-
Notifications
You must be signed in to change notification settings - Fork 5
156 lines (133 loc) · 5.9 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: Release Creation
on:
workflow_dispatch:
inputs:
tag:
description: 'Release tag'
required: true
type: string
dev:
description: 'Is dev build'
required: false
default: true
type: boolean
publisherID:
description: 'Enter Publisher ID (ignore if not Dev release)'
required: false
type: string
env:
PUBLISHER: Checkmarx
jobs:
release:
runs-on: ubuntu-latest
outputs:
CLI_VERSION: ${{ steps.extract_cli_version.outputs.CLI_VERSION }}
TAG_NAME: ${{ steps.set_tag_name.outputs.TAG_NAME }}
steps:
- uses: actions/checkout@v4
- name: Set Extension and Publisher ID
run: |
if [ "${{ inputs.dev }}" == "true" ]; then
echo "EXTENSION_ID=checkmarx-ast-azure-plugin-dev" >> $GITHUB_ENV
if [ -n "${{ inputs.publisherID }}" ]; then
echo "PUBLISHER_ID=${{ inputs.publisherID }}" >> $GITHUB_ENV
fi
else
echo "EXTENSION_ID=checkmarx-ast-azure-plugin" >> $GITHUB_ENV
fi
- name: Set Publisher ID
run: |
if [ "${{ inputs.dev }}" == "true" ]; then
echo "PUBLISHER_ID=checkmarx-dev" >> $GITHUB_ENV
fi
- name: Tag
id: set_tag_name
run: |
echo ${{ inputs.tag }}
tag=${{ inputs.tag }}
echo "RELEASE_VERSION=${{ inputs.tag }}" >> $GITHUB_ENV
message='${{ inputs.tag }}'
git config user.name "${GITHUB_ACTOR}"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git tag -a "${tag}" -m "${message}"
git push origin "${tag}"
echo "::set-output name=TAG_NAME::${{ inputs.tag }}"
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/[email protected]
with:
node-version: ${{ matrix.node-version }}
- run: npm install
- run: sudo npm install -g tfx-cli
- name: Authenticate with GitHub package registry
run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > ~/.npmrc
- name: Build step
run: |
npm install
cd cxAstScan/
npm install
- run: npm run build
- name: Set new version
run: |
echo "RELEASE_VERSION=${{inputs.tag}}" >> $GITHUB_ENV
- name: Set major, minor, patch values
run: |
CLEAN_VERSION=$(echo ${{ env.RELEASE_VERSION }} | grep -Eo '^[0-9]+\.[0-9]+\.[0-9]+')
echo "CLEAN_VERSION=$CLEAN_VERSION" >> $GITHUB_ENV
echo "MAJOR_VERSION=$(echo $CLEAN_VERSION | cut -d. -f1)" >> $GITHUB_ENV
echo "MINOR_VERSION=$(echo $CLEAN_VERSION | cut -d. -f2)" >> $GITHUB_ENV
echo "PATCH_VERSION=$(echo $CLEAN_VERSION | cut -d. -f3)" >> $GITHUB_ENV
- name: New version
run: |
echo "The new version is ${{ env.RELEASE_VERSION }}"
echo "The new major version is ${{ env.MAJOR_VERSION }}"
echo "The new minor version is ${{ env.MINOR_VERSION }}"
echo "The new patch version is ${{ env.PATCH_VERSION }}"
- name: Extract CLI version
id: extract_cli_version
run: |
ls -la
pwd
CLI_VERSION=$(cat ./cxAstScan/node_modules/@checkmarxdev/ast-cli-javascript-wrapper-runtime-cli/checkmarx-ast-cli.version | grep -Eo '^[0-9]+\.[0-9]+\.[0-9]+')
echo "CLI version being packed is $CLI_VERSION"
echo "CLI_VERSION=$CLI_VERSION" >> $GITHUB_ENV
echo "::set-output name=CLI_VERSION::$CLI_VERSION"
- name: Set versions in files
run: |
cat <<< $(jq ".version = \"${{ env.CLEAN_VERSION }}\"" ./vss-extension.json) > ./vss-extension.json
cat <<< $(jq ".version = \"${{ env.RELEASE_VERSION }}\"" ./package.json) > ./package.json
cat <<< $(jq ".version.Major = ${{ env.MAJOR_VERSION }}" ./cxAstScan/task.json) > ./cxAstScan/task.json
cat <<< $(jq ".version.Minor = ${{ env.MINOR_VERSION }}" ./cxAstScan/task.json) > ./cxAstScan/task.json
cat <<< $(jq ".version.Patch = ${{ env.PATCH_VERSION }}" ./cxAstScan/task.json) > ./cxAstScan/task.json
- name: Set ID public and publisher fields if dev release
run: |
if [ "${{ inputs.dev }}" == "true" ]; then
cat <<< $(jq ".public = false" vss-extension.json) > vss-extension.json
cat <<< $(jq ".id = \"${{ env.EXTENSION_ID }}\"" vss-extension.json) > vss-extension.json
cat <<< $(jq ".publisher = \"${{ inputs.publisherID }}\"" vss-extension.json) > vss-extension.json
fi
- name: Create extension
run: tfx extension create --manifest-globs vss-extension.json
# Create the release
- name: Create Release
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 #v2.0.8 - Check for the latest version and updated here if there is a new one
with:
release_name: Checkmarx Azure ${{ env.RELEASE_VERSION }}
tag_name: ${{ env.RELEASE_VERSION }}
files: ./${{ env.PUBLISHER }}.${{ env.EXTENSION_ID }}-${{ env.CLEAN_VERSION }}.vsix
generate_release_notes: true
prerelease: ${{ inputs.dev }}
- name: Release to marketplace
if: inputs.dev == 'false'
run: tfx extension publish --vsix *.vsix --token ${{ secrets.AZURETOKEN }}
notify:
if: inputs.dev == false
needs: release
uses: Checkmarx/plugins-release-workflow/.github/workflows/release-notify.yml@main
with:
product_name: Azure Plugin
release_version: ${{ needs.release.outputs.TAG_NAME }}
cli_release_version: ${{ needs.release.outputs.CLI_VERSION }}
release_author: "Phoenix Team"
release_url: https://github.com/Checkmarx/ast-azure-plugin/releases/tag/${{ needs.release.outputs.TAG_NAME }}
jira_product_name: ADO
secrets: inherit