mirror of
https://github.com/maputnik/editor.git
synced 2025-12-24 23:20:00 +00:00
006eb89fae
## Launch Checklist Our CI uses a few actions. For these actions, we currently just use the mutable GitHub tag. Since we use Dependabot to update the versions, we should use SHAs. This makes sure that we are not affected by a certain class of supply chain vulnerability where attackers re-publish bad tags. Using SHAs matches GitHub recommendations and is a part of the OpenSSFs Scorecard. - [x] Confirm **your changes do not include backports from Mapbox projects** (unless with compliant license) - if you are not sure about this, please ask! - [ ] Add an entry to `CHANGELOG.md` under the `## main` section. ^--- not sure if you want this. Other maintenance actions don't show up as well.
105 lines
3.1 KiB
YAML
105 lines
3.1 KiB
YAML
name: Release
|
|
|
|
on:
|
|
push:
|
|
branches: [ main ]
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
release-check:
|
|
name: Check if version changed
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
permissions:
|
|
contents: read
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
with:
|
|
fetch-depth: 0
|
|
ref: main
|
|
persist-credentials: false
|
|
|
|
- name: Use Node.js from nvmrc
|
|
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
|
|
- name: Check if version has been updated
|
|
id: check
|
|
uses: EndBug/version-check@d17247dd94ca7b39d0b0691399be8d7c510622c9 # latest
|
|
|
|
outputs:
|
|
publish: ${{ steps.check.outputs.changed }}
|
|
|
|
release:
|
|
name: Release
|
|
needs: release-check
|
|
if: ${{ needs.release-check.outputs.publish == 'true' }}
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
with:
|
|
fetch-depth: 0
|
|
ref: main
|
|
|
|
- name: Use Node.js from nvmrc
|
|
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
|
with:
|
|
node-version-file: ".nvmrc"
|
|
registry-url: "https://registry.npmjs.org"
|
|
|
|
- name: Set up Go for desktop build
|
|
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
|
|
with:
|
|
go-version: ^1.23.x
|
|
cache-dependency-path: desktop/go.sum
|
|
id: go
|
|
|
|
- name: Get version
|
|
id: package-version
|
|
uses: martinbeentjes/npm-get-version-action@3cf273023a0dda27efcd3164bdfb51908dd46a5b # v1.3.1
|
|
|
|
- name: Install
|
|
run: npm ci
|
|
|
|
- name: Build
|
|
run: |
|
|
npm run build-desktop
|
|
|
|
- name: Tag commit and push
|
|
id: tag_version
|
|
uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b # v6.2
|
|
with:
|
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
custom_tag: ${{ steps.package-version.outputs.current-version }}
|
|
|
|
- name: Create Archives
|
|
run: |
|
|
zip -r "desktop-${{ steps.package-version.outputs.current-version }}" desktop/bin/
|
|
|
|
- name: Build Release Notes
|
|
id: release_notes
|
|
run: |
|
|
RELEASE_NOTES_PATH="${PWD}/release_notes.txt"
|
|
./build/release-notes.js > ${RELEASE_NOTES_PATH}
|
|
echo "release_notes=${RELEASE_NOTES_PATH}" >> $GITHUB_OUTPUT
|
|
|
|
- name: Create GitHub Release
|
|
id: create_regular_release
|
|
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
with:
|
|
tag: ${{ steps.tag_version.outputs.new_tag }}
|
|
name: ${{ steps.tag_version.outputs.new_tag }}
|
|
bodyFile: ${{ steps.release_notes.outputs.release_notes }}
|
|
artifacts: "desktop-${{ steps.package-version.outputs.current-version }}.zip"
|
|
allowUpdates: true
|
|
draft: false
|
|
prerelease: false
|