Skip to content

Semantic Release

Semantic Release #37

name: Semantic Release
on:
workflow_run:
workflows: [CI]
types: [completed]
branches:
- master
jobs:
semantic-release:
name: Semantic Release
runs-on: ubuntu-24.04
if: github.event.workflow_run.conclusion == 'success' && github.repository == 'msclock/cmake-registry'
permissions:
contents: write
id-token: write
issues: write
pull-requests: write
steps:
- name: Generate a bot token with BOT_APP_ID
id: bot_token
if: vars.BOT_APP_ID && env.BOT_PRIVATE_KEY != null
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1
env:
BOT_PRIVATE_KEY: ${{ secrets.BOT_PRIVATE_KEY }}
with:
app-id: ${{ vars.BOT_APP_ID }}
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
- name: Warn if use GITHUB_TOKEN
if: env._GITHUB_TOKEN == env._TO_BE_VERIFIED_TOKEN
env:
_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
_TO_BE_VERIFIED_TOKEN: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
run: |
echo "# :warning: GITHUB_TOKEN is used" >> $GITHUB_STEP_SUMMARY
echo "The GITHUB_TOKEN is used instead of a bot token or PAT that will not emit the released publish event for triggering a released workflow." >> $GITHUB_STEP_SUMMARY
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4
with:
fetch-depth: 0
token: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
- name: Setup Node.js
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4
with:
node-version: lts/*
- name: Semantic Release
env:
GITHUB_TOKEN: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
run: >
npx
--package @semantic-release/exec
--package conventional-changelog-conventionalcommits@7
--package semantic-release@22
semantic-release