forked from hashicorp/terraform-provider-aws
-
Notifications
You must be signed in to change notification settings - Fork 0
116 lines (108 loc) · 4.62 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Release
on:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+*'
permissions:
contents: write
jobs:
release-notes:
runs-on: macos-latest
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
- name: Generate Release Notes
run: sed -n -e "1{/# /d;}" -e "2{/^$/d;}" -e "/# $(git describe --abbrev=0 --exclude="$(git describe --abbrev=0 --match='v*.*.*' --tags)" --match='v*.*.*' --tags | tr -d v)/q;p" CHANGELOG.md > release-notes.txt
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: release-notes
path: release-notes.txt
retention-days: 1
terraform-provider-release:
name: 'Terraform Provider Release'
needs: [release-notes]
uses: hashicorp/ghaction-terraform-provider-release/.github/workflows/hashicorp.yml@v5
secrets:
hc-releases-key-prod: '${{ secrets.HC_RELEASES_KEY_PROD }}'
hc-releases-key-staging: '${{ secrets.HC_RELEASES_KEY_STAGING }}'
hc-releases-github-token: '${{ secrets.HASHI_RELEASES_GITHUB_TOKEN }}'
hc-releases-terraform-registry-sync-token: '${{ secrets.TF_PROVIDER_RELEASE_TERRAFORM_REGISTRY_SYNC_TOKEN }}'
setup-signore-github-token: '${{ secrets.HASHI_SIGNORE_GITHUB_TOKEN }}'
signore-client-id: '${{ secrets.SIGNORE_CLIENT_ID }}'
signore-client-secret: '${{ secrets.SIGNORE_CLIENT_SECRET }}'
hc-releases-host-staging: '${{ secrets.HC_RELEASES_HOST_STAGING }}'
hc-releases-host-prod: '${{ secrets.HC_RELEASES_HOST_PROD }}'
with:
goreleaser-release-args: '--timeout 3h --parallelism 4'
release-notes: true
setup-go-version-file: go.mod
# Product Version (e.g. v1.2.3 or github.ref_name)
product-version: '${{ github.ref_name }}'
highest-version-tag:
needs: [terraform-provider-release]
runs-on: macos-latest
outputs:
tag: ${{ steps.highest-version-tag.outputs.tag }}
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
# Allow tag to be fetched when ref is a commit
fetch-depth: 0
- name: Output highest version tag
id: highest-version-tag
run: |
HIGHEST=$(git tag | sort -V | tail -1)
echo "tag=$HIGHEST" >> "$GITHUB_OUTPUT"
changelog-newversion:
needs: [terraform-provider-release, highest-version-tag]
# write new changelog header only if release tag is the $HIGHEST i.e. exists on main
# and not a backport release branch (e.g. release/3.x). This results in
# manually updating the CHANGELOG header if releasing from the non-default branch.
# TODO: find a more deterministic way to determine release branch from tag commit
if: github.ref_name == needs.highest-version-tag.outputs.tag
runs-on: macos-latest
steps:
- uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
id: app-token
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PEM }}
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
ref: main
token: ${{ steps.app-token.outputs.token }}
- name: Update Changelog Header
run: |
CHANGELOG_FILE_NAME="CHANGELOG.md"
PREVIOUS_RELEASE_TAG=${{ github.ref_name }}
# Add Release Date
RELEASE_DATE=`date +%B' '%e', '%Y`
sed -i -e "1 s/Unreleased/$RELEASE_DATE/" $CHANGELOG_FILE_NAME
# Prepend next release line
echo Previous release is: $PREVIOUS_RELEASE_TAG
NEW_RELEASE_LINE=$(echo $PREVIOUS_RELEASE_TAG | awk -F. '{
$1 = substr($1,2)
$2 += 1
printf("%s.%01d.0\n\n", $1, $2);
}')
echo New minor version is: v$NEW_RELEASE_LINE
echo -e "## $NEW_RELEASE_LINE (Unreleased)\n$(cat $CHANGELOG_FILE_NAME)" > $CHANGELOG_FILE_NAME
- run: |
git config --local user.email [email protected]
git config --local user.name changelogbot
git add CHANGELOG.md
git commit -m "Update CHANGELOG.md after ${{ github.ref_name }}"
git push
upload-tag-before-post-publish:
needs: [terraform-provider-release]
runs-on: ubuntu-latest
steps:
- name: Save Release Tag
run: echo ${{ github.ref_name }} > release-tag.data
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: release-tag
path: release-tag.data
retention-days: 1