WIP audit trail tabs #25
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Workflow | |
on: [push] | |
jobs: | |
release-management: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set app env | |
run: | | |
# Split and keep last | |
echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV | |
echo "APP_VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV | |
# Step 1: Checkout the code | |
- name: Checkout Code | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.head_ref }} # Checkout the correct branch name | |
fetch-depth: 0 # Fetch the whole repo history | |
# Step 2: Prepare the signing certificate and key | |
- name: Prepare Signing Certificate and Key | |
run: | | |
echo "${{ secrets.NEXTCLOUD_SIGNING_CERT }}" > signing-cert.crt | |
echo "${{ secrets.NEXTCLOUD_SIGNING_KEY }}" > signing-key.key | |
# Step 3: Install Node.js dependencies using npm | |
- name: Install npm dependencies | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '18.x' # Specify Node.js version | |
# Step 4: Install PHP extensions | |
- name: Set up PHP and install extensions | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: '8.2' | |
extensions: zip, gd | |
# Step 5: Build the node dependencies | |
- run: npm ci | |
# Step 6: Build the node dependencies | |
- run: npm run build | |
# Step 7: Build composer dependencies | |
- run: composer i --no-dev | |
# Step 8: Copy the files into the package directory, excluding .git and package itself | |
- name: Copy the package files into the package | |
run: | | |
mkdir -p package/zaakafhandelapp | |
rsync -av --progress \ | |
--exclude='package' \ | |
--exclude='.git' \ | |
--exclude='.github' \ | |
--exclude='.vscode' \ | |
--exclude='docker' \ | |
--exclude='docs' \ | |
--exclude='node_modules' \ | |
--exclude='src' \ | |
--exclude='test' \ | |
--exclude='package-lock.json' \ | |
--exclude='composer.lock' \ | |
--exclude='composer-setup.php' \ | |
--exclude='.phpunit.result.cache' \ | |
--exclude='phpmd.xml' \ | |
--exclude='signing-key.key' \ | |
--exclude='package.json' \ | |
--exclude='composer.json' \ | |
--exclude='coverage.txt' \ | |
--exclude='signing-cert.crt' \ | |
--exclude='docker-compose.yml' \ | |
--exclude='webpack.config.js' \ | |
--exclude='.prettierrc' \ | |
--exclude='psalm.xml' \ | |
--exclude='phpunit.xml' \ | |
--exclude='tsconfig.json' \ | |
--exclude='changelog-ci-config.json' \ | |
--exclude='jest.config.js' \ | |
--exclude='.gitattributes' \ | |
--exclude='.php-cs-fixer.dist.php' \ | |
--exclude='.gitignore' \ | |
--exclude='.eslintrc.js' \ | |
--exclude='stylelint.config.js' \ | |
--exclude='.babelrc' \ | |
--exclude='.nvmrc' \ | |
./ package/zaakafhandelapp/ | |
# Step 9: Create the TAR.GZ archive with code in zaakafhandelapp directory | |
- name: Create Tarball | |
run: | | |
cd package && tar -czf ../nexcloud-release.tar.gz zaakafhandelapp | |
# Step 10: Sign the TAR.GZ file with OpenSSL | |
- name: Sign the TAR.GZ file with OpenSSL | |
run: | | |
openssl dgst -sha512 -sign signing-key.key nexcloud-release.tar.gz | openssl base64 -out nexcloud-release.signature | |
# Step 11: Generate Git version information | |
- name: Git Version | |
id: version | |
uses: codacy/[email protected] | |
with: | |
release-branch: main | |
# Step 12: Extract repository description | |
- name: Extract repository description | |
id: repo-description | |
run: | | |
description=$(jq -r '.description' <(curl -s https://api.github.com/repos/${{ github.repository }})) | |
echo "REPO_DESCRIPTION=$description" >> $GITHUB_ENV | |
# Step 13: Run Changelog CI | |
- name: Run Changelog CI | |
if: github.ref == 'refs/heads/master' | |
uses: saadmk11/[email protected] | |
with: | |
release_version: ${{ steps.version.outputs.version }} | |
config_file: changelog-ci-config.json | |
# Step 14: Output the version | |
- name: Use the version | |
run: | | |
echo ${{ steps.version.outputs.version }} | |
# Step 15: Copy the files into the package directory, excluding .git and package itself | |
- name: Copy the package files into the package | |
run: | | |
mkdir -p package/zaakafhandelapp | |
rsync -av --progress --exclude='package' --exclude='.git' ./ package/zaakafhandelapp/ | |
# Step 18: Create a new release on GitHub | |
- name: Upload Release | |
uses: ncipollo/[email protected] | |
with: | |
artifacts: | | |
LICENSE.md | |
nexcloud-release.tar.gz | |
nexcloud-release.signature | |
zaakafhandelapp-build.zip | |
zaakafhandelapp-build.tar.gz | |
token: ${{ secrets.GITHUB_TOKEN }} | |
tag: ${{ steps.version.outputs.version }} | |
- name: Attach tarball to github release | |
uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2 | |
id: attach_to_release | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: nexcloud-release.tar.gz | |
asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz | |
tag: ${{ github.ref }} | |
overwrite: true | |
- name: Upload app to Nextcloud appstore | |
uses: nextcloud-releases/nextcloud-appstore-push-action@a011fe619bcf6e77ddebc96f9908e1af4071b9c1 # v1 | |
with: | |
app_name: ${{ env.APP_NAME }} | |
appstore_token: ${{ secrets.NEXTCLOUD_APPSTORE_TOKEN }} | |
download_url: ${{ steps.attach_to_release.outputs.browser_download_url }} | |
app_private_key: ${{ secrets.NEXTCLOUD_SIGNING_KEY }} | |