mirror of
https://github.com/bitwarden/android.git
synced 2024-12-18 23:31:52 +03:00
128 lines
4.6 KiB
YAML
128 lines
4.6 KiB
YAML
|
name: Create GitHub Release
|
||
|
|
||
|
on:
|
||
|
workflow_dispatch:
|
||
|
inputs:
|
||
|
version-name:
|
||
|
description: 'Version Name - E.g. "2024.11.1"'
|
||
|
required: true
|
||
|
type: string
|
||
|
version-number:
|
||
|
description: 'Version Number - E.g. "123456"'
|
||
|
required: true
|
||
|
type: string
|
||
|
artifact_run_id:
|
||
|
description: 'GitHub Action Run ID containing artifacts'
|
||
|
required: true
|
||
|
type: string
|
||
|
draft:
|
||
|
description: 'Create as draft release'
|
||
|
type: boolean
|
||
|
default: true
|
||
|
prerelease:
|
||
|
description: 'Mark as pre-release'
|
||
|
type: boolean
|
||
|
make_latest:
|
||
|
description: 'Set as the latest release'
|
||
|
type: boolean
|
||
|
branch-protection-type:
|
||
|
description: 'Branch protection type'
|
||
|
type: choice
|
||
|
options:
|
||
|
- Branch Name
|
||
|
- GitHub API
|
||
|
default: Branch Name
|
||
|
env:
|
||
|
ARTIFACTS_PATH: artifacts
|
||
|
jobs:
|
||
|
create-release:
|
||
|
runs-on: ubuntu-24.04
|
||
|
permissions:
|
||
|
contents: write
|
||
|
actions: read
|
||
|
|
||
|
steps:
|
||
|
- name: Check out repository
|
||
|
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
||
|
with:
|
||
|
fetch-depth: 0
|
||
|
|
||
|
- name: Get branch from workflow run
|
||
|
id: get_release_branch
|
||
|
env:
|
||
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||
|
ARTIFACT_RUN_ID: ${{ inputs.artifact_run_id }}
|
||
|
BRANCH_PROTECTION_TYPE: ${{ inputs.branch-protection-type }}
|
||
|
run: |
|
||
|
release_branch=$(gh run view $ARTIFACT_RUN_ID --json headBranch -q .headBranch)
|
||
|
|
||
|
case "$BRANCH_PROTECTION_TYPE" in
|
||
|
"Branch Name")
|
||
|
if [[ "$release_branch" != "main" && ! "$release_branch" =~ ^release/ ]]; then
|
||
|
echo "::error::Branch '$release_branch' is not 'main' or a release branch starting with 'release/'. Releases must be created from protected branches."
|
||
|
exit 1
|
||
|
fi
|
||
|
;;
|
||
|
"GitHub API")
|
||
|
#NOTE requires token with "administration:read" scope
|
||
|
if ! gh api "repos/${{ github.repository }}/branches/$release_branch/protection" | grep -q "required_status_checks"; then
|
||
|
echo "::error::Branch '$release_branch' is not protected. Releases must be created from protected branches. If that's not correct, confirm if the github token user has the 'administration:read' scope."
|
||
|
exit 1
|
||
|
fi
|
||
|
;;
|
||
|
*)
|
||
|
echo "::error::Unsupported branch protection type: $BRANCH_PROTECTION_TYPE"
|
||
|
exit 1
|
||
|
;;
|
||
|
esac
|
||
|
|
||
|
echo "release_branch=$release_branch" >> $GITHUB_OUTPUT
|
||
|
|
||
|
- name: Download artifacts
|
||
|
env:
|
||
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||
|
ARTIFACT_RUN_ID: ${{ inputs.artifact_run_id }}
|
||
|
run: |
|
||
|
gh run download $ARTIFACT_RUN_ID -D $ARTIFACTS_PATH
|
||
|
file_count=$(find $ARTIFACTS_PATH -type f | wc -l)
|
||
|
echo "Downloaded $file_count file(s)."
|
||
|
if [ "$file_count" -gt 0 ]; then
|
||
|
echo "Downloaded files:"
|
||
|
find $ARTIFACTS_PATH -type f
|
||
|
fi
|
||
|
|
||
|
- name: Create Release
|
||
|
id: create_release
|
||
|
uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2.0.9
|
||
|
with:
|
||
|
tag_name: ${{ inputs.version-name }}
|
||
|
name: "v${{ inputs.version-name }} (${{ inputs.version-number }})"
|
||
|
prerelease: ${{ inputs.prerelease }}
|
||
|
draft: ${{ inputs.draft }}
|
||
|
make_latest: ${{ inputs.make_latest }}
|
||
|
target_commitish: ${{ steps.get_release_branch.outputs.release_branch }}
|
||
|
generate_release_notes: true
|
||
|
files: |
|
||
|
artifacts/**/*
|
||
|
|
||
|
- name: Update Release Description
|
||
|
env:
|
||
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||
|
RELEASE_ID: ${{ steps.create_release.outputs.id }}
|
||
|
RELEASE_URL: ${{ steps.create_release.outputs.url }}
|
||
|
ARTIFACT_RUN_ID: ${{ inputs.artifact_run_id }}
|
||
|
run: |
|
||
|
# Get current release body
|
||
|
current_body=$(gh api /repos/${{ github.repository }}/releases/$RELEASE_ID --jq .body)
|
||
|
|
||
|
# Append build source to the end
|
||
|
updated_body="${current_body}
|
||
|
**Builds Source:** https://github.com/${{ github.repository }}/actions/runs/$ARTIFACT_RUN_ID"
|
||
|
|
||
|
# Update release
|
||
|
gh api --method PATCH /repos/${{ github.repository }}/releases/$RELEASE_ID \
|
||
|
-f body="$updated_body"
|
||
|
|
||
|
echo "# :rocket: Release ready at:" >> $GITHUB_STEP_SUMMARY
|
||
|
echo "$RELEASE_URL" >> $GITHUB_STEP_SUMMARY
|