-
Notifications
You must be signed in to change notification settings - Fork 1.3k
204 lines (177 loc) · 7.28 KB
/
release-please.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
name: Release
on:
push:
branches:
- main
- v[0-9]*
jobs:
release:
runs-on: ubuntu-latest
outputs:
release_created: ${{ steps.release.outputs.release_created }}
tag_name: ${{ steps.release.outputs.tag_name }}
patch: ${{ steps.release.outputs.patch }}
steps:
# Create/update release PR
- uses: google-github-actions/release-please-action@v4
id: release
with:
# Make sure we create the PR against the correct branch.
target-branch: ${{ github.ref_name }}
# Use a special shaka-bot access token for releases.
token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
# See also settings in these files:
manifest-file: .release-please-manifest.json
config-file: .release-please-config.json
# The jobs below are all conditional on a release having been created by
# someone merging the release PR. They all run in parallel.
tag-main:
runs-on: ubuntu-latest
needs: release
if: needs.release.outputs.release_created && needs.release.outputs.patch != '0'
steps:
- uses: actions/checkout@v4
with:
# Check out the origin repo, and do it at main, not the PR branch.
ref: main
# Use a special shaka-bot access token for releases.
token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
# We want to explicitly use these credentials to push a tag.
# The job is only one more step, so they don't leak.
persist-credentials: true
- name: Tag the main branch
run: |
# Set missing git config for the tag.
git config user.name "shaka-bot"
git config user.email "[email protected]"
# Tag the main branch.
VERSION=${{ needs.release.outputs.tag_name }}
git tag -m "$VERSION-main" "$VERSION-main"
git push origin "$VERSION-main"
npm:
runs-on: ubuntu-latest
needs: release
if: needs.release.outputs.release_created
steps:
- uses: actions/checkout@v4
with:
ref: refs/tags/${{ needs.release.outputs.tag_name }}
fetch-depth: 0
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 22
registry-url: 'https://registry.npmjs.org'
- name: Compute NPM tags
run: |
# NPM publish always sets a tag. If you don't provide an explicit
# tag, you get the "latest" tag by default, but we want "latest" to
# always point to the highest version number. So we set an explicit
# tag on every "publish" command, then follow up with a command to
# set "latest" only if this release was the highest version yet.
# The explicit tag is based on the branch. If the git tag is v4.4.1,
# the branch was v4.4.x, and the explicit NPM tag should be
# v4.4-latest.
GIT_TAG_NAME=${{ needs.release.outputs.tag_name }}
NPM_TAG=$(echo "$GIT_TAG_NAME" | cut -f 1-2 -d .)-latest
echo "NPM_TAG=$NPM_TAG" >> $GITHUB_ENV
# We only tag the NPM package as "latest" if this release is the
# highest version to date.
RELEASE_TAGS=$(git tag | grep ^v[0-9] | grep -Ev -- '-(master|main)')
LATEST_RELEASE=$(echo "$RELEASE_TAGS" | sort --version-sort | tail -1)
if [[ "$GIT_TAG_NAME" == "$LATEST_RELEASE" ]]; then
NPM_LATEST=true
else
NPM_LATEST=false
fi
echo NPM_LATEST=$NPM_LATEST >> $GITHUB_ENV
# Debug the decisions made here.
echo "Latest release: $LATEST_RELEASE"
echo "This release: $GIT_TAG_NAME"
echo "NPM tag: $NPM_TAG"
echo "NPM latest: $NPM_LATEST"
- run: npm ci
- name: Publish
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
run: |
# Publish with an explicit tag.
npm publish --tag "$NPM_TAG"
# Add the "latest" tag if needed.
if [[ "$NPM_LATEST" == "true" ]]; then
NPM_VERSION=$(npm version --json | jq -r '."shaka-player"')
npm dist-tag add "shaka-player@$NPM_VERSION" latest
fi
- run: npm pack
- name: Attach to release
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_PLEASE_TOKEN }}
run: |
gh release upload \
${{ needs.release.outputs.tag_name }} shaka-player-*.tgz \
--clobber
appspot:
runs-on: ubuntu-latest
needs: release
if: needs.release.outputs.release_created
steps:
- uses: actions/checkout@v4
with:
ref: refs/tags/${{ needs.release.outputs.tag_name }}
fetch-depth: 0
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 22
registry-url: 'https://registry.npmjs.org'
- name: Compute appspot subdomain and promotion
run: |
# This is the same as the version tag, but with dots replaced by
# dashes. For example, v3.2.2 would have the subdomain v3-2-2.
APPSPOT_SUBDOMAIN=$( echo ${{ needs.release.outputs.tag_name }} | sed -e 's/\./-/g' )
echo APPSPOT_SUBDOMAIN=$APPSPOT_SUBDOMAIN >> $GITHUB_ENV
# "Promoting" an appspot deployment makes it the default which shows
# up on shaka-player-demo.appspot.com (no subdomain). This should be
# done for the latest release version from the latest release branch.
RELEASE_TAGS=$(git tag | grep ^v[0-9] | grep -Ev -- '-(master|main)')
LATEST_RELEASE=$(echo "$RELEASE_TAGS" | sort --version-sort | tail -1)
TAG_NAME=${{ needs.release.outputs.tag_name }}
if [[ "$TAG_NAME" == "$LATEST_RELEASE" ]]; then
APPSPOT_PROMOTE=true
else
APPSPOT_PROMOTE=false
fi
echo APPSPOT_PROMOTE=$APPSPOT_PROMOTE >> $GITHUB_ENV
# Debug the decisions made here.
echo "Subdomain: $APPSPOT_SUBDOMAIN"
echo "Latest release: $LATEST_RELEASE"
echo "This release: $TAG_NAME"
echo "Promote: $APPSPOT_PROMOTE"
- uses: ./.github/workflows/custom-actions/prep-for-appspot
- uses: google-github-actions/auth@v2
with:
credentials_json: '${{ secrets.APPENGINE_DEPLOY_KEY }}'
- uses: google-github-actions/deploy-appengine@v2
with:
project_id: shaka-player-demo
version: ${{ env.APPSPOT_SUBDOMAIN }}
promote: ${{ env.APPSPOT_PROMOTE }}
auto-branch:
runs-on: ubuntu-latest
needs: release
if: needs.release.outputs.release_created && needs.release.outputs.patch == '0'
steps:
- uses: actions/checkout@v4
with:
ref: refs/tags/${{ needs.release.outputs.tag_name }}
fetch-depth: 0
# Use a special shaka-bot access token for releases.
token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
# We want to explicitly use these credentials to create the branch.
# The job is only one more step, so they don't leak.
persist-credentials: true
- name: Create release branch
run: |
TAG=${{ needs.release.outputs.tag_name }}
BRANCH=$(echo "$TAG" | sed -e 's/\.0$/.x/')
git push origin refs/tags/"$TAG"^{commit}:refs/heads/"$BRANCH"