1.0.0 #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow creates a release commit and a pull request towards the `main` branch. | |
| # | |
| # It can be triggered manually on any branch via the GitHub CLI: | |
| # | |
| # gh workflow run release.yml --field version=<major.minor.patch[-prerelease][+buildinfo]> --ref <branch-name> | |
| # gh run watch | |
| # | |
| # It can be triggered manually via the GitHub web interface: | |
| # https://github.com/rainstormy/presets-typescript/actions/workflows/release.yml | |
| name: Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: The semantic version number of the new release. | |
| type: string | |
| required: true | |
| run-name: ${{ inputs.version }} | |
| # Cancel all previous runs of this workflow that are still in progress on the same branch. | |
| # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#concurrency | |
| concurrency: | |
| group: release-${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # All third-party actions are pinned to a specific commit SHA for security reasons. | |
| # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions | |
| jobs: | |
| quality-assurance: | |
| name: Quality assurance | |
| permissions: | |
| contents: read # Allow the job to call the reusable `ci.yml` workflow. | |
| pull-requests: read # `ci.yml` requires `pull-requests` read permissions. | |
| uses: ./.github/workflows/ci.yml | |
| pull-request: | |
| name: Pull request | |
| needs: quality-assurance | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 1 | |
| permissions: { } | |
| steps: | |
| - name: Check out the repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| # Use a separate access token with permission to commit and push. | |
| token: ${{ secrets.BOT_NIMBUS_GH_AUTH_TOKEN }} | |
| # | |
| - name: Restore build artifacts | |
| uses: ./.github/actions/build-artifacts | |
| # | |
| - name: Update release artifacts | |
| uses: rainstormy/updraft@23bb449c54a4e967c87a6943a1ef9a237eafdb99 # v1.2.0 | |
| with: | |
| check-sequential-release: true | |
| files: package.json | |
| release-files: CHANGELOG.md | |
| release-version: ${{ inputs.version }} | |
| # | |
| - name: Use Nimbus (Bot) in Git | |
| uses: rainstormy/rainstorm-release/bot-nimbus@5aa67a14e95403e7db0a7a43f8e18c1cdd51ba5f # v1.0.0 | |
| with: | |
| bot-nimbus-ssh-public-key: ${{ secrets.BOT_NIMBUS_SSH_PUBLIC_KEY }} | |
| __bot-nimbus-ssh-private-key__: ${{ secrets.BOT_NIMBUS_SSH___THE___PRIVATE___KEY }} | |
| ssh-key-fingerprints-github: ${{ secrets.SSH_KEY_FINGERPRINTS_GITHUB }} | |
| # | |
| - name: Create a release-triggering pull request in GitHub | |
| uses: rainstormy/release/pr@73fe3aae49ad74af650e529107d94f45002798fd # v1.1.0 | |
| with: | |
| gh-auth-token: ${{ secrets.BOT_NIMBUS_GH_AUTH_TOKEN }} | |
| version: ${{ inputs.version }} |