MokoConsulting/MokoCassiopeia
1
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Releases 1 Activity

Update release_pipeline.yml

Browse Source
This commit is contained in:
Jonathan Miller
2026-01-01 09:00:18 -06:00
committed by GitHub
parent aa80746b50
commit 00bf93df11
1 changed files with 1163 additions and 1193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

250
.github/workflows/release_pipeline.yml vendored
View File

@@ -1,70 +1,74 @@
# ============================================================================
# Copyright (C) 2025 Moko Consulting <hello@mokoconsulting.tech>
#
# This file is part of a Moko Consulting project.
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
# FILE INFORMATION
# DEFGROUP: GitHub.Workflow
# INGROUP: MokoStandards.Release
# REPO: https://github.com/mokoconsulting-tech/MokoStandards
# PATH: /.github/workflows/release_pipeline.yml
# VERSION: 03.05.00
# BRIEF: Enterprise release pipeline enforcing dev to rc to version to main. Creates prerelease when rc is created. Creates full release when version is created and promotes to main while retaining the version branch.
# NOTE:
# ============================================================================
============================================================================
Copyright (C) 2025 Moko Consulting hello@mokoconsulting.tech
This file is part of a Moko Consulting project.
SPDX-License-Identifier: GPL-3.0-or-later
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see https://www.gnu.org/licenses/.
FILE INFORMATION
DEFGROUP: GitHub.Workflow
INGROUP: MokoStandards.Release
REPO: https://github.com/mokoconsulting-tech/MokoStandards
PATH: /.github/workflows/release_pipeline.yml
VERSION: 03.05.00
BRIEF: Enterprise release pipeline enforcing dev to rc to version to main. Creates prerelease when rc is created. Creates full release when version is created and promotes to main while retaining the version branch.
NOTE:
============================================================================
name: Release Pipeline (dev > rc > version > main)
on:
workflow_dispatch:
inputs:
release_classification:
description: "Manual override for classification. auto follows branch policy; rc forces prerelease behavior; stable forces full release behavior."
required: true
default: auto
type: choice
options:
- auto
- rc
- stable
release:
types:
- created
- prereleased
- published
on: workflow_dispatch: inputs: release_classification: description: "Manual override for classification. auto follows branch policy; rc forces prerelease behavior; stable forces full release behavior." required: true default: auto type: choice options: - auto - rc - stable release: types: - created - prereleased - published
concurrency:
group: release-pipeline-${{ github.ref_name }}
cancel-in-progress: false
concurrency: group: release-pipeline-${{ github.ref_name }} cancel-in-progress: false
defaults:
run:
shell: bash
defaults: run: shell: bash
permissions:
contents: read
permissions: contents: read
jobs:
guard:
name: 00 Guardrails and metadata
runs-on: ubuntu-latest
jobs: guard: name: 00 Guardrails and metadata runs-on: ubuntu-latest
outputs:
outputs:
version: ${{ steps.meta.outputs.version }}
source_branch: ${{ steps.meta.outputs.source_branch }}
source_prefix: ${{ steps.meta.outputs.source_prefix }}
@@ -75,12 +79,12 @@ jobs:
release_mode: ${{ steps.meta.outputs.release_mode }}
override: ${{ steps.meta.outputs.override }}
permissions:
permissions:
contents: read
actions: read
pull-requests: read
steps:
steps:
- name: Checkout (best effort)
uses: actions/checkout@v4
with:
@@ -249,11 +253,10 @@ jobs:
printf '"runner_os":"%s",' "${RUNNER_OS}"
printf '"runner_name":"%s"' "${RUNNER_NAME}"
printf '}
'
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
{
' echo "```" } >> "${GITHUB_STEP_SUMMARY}"
{
echo "### Git snapshot"
echo "```"
git --version || true
@@ -262,17 +265,14 @@ jobs:
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
promote_branch:
name: 01 Promote branch and delete source
runs-on: ubuntu-latest
needs: guard
promote_branch: name: 01 Promote branch and delete source runs-on: ubuntu-latest needs: guard
if: ${{ github.event_name == 'workflow_dispatch' }}
if: ${{ github.event_name == 'workflow_dispatch' }}
permissions:
permissions:
contents: write
steps:
steps:
- name: Checkout source branch
uses: actions/checkout@v4
with:
@@ -348,23 +348,17 @@ jobs:
printf '"ref_name":"%s",' "${GITHUB_REF_NAME}"
printf '"sha":"%s"' "${GITHUB_SHA}"
printf '}
'
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
normalize_dates:
name: 02 Normalize dates on promoted branch
runs-on: ubuntu-latest
needs:
- guard
- promote_branch
' echo "```" } >> "${GITHUB_STEP_SUMMARY}"
if: ${{ github.event_name == 'workflow_dispatch' }}
normalize_dates: name: 02 Normalize dates on promoted branch runs-on: ubuntu-latest needs: - guard - promote_branch
permissions:
if: ${{ github.event_name == 'workflow_dispatch' }}
permissions:
contents: write
steps:
steps:
- name: Checkout promoted branch
uses: actions/checkout@v4
with:
@@ -420,20 +414,15 @@ jobs:
done
if [ -z "${SCRIPT}" ]; then
FOUND="$(find . -maxdepth 3 -type f \( -name 'update_dates.sh' -o -name 'update-dates.sh' \) 2>/dev/null | head -n 5 || true)"
FOUND="$(find . -maxdepth 3 -type f -name 'update_dates.sh' -o -name 'update-dates.sh' 2>/dev/null | head -n 5 || true)"
{
echo "ERROR: Date normalization script not found in approved locations."
echo "Approved locations:"
printf '%s
' "${CANDIDATES[@]}"
echo "Discovered candidates (first 5):"
echo "${FOUND:-<none>}"
echo "Required action: add scripts/release/update_dates.sh (preferred) to the repo."
} >> "${GITHUB_STEP_SUMMARY}"
exit 1
fi
echo "Using date script: ${SCRIPT}" >> "${GITHUB_STEP_SUMMARY}"
' "${CANDIDATES[@]}" echo "Discovered candidates (first 5):" echo "${FOUND:-<none>}" echo "Required action: add scripts/release/update_dates.sh (preferred) to the repo." } >> "${GITHUB_STEP_SUMMARY}" exit 1 fi
echo "Using date script: ${SCRIPT}" >> "${GITHUB_STEP_SUMMARY}"
chmod +x "${SCRIPT}"
"${SCRIPT}" "${TODAY}" "${VERSION}" >> "${GITHUB_STEP_SUMMARY}"
@@ -468,21 +457,16 @@ jobs:
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
build_and_release:
name: 03 Build ZIP, upload to SFTP, create GitHub release
runs-on: ubuntu-latest
needs:
- guard
- normalize_dates
build_and_release: name: 03 Build ZIP, upload to SFTP, create GitHub release runs-on: ubuntu-latest needs: - guard - normalize_dates
if: ${{ github.event_name == 'workflow_dispatch' }}
if: ${{ github.event_name == 'workflow_dispatch' }}
permissions:
permissions:
contents: write
id-token: write
attestations: write
steps:
steps:
- name: Checkