Skip to content
Release

Enhancement: Prepare release #59

Sign in to view logs

Enhancement: Prepare release

Enhancement: Prepare release #59

Workflow file for this run

.github/workflows/release.yaml at 9d643f8
# https://docs.github.com/en/actions
name: "Release"
on: # yamllint disable-line rule:truthy
push:
tags:
- "**"
jobs:
release:
name: "Release"
runs-on: "ubuntu-latest"
timeout-minutes: 5
strategy:
matrix:
php-version:
- "8.1"
dependencies:
- "locked"
env:
COMPOSER_NORMALIZE_PHAR: ".build/phar/composer-normalize.phar"
COMPOSER_NORMALIZE_PHAR_SIGNATURE: ".build/phar/composer-normalize.phar.asc"
COMPOSER_VERSION: "2.6.5"
GPG_KEYS: ".build/phar/keys.asc"
GPG_KEYS_ENCRYPTED: "phar/keys.asc.gpg"
steps:
- name: "Checkout"
uses: "actions/checkout@v4.1.0"
- name: "Set up PHP"
uses: "shivammathur/setup-php@2.26.0"
with:
coverage: "none"
extensions: "none, ctype, dom, json, mbstring, phar, simplexml, tokenizer, xml, xmlwriter"
php-version: "${{ matrix.php-version }}"
tools: "phive"
- name: "Determine composer cache directory"
uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.8.0"
- name: "Cache dependencies installed with composer"
uses: "actions/cache@v3.3.2"
with:
path: "${{ env.COMPOSER_CACHE_DIR }}"
key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}"
restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-"
- name: "Install ${{ matrix.dependencies }} dependencies with composer"
uses: "ergebnis/.github/actions/composer/install@1.8.0"
with:
dependencies: "${{ matrix.dependencies }}"
- name: "Require composer/composer"
run: "composer require composer/composer:${{ env.COMPOSER_VERSION }} --ansi --no-interaction --no-progress"
- name: "Install dependencies with phive"
uses: "ergebnis/.github/actions/phive/install@1.8.0"
with:
trust-gpg-keys: "0xC00543248C87FB13,0x033E5F8D801A2F8D,0x2DF45277AEF09A2F"
- name: "Validate configuration for humbug/box"
run: ".phive/box validate box.json --ansi"
- name: "Compile composer-normalize.phar with humbug/box"
run: ".phive/box compile --ansi --config=box.json"
- name: "Show info about composer-normalize.phar with humbug/box"
run: ".phive/box info ${{ env.COMPOSER_NORMALIZE_PHAR }} --ansi"
- name: "Run composer-normalize.phar"
run: "${{ env.COMPOSER_NORMALIZE_PHAR }}"
- name: "Show gpg version"
run: "gpg --version"
- name: "Decrypt keys.asc.gpg with gpg"
run: "gpg --batch --output ${{ env.GPG_KEYS }} --passphrase \"${{ secrets.GPG_DECRYPT_PASSPHRASE }}\" --yes --decrypt ${{ env.GPG_KEYS_ENCRYPTED }}"
- name: "Import keys from keys.asc with gpg"
run: "gpg --batch --import ${{ env.GPG_KEYS }}"
- name: "Sign composer-normalize.phar with gpg"
run: "gpg --armor --local-user \"${{ secrets.GPG_LOCAL_USER }}\" --output ${{ env.COMPOSER_NORMALIZE_PHAR_SIGNATURE }} --passphrase \"${{ secrets.GPG_KEY_PASSPHRASE }}\" --pinentry-mode loopback --yes --detach-sig ${{ env.COMPOSER_NORMALIZE_PHAR }}"
- name: "Remove decrypted keys.asc"
run: "rm ${{ env.GPG_KEYS }}"
- name: "Determine tag"
run: "echo \"RELEASE_TAG=${GITHUB_REF#refs/tags/}\" >> $GITHUB_ENV"
- name: "Create release"
uses: "ergebnis/.github/actions/github/release/create@1.8.0"
with:
github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}"
- name: "Upload release assets"
uses: "actions/github-script@v6.4.1"
with:
github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}"
script: |
const fs = require("fs");
const files = [
{
name: "composer-normalize.phar",
path: process.env.COMPOSER_NORMALIZE_PHAR,
},
{
name: "composer-normalize.phar.asc",
path: process.env.COMPOSER_NORMALIZE_PHAR_SIGNATURE,
},
];
for (const file of files) {
try {
await github.rest.repos.uploadReleaseAsset({
data: fs.readFileSync(file.path),
name: file.name,
origin: process.env.RELEASE_UPLOAD_URL,
owner: context.repo.owner,
release_id: process.env.RELEASE_ID,
repo: context.repo.repo,
});
} catch (error) {
core.setFailed(error.message);
}
}