-
Notifications
You must be signed in to change notification settings - Fork 5
146 lines (133 loc) · 5.78 KB
/
automatic-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
name: Automatic Release
on:
workflow_call:
inputs:
NODE_OPTIONS:
description: Space-separated list of command-line Node options.
type: string
default: ''
required: false
NODE_VERSION:
description: Node version with which the automatic release is to be executed.
default: 18
required: false
type: string
NPM_REGISTRY_DOMAIN:
description: Domain of the private npm registry.
default: https://npm.pkg.github.com/
required: false
type: string
secrets:
NPM_REGISTRY_TOKEN:
description: Authentication to publish node packages
required: false
GITHUB_USER_EMAIL:
description: Email address for the GitHub user configuration.
required: false
GITHUB_USER_NAME:
description: Username for the GitHub user configuration.
required: false
GITHUB_USER_SSH_KEY:
description: Private SSH key associated with the GitHub user for the token passed as `GITHUB_USER_TOKEN`.
required: false
GITHUB_USER_SSH_PUBLIC_KEY:
description: Public SSH key associated with the GitHub user for the token passed as `GITHUB_USER_TOKEN`.
required: false
GITHUB_USER_TOKEN:
description: Authentication token with write permission needed by the release bot (falls back to `GITHUB_TOKEN`).
required: false
NPM_REGISTRY_TOKEN:
description: Authentication token with write permission needed by NPM to release a package (falls back to GITHUB_TOKEN).
required: false
jobs:
release:
name: Release
timeout-minutes: 5
runs-on: ubuntu-latest
env:
HAS_CONFIG: false
NODE_AUTH_TOKEN: ${{ secrets.NPM_REGISTRY_TOKEN }}
GITHUB_USER_SSH_KEY: ${{ secrets.GITHUB_USER_SSH_KEY }}
GITHUB_USER_SSH_PUBLIC_KEY: ${{ secrets.GITHUB_USER_SSH_PUBLIC_KEY }}
steps:
- name: Fetch semantic-release Node version
uses: actions/checkout@v4
with:
repository: semantic-release/semantic-release
sparse-checkout: |
package.json
sparse-checkout-cone-mode: false
path: semantic-release-repo
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version-file: semantic-release-repo/package.json
registry-url: ${{ inputs.NPM_REGISTRY_DOMAIN }}
- name: Install dependencies
run: |
npm i -g @semantic-release/changelog \
@semantic-release/git \
@semantic-release/npm \
@semantic-release/exec \
semantic-release \
conventional-changelog-conventionalcommits
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
ssh-key: ${{ env.GITHUB_USER_SSH_KEY }}
- name: Set up SSH
if: ${{ env.GITHUB_USER_SSH_KEY != '' }}
uses: webfactory/ssh-agent@v0.9.0
with:
ssh-private-key: ${{ env.GITHUB_USER_SSH_KEY }}
- name: Set up signing commits
if: ${{ env.GITHUB_USER_SSH_PUBLIC_KEY != '' }}
run: |
: # Create empty SSH private key file so Git does not complain.
touch "${{ runner.temp }}/signingkey"
echo "${{ env.GITHUB_USER_SSH_PUBLIC_KEY }}" > "${{ runner.temp }}/signingkey.pub"
git config --global commit.gpgsign true
git config --global gpg.format ssh
git config --global user.signingkey "${{ runner.temp }}/signingkey.pub"
- name: Check presence of release.config.js
run: |
HAS_CONFIG=$(test -f "release.config.js" && echo true || echo false)
echo "Configuration file release.config.js found: $HAS_CONFIG"
echo "HAS_CONFIG=$HAS_CONFIG" >> $GITHUB_ENV
- name: Checkout the workflow repository if release.config.js file is not provided
if: ${{ env.HAS_CONFIG == 'false' }}
uses: actions/checkout@v4
with:
repository: inpsyde/reusable-workflows
path: workflow-repo
- name: Add and customize release.config.js file if not provided
if: ${{ env.HAS_CONFIG == 'false' }}
run: |
cp ${GITHUB_WORKSPACE}/workflow-repo/templates/automatic-release/release.config.js .
FILE=$(find . -maxdepth 1 -type f -name '*.php' -exec grep -l 'Plugin Name:' {} + | xargs -I{} basename {}) || true
[ -n "$FILE" ] && sed "s/index\.php/$FILE/g" -i release.config.js || true
- name: Remove the workflow repository
if: ${{ env.HAS_CONFIG == 'false' }}
run: |
rm -rf workflow-repo
- name: Set up release environment variables
env:
GITHUB_USER_EMAIL: ${{ secrets.GITHUB_USER_EMAIL }}
GITHUB_USER_NAME: ${{ secrets.GITHUB_USER_NAME }}
run: |
${{ env.GITHUB_USER_EMAIL != '' }} && echo "GIT_AUTHOR_EMAIL=${{ env.GITHUB_USER_EMAIL }}" >> $GITHUB_ENV || true
${{ env.GITHUB_USER_NAME != '' }} && echo "GIT_AUTHOR_NAME=${{ env.GITHUB_USER_NAME }}" >> $GITHUB_ENV || true
${{ env.GITHUB_USER_EMAIL != '' }} && echo "GIT_COMMITTER_EMAIL=${{ env.GITHUB_USER_EMAIL }}" >> $GITHUB_ENV || true
${{ env.GITHUB_USER_NAME != '' }} && echo "GIT_COMMITTER_NAME=${{ env.GITHUB_USER_NAME }}" >> $GITHUB_ENV || true
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_USER_TOKEN != '' && secrets.GITHUB_USER_TOKEN || secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_REGISTRY_TOKEN != '' && secrets.NPM_REGISTRY_TOKEN || secrets.GITHUB_TOKEN }}
run: npx semantic-release
- name: Delete signing key files
if: ${{ always() && env.GITHUB_USER_SSH_PUBLIC_KEY != '' }}
run: |
rm -f "${{ runner.temp }}/signingkey"
rm -f "${{ runner.temp }}/signingkey.pub"