Skip to content

Release

Release #52

Workflow file for this run

name: Release
on:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+*'
permissions:
contents: write
jobs:
release-notes:
runs-on: macos-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Generate Release Notes
run: sed -n -e "1{/# /d;}" -e "2{/^$/d;}" -e "/# $(git describe --abbrev=0 --exclude="$(git describe --abbrev=0 --match='v*.*.*' --tags)" --match='v*.*.*' --tags | tr -d v)/q;p" CHANGELOG.md > release-notes.txt
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: release-notes
path: release-notes.txt
retention-days: 1
terraform-provider-release:
name: 'Terraform Provider Release'
needs: [release-notes]
uses: hashicorp/ghaction-terraform-provider-release/.github/workflows/hashicorp.yml@v5
secrets:
hc-releases-key-prod: '${{ secrets.HC_RELEASES_KEY_PROD }}'
hc-releases-key-staging: '${{ secrets.HC_RELEASES_KEY_STAGING }}'
hc-releases-github-token: '${{ secrets.HASHI_RELEASES_GITHUB_TOKEN }}'
hc-releases-terraform-registry-sync-token: '${{ secrets.TF_PROVIDER_RELEASE_TERRAFORM_REGISTRY_SYNC_TOKEN }}'
setup-signore-github-token: '${{ secrets.HASHI_SIGNORE_GITHUB_TOKEN }}'
signore-client-id: '${{ secrets.SIGNORE_CLIENT_ID }}'
signore-client-secret: '${{ secrets.SIGNORE_CLIENT_SECRET }}'
hc-releases-host-staging: '${{ secrets.HC_RELEASES_HOST_STAGING }}'
hc-releases-host-prod: '${{ secrets.HC_RELEASES_HOST_PROD }}'
with:
goreleaser-release-args: '--timeout 3h --parallelism 4'
release-notes: true
setup-go-version-file: go.mod
# Product Version (e.g. v1.2.3 or github.ref_name)
product-version: '${{ github.ref_name }}'
highest-version-tag:
needs: [terraform-provider-release]
runs-on: macos-latest
outputs:
tag: ${{ steps.highest-version-tag.outputs.tag }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
# Allow tag to be fetched when ref is a commit
fetch-depth: 0
- name: Output highest version tag
id: highest-version-tag
run: |
HIGHEST=$(git tag | sort -V | tail -1)
echo "tag=$HIGHEST" >> "$GITHUB_OUTPUT"
changelog-newversion:
needs: [terraform-provider-release, highest-version-tag]
# write new changelog header only if release tag is the $HIGHEST i.e. exists on main
# and not a backport release branch (e.g. release/3.x). This results in
# manually updating the CHANGELOG header if releasing from the non-default branch.
# TODO: find a more deterministic way to determine release branch from tag commit
if: github.ref_name == needs.highest-version-tag.outputs.tag
runs-on: macos-latest
steps:
- uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1.10.3
id: app-token
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PEM }}
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
ref: main
token: ${{ steps.app-token.outputs.token }}
- name: Update Changelog Header
run: |
CHANGELOG_FILE_NAME="CHANGELOG.md"
PREVIOUS_RELEASE_TAG=${{ github.ref_name }}
# Add Release Date
RELEASE_DATE=`date +%B' '%e', '%Y`
sed -i -e "1 s/Unreleased/$RELEASE_DATE/" $CHANGELOG_FILE_NAME
# Prepend next release line
echo Previous release is: $PREVIOUS_RELEASE_TAG
NEW_RELEASE_LINE=$(echo $PREVIOUS_RELEASE_TAG | awk -F. '{
$1 = substr($1,2)
$2 += 1
printf("%s.%01d.0\n\n", $1, $2);
}')
echo New minor version is: v$NEW_RELEASE_LINE
echo -e "## $NEW_RELEASE_LINE (Unreleased)\n$(cat $CHANGELOG_FILE_NAME)" > $CHANGELOG_FILE_NAME
- run: |
git config --local user.email [email protected]
git config --local user.name changelogbot
git add CHANGELOG.md
git commit -m "Update CHANGELOG.md after ${{ github.ref_name }}"
git push
upload-tag-before-post-publish:
needs: [terraform-provider-release]
runs-on: ubuntu-latest
steps:
- name: Save Release Tag
run: echo ${{ github.ref_name }} > release-tag.data
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: release-tag
path: release-tag.data
retention-days: 1