Skip to content

Publish Release

Publish Release #154

name: Publish Release
on:
workflow_dispatch:
inputs:
version:
description: 'Version for Release.'
required: false
default: ''
skip_checks:
type: boolean
required: false
default: false
description: 'Skip pre-release checks and skip straight to the actual release'
skip_release:
type: boolean
required: false
default: false
description: 'Only run pre-release checks'
concurrency:
group: publish-release
cancel-in-progress: false
jobs:
log:
runs-on: ubuntu-22.04
steps:
- name: "Log inputs"
env:
INPUTS: ${{ toJson(inputs) }}
run: echo "${INPUTS}" | jq -r
- name: "Log event"
env:
EVENT: ${{ toJson(github.event) }}
run: echo "${EVENT}" | jq -r
check-branch:
if: (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v'))
runs-on: ubuntu-22.04
steps:
- name: Branch
run: |
echo "${{ github.ref }}"
check-goreleaser:
runs-on: ${{ vars.RELEASE_RUNNER }}
steps:
- uses: actions/checkout@v4
- name: Build release snapshot
if: inputs.skip_checks != true
run: |
make release-snapshot
check-changelog:
needs:
- check-branch
runs-on: ubuntu-22.04
steps:
- name: Checkout code
if: inputs.skip_checks != true
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get latest commit SHA of Develop & Current Branch
if: inputs.skip_checks != true
id: get-develop-sha
run: |
SHA=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
https://api.github.com/repos/${{ github.repository }}/git/ref/heads/develop | jq -r '.object.sha')
echo "DEVELOP_SHA=${SHA}" >> ${GITHUB_ENV}
echo "CURRENT_BRANCH_SHA=${{ github.sha }}" >> ${GITHUB_ENV}
- name: Check for CHANGELOG.md changes
if: inputs.skip_checks != true
run: |
echo "Check the changelog has actually been updated from whats in develop"
echo "DEVELOP BRANCH SHA: ${DEVELOP_SHA}"
echo "CURRENT BRANCH SHA: ${CURRENT_BRANCH_SHA}"
CHANGELOG_DIFF=$(git diff ${DEVELOP_SHA}..${CURRENT_BRANCH_SHA} -- changelog.md)
echo "${CHANGELOG_DIFF}"
if [ -z "$CHANGELOG_DIFF" ]; then
echo "ERROR: No changes detected in CHANGELOG.md. Please update the changelog."
exit 1
else
echo "CHANGELOG.md has been updated."
fi
- name: Mark Job Complete Skipped
if: inputs.skip_checks == true
shell: bash
run: |
echo "continue"
publish-release:
permissions:
id-token: write
contents: write
attestations: write
if: inputs.skip_release != true
needs:
- check-changelog
- check-branch
- check-goreleaser
runs-on: ${{ vars.RELEASE_RUNNER }}
timeout-minutes: 60
environment: release
steps:
- uses: actions/checkout@v4
- name: Change Log Release Notes.
id: release_notes
run: |
cat changelog.md > ${{ github.workspace }}-CHANGELOG.txt
cat ${{ github.workspace }}-CHANGELOG.txt
- name: Set Version
run: |
echo "GITHUB_TAG_MAJOR_VERSION=${{ inputs.version }}" >> ${GITHUB_ENV}
- name: Create Release Tag
shell: bash
run: |
git tag ${GITHUB_TAG_MAJOR_VERSION}
create_tag=$(git push --tags || echo "tag exists")
if [[ $create_tag == "tag exists" ]]; then
echo "Delete existing tag to re-create"
git tag -d ${GITHUB_TAG_MAJOR_VERSION}
git push --delete origin ${GITHUB_TAG_MAJOR_VERSION}
echo "sleep for 5 seconds to let github catch up."
sleep 5
echo "Re-Create Tag."
git tag ${GITHUB_TAG_MAJOR_VERSION}
git push --tags
fi
- name: Create GitHub Release
uses: softprops/action-gh-release@v1
with:
prerelease: true
token: ${{ secrets.GITHUB_TOKEN }}
body_path: ${{ github.workspace }}-CHANGELOG.txt
tag_name: ${{ env.GITHUB_TAG_MAJOR_VERSION }}
- name: Publish Release Files
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GORELEASER_CURRENT_TAG: ${{ env.GITHUB_TAG_MAJOR_VERSION }}
run: |
touch .release-env
make release
- name: Artifact Attestations
id: attestation
uses: actions/attest-build-provenance@v1
with:
subject-path: |
dist/zetacored_**/*
dist/zetaclientd_**/*
dist/checksums.txt
- name: Upload Attestation Bundle
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
shell: bash
run: |
gh release upload ${{ env.GITHUB_TAG_MAJOR_VERSION }} ${{ steps.attestation.outputs.bundle-path }}
- name: Clean Up Workspace
if: always()
shell: bash
run: sudo rm -rf * || echo "failed to cleanup workspace please investigate"