ci(deps): Bump actions/upload-artifact from 3.1.2 to 4.3.2 #290
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Release | |
| # | |
| # Publish a GitHub release on release branch merge or workflow dispatch. | |
| # | |
| # References: | |
| # | |
| # - https://cli.github.com/manual/gh_release_create | |
| # - https://docs.github.com/actions/learn-github-actions/contexts | |
| # - https://docs.github.com/actions/learn-github-actions/expressions | |
| # - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#pull_request | |
| # - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch | |
| # - https://docs.github.com/actions/using-workflows/using-github-cli-in-workflows | |
| # - https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions | |
| # - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request | |
| # - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_dispatch | |
| # - https://git-scm.com/book/en/v2/Git-Basics-Tagging | |
| # - https://github.com/actions/checkout | |
| # - https://github.com/bdougie/close-issues-based-on-label | |
| # - https://github.com/crazy-max/ghaction-import-gpg | |
| # - https://github.com/flex-development/dist-tag-action | |
| # - https://github.com/hmarr/debug-action | |
| # - https://yarnpkg.com/cli/pack | |
| --- | |
| name: release | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| types: | |
| - closed | |
| workflow_dispatch: | |
| inputs: | |
| sha: | |
| description: release commit sha | |
| required: true | |
| type: string | |
| env: | |
| REF: ${{ inputs.sha || github.event.pull_request.merge_commit_sha }} | |
| REF_NAME: ${{ format('main@{0}', inputs.sha || github.event.pull_request.merge_commit_sha) }} | |
| jobs: | |
| preflight: | |
| if: | | |
| (github.event.pull_request.merged && startsWith(github.head_ref, 'release/')) || | |
| (github.event_name == 'workflow_dispatch' && github.ref_name == 'main') | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| outputs: | |
| prerelease: ${{ steps.dist-tag.outputs.prerelease }} | |
| tag: ${{ steps.tag.outputs.result }} | |
| version: ${{ steps.version.outputs.result }} | |
| steps: | |
| - id: debug | |
| name: Print environment variables and event payload | |
| uses: hmarr/debug-action@v2.1.0 | |
| - id: checkout | |
| name: Checkout ${{ env.REF_NAME }} | |
| uses: actions/checkout@v4.1.1 | |
| with: | |
| ref: ${{ env.REF }} | |
| - id: version | |
| name: Get package version | |
| run: echo "result=$(jq .version package.json -r)" >>$GITHUB_OUTPUT | |
| - id: tag-prefix | |
| name: Get release tag prefix | |
| run: echo "result=$(jq .tagPrefix package.json -r)" >>$GITHUB_OUTPUT | |
| - id: tag | |
| name: Get release tag | |
| run: | | |
| echo "result=${{ format('{0}{1}', steps.tag-prefix.outputs.result, steps.version.outputs.result) }}" >>$GITHUB_OUTPUT | |
| - id: dist-tag | |
| name: Get dist tag | |
| uses: flex-development/dist-tag-action@1.1.2 | |
| with: | |
| target: ${{ steps.version.outputs.result }} | |
| publish: | |
| needs: preflight | |
| permissions: | |
| contents: write | |
| packages: read | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: release | |
| url: | |
| ${{ format('{0}/{1}/releases/tag/{2}', github.server_url, github.repository, | |
| needs.preflight.outputs.tag) }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| HUSKY: 0 | |
| NODE_ENV: production | |
| NODE_NO_WARNINGS: 1 | |
| NOTES_FILE: ./RELEASE_NOTES.md | |
| PRERELEASE: ${{ needs.preflight.outputs.prerelease }} | |
| TAG: ${{ needs.preflight.outputs.tag }} | |
| steps: | |
| - id: checkout | |
| name: Checkout ${{ env.REF_NAME }} | |
| uses: actions/checkout@v4.1.1 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: true | |
| ref: ${{ env.REF }} | |
| - id: gpg-import | |
| name: Import GPG key | |
| uses: crazy-max/ghaction-import-gpg@v5.4.0 | |
| with: | |
| git_config_global: true | |
| git_tag_gpgsign: true | |
| git_user_signingkey: true | |
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| # todo: remove when https://github.com/crazy-max/ghaction-import-gpg/issues/118 is resolved | |
| - id: gpg-trust | |
| name: Set trust on GPG key | |
| run: | | |
| gpg --no-tty --command-fd 0 --edit-key ${{ steps.gpg-import.outputs.keyid }} << EOTRUST | |
| trust | |
| 5 | |
| y | |
| quit | |
| EOTRUST | |
| - id: yarn | |
| name: Install dependencies | |
| run: yarn | |
| - id: pack | |
| name: Pack project | |
| run: yarn pack -o %s-%v.tgz | |
| - id: release-notes | |
| name: Generate release notes | |
| run: yarn changelog --outfile $NOTES_FILE --write | |
| - id: tag | |
| name: Create annotated tag | |
| env: | |
| GIT_AUTHOR_EMAIL: ${{ steps.gpg-import.outputs.email }} | |
| GIT_COMMITTER_EMAIL: ${{ steps.gpg-import.outputs.email }} | |
| run: | | |
| git tag --annotate --force --sign $TAG --message "release: $TAG" | |
| git tag --verify $TAG | |
| git push origin $TAG | |
| - id: publish | |
| name: Publish release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.PAT_REPO }} | |
| run: gh release create $TAG *.tgz -t=$TAG -p=$PRERELEASE -F=$NOTES_FILE | |
| - id: close-issues | |
| name: Close released issues | |
| uses: bdougie/close-issues-based-on-label@master | |
| env: | |
| LABEL: status:${{ needs.preflight.outputs.prerelease && 'prereleased' || 'released' }} |