Prepare new release #247
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Prepare new release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| serverBump: | |
| description: 'Bump server version' | |
| required: true | |
| default: 'false' | |
| type: choice | |
| options: | |
| - 'false' | |
| - major | |
| - minor | |
| - patch | |
| mobileBump: | |
| description: 'Bump mobile build number' | |
| required: false | |
| type: boolean | |
| skipTranslations: | |
| description: 'Skip translations' | |
| required: false | |
| type: boolean | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-root | |
| cancel-in-progress: true | |
| permissions: {} | |
| jobs: | |
| merge_translations: | |
| uses: ./.github/workflows/merge-translations.yml | |
| with: | |
| skip: ${{ inputs.skipTranslations }} | |
| permissions: | |
| pull-requests: write | |
| secrets: | |
| PUSH_O_MATIC_APP_ID: ${{ secrets.PUSH_O_MATIC_APP_ID }} | |
| PUSH_O_MATIC_APP_KEY: ${{ secrets.PUSH_O_MATIC_APP_KEY }} | |
| WEBLATE_TOKEN: ${{ secrets.WEBLATE_TOKEN }} | |
| bump_version: | |
| runs-on: ubuntu-latest | |
| needs: [merge_translations] | |
| outputs: | |
| ref: ${{ steps.push-tag.outputs.commit_long_sha }} | |
| version: ${{ steps.output.outputs.version }} | |
| permissions: {} # No job-level permissions are needed because it uses the app-token | |
| steps: | |
| - name: Generate a token | |
| id: generate-token | |
| uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 | |
| with: | |
| app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }} | |
| private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }} | |
| - name: Checkout | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | |
| with: | |
| token: ${{ steps.generate-token.outputs.token }} | |
| persist-credentials: true | |
| ref: main | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 | |
| - name: Setup Node | |
| uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 | |
| with: | |
| node-version-file: './server/.nvmrc' | |
| cache: 'pnpm' | |
| cache-dependency-path: '**/pnpm-lock.yaml' | |
| - name: Bump version | |
| env: | |
| SERVER_BUMP: ${{ inputs.serverBump }} | |
| MOBILE_BUMP: ${{ inputs.mobileBump }} | |
| run: misc/release/pump-version.sh -s "${SERVER_BUMP}" -m "${MOBILE_BUMP}" | |
| - id: output | |
| run: echo "version=$IMMICH_VERSION" >> $GITHUB_OUTPUT | |
| - name: Commit and tag | |
| id: push-tag | |
| uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4 | |
| with: | |
| default_author: github_actions | |
| message: 'chore: version ${{ steps.output.outputs.version }}' | |
| tag: ${{ steps.output.outputs.version }} | |
| push: true | |
| build_mobile: | |
| uses: ./.github/workflows/build-mobile.yml | |
| needs: bump_version | |
| permissions: | |
| contents: read | |
| secrets: | |
| KEY_JKS: ${{ secrets.KEY_JKS }} | |
| ALIAS: ${{ secrets.ALIAS }} | |
| ANDROID_KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }} | |
| ANDROID_STORE_PASSWORD: ${{ secrets.ANDROID_STORE_PASSWORD }} | |
| # iOS secrets | |
| APP_STORE_CONNECT_API_KEY_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ID }} | |
| APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ISSUER_ID }} | |
| APP_STORE_CONNECT_API_KEY: ${{ secrets.APP_STORE_CONNECT_API_KEY }} | |
| IOS_CERTIFICATE_P12: ${{ secrets.IOS_CERTIFICATE_P12 }} | |
| IOS_CERTIFICATE_PASSWORD: ${{ secrets.IOS_CERTIFICATE_PASSWORD }} | |
| IOS_PROVISIONING_PROFILE: ${{ secrets.IOS_PROVISIONING_PROFILE }} | |
| IOS_PROVISIONING_PROFILE_SHARE_EXTENSION: ${{ secrets.IOS_PROVISIONING_PROFILE_SHARE_EXTENSION }} | |
| IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION: ${{ secrets.IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION }} | |
| IOS_DEVELOPMENT_PROVISIONING_PROFILE: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE }} | |
| IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION }} | |
| IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION }} | |
| FASTLANE_TEAM_ID: ${{ secrets.FASTLANE_TEAM_ID }} | |
| with: | |
| ref: ${{ needs.bump_version.outputs.ref }} | |
| environment: production | |
| prepare_release: | |
| runs-on: ubuntu-latest | |
| needs: [build_mobile, bump_version] | |
| permissions: | |
| actions: read # To download the app artifact | |
| # No content permissions are needed because it uses the app-token | |
| steps: | |
| - name: Generate a token | |
| id: generate-token | |
| uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 | |
| with: | |
| app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }} | |
| private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }} | |
| - name: Checkout | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | |
| with: | |
| token: ${{ steps.generate-token.outputs.token }} | |
| persist-credentials: false | |
| - name: Download APK | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 | |
| with: | |
| name: release-apk-signed | |
| github-token: ${{ steps.generate-token.outputs.token }} | |
| - name: Create draft release | |
| uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 | |
| with: | |
| draft: true | |
| tag_name: ${{ needs.bump_version.outputs.version }} | |
| token: ${{ steps.generate-token.outputs.token }} | |
| generate_release_notes: true | |
| body_path: misc/release/notes.tmpl | |
| files: | | |
| docker/docker-compose.yml | |
| docker/example.env | |
| docker/hwaccel.ml.yml | |
| docker/hwaccel.transcoding.yml | |
| docker/prometheus.yml | |
| *.apk |