ci: check continuous release testing (#82) #12
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Semantic Release | |
| on: | |
| push: | |
| branches: | |
| - staging | |
| permissions: | |
| contents: read | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| concurrency: release | |
| if: ${{ github.repository == 'sandialabs/sansmic' }} # do not run everywhere | |
| permissions: | |
| id-token: write | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
| with: | |
| egress-policy: audit | |
| - name: Setup | Checkout Repository at workflow sha | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.sha }} | |
| - name: Setup | Force correct release branch on workflow sha | |
| run: | | |
| git checkout -B ${{ github.ref_name }} ${{ github.sha }} | |
| - name: Setup | Get short commit SHA | |
| id: vars | |
| run: | | |
| echo "short_sha=$(git rev-parse --short HEAD)\n" >> $GITHUB_OUTPUT | |
| - name: Action | Check if release is needed | |
| id: check | |
| # Adjust tag with desired version if applicable. | |
| uses: python-semantic-release/python-semantic-release@c1bcfdbb994243ac7cf419365d5894d6bfb2950e # v9.12.0 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| git_committer_name: "github-actions" | |
| git_committer_email: "[email protected]" | |
| root_options: -vv --noop | |
| build: false | |
| changelog: true | |
| commit: false | |
| push: false | |
| tag: false | |
| vcs_release: false | |
| # prerelease: true | |
| # build_metadata: ${{ github.ref_name }}@${{ steps.vars.outputs.short_sha }} | |
| - name: Action | Semantic Release - Update version | |
| id: release | |
| if: steps.check.outputs.released == 'true' | |
| # Adjust tag with desired version if applicable. | |
| uses: python-semantic-release/python-semantic-release@c1bcfdbb994243ac7cf419365d5894d6bfb2950e # v9.12.0 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| git_committer_name: "github-actions" | |
| git_committer_email: "[email protected]" | |
| build: false | |
| changelog: true | |
| commit: true | |
| push: true | |
| tag: true | |
| vcs_release: false | |
| prerelease: true | |
| prerelease_token: rc | |
| build_metadata: ${{ steps.vars.outputs.short_sha }} | |
| - name: Action | Create Pull Request - Release | |
| if: steps.check.outputs.released == 'true' | |
| run: | | |
| gh pr create -B main -H staging --title "release: Merge into main and create tag as v${{ steps.release.outputs.version }}" --body 'Created by Github action: semantic-release.yml' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Action | Create Pull Request - Chore | |
| if: steps.check.outputs.released == 'false' | |
| run: | | |
| gh pr create -B main -H staging --title 'chore: Merge non-code changes into main' --body 'Created by Github action: semantic-release.yml' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |