Publish Release #152
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Version for Release.' | |
| required: false | |
| default: '' | |
| skip_checks: | |
| type: boolean | |
| required: false | |
| default: false | |
| description: 'Skip pre-release checks and skip straight to the actual release' | |
| skip_release: | |
| type: boolean | |
| required: false | |
| default: false | |
| description: 'Only run pre-release checks' | |
| concurrency: | |
| group: publish-release | |
| cancel-in-progress: false | |
| jobs: | |
| log: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: "Log inputs" | |
| env: | |
| INPUTS: ${{ toJson(inputs) }} | |
| run: echo "${INPUTS}" | jq -r | |
| - name: "Log event" | |
| env: | |
| EVENT: ${{ toJson(github.event) }} | |
| run: echo "${EVENT}" | jq -r | |
| check-branch: | |
| if: (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Branch | |
| run: | | |
| echo "${{ github.ref }}" | |
| check-goreleaser: | |
| runs-on: ${{ vars.RELEASE_RUNNER }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Build release snapshot | |
| if: inputs.skip_checks != true | |
| run: | | |
| make release-snapshot | |
| check-changelog: | |
| needs: | |
| - check-branch | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout code | |
| if: inputs.skip_checks != true | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get latest commit SHA of Develop & Current Branch | |
| if: inputs.skip_checks != true | |
| id: get-develop-sha | |
| run: | | |
| SHA=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ | |
| https://api.github.com/repos/${{ github.repository }}/git/ref/heads/develop | jq -r '.object.sha') | |
| echo "DEVELOP_SHA=${SHA}" >> ${GITHUB_ENV} | |
| echo "CURRENT_BRANCH_SHA=${{ github.sha }}" >> ${GITHUB_ENV} | |
| - name: Check for CHANGELOG.md changes | |
| if: inputs.skip_checks != true | |
| run: | | |
| echo "Check the changelog has actually been updated from whats in develop" | |
| echo "DEVELOP BRANCH SHA: ${DEVELOP_SHA}" | |
| echo "CURRENT BRANCH SHA: ${CURRENT_BRANCH_SHA}" | |
| CHANGELOG_DIFF=$(git diff ${DEVELOP_SHA}..${CURRENT_BRANCH_SHA} -- changelog.md) | |
| echo "${CHANGELOG_DIFF}" | |
| if [ -z "$CHANGELOG_DIFF" ]; then | |
| echo "ERROR: No changes detected in CHANGELOG.md. Please update the changelog." | |
| exit 1 | |
| else | |
| echo "CHANGELOG.md has been updated." | |
| fi | |
| - name: Mark Job Complete Skipped | |
| if: inputs.skip_checks == true | |
| shell: bash | |
| run: | | |
| echo "continue" | |
| publish-release: | |
| permissions: | |
| id-token: write | |
| contents: write | |
| attestations: write | |
| if: inputs.skip_release != true | |
| needs: | |
| - check-changelog | |
| - check-branch | |
| - check-goreleaser | |
| runs-on: ${{ vars.RELEASE_RUNNER }} | |
| timeout-minutes: 60 | |
| environment: release | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Change Log Release Notes. | |
| id: release_notes | |
| run: | | |
| cat changelog.md > ${{ github.workspace }}-CHANGELOG.txt | |
| cat ${{ github.workspace }}-CHANGELOG.txt | |
| - name: Set Version | |
| run: | | |
| echo "GITHUB_TAG_MAJOR_VERSION=${{ inputs.version }}" >> ${GITHUB_ENV} | |
| - name: Create Release Tag | |
| shell: bash | |
| run: | | |
| git tag ${GITHUB_TAG_MAJOR_VERSION} | |
| create_tag=$(git push --tags || echo "tag exists") | |
| if [[ $create_tag == "tag exists" ]]; then | |
| echo "Delete existing tag to re-create" | |
| git tag -d ${GITHUB_TAG_MAJOR_VERSION} | |
| git push --delete origin ${GITHUB_TAG_MAJOR_VERSION} | |
| echo "sleep for 5 seconds to let github catch up." | |
| sleep 5 | |
| echo "Re-Create Tag." | |
| git tag ${GITHUB_TAG_MAJOR_VERSION} | |
| git push --tags | |
| fi | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| prerelease: true | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| body_path: ${{ github.workspace }}-CHANGELOG.txt | |
| tag_name: ${{ env.GITHUB_TAG_MAJOR_VERSION }} | |
| - name: Publish Release Files | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GORELEASER_CURRENT_TAG: ${{ env.GITHUB_TAG_MAJOR_VERSION }} | |
| run: | | |
| touch .release-env | |
| make release | |
| - name: Artifact Attestations | |
| id: attestation | |
| uses: actions/attest-build-provenance@v1 | |
| with: | |
| subject-path: | | |
| dist/zetacored_**/* | |
| dist/zetaclientd_**/* | |
| dist/checksums.txt | |
| - name: Upload Attestation Bundle | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| shell: bash | |
| run: | | |
| gh release upload ${{ env.GITHUB_TAG_MAJOR_VERSION }} ${{ steps.attestation.outputs.bundle-path }} | |
| - name: Clean Up Workspace | |
| if: always() | |
| shell: bash | |
| run: sudo rm -rf * || echo "failed to cleanup workspace please investigate" |