Update .nancy-ignore (#1113) #967
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# DO NOT EDIT. Generated with: | |
# | |
# [email protected] | |
# | |
name: Create Release | |
on: | |
push: | |
branches: | |
- 'legacy' | |
- 'main' | |
- 'master' | |
- 'release-v*.*.x' | |
# "!" negates previous positive patterns so it has to be at the end. | |
- '!release-v*.x.x' | |
jobs: | |
debug_info: | |
name: Debug info | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Print github context JSON | |
run: | | |
cat <<EOF | |
${{ toJson(github) }} | |
EOF | |
gather_facts: | |
name: Gather facts | |
runs-on: ubuntu-22.04 | |
outputs: | |
project_go_path: ${{ steps.get_project_go_path.outputs.path }} | |
ref_version: ${{ steps.ref_version.outputs.refversion }} | |
version: ${{ steps.get_version.outputs.version }} | |
steps: | |
- name: Get version | |
id: get_version | |
run: | | |
title="$(cat <<- 'COMMIT_MESSAGE_END' | head -n 1 - | |
${{ github.event.head_commit.message }} | |
COMMIT_MESSAGE_END | |
)" | |
# Matches strings like: | |
# | |
# - "Release v1.2.3" | |
# - "Release v1.2.3-r4" | |
# - "Release v1.2.3 (#56)" | |
# - "Release v1.2.3-r4 (#56)" | |
# | |
# And outputs version part (1.2.3). | |
if echo "${title}" | grep -iqE '^Release v[0-9]+\.[0-9]+\.[0-9]+([.-][^ .-][^ ]*)?( \(#[0-9]+\))?$' ; then | |
version=$(echo "${title}" | cut -d ' ' -f 2) | |
fi | |
version="${version#v}" # Strip "v" prefix. | |
echo "version=\"${version}\"" | |
echo "version=${version}" >> $GITHUB_OUTPUT | |
- name: Checkout code | |
if: ${{ steps.get_version.outputs.version != '' }} | |
uses: actions/checkout@v3 | |
- name: Get project.go path | |
id: get_project_go_path | |
if: ${{ steps.get_version.outputs.version != '' }} | |
run: | | |
path='./pkg/project/project.go' | |
if [[ ! -f $path ]] ; then | |
path='' | |
fi | |
echo "path=\"$path\"" | |
echo "path=${path}" >> $GITHUB_OUTPUT | |
- name: Check if reference version | |
id: ref_version | |
run: | | |
title="$(cat <<- 'COMMIT_MESSAGE_END' | head -n 1 - | |
${{ github.event.head_commit.message }} | |
COMMIT_MESSAGE_END | |
)" | |
if echo "${title}" | grep -qE '^release v[0-9]+\.[0-9]+\.[0-9]+([.-][^ .-][^ ]*)?( \(#[0-9]+\))?$' ; then | |
version=$(echo "${title}" | cut -d ' ' -f 2) | |
fi | |
version=$(echo "${title}" | cut -d ' ' -f 2) | |
version="${version#v}" # Strip "v" prefix. | |
refversion=false | |
if [[ "${version}" =~ ^[0-9]+.[0-9]+.[0-9]+-[0-9]+$ ]]; then | |
refversion=true | |
fi | |
echo "refversion =\"${refversion}\"" | |
echo "refversion=${refversion}" >> $GITHUB_OUTPUT | |
update_project_go: | |
name: Update project.go | |
runs-on: ubuntu-22.04 | |
if: ${{ needs.gather_facts.outputs.version != '' && needs.gather_facts.outputs.project_go_path != '' && needs.gather_facts.outputs.ref_version != 'true' }} | |
needs: | |
- gather_facts | |
steps: | |
- name: Install architect | |
uses: giantswarm/[email protected] | |
with: | |
binary: "architect" | |
version: "6.11.0" | |
- name: Install semver | |
uses: giantswarm/[email protected] | |
with: | |
binary: "semver" | |
version: "3.2.0" | |
download_url: "https://github.com/fsaintjacques/${binary}-tool/archive/${version}.tar.gz" | |
tarball_binary_path: "*/src/${binary}" | |
smoke_test: "${binary} --version" | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Update project.go | |
id: update_project_go | |
env: | |
branch: "${{ github.ref }}-version-bump" | |
run: | | |
