-
Notifications
You must be signed in to change notification settings - Fork 0
132 lines (116 loc) · 4.26 KB
/
Copy pathrelease.yml
File metadata and controls
132 lines (116 loc) · 4.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Release
on:
workflow_dispatch:
inputs:
project:
required: true
type: choice
options:
- EncryptedConfigValue.Module
- EncryptedConfigValue.AspNetCore
- EncryptedConfigValue.Cli
dry-run:
required: true
type: boolean
default: false
jobs:
validate:
runs-on: ubuntu-latest
outputs:
result: ${{ steps.validate.outputs.result }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
- name: Validate
id: validate
run: |
IFS=',' read -r -a username_array <<< "${{ secrets.ACCEPT_RELEASE_PR_ALLOW_LIST }}"
user_found=false
for username in "${username_array[@]}"
do
if [ "$username" == "${{ github.actor }}" ]; then
user_found=true
break
fi
done
if [ "$user_found" = "false" ]; then
echo "User ${{ github.actor }} is not authorized to execute this workflow."
echo "result=false" >> $GITHUB_OUTPUT
exit 0
fi
version=$(sed -n 's:.*<version>\(.*\)</version>.*:\1:p' ./${{ inputs.project }}/${{ inputs.project }}.nuspec)
version_of_last_release=$(git tag -l "${{ inputs.project }}/*" | sort -V | tail -n 1 | sed 's/${{ inputs.project }}\///')
if [[ "$version" == "$version_of_last_release" ]]; then
echo "Version in ${{ inputs.project }}.nuspec is same as version of last release. Please update the nuspec file before proceeding with the release."
echo "result=false" >> $GITHUB_OUTPUT
exit 0
fi
if [[ "$(printf '%s\n' "$version" "$version_of_last_release" | sort -V | tail -n 1 | xargs)" != "$version" ]]; then
echo "Version in ${{ inputs.project }}.nuspec is lower than or equal to the version of the last release. Please update the nuspec file with a higher version."
echo "result=false" >> $GITHUB_OUTPUT
exit 0
fi
echo "result=true" >> $GITHUB_OUTPUT
test:
needs: [validate]
if: needs.validate.outputs.result == 'true'
runs-on: ubuntu-latest
outputs:
result: ${{ steps.test.outputs.result }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-dotnet
- name: Build
run: dotnet build ./EncryptedConfigValue.sln --configuration Release
- name: Test
id: test
shell: bash
run: |
if dotnet test --no-restore --verbosity normal; then
echo "result=true" >> $GITHUB_OUTPUT
else
echo "result=false" >> $GITHUB_OUTPUT
fi
release:
needs: [test]
if: needs.test.outputs.result == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/release-action
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
project: ${{ inputs.project }}
dry-run: ${{ inputs.dry-run }}
tag:
needs: [release]
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
- name: Setup git
shell: bash
run: |
git config --global user.name "GitHub Action"
git config --global user.email "action@github.com"
- name: Tag
shell: bash
run: |
version=$(sed -n 's:.*<version>\(.*\)</version>.*:\1:p' ./${{ inputs.project }}/${{ inputs.project }}.nuspec)
hash=$(sed -n 's:.*commit="\([^"]*\)".*:\1:p' ./${{ inputs.project }}/${{ inputs.project }}.nuspec)
if [[ "${{ inputs.dry-run }}" == "true" ]]; then
echo "git tag -a \"${{ inputs.project }}/$version\" -m \"${{ inputs.project }} v$version\" $hash"
echo "git push origin tag \"${{ inputs.project }}/$version\""
else
git tag -a "${{ inputs.project }}/$version" -m "${{ inputs.project }} v$version" $hash
git push origin tag "${{ inputs.project }}/$version"
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}