Skip to content

pgp revoked test

pgp revoked test #856

name: release-please
on:
push:
branches: ["main"]
permissions: {}
jobs:
release-please:
if: github.repository.fork == false
permissions: {}
runs-on: ubuntu-latest
outputs:
app-name: ${{ format('{0}[bot]', steps.generate_token.outputs.app-slug) }}
release_created: ${{ steps.release.outputs.release_created }}
tag_name: ${{ steps.release.outputs.tag_name }}
steps:
- name: Generate a token
id: generate_token
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
with:
app-id: ${{ secrets.MAZI_RELEASE_APP_ID }}
private-key: ${{ secrets.MAZI_RELEASE_APP_PRIVATE_KEY }}
- uses: googleapis/release-please-action@7987652d64b4581673a76e33ad5e98e3dd56832f # v4.1.3
id: release
with:
token: ${{ steps.generate_token.outputs.token }}
config-file: .github/release-please/release-please-config.json
manifest-file: .github/release-please/.release-please-manifest.json
skip-github-pull-request: ${{ startsWith(github.event.head_commit.message, 'release:') && github.event.head_commit.author.name == format('{0}[bot]', steps.generate_token.outputs.app-slug) }}
- if: ${{ steps.release.outputs.release_created }}
name: Create tag
run: |
gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"/repos/$OWNER_REPO/git/refs" \
-f "ref=refs/tags/$TAG" -f "sha=$SHA"
env:
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
OWNER_REPO: ${{ github.repository }}
TAG: ${{ steps.release.outputs.tag_name }}
SHA: ${{ steps.release.outputs.sha }}
publish-crates:
needs: release-please
if: ${{ needs.release-please.outputs.release_created }}
permissions: {}
runs-on: ubuntu-latest
steps:
- run: ''
# uses: ./.github/workflows/publish-crates.yml
# with:
# dry-run: true
docker-publish:
needs: release-please
if: ${{ needs.release-please.outputs.release_created }}
permissions:
contents: write
packages: write
uses: ./.github/workflows/docker-publish.yml
with:
tag-name: ${{ needs.release-please.outputs.tag_name }}
publish-release:
needs: [release-please, docker-publish, publish-crates]
if: ${{ needs.release-please.outputs.release_created }}
permissions:
contents: write
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: ${{ github.repository }}
runs-on: ubuntu-latest
steps:
- run: gh release edit ${{ needs.release-please.outputs.tag_name }} --draft=false
get-pr-number:
needs: [release-please]
if: ${{ needs.release-please.outputs.release_created }}
permissions: {}
runs-on: ubuntu-latest
outputs:
pr_number: ${{ steps.pr-number.outputs.pr_number }}
steps:
- name: Get PR number
id: pr-number
env:
HEAD_COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
run: |
echo "pr_number=$(printf "$HEAD_COMMIT_MESSAGE" | head -n1 | sed -nE 's/.+\(#([0-9]+)\)$/\1/p')" >> "$GITHUB_OUTPUT"
update-release-comment:
needs: [release-please, publish-release, get-pr-number]
if: ${{ needs.release-please.outputs.release_created }}
permissions:
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: peter-evans/find-comment@3eae4d37986fb5a8592848f6a574fdf654e61f9e # v3.1.0
id: fc
with:
issue-number: ${{ needs.get-pr-number.outputs.pr_number }}
comment-author: ${{ needs.release-please.outputs.app-name }}
body-includes: "- [${{ needs.release-please.outputs.tag_name }}](${{ github.event.repository.html_url }}/releases/tag/untagged-"
- if: steps.fc.conclusion == 'success'
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
comment-id: ${{ steps.fc.outputs.comment-id }}
issue-number: ${{ needs.get-pr-number.outputs.pr_number }}
body: |
:robot: Release is at ${{ github.event.repository.html_url }}/releases/tag/${{ needs.release-please.outputs.tag_name }} :sunflower:
edit-mode: replace
add-docker-comment:
needs: [release-please, docker-publish, get-pr-number]
if: ${{ needs.release-please.outputs.release_created }}
permissions:
pull-requests: write
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: ${{ github.repository }}
runs-on: ubuntu-latest
steps:
- name: Add comment to PR
run: |
printf ':robot: Successfully published to ${{ needs.docker-publish.outputs.image_url }} :truck:\n```\n${{ join(needs.docker-publish.outputs.image_tags, '\n') }}\n```' \
| gh pr comment ${{ needs.get-pr-number.outputs.pr_number }} --body-file=-
label-published:
needs: [release-please, publish-release, get-pr-number]
if: ${{ needs.release-please.outputs.release_created }}
permissions:
pull-requests: write
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: ${{ github.repository }}
runs-on: ubuntu-latest
steps:
- name: Create published label
run: |
gh label create 'autorelease: published' --color=EDEDED || true
- name: Change labels on PR
run: |
gh pr edit ${{ needs.get-pr-number.outputs.pr_number }} \
--remove-label='autorelease: tagged' \
--add-label='autorelease: published'
move-tags:
needs: [release-please, publish-release]
if: ${{ needs.release-please.outputs.release_created }}
permissions:
contents: write
runs-on: ubuntu-latest
steps:
# You have to check out your repo first.
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
sparse-checkout: ""
sparse-checkout-cone-mode: false
fetch-tags: true
- uses: fischerscode/tagger@5ca3fa63ce3003fb7183cae547644b29f3b632be # v0.2.0
with:
prefix: v
tag: ${{ needs.release-please.outputs.tag_name }}