-
Notifications
You must be signed in to change notification settings - Fork 0
134 lines (129 loc) · 5.52 KB
/
Copy pathrelease.yml
File metadata and controls
134 lines (129 loc) · 5.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: Release gvm-auth-lib
on:
pull_request:
types: [closed]
workflow_dispatch:
inputs:
release-type:
type: choice
description: What kind of release do you want to do?
options:
- patch
- minor
- major
release-version:
type: string
description: Set an explicit version, that will overwrite release-type. Fails if version is not compliant.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build-and-release:
name: Create a new release
# If the event is a workflow_dispatch or on of the labels 'pre release',
# 'patch release', 'minor release' or 'major release' is set and PR is
# closed because of a merge
# NOTE: priority of set labels will be alpha > release-candidate > patch > minor > major,
# so if 'major' and 'patch' labels are set, it will create a patch release.
if: |
( github.event_name == 'workflow_dispatch') || (
( contains(github.event.pull_request.labels.*.name, 'alpha release') ||
contains(github.event.pull_request.labels.*.name, 'rc release') ||
contains(github.event.pull_request.labels.*.name, 'patch release') ||
contains(github.event.pull_request.labels.*.name, 'minor release') ||
contains(github.event.pull_request.labels.*.name, 'major release')) &&
github.event.pull_request.merged == true )
runs-on: "ubuntu-latest"
outputs:
git-release-tag: ${{ steps.release.outputs.git-release-tag }}
release-version: ${{ steps.release-version.outputs.release-version }}
steps:
- name: Selecting the Release type
id: release-type
uses: greenbone/actions/release-type@v3
with:
release-type-input: ${{ inputs.release-type }}
- name: Checkout code
uses: actions/checkout@v7
with:
fetch-depth: 0 # for conventional commits and getting all git tags
persist-credentials: false
ref: ${{ steps.release-type.outputs.release-ref }}
- name: Determine release version
id: release-version
uses: greenbone/actions/release-version@v3
with:
release-type: ${{ steps.release-type.outputs.release-type }}
release-version: ${{ inputs.release-version }}
versioning-scheme: "semver"
- name: Install git-cliff
uses: greenbone/actions/uv@v3
with:
install: git-cliff
- name: Determine changelog
env:
GITHUB_REPO: ${{ github.repository }}
GITHUB_TOKEN: ${{ github.token }}
run: |
git-cliff -v --strip header -o /tmp/changelog.md --unreleased --tag ${{ steps.release-version.outputs.release-version }} ${{ steps.release-version.outputs.last-release-version }}..HEAD
- name: Release with release action
id: release
uses: greenbone/actions/release@v3
with:
github-user: ${{ secrets.GREENBONE_BOT }}
github-user-mail: ${{ secrets.GREENBONE_BOT_MAIL }}
github-user-token: ${{ secrets.GREENBONE_BOT_TOKEN }}
release-version: ${{ steps.release-version.outputs.release-version }}
changelog: /tmp/changelog.md
ref: ${{ steps.release-type.outputs.release-ref }}
versioning-scheme: "semver"
sign-release-files: "false"
project-types: "cargo"
next-version: "false"
build-binaries:
name: Build binary artifacts
runs-on: "ubuntu-latest"
container: rust:slim-bookworm
needs: build-and-release
steps:
- uses: actions/checkout@v7
with:
ref: ${{ needs.build-and-release.outputs.git-release-tag }}
- name: Build project
run: |
apt-get update && apt-get install -y cmake make gcc libc6-dev wget
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_TESTING=OFF -S . -B build
cmake --build build
DESTDIR=/tmp/install cmake --install build
- name: Create tarballs
run: |
tar -C /tmp/install -czvf gvm-auth-c-${{ needs.build-and-release.outputs.release-version }}.tar.gz .
- name: Upload Artifacts
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a #v7.0.1
with:
name: gvm-auth-c-${{ needs.build-and-release.outputs.release-version }}-tarball
path: gvm-auth-c-${{ needs.build-and-release.outputs.release-version }}.tar.gz
upload-and-sign-release-files:
name: Upload and sign release files
runs-on: "ubuntu-latest"
needs:
- build-and-release
- build-binaries
steps:
- name: Download release artifacts
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c #v8.0.1
with:
name: gvm-auth-c-${{ needs.build-and-release.outputs.release-version }}-tarball
- name: Upload release artifacts to GitHub Release
run: |
gh release upload --repo ${{ github.repository }} ${{ needs.build-and-release.outputs.git-release-tag }} gvm-auth-c-${{ needs.build-and-release.outputs.release-version }}.tar.gz
env:
GH_TOKEN: ${{ secrets.GREENBONE_BOT_TOKEN }}
- name: Sign release files
uses: greenbone/actions/sign-release-files@v3
with:
gpg-key: ${{ secrets.GPG_KEY }}
gpg-fingerprint: ${{ secrets.GPG_FINGERPRINT }}
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
release-version: ${{ needs.build-and-release.outputs.release-version }}
github-token: ${{ secrets.GREENBONE_BOT_TOKEN }}