diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml new file mode 100644 index 0000000..b2e663d --- /dev/null +++ b/.github/workflows/ci-main.yml @@ -0,0 +1,73 @@ +name: CI · Main Push · Patch Release + +on: + push: + branches: + - main + workflow_dispatch: + +permissions: + contents: write + +concurrency: + group: ci-main-github-workflows + cancel-in-progress: true + +jobs: + lint: + name: Run actionlint + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install actionlint + run: | + curl -sSfL https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash \ + | bash -s -- latest /usr/local/bin + + - name: Run actionlint + run: actionlint + + calculate_tag: + name: Compute next tag + needs: + - lint + if: | + github.event_name == 'push' && + github.ref == 'refs/heads/main' && + github.actor != 'github-actions[bot]' && + needs.lint.result == 'success' + uses: ./.github/workflows/workflow-compute-next-tag.yml + with: + target-branch: main + version-bump: patch + secrets: + gh_token: ${{ secrets.GITHUB_TOKEN }} + + create_tag: + name: Create git tag + needs: + - lint + - calculate_tag + if: ${{ needs.calculate_tag.result == 'success' }} + uses: ./.github/workflows/workflow-create-tag.yml + with: + target-branch: main + next-tag: ${{ needs.calculate_tag.outputs['new-tag'] }} + previous-tag: ${{ needs.calculate_tag.outputs['previous-tag'] }} + secrets: + gh_token: ${{ secrets.GITHUB_TOKEN }} + + create_release: + name: Publish release + needs: + - create_tag + if: ${{ needs.create_tag.result == 'success' }} + uses: ./.github/workflows/workflow-create-release.yml + with: + tag-name: ${{ needs.create_tag.outputs['new-tag'] }} + previous-tag: ${{ needs.create_tag.outputs['previous-tag'] }} + merged-prs: "[]" + secrets: + gh_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci-pr.yml similarity index 97% rename from .github/workflows/ci.yml rename to .github/workflows/ci-pr.yml index 1cd9efd..eb769c5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci-pr.yml @@ -1,4 +1,4 @@ -name: CI · Merge · Release +name: CI · PR Auto-merge · Release on: pull_request: @@ -16,7 +16,7 @@ permissions: pull-requests: write concurrency: - group: ci-github-workflows + group: ci-pr-github-workflows cancel-in-progress: true jobs: diff --git a/.github/workflows/workflow-update-version-file.yml b/.github/workflows/workflow-update-version-file.yml new file mode 100644 index 0000000..dc2a081 --- /dev/null +++ b/.github/workflows/workflow-update-version-file.yml @@ -0,0 +1,74 @@ +name: Update version file + +on: + workflow_call: + inputs: + target-branch: + description: Branch to check out before writing the version file + required: false + default: master + type: string + version-file: + description: Path to the version file to overwrite + required: false + default: public/version.txt + type: string + next-tag: + description: Tag value to write into the version file + required: true + type: string + secrets: + gh_token: + required: true + + outputs: + new-tag: + description: Tag that was written into the version file + value: ${{ jobs.update_version_file.outputs.new_tag }} + +jobs: + update_version_file: + name: Update version file + runs-on: ubuntu-latest + permissions: + contents: write + outputs: + new_tag: ${{ steps.write_version.outputs.new_tag }} + steps: + - name: Check out branch with tags + uses: actions/checkout@v4 + with: + ref: ${{ inputs['target-branch'] }} + fetch-depth: 0 + token: ${{ secrets.gh_token }} + + - name: Write version marker + id: write_version + env: + NEXT_TAG: ${{ inputs['next-tag'] }} + VERSION_FILE: ${{ inputs['version-file'] }} + run: | + set -euo pipefail + if [ -z "${NEXT_TAG:-}" ]; then + echo "next-tag input is required" >&2 + exit 1 + fi + mkdir -p "$(dirname "$VERSION_FILE")" + printf '%s\n' "$NEXT_TAG" > "$VERSION_FILE" + echo "new_tag=${NEXT_TAG}" >> "$GITHUB_OUTPUT" + + - name: Commit version marker + env: + VERSION_FILE: ${{ inputs['version-file'] }} + NEW_TAG: ${{ steps.write_version.outputs.new_tag }} + run: | + set -euo pipefail + git config --local user.name "github-actions[bot]" + git config --local user.email "github-actions[bot]@users.noreply.github.com" + git add "$VERSION_FILE" + if git diff --cached --quiet; then + echo "Version file already up to date." + exit 0 + fi + git commit -m "Record version ${NEW_TAG}" + git push origin HEAD:${{ inputs['target-branch'] }} diff --git a/README.md b/README.md index 306fee1..8e473c9 100644 --- a/README.md +++ b/README.md @@ -112,6 +112,30 @@ jobs: gh_token: ${{ secrets.GITHUB_TOKEN }} ``` +### `workflow-update-version-file.yml` +Writes the provided tag into a version file on a target branch and pushes the commit. + +**Inputs** +- `target-branch` (default `master`): branch to check out before writing the version file. +- `version-file` (default `public/version.txt`): path to overwrite with the new tag. +- `next-tag` (required): tag value to write. + +**Outputs** +- `new-tag`: tag that was written. + +**Example** +```yaml +jobs: + write-version: + uses: vinitu-net/github-workflows/.github/workflows/workflow-update-version-file.yml@vX.Y.Z + with: + target-branch: master + version-file: public/version.txt + next-tag: ${{ needs.calculate-tag.outputs.new-tag }} + secrets: + gh_token: ${{ secrets.GITHUB_TOKEN }} +``` + ### `workflow-create-release.yml` Publishes a GitHub Release for a given tag. If `merged-prs` is omitted or empty, it collects merged PRs between `previous-tag` and `tag-name`.