Build / Publish Workflow #47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build / Publish Workflow | |
| on: | |
| workflow_dispatch: | |
| permissions: | |
| id-token: write | |
| contents: write | |
| packages: write | |
| jobs: | |
| detect-bump: | |
| name: Detect Version Bump | |
| runs-on: ubuntu-latest | |
| outputs: | |
| is_bump: ${{ steps.check.outputs.is_bump }} | |
| commit_sha: ${{ steps.sha.outputs.sha }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 2 | |
| - id: sha | |
| run: echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT | |
| - id: check | |
| run: | | |
| last_commit_message=$(git log -1 --pretty=%B) | |
| echo "Last commit message: $last_commit_message" | |
| if [[ $last_commit_message =~ \[Release\]\ Bump\ version ]]; then | |
| echo "is_bump=true" >> $GITHUB_OUTPUT | |
| echo "Bump commit detected." | |
| else | |
| echo "is_bump=false" >> $GITHUB_OUTPUT | |
| echo "No bump commit detected." | |
| fi | |
| create-release-branch-and-publish: | |
| name: Create release branch (CalVer) and Publish | |
| runs-on: ubuntu-latest | |
| needs: detect-bump | |
| permissions: | |
| id-token: write | |
| contents: write | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Compute unique CalVer release branch name | |
| id: calver | |
| run: | | |
| base_name=$(date +"%Y%m%d-%H%M%S") | |
| git fetch origin "+refs/heads/release/*:refs/remotes/origin/release/*" || true | |
| rc_index=0 | |
| candidate="${base_name}_RC$(printf '%02d' $rc_index)" | |
| while git branch -r | grep -q "origin/release/${candidate}"; do | |
| rc_index=$((rc_index + 1)) | |
| candidate="${base_name}_RC$(printf '%02d' $rc_index)" | |
| done | |
| release_branch="release/${candidate}" | |
| echo "release_branch=${release_branch}" >> $GITHUB_OUTPUT | |
| echo "Selected release branch: ${release_branch}" | |
| - name: Create and push release branch from current master commit | |
| env: | |
| GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| branch="${{ steps.calver.outputs.release_branch }}" | |
| git checkout -b "$branch" | |
| git push https://x-access-token:${GIT_TOKEN}@github.com/${{ github.repository }} "HEAD:refs/heads/${branch}" | |
| - name: Build and Test | |
| uses: ./.github/action/build | |
| - name: Prepare dist | |
| run: | | |
| cp README.md dist/README.md | |
| cp LICENSE dist/LICENSE | |
| - name: Publish to GitHub Registry | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: cd dist/ && npm publish | |
| - name: Setup Node for NPM Registry | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: '20' | |
| registry-url: https://registry.npmjs.org/ | |
| scope: '@celonis' | |
| - name: Upgrade npm to support Trusted Publishing | |
| run: npm install -g npm@^11.5.1 | |
| - name: Publish to NPM Registry | |
| run: | | |
| cd dist/ | |
| npm publish --access public | |
| - name: Tag release version | |
| id: tag | |
| env: | |
| GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| version=$(node -p "require('./package.json').version") | |
| tag="v${version}" | |
| echo "tag=${tag}" >> $GITHUB_OUTPUT | |
| git fetch origin --tags || true | |
| if ! git rev-parse "${tag}" >/dev/null 2>&1; then | |
| git tag "${tag}" | |
| git push https://x-access-token:${GIT_TOKEN}@github.com/${{ github.repository }} "${tag}" | |
| else | |
| echo "Tag ${tag} already exists, skipping creation" | |
| fi | |
| - name: Generate release notes | |
| uses: softprops/[email protected] | |
| with: | |
| tag_name: ${{ steps.tag.outputs.tag }} | |
| name: ${{ steps.tag.outputs.tag }} | |
| target_commitish: ${{ github.sha }} | |
| draft: false | |
| prerelease: false | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| generate_release_notes: true | |
| - name: Post-publish note | |
| run: echo "Release branch ${{ steps.calver.outputs.release_branch }} created, published, and tagged with version." |