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git tag -a ${RELEASE_VERSION} -m ${RELEASE_VERSION}
git push origin ${RELEASE_VERSION}
echo "Created tag $RELEASE_VERSION"
release:
permissions:
contents: write # for softprops/action-gh-release to create GitHub release
name: create draft release
runs-on: ubuntu-latest
needs: push_release_tag
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Set env
run: echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_ENV
env:
RELEASE_TAG: ${{needs.push_release_tag.outputs.release_tag}}
- name: checkout code
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # tag=v4.1.3
with:
fetch-depth: 0
ref: ${{ env.RELEASE_TAG }}
- name: Calculate go version
run: echo "go_version=$(make go-version)" >> $GITHUB_ENV
- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # tag=v5.0.0
with:
go-version: ${{ env.go_version }}
- name: generate release artifacts
run: |
make release
- name: get release notes
run: |
curl -L "https://raw.githubusercontent.com/${{ github.repository }}/main/CHANGELOG/${{ env.RELEASE_TAG }}.md" \
-o "${{ env.RELEASE_TAG }}.md"
- name: Release
uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # tag=v2.0.4
with:
draft: true
files: out/*
body_path: ${{ env.RELEASE_TAG }}.md
tag_name: ${{ env.RELEASE_TAG }}