Create GitHub Release #21
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create GitHub Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| artifact-run-id: | |
| description: 'GitHub Action Run ID containing artifacts' | |
| required: true | |
| type: string | |
| draft: | |
| description: 'Create as draft release' | |
| type: boolean | |
| default: true | |
| prerelease: | |
| description: 'Mark as pre-release' | |
| type: boolean | |
| default: true | |
| branch-protection-type: | |
| description: 'Branch protection type' | |
| type: choice | |
| options: | |
| - Branch Name | |
| - GitHub API | |
| default: Branch Name | |
| env: | |
| ARTIFACTS_PATH: artifacts | |
| jobs: | |
| create-release: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: write | |
| actions: read | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get branch from workflow run | |
| id: get_release_branch | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ARTIFACT_RUN_ID: ${{ inputs.artifact-run-id }} | |
| BRANCH_PROTECTION_TYPE: ${{ inputs.branch-protection-type }} | |
| run: | | |
| release_branch=$(gh run view $ARTIFACT_RUN_ID --json headBranch -q .headBranch) | |
| case "$BRANCH_PROTECTION_TYPE" in | |
| "Branch Name") | |
| if [[ "$release_branch" != "main" && ! "$release_branch" =~ ^release/ ]]; then | |
| echo "::error::Branch '$release_branch' is not 'main' or a release branch starting with 'release/'. Releases must be created from protected branches." | |
| exit 1 | |
| fi | |
| ;; | |
| "GitHub API") | |
| #NOTE requires token with "administration:read" scope | |
| if ! gh api "repos/${{ github.repository }}/branches/$release_branch/protection" | grep -q "required_status_checks"; then | |
| echo "::error::Branch '$release_branch' is not protected. Releases must be created from protected branches. If that's not correct, confirm if the github token user has the 'administration:read' scope." | |
| exit 1 | |
| fi | |
| ;; | |
| *) | |
| echo "::error::Unsupported branch protection type: $BRANCH_PROTECTION_TYPE" | |
| exit 1 | |
| ;; | |
| esac | |
| echo "release_branch=$release_branch" >> $GITHUB_OUTPUT | |
| - name: Get last release tag | |
| id: get_last_tag | |
| run: | | |
| last_release_tag=$(git tag -l --sort=-authordate | head -n 1) | |
| echo "last_release_tag=$last_release_tag" >> $GITHUB_OUTPUT | |
| - name: Download artifacts | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ARTIFACT_RUN_ID: ${{ inputs.artifact-run-id }} | |
| run: ./Scripts/download-artifacts.sh $ARTIFACTS_PATH $ARTIFACT_RUN_ID | |
| - name: Parse version info | |
| id: version_info | |
| run: | | |
| unzip -o "$ARTIFACTS_PATH/version-info.zip" -d "tmp" | |
| filepath="tmp/version-info/version_info.json" | |
| version_name=$(jq -r '.version_name' "$filepath") | |
| version_number=$(jq -r '.version_number' "$filepath") | |
| echo "version_number=$version_number" >> $GITHUB_OUTPUT | |
| echo "version_name=$version_name" >> $GITHUB_OUTPUT | |
| rm -rf tmp | |
| - name: Create GitHub Release | |
| id: create_release | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # Create release with generated notes | |
| url=$(gh release create "v${{ steps.version_info.outputs.version_name }}" \ | |
| --title "${{ steps.version_info.outputs.version_name }} (${{ steps.version_info.outputs.version_number }})" \ | |
| --target ${{ steps.get_release_branch.outputs.release_branch }} \ | |
| --generate-notes \ | |
| --notes-start-tag "${{ steps.get_last_tag.outputs.last_release_tag }}" \ | |
| --prerelease=${{ inputs.prerelease }} \ | |
| --draft=${{ inputs.draft }} \ | |
| $ARTIFACTS_PATH/*) | |
| # Extract release tag from URL | |
| release_tag=$(echo "$url" | sed 's/.*\/tag\///') | |
| echo "release_tag=$release_tag" >> $GITHUB_OUTPUT | |
| - name: Update Release Description | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| RELEASE_TAG: ${{ steps.create_release.outputs.release_tag }} | |
| ARTIFACT_RUN_ID: ${{ inputs.artifact-run-id }} | |
| run: | | |
| # Get current release body | |
| current_body=$(gh release view $RELEASE_TAG --json body --jq .body) | |
| # Append build source to the end | |
| updated_body="${current_body} | |
| **Builds Source:** https://github.com/${{ github.repository }}/actions/runs/$ARTIFACT_RUN_ID" | |
| # Update release | |
| new_url=$(gh release edit $RELEASE_TAG --notes "$updated_body") | |
| echo "# :rocket: Release ready at:" >> $GITHUB_STEP_SUMMARY | |
| echo "$new_url" >> $GITHUB_STEP_SUMMARY |