Parker Brown
6be28c6ca7
## Summary This updates release automation so the repository can enforce signed commits. Release version and changelog updates now happen through release-please PRs instead of direct workflow commits, which allows them to use the repository's normal signed-commit path. ## Changes - Replaces semantic-release configuration with release-please manifest configuration for stable releases and beta prereleases. - Builds committed `dist/**` assets from the trusted release workflow after release-please creates or updates a release PR, then commits those assets back to the release PR branch. - Keeps floating major version tags, such as `v3`, updated with the GitHub API after a release is created. --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
82 lines
2.9 KiB
YAML
82 lines
2.9 KiB
YAML
name: release
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
branches:
|
|
- "*.x"
|
|
- main
|
|
- beta
|
|
|
|
permissions:
|
|
contents: write
|
|
issues: write
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
release:
|
|
name: release
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
|
|
- uses: ./
|
|
id: app-token
|
|
with:
|
|
app-id: ${{ vars.RELEASER_APP_ID }}
|
|
private-key: ${{ secrets.RELEASER_APP_PRIVATE_KEY }}
|
|
|
|
- uses: googleapis/release-please-action@45996ed1f6d02564a971a2fa1b5860e934307cf7 # v5.0.0
|
|
id: release-please
|
|
with:
|
|
token: ${{ steps.app-token.outputs.token }}
|
|
config-file: ${{ github.ref_name == 'beta' && 'release-please-config.beta.json' || 'release-please-config.json' }}
|
|
manifest-file: .release-please-manifest.json
|
|
target-branch: ${{ github.ref_name }}
|
|
|
|
- uses: actions/checkout@v6
|
|
if: steps.release-please.outputs.prs_created == 'true'
|
|
with:
|
|
ref: ${{ fromJSON(steps.release-please.outputs.pr).headBranchName }}
|
|
token: ${{ steps.app-token.outputs.token }}
|
|
|
|
- uses: actions/setup-node@v6
|
|
if: steps.release-please.outputs.prs_created == 'true'
|
|
with:
|
|
node-version-file: package.json
|
|
|
|
- run: npm ci
|
|
if: steps.release-please.outputs.prs_created == 'true'
|
|
|
|
- run: npm run build
|
|
if: steps.release-please.outputs.prs_created == 'true'
|
|
|
|
- uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0
|
|
if: steps.release-please.outputs.prs_created == 'true'
|
|
with:
|
|
commit_author: "${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>"
|
|
commit_message: "chore: update dist files"
|
|
file_pattern: dist/**
|
|
|
|
- name: Update major version tag
|
|
id: update-major-tag
|
|
if: steps.release-please.outputs.release_created == 'true' && github.ref_name != 'beta'
|
|
uses: octokit/request-action@b91aabaa861c777dcdb14e2387e30eddf04619ae # v3.0.0
|
|
continue-on-error: true
|
|
with:
|
|
route: PATCH /repos/${{ github.repository }}/git/refs/tags/v${{ steps.release-please.outputs.major }}
|
|
sha: ${{ steps.release-please.outputs.sha }}
|
|
force: true
|
|
env:
|
|
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
|
|
|
|
- name: Create major version tag
|
|
if: steps.release-please.outputs.release_created == 'true' && github.ref_name != 'beta' && steps.update-major-tag.outcome == 'failure'
|
|
uses: octokit/request-action@b91aabaa861c777dcdb14e2387e30eddf04619ae # v3.0.0
|
|
with:
|
|
route: POST /repos/${{ github.repository }}/git/refs
|
|
ref: refs/tags/v${{ steps.release-please.outputs.major }}
|
|
sha: ${{ steps.release-please.outputs.sha }}
|
|
env:
|
|
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
|