Prepare new release #241
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Prepare new release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| serverBump: | |
| description: 'Bump server version' | |
| required: true | |
| default: 'false' | |
| type: choice | |
| options: | |
| - 'false' | |
| - major | |
| - minor | |
| - patch | |
| mobileBump: | |
| description: 'Bump mobile build number' | |
| required: false | |
| type: boolean | |
| skipTranslations: | |
| description: 'Skip translations' | |
| required: false | |
| type: boolean | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-root | |
| cancel-in-progress: true | |
| permissions: {} | |
| jobs: | |
| merge_translations: | |
| uses: ./.github/workflows/merge-translations.yml | |
| with: | |
| skip: ${{ inputs.skipTranslations }} | |
| permissions: | |
| pull-requests: write | |
| secrets: | |
| PUSH_O_MATIC_APP_ID: ${{ secrets.PUSH_O_MATIC_APP_ID }} | |
| PUSH_O_MATIC_APP_KEY: ${{ secrets.PUSH_O_MATIC_APP_KEY }} | |
| WEBLATE_TOKEN: ${{ secrets.WEBLATE_TOKEN }} | |
| bump_version: | |
| runs-on: ubuntu-latest | |
| needs: [merge_translations] | |
| outputs: | |
| ref: ${{ steps.push-tag.outputs.commit_long_sha }} | |
| permissions: {} # No job-level permissions are needed because it uses the app-token | |
| steps: | |
| - name: Generate a token | |
| id: generate-token | |
| uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 | |
| with: | |
| app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }} | |
| private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }} | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| token: ${{ steps.generate-token.outputs.token }} | |
| persist-credentials: true | |
| ref: main | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@2ddd2b9cb38ad8efd50337e8ab201519a34c9f24 # v7.1.1 | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 | |
| - name: Setup Node | |
| uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 | |
| with: | |
| node-version-file: './server/.nvmrc' | |
| cache: 'pnpm' | |
| cache-dependency-path: '**/pnpm-lock.yaml' | |
| - name: Bump version | |
| env: | |
| SERVER_BUMP: ${{ inputs.serverBump }} | |
| MOBILE_BUMP: ${{ inputs.mobileBump }} | |
| run: misc/release/pump-version.sh -s "${SERVER_BUMP}" -m "${MOBILE_BUMP}" | |
| - name: Commit and tag | |
| id: push-tag | |
| uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4 | |
| with: | |
| default_author: github_actions | |
| message: 'chore: version ${{ env.IMMICH_VERSION }}' | |
| tag: ${{ env.IMMICH_VERSION }} | |
| push: true | |
| build_mobile: | |
| uses: ./.github/workflows/build-mobile.yml | |
| needs: bump_version | |
| permissions: | |
| contents: read | |
| secrets: | |
| KEY_JKS: ${{ secrets.KEY_JKS }} | |
| ALIAS: ${{ secrets.ALIAS }} | |
| ANDROID_KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }} | |
| ANDROID_STORE_PASSWORD: ${{ secrets.ANDROID_STORE_PASSWORD }} | |
| # iOS secrets | |
| APP_STORE_CONNECT_API_KEY_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ID }} | |
| APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ISSUER_ID }} | |
| APP_STORE_CONNECT_API_KEY: ${{ secrets.APP_STORE_CONNECT_API_KEY }} | |
| IOS_CERTIFICATE_P12: ${{ secrets.IOS_CERTIFICATE_P12 }} | |
| IOS_CERTIFICATE_PASSWORD: ${{ secrets.IOS_CERTIFICATE_PASSWORD }} | |
| IOS_PROVISIONING_PROFILE: ${{ secrets.IOS_PROVISIONING_PROFILE }} | |
| IOS_PROVISIONING_PROFILE_SHARE_EXTENSION: ${{ secrets.IOS_PROVISIONING_PROFILE_SHARE_EXTENSION }} | |
| IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION: ${{ secrets.IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION }} | |
| IOS_DEVELOPMENT_PROVISIONING_PROFILE: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE }} | |
| IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION }} | |
| IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION }} | |
| FASTLANE_TEAM_ID: ${{ secrets.FASTLANE_TEAM_ID }} | |
| with: | |
| ref: ${{ needs.bump_version.outputs.ref }} | |
| environment: production | |
| prepare_release: | |
| runs-on: ubuntu-latest | |
| needs: build_mobile | |
| permissions: | |
| actions: read # To download the app artifact | |
| # No content permissions are needed because it uses the app-token | |
| steps: | |
| - name: Generate a token | |
| id: generate-token | |
| uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 | |
| with: | |
| app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }} | |
| private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }} | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| token: ${{ steps.generate-token.outputs.token }} | |
| persist-credentials: false | |
| - name: Download APK | |
| uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 | |
| with: | |
| name: release-apk-signed | |
| github-token: ${{ steps.generate-token.outputs.token }} | |
| - name: Create draft release | |
| uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 | |
| with: | |
| draft: true | |
| tag_name: ${{ env.IMMICH_VERSION }} | |
| token: ${{ steps.generate-token.outputs.token }} | |
| generate_release_notes: true | |
| body_path: misc/release/notes.tmpl | |
| files: | | |
| docker/docker-compose.yml | |
| docker/example.env | |
| docker/hwaccel.ml.yml | |
| docker/hwaccel.transcoding.yml | |
| docker/prometheus.yml | |
| *.apk |