-
Notifications
You must be signed in to change notification settings - Fork 0
167 lines (143 loc) · 5.99 KB
/
release.yaml
File metadata and controls
167 lines (143 loc) · 5.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
name: Release
on:
push:
branches:
- main
permissions:
contents: write
actions: read
jobs:
release:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.release.outputs.version }}
tag: ${{ steps.release.outputs.tag }}
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Authenticate as GitHub App
id: auth
uses: ./.github/actions/github-app-auth
with:
app-id: ${{ secrets.AUTOMATION_GITHUB_APP_ID }}
private-key: ${{ secrets.AUTOMATION_GITHUB_APP_PRIVATE_KEY }}
- name: Fetch tags
run: git fetch --tags --force
- name: Setup mise
uses: jdx/mise-action@v3
- name: Install dependencies
run: yarn install
- name: Run release-it
id: release
env:
GITHUB_TOKEN: ${{ steps.auth.outputs.token }}
run: |
yarn release-it --ci
TAG=$(git describe --tags --abbrev=0)
echo "tag=$TAG" >> "$GITHUB_OUTPUT"
echo "version=${TAG#v}" >> "$GITHUB_OUTPUT"
- name: Upload release assets
env:
GITHUB_TOKEN: ${{ steps.auth.outputs.token }}
run: |
TAG="${{ steps.release.outputs.tag }}"
# git-wt is a platform-independent bash script, but ubi (used by
# mise) expects assets named with OS/arch patterns. Upload copies
# for each supported platform so `mise install ubi:nsheaps/git-wt`
# works out of the box.
for platform in linux-amd64 linux-arm64 darwin-amd64 darwin-arm64; do
cp bin/git-wt "git-wt-${platform}"
done
gh release upload "$TAG" git-wt-linux-amd64 git-wt-linux-arm64 git-wt-darwin-amd64 git-wt-darwin-arm64
rm -f git-wt-linux-amd64 git-wt-linux-arm64 git-wt-darwin-amd64 git-wt-darwin-arm64
update-homebrew:
needs: release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- name: Get job context
id: context
uses: qoomon/actions--context@v5
- name: Authenticate as GitHub App
id: auth
uses: ./.github/actions/github-app-auth
with:
app-id: ${{ secrets.AUTOMATION_GITHUB_APP_ID }}
private-key: ${{ secrets.AUTOMATION_GITHUB_APP_PRIVATE_KEY }}
- name: Get release info
id: release
run: |
VERSION="${{ needs.release.outputs.version }}"
TAG="${{ needs.release.outputs.tag }}"
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "tag=$TAG" >> "$GITHUB_OUTPUT"
# Download archive tarball and calculate SHA256
TARBALL_URL="https://github.com/${{ github.repository }}/archive/refs/tags/${TAG}.tar.gz"
echo "Downloading tarball from: $TARBALL_URL"
curl -fsSL "$TARBALL_URL" -o /tmp/archive.tar.gz
SHA256=$(sha256sum /tmp/archive.tar.gz | cut -d' ' -f1)
echo "sha256=$SHA256" >> "$GITHUB_OUTPUT"
echo "Successfully got SHA256: $SHA256"
- name: Clone homebrew-devsetup
run: |
gh repo clone nsheaps/homebrew-devsetup homebrew-devsetup
- name: Install gomplate
run: |
curl -fsSL https://github.com/hairyhenderson/gomplate/releases/latest/download/gomplate_linux-amd64 -o /usr/local/bin/gomplate
chmod +x /usr/local/bin/gomplate
- name: Generate formula from template
env:
Tag: ${{ steps.release.outputs.tag }}
SHA256: ${{ steps.release.outputs.sha256 }}
run: |
gomplate -f Formula/git-wt.rb.gotmpl -o homebrew-devsetup/Formula/git-wt.rb
- name: Close stale formula PRs
run: |
cd homebrew-devsetup
# Close any open PRs from previous formula updates — they're superseded
gh pr list --state open --search "chore: update git-wt to" --json number,title --jq '.[].number' | while read -r pr_num; do
echo "Closing superseded PR #${pr_num}"
gh pr close "$pr_num" --comment "Superseded by v${{ steps.release.outputs.version }} update."
done
- name: Create PR to update formula
id: formula-pr
env:
RELEASE_URL: https://github.com/${{ github.repository }}/releases/tag/${{ steps.release.outputs.tag }}
JOB_URL: ${{ env.GITHUB_JOB_URL }}
VERSION: ${{ steps.release.outputs.version }}
TAG: ${{ steps.release.outputs.tag }}
run: |
cd homebrew-devsetup
BRANCH="bump-git-wt-${VERSION}"
# Delete remote branch if it exists from a previous failed run
git push origin --delete "$BRANCH" 2>/dev/null || true
git checkout -b "$BRANCH"
git add Formula/git-wt.rb
git commit -m "chore: update git-wt to ${VERSION}"
git push -u origin "$BRANCH"
printf 'Automated formula update from git-wt release\n\n**Release:** %s\n**Workflow:** %s\n' "$RELEASE_URL" "$JOB_URL" > /tmp/pr-body.md
PR_URL=$(gh pr create \
--title "chore: update git-wt to ${VERSION}" \
--body-file /tmp/pr-body.md \
--base main)
echo "pr_url=$PR_URL" >> "$GITHUB_OUTPUT"
- name: Enable auto-merge with retry
env:
PR_URL: ${{ steps.formula-pr.outputs.pr_url }}
run: |
# Retry auto-merge — CI checks on the target repo need time to start,
# and the GraphQL API rejects enablePullRequestAutoMerge while the PR
# is in "unstable" (checks pending) status.
for attempt in 1 2 3 4 5; do
if gh pr merge "$PR_URL" --auto --squash; then
echo "Auto-merge enabled successfully on attempt ${attempt}"
exit 0
fi
wait=$((attempt * 10))
echo "Auto-merge not ready (attempt ${attempt}/5), waiting ${wait}s..."
sleep "$wait"
done
echo "::warning::Could not enable auto-merge after 5 attempts. PR was created successfully at ${PR_URL} — merge manually or re-run."