|
| 1 | +name: Release (Manual) |
| 2 | + |
| 3 | +on: |
| 4 | + workflow_dispatch: |
| 5 | + inputs: |
| 6 | + bump: |
| 7 | + description: Version bump type |
| 8 | + required: true |
| 9 | + type: choice |
| 10 | + options: |
| 11 | + - patch |
| 12 | + - minor |
| 13 | + - major |
| 14 | + |
| 15 | +jobs: |
| 16 | + ci: |
| 17 | + uses: ./.github/workflows/test.yml |
| 18 | + |
| 19 | + release: |
| 20 | + needs: ci |
| 21 | + runs-on: ubuntu-latest |
| 22 | + permissions: |
| 23 | + contents: write |
| 24 | + steps: |
| 25 | + - name: Harden runner |
| 26 | + uses: step-security/harden-runner@v2 |
| 27 | + with: |
| 28 | + egress-policy: block |
| 29 | + allowed-endpoints: > |
| 30 | + api.github.com:443 |
| 31 | + github.com:443 |
| 32 | + objects.githubusercontent.com:443 |
| 33 | + uploads.github.com:443 |
| 34 | +
|
| 35 | + - uses: actions/checkout@v6 |
| 36 | + with: |
| 37 | + fetch-depth: 0 |
| 38 | + |
| 39 | + - name: Compute next version |
| 40 | + id: version |
| 41 | + run: | |
| 42 | + # Match tags with or without leading 'v' |
| 43 | + latest=$(git tag --sort=-version:refname \ |
| 44 | + | grep -E '^v?[0-9]+\.[0-9]+\.[0-9]+$' \ |
| 45 | + | head -1) |
| 46 | + latest="${latest:-v0.0.0}" |
| 47 | + # Normalise to always have a 'v' prefix for parsing |
| 48 | + latest="v${latest#v}" |
| 49 | +
|
| 50 | + major=$(printf '%s' "$latest" | cut -d. -f1 | tr -d 'v') |
| 51 | + minor=$(printf '%s' "$latest" | cut -d. -f2) |
| 52 | + patch=$(printf '%s' "$latest" | cut -d. -f3) |
| 53 | +
|
| 54 | + case "${{ inputs.bump }}" in |
| 55 | + major) major=$((major + 1)); minor=0; patch=0 ;; |
| 56 | + minor) minor=$((minor + 1)); patch=0 ;; |
| 57 | + patch) patch=$((patch + 1)) ;; |
| 58 | + esac |
| 59 | +
|
| 60 | + echo "version=v${major}.${minor}.${patch}" >> "$GITHUB_OUTPUT" |
| 61 | +
|
| 62 | + - name: Tag and push |
| 63 | + run: | |
| 64 | + git config user.name "github-actions[bot]" |
| 65 | + git config user.email "github-actions[bot]@users.noreply.github.com" |
| 66 | + git tag "${{ steps.version.outputs.version }}" |
| 67 | + git push origin "${{ steps.version.outputs.version }}" |
| 68 | +
|
| 69 | + - name: Create GitHub release |
| 70 | + run: | |
| 71 | + VERSION="${{ steps.version.outputs.version }}" |
| 72 | + gh release create "${VERSION}" \ |
| 73 | + --title "Release ${VERSION}" \ |
| 74 | + --generate-notes \ |
| 75 | + --verify-tag |
| 76 | + env: |
| 77 | + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
0 commit comments