Skip to content

Release 1.0.0

Release 1.0.0 #15

Workflow file for this run

# This workflow creates version tags in Git for the release commit on the `main` branch.
#
# It is triggered automatically by merging a pull request to the `main` branch,
# as created by the `release.yml` workflow.
#
# It can be triggered manually on any branch via the GitHub CLI:
#
# gh workflow run release-tags.yml --field version=<major.minor.patch[-prerelease][+buildinfo]> --ref <branch-name>
# gh run watch
#
# It can be triggered manually via the GitHub web interface:
# https://github.com/rainstormy/presets-typescript/actions/workflows/release-tags.yml
name: Release / Tags
on:
pull_request:
branches:
- main
types:
- closed
workflow_dispatch:
inputs:
version:
description: The semantic version number of the new release.
type: string
required: true
# Cancel all previous runs of this workflow that are still in progress on the same branch.
# https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#concurrency
concurrency:
group: release-tags-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# All third-party actions are pinned to a specific commit SHA for security reasons.
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
jobs:
quality-assurance:
name: Quality assurance
if: github.event_name != 'pull_request' || (github.event.pull_request.merged == true && startsWith(github.head_ref, 'release/'))
permissions:
contents: read # Allow the job to call the reusable `ci.yml` workflow.
pull-requests: read # `ci.yml` requires `pull-requests` read permissions.
uses: ./.github/workflows/ci.yml
tags:
name: Tags
if: github.event_name != 'pull_request' || (github.event.pull_request.merged == true && startsWith(github.head_ref, 'release/'))
needs: quality-assurance
runs-on: ubuntu-24.04
timeout-minutes: 1
permissions: { }
steps:
- name: Check out the repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# Use a separate access token to allow the push tag event in this workflow to trigger the subsequent `release-github.yml` workflow.
# https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow
token: ${{ secrets.BOT_NIMBUS_GH_AUTH_TOKEN }}
#
- name: Use Nimbus (Bot) in Git
uses: rainstormy/rainstorm-release/bot-nimbus@5aa67a14e95403e7db0a7a43f8e18c1cdd51ba5f # v1.0.0
with:
bot-nimbus-ssh-public-key: ${{ secrets.BOT_NIMBUS_SSH_PUBLIC_KEY }}
__bot-nimbus-ssh-private-key__: ${{ secrets.BOT_NIMBUS_SSH___THE___PRIVATE___KEY }}
ssh-key-fingerprints-github: ${{ secrets.SSH_KEY_FINGERPRINTS_GITHUB }}
#
- name: Create a full semantic version tag in Git
uses: rainstormy/release/tag@73fe3aae49ad74af650e529107d94f45002798fd # v1.1.0
with:
version: ${{ inputs.version || github.head_ref }}