-
Notifications
You must be signed in to change notification settings - Fork 0
122 lines (112 loc) · 3.72 KB
/
semantic.yaml
File metadata and controls
122 lines (112 loc) · 3.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
---
name: Semantic
"on":
pull_request:
branches:
- main
- release
push:
branches:
- main
- release
jobs:
rebase:
name: "Rebase"
runs-on: ubuntu-latest
# Runs when: push to main with commit message starting with "chore(release):"
if: >-
github.event_name == 'push' &&
github.ref == 'refs/heads/main' &&
startsWith(github.event.head_commit.message, 'chore(release):')
concurrency:
group: push-rebase-main
cancel-in-progress: true
permissions:
pull-requests: write
contents: write
steps:
- name: "Rebase all non-draft non-dependencies pull requests"
uses: peter-evans/rebase@v4.0.0
with:
base: main
exclude-drafts: true
exclude-labels: dependencies
validate:
name: "Validate"
runs-on: ubuntu-latest
# Runs when: pull_request targeting main
if: github.event_name == 'pull_request'
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Semantic release dry run
run: |
docker run --rm \
--user 1001 \
-v ${{ github.workspace }}:/workspace \
-w /workspace \
ghcr.io/disafronov/semantic-release:latest \
--dry-run
release:
name: "Release"
runs-on: ubuntu-latest
# Runs when: push to release OR push to main (excluding "chore(release):" commits)
if: >-
github.event_name == 'push' && (
github.ref == 'refs/heads/release' ||
(github.ref == 'refs/heads/main' && !startsWith(github.event.head_commit.message, 'chore(release):'))
)
permissions:
contents: write
pull-requests: write
concurrency:
group: semantic-release
cancel-in-progress: false
steps:
- name: Checkout
uses: actions/checkout@v6
with:
fetch-depth: 0
token: ${{ secrets.SEMANTIC_RELEASE_TOKEN || secrets.GITHUB_TOKEN }}
- name: Semantic release
run: |
docker run --rm \
--user 1001 \
-v ${{ github.workspace }}:/workspace \
-w /workspace \
-e GITHUB_TOKEN=${{ secrets.SEMANTIC_RELEASE_TOKEN || secrets.GITHUB_TOKEN }} \
-e CI=true \
ghcr.io/disafronov/semantic-release:latest
- name: Sync release to main
# Runs when: release job ran on release branch
if: success() && github.ref == 'refs/heads/release'
run: |
git config user.name "Release Bot"
git config user.email "noreply@github.com"
# Fetch latest state after semantic-release pushed commits
# This ensures we get all commits that semantic-release created
git fetch origin
# Check if main is already up to date with release
if git diff --quiet origin/main origin/release; then
echo "main is already up to date with release"
exit 0
fi
# Check if main is ancestor of release (can fast-forward)
if git merge-base --is-ancestor origin/main origin/release; then
echo "Fast-forwarding main to release"
git checkout -B main origin/main
git merge --ff-only origin/release
git push origin main
else
echo "Rebasing main onto release (force-with-lease required)"
git checkout -B main origin/main
git rebase origin/release
# Use --force-with-lease for safety: only push if remote hasn't changed
git push --force-with-lease origin main
fi
env:
GITHUB_TOKEN: ${{ secrets.SEMANTIC_RELEASE_TOKEN || secrets.GITHUB_TOKEN }}