Release #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| bump: | |
| description: 'Version bump type' | |
| required: true | |
| default: 'patch' | |
| type: choice | |
| options: | |
| - major | |
| - minor | |
| - patch | |
| permissions: read-all | |
| jobs: | |
| release: | |
| permissions: | |
| contents: write | |
| id-token: write | |
| attestations: write | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
| with: | |
| persist-credentials: false | |
| - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 | |
| - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
| with: | |
| node-version: '20' | |
| - run: pnpm install --frozen-lockfile | |
| - run: pnpm run lint | |
| - run: pnpm run build | |
| - run: | | |
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| current_version=$(\ | |
| pnpm exec tfx extension show -- --publisher JamieMagee --extension-id scorecard --trace-level none --token ${{ secrets.AZURE_MARKETPLACE_TOKEN }} | \ | |
| jq -r '.versions[0].version' | |
| ) | |
| version_parts=(${current_version//./ }) | |
| case "${{ github.event.inputs.bump }}" in | |
| major) | |
| new_version="${version_parts[0]}.$((version_parts[1]))$((version_parts[2] + 1))" | |
| ;; | |
| minor) | |
| new_version="${version_parts[0]}.$((version_parts[1] + 1)).0" | |
| ;; | |
| patch) | |
| new_version="${version_parts[0]}.$((version_parts[1])).$((version_parts[2] + 1))" | |
| ;; | |
| esac | |
| jq --arg new_version "$new_version" '.version = $new_version' vss-extension.json > tmp.json && mv tmp.json vss-extension.json | |
| jq --arg new_version "$new_version" '.version.Major = ($new_version | split(".") | .[0] | tonumber) | .version.Minor = ($new_version | split(".") | .[1] | tonumber) | .version.Patch = ($new_version | split(".") | .[2] | tonumber)' dist/task.json > tmp.json && mv tmp.json dist/task.json | |
| echo "new_version=$new_version" >> $GITHUB_OUTPUT | |
| id: bump_version | |
| - run: pnpm run package | |
| - run: echo "filename=JamieMagee.scorecard-${{ steps.bump_version.outputs.new_version }}.vsix" >> $GITHUB_OUTPUT | |
| id: set_filename | |
| # - uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 | |
| # with: | |
| # subject-path: '*.vsix' | |
| - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: scorecard | |
| path: ${{ steps.set_filename.outputs.filename }} | |
| - name: Create Release | |
| id: create_release | |
| uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 | |
| with: | |
| tag_name: v${{ steps.bump_version.outputs.new_version }} | |
| files: ${{ steps.set_filename.outputs.filename }} | |
| generate_release_notes: true | |
| draft: false | |
| prerelease: false | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish to Azure Marketplace | |
| run: | | |
| pnpm exec tfx extension publish -- --token ${{ secrets.AZURE_MARKETPLACE_TOKEN }} --vsix ${{ steps.set_filename.outputs.filename }} |