Publish Release #7
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Publish Release" | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: "Existing Tag to Publish (eg: v3.7.0)" | |
| type: string | |
| required: true | |
| dry-run-enabled: | |
| description: "Dry Run Enabled" | |
| type: boolean | |
| required: false | |
| default: false | |
| push: | |
| tags: | |
| - "v*.*.*" | |
| defaults: | |
| run: | |
| shell: bash | |
| permissions: | |
| contents: read | |
| jobs: | |
| validate-release: | |
| name: Validate Release | |
| runs-on: [self-hosted, Linux, medium, ephemeral] | |
| outputs: | |
| tag: ${{ steps.tag.outputs.name }} | |
| version: ${{ steps.tag.outputs.version }} | |
| prerelease: ${{ steps.tag.outputs.prerelease }} | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| ref: ${{ github.event.inputs.tag || '' }} | |
| fetch-depth: 0 | |
| - name: Install Semantic Version Tools | |
| run: | | |
| echo "::group::Download SemVer Binary" | |
| sudo curl -L -o /usr/local/bin/semver https://raw.githubusercontent.com/fsaintjacques/semver-tool/master/src/semver | |
| echo "::endgroup::" | |
| echo "::group::Change SemVer Binary Permissions" | |
| sudo chmod -v +x /usr/local/bin/semver | |
| echo "::endgroup::" | |
| echo "::group::Show SemVer Binary Version Info" | |
| semver --version | |
| echo "::endgroup::" | |
| - name: Setup JQ | |
| uses: dcarbone/install-jq-action@1090b8bd111c736fbfe29b686e64f4bec7b5caa6 # v2.0.2 | |
| with: | |
| version: 1.7 | |
| - name: Extract NPM Package Information | |
| id: npm-package | |
| run: echo "version=$(jq -r '.version' package.json)" >>"${GITHUB_OUTPUT}" | |
| - name: Extract Tag Information | |
| id: tag | |
| run: | | |
| REF_NAME="$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))" | |
| IS_VALID_SEMVER="$(semver validate "${REF_NAME}")" | |
| if [[ "${IS_VALID_SEMVER}" != "valid" ]]; then | |
| echo "::error title=Invalid Tag::The tag '${REF_NAME}' is not a valid SemVer tag." | |
| exit 1 | |
| fi | |
| RELEASE_VERSION="$(semver get release "${REF_NAME}")" | |
| PREREL_VERSION="$(semver get prerel "${REF_NAME}")" | |
| IS_PRERELEASE="false" | |
| [[ -n "${PREREL_VERSION}" ]] && IS_PRERELEASE="true" | |
| FINAL_VERSION="${RELEASE_VERSION}" | |
| [[ -n "${PREREL_VERSION}" ]] && FINAL_VERSION="${RELEASE_VERSION}-${PREREL_VERSION}" | |
| TAG_NAME="v${FINAL_VERSION}" | |
| echo "name=${TAG_NAME}" >>"${GITHUB_OUTPUT}" | |
| echo "version=${FINAL_VERSION}" >>"${GITHUB_OUTPUT}" | |
| echo "prerelease=${IS_PRERELEASE}" >>"${GITHUB_OUTPUT}" | |
| - name: Validate Tag and Package Versions | |
| run: | | |
| COMPARISON_RESULT="$(semver compare "${{ steps.npm-package.outputs.version }}" "${{ steps.tag.outputs.version }}")" | |
| if [[ "${COMPARISON_RESULT}" -ne 0 ]]; then | |
| echo "::error title=Version Mismatch::The version in package.json (${{ steps.npm-package.outputs.version }}) does not match the version in the tag (${{ steps.tag.outputs.version }})." | |
| exit 1 | |
| fi | |
| run-safety-checks: | |
| name: Safety Checks | |
| runs-on: [self-hosted, Linux, medium, ephemeral] | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| ref: ${{ github.event.inputs.tag || '' }} | |
| - name: Install Task | |
| uses: arduino/setup-task@e26d8975574116b0097a1161e0fe16ba75d84c1c # v1.0.3 | |
| with: | |
| version: 3.7.0 | |
| - name: Setup Node | |
| uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 | |
| with: | |
| node-version: 18 | |
| - name: Install PNPM | |
| uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # v2.4.0 | |
| with: | |
| version: 7.6.0 | |
| - name: Compile Code | |
| run: task build | |
| publish-release: | |
| name: Publish Release | |
| runs-on: [self-hosted, Linux, medium, ephemeral] | |
| needs: | |
| - validate-release | |
| - run-safety-checks | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| ref: ${{ github.event.inputs.tag || '' }} | |
| - name: Install Task | |
| uses: arduino/setup-task@e26d8975574116b0097a1161e0fe16ba75d84c1c # v1.0.3 | |
| with: | |
| version: 3.7.0 | |
| - name: Setup Node | |
| uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 | |
| with: | |
| node-version: 18 | |
| - name: Install PNPM | |
| uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # v2.4.0 | |
| with: | |
| version: 7.6.0 | |
| - name: Calculate Publish Arguments | |
| id: publish | |
| run: | | |
| PUBLISH_ARGS="--access public" | |
| [[ "${{ github.event.inputs.dry-run-enabled }}" == "true" ]] && PUBLISH_ARGS="${PUBLISH_ARGS} --dry-run" | |
| echo "args=${PUBLISH_ARGS}" >>"${GITHUB_OUTPUT}" | |
| - name: Publish Release | |
| env: | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| run: task publish -- ${{ steps.publish.outputs.args }} |