CD Tag And Release #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD Tag And Release | |
| on: | |
| workflow_run: | |
| workflows: [CD Build Multiarch OpenSSL BuildEnv Docker Image] | |
| types: | |
| - completed | |
| jobs: | |
| tag_and_release: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Import GPG key | |
| id: IMPORT_GPG | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| with: | |
| gpg_private_key: ${{ secrets.BOT_GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.BOT_GPG_PASSPHRASE }} | |
| git_user_signingkey: true | |
| git_commit_gpgsign: true | |
| git_tag_gpgsign: true | |
| git_push_gpgsign: false | |
| trust_level: 5 | |
| - name: Push tag and upload release to GitHub | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} | |
| GIT_AUTHOR_NAME: ${{ steps.IMPORT_GPG.outputs.name }} | |
| GIT_AUTHOR_EMAIL: ${{ steps.IMPORT_GPG.outputs.email }} | |
| GIT_COMMITTER_NAME: ${{ steps.IMPORT_GPG.outputs.name }} | |
| GIT_COMMITTER_EMAIL: ${{ steps.IMPORT_GPG.outputs.email }} | |
| run: | | |
| git remote set-url origin https://x-access-token:${{ secrets.BOT_GITHUB_TOKEN }}@github.com/${{ github.repository }} | |
| BUILDENV_BUILD_DATE="$(cat ./buildvars | grep "^BUILDENV_BUILD_DATE=" | cut -d"=" -f2-)" | |
| OPENSSL_VERSION="$(cat ./buildvars | grep "^OPENSSL_VERSION=" | cut -d"=" -f2-)" | |
| OPENSSL_BUILDENV_VERSION="$OPENSSL_VERSION-0" | |
| RELEASE_TAG="v$OPENSSL_BUILDENV_VERSION" | |
| RELEASE_NOTE=$(echo -e "\x23\x23 $(date '+%Y-%m-%d') <madnuttah-bot>\n\x23\x23 What's Changed?\n\x2A Updated OpenSSL to version $OPENSSL_VERSION") | |
| git tag -a "$RELEASE_TAG" -m "$RELEASE_TAG" | |
| git push -u origin "$RELEASE_TAG" | |
| git fetch --all --tags | |
| git checkout -b "$OPENSSL_BUILDENV_VERSION" "$RELEASE_TAG" | |
| git push --set-upstream origin "$OPENSSL_BUILDENV_VERSION" | |
| gh release create "$RELEASE_TAG" -t "$OPENSSL_BUILDENV_VERSION" -n "$RELEASE_NOTE" --latest | |
| exit 0 |