git checkout -b ${{ env.branch }} | |
file="${{ needs.gather_facts.outputs.project_go_path }}" | |
version="${{ needs.gather_facts.outputs.version }}" | |
new_version="$(semver bump patch $version)-dev" | |
echo "version=\"$version\" new_version=\"$new_version\"" | |
echo "new_version=${new_version}" >> $GITHUB_OUTPUT | |
sed -Ei "s/(version[[:space:]]*=[[:space:]]*)\"${version}\"/\1\"${new_version}\"/" $file | |
if git diff --exit-code $file ; then | |
echo "error: no changes in \"$file\"" >&2 | |
exit 1 | |
fi | |
- name: Set up git identity | |
run: | | |
git config --local user.email "[email protected]" | |
git config --local user.name "taylorbot" | |
- name: Commit changes | |
run: | | |
file="${{ needs.gather_facts.outputs.project_go_path }}" | |
git add $file | |
git commit -m "Bump version to ${{ steps.update_project_go.outputs.new_version }}" | |
- name: Push changes | |
env: | |
REMOTE_REPO: "https://${{ github.actor }}:${{ secrets.TAYLORBOT_GITHUB_ACTION }}@github.com/${{ github.repository }}.git" | |
branch: "${{ github.ref }}-version-bump" | |
run: | | |
git push "${REMOTE_REPO}" HEAD:${{ env.branch }} | |
- name: Create PR | |
env: | |
GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" | |
base: "${{ github.ref }}" | |
branch: "${{ github.ref }}-version-bump" | |
version: "${{ needs.gather_facts.outputs.version }}" | |
title: "Bump version to ${{ steps.update_project_go.outputs.new_version }}" | |
run: | | |
hub pull-request -f -m "${{ env.title }}" -b ${{ env.base }} -h ${{ env.branch }} -r ${{ github.actor }} | |
create_release: | |
name: Create release | |
runs-on: ubuntu-22.04 | |
needs: | |
- gather_facts | |
if: ${{ needs.gather_facts.outputs.version }} | |
outputs: | |
upload_url: ${{ steps.create_gh_release.outputs.upload_url }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.sha }} | |
- name: Ensure correct version in project.go | |
if: ${{ needs.gather_facts.outputs.project_go_path != '' && needs.gather_facts.outputs.ref_version != 'true' }} | |
run: | | |
file="${{ needs.gather_facts.outputs.project_go_path }}" | |
version="${{ needs.gather_facts.outputs.version }}" | |
grep -qE "version[[:space:]]*=[[:space:]]*\"$version\"" $file | |
- name: Get Changelog Entry | |
id: changelog_reader | |
uses: mindsers/changelog-reader-action@v2 | |
with: | |
version: ${{ needs.gather_facts.outputs.version }} | |
path: ./CHANGELOG.md | |
- name: Set up git identity | |
run: | | |
git config --local user.email "[email protected]" | |
git config --local user.name "taylorbot" | |
- name: Create tag | |
run: | | |
version="${{ needs.gather_facts.outputs.version }}" | |
git tag "v$version" ${{ github.sha }} | |
- name: Push tag | |
env: | |
REMOTE_REPO: "https://${{ github.actor }}:${{ secrets.TAYLORBOT_GITHUB_ACTION }}@github.com/${{ github.repository }}.git" | |
run: | | |
git push "${REMOTE_REPO}" --tags | |
- name: Create release | |
id: create_gh_release | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" | |
with: | |
body: ${{ steps.changelog_reader.outputs.changes }} | |
tag_name: "v${{ needs.gather_facts.outputs.version }}" | |
release_name: "v${{ needs.gather_facts.outputs.version }}" | |
create-release-branch: | |
name: Create release branch | |
runs-on: ubuntu-22.04 | |
needs: | |
- gather_facts | |
if: ${{ needs.gather_facts.outputs.version }} | |
steps: | |
- name: Install semver | |
uses: giantswarm/[email protected] | |
with: | |
binary: "semver" | |
version: "3.0.0" | |
