Update secrets and permissions in deployment workflow (#3240) #331
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deployment of Zowe Explorer and related extensions | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - maintenance | |
| - v1-lts | |
| paths: | |
| - .github/release.config.js | |
| - .github/workflows/deployment.yml | |
| - lerna.json | |
| # workflow_dispatch: | |
| # inputs: | |
| # version: | |
| # description: Override version to be published | |
| # required: false | |
| jobs: | |
| release: | |
| if: github.event_name == 'workflow_dispatch' || github.ref_protected | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| id-token: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| ref: ${{ github.ref }} | |
| - name: Use Node.js LTS | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '18.x' | |
| - name: Install Yarn and Lerna | |
| run: npm install -g yarn lerna@6 [email protected] | |
| - name: Build Source | |
| run: yarn | |
| - name: Get Project Version | |
| id: lerna | |
| run: echo "version=$(jq -r .version lerna.json)" >> $GITHUB_OUTPUT | |
| - uses: zowe-actions/octorelease@v1 | |
| id: octorelease | |
| if: ${{ !contains(github.event.inputs.version || steps.lerna.outputs.version, '-SNAPSHOT') }} | |
| env: | |
| GIT_COMMITTER_NAME: ${{ secrets.ZOWE_ROBOT_USER }} | |
| GIT_COMMITTER_EMAIL: ${{ secrets.ZOWE_ROBOT_EMAIL }} | |
| GIT_CREDENTIALS: x-access-token:${{ secrets.ZOWE_ROBOT_TOKEN }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_PUBLISHER_TOKEN }} | |
| OVSX_PAT: ${{ secrets.VSCODE_OVSX_PUBLISHER_TOKEN }} | |
| VSCE_PAT: ${{ secrets.VSCODE_VSCE_PUBLISHER_TOKEN }} | |
| with: | |
| config-dir: .github | |
| new-version: ${{ github.event.inputs.version }} | |
| - name: Update Changelogs | |
| if: steps.octorelease.outcome == 'success' | |
| run: | | |
| sed -i '0,/##/s//## TBD Release\n\n### Bug fixes\n\n##/' packages/*/CHANGELOG.md | |
| git add packages/*/CHANGELOG.md | |
| - name: Create Snapshot Version | |
| if: steps.octorelease.outcome == 'success' | |
| uses: zowe-actions/octorelease/script@v1 | |
| env: | |
| VERSION_STRING: "%s-SNAPSHOT" | |
| with: | |
| config-dir: .github | |
| script: prepareRelease |