download_url: "https://github.com/fsaintjacques/${binary}-tool/archive/${version}.tar.gz" | |
tarball_binary_path: "*/src/${binary}" | |
smoke_test: "${binary} --version" | |
- name: Check out the repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # Clone the whole history, not just the most recent commit. | |
- name: Fetch all tags and branches | |
run: "git fetch --all" | |
- name: Create long-lived release branch | |
run: | | |
current_version="${{ needs.gather_facts.outputs.version }}" | |
parent_version="$(git describe --tags --abbrev=0 HEAD^ || true)" | |
parent_version="${parent_version#v}" # Strip "v" prefix. | |
if [[ -z "$parent_version" ]] ; then | |
echo "Unable to find a parent tag version. No branch to create." | |
exit 0 | |
fi | |
echo "current_version=$current_version parent_version=$parent_version" | |
current_major=$(semver get major $current_version) | |
current_minor=$(semver get minor $current_version) | |
parent_major=$(semver get major $parent_version) | |
parent_minor=$(semver get minor $parent_version) | |
echo "current_major=$current_major current_minor=$current_minor parent_major=$parent_major parent_minor=$parent_minor" | |
if [[ $current_major -gt $parent_major ]] ; then | |
echo "Current tag is a new major version" | |
elif [[ $current_major -eq $parent_major ]] && [[ $current_minor -gt $parent_minor ]] ; then | |
echo "Current tag is a new minor version" | |
else | |
echo "Current tag is not a new major or minor version. Nothing to do here." | |
exit 0 | |
fi | |
release_branch="release-v${parent_major}.${parent_minor}.x" | |
echo "release_branch=$release_branch" | |
if git rev-parse --verify $release_branch ; then | |
echo "Release branch $release_branch already exists. Nothing to do here." | |
exit 0 | |
fi | |
git branch $release_branch HEAD^ | |
git push origin $release_branch | |
create_and_upload_build_artifacts: | |
name: Create and upload build artifacts | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
platform: | |
- darwin-amd64 | |
- linux-amd64 | |
- darwin-arm64 | |
- linux-arm64 | |
- windows-amd64 | |
env: | |
GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" | |
GO_VERSION: 1.19.6 | |
ARTIFACT_DIR: bin-dist | |
TAG: v${{ needs.gather_facts.outputs.version }} | |
CODE_SIGNING_CERT_BUNDLE_BASE64: ${{ secrets.CODE_SIGNING_CERT_BUNDLE_BASE64 }} | |
CODE_SIGNING_CERT_BUNDLE_PASSWORD: ${{ secrets.CODE_SIGNING_CERT_BUNDLE_PASSWORD }} | |
needs: | |
- create_release | |
- gather_facts | |
steps: | |
- name: Install architect | |
uses: giantswarm/[email protected] | |
with: | |
binary: "architect" | |
version: "6.11.0" | |
- name: Set up Go ${{ env.GO_VERSION }} | |
uses: actions/[email protected] | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ env.TAG }} | |
- name: Create ${{ matrix.platform }} package | |
run: make package-${{ matrix.platform }} | |
- name: Specify package file name based on platform | |
run: | | |
if [[ "${{ matrix.platform }}" == "windows-amd64" ]]; then | |
echo "FILE_NAME=${{ github.event.repository.name }}-${{ env.TAG }}-${{ matrix.platform }}.zip" >> $GITHUB_ENV | |
else | |
echo "FILE_NAME=${{ github.event.repository.name }}-${{ env.TAG }}-${{ matrix.platform }}.tar.gz" >> $GITHUB_ENV | |
fi | |
- name: Add ${{ matrix.platform }} package to release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
gh release upload ${{ env.TAG }} \ | |
${{ env.ARTIFACT_DIR }}/${{ env.FILE_NAME }}#${{ env.FILE_NAME }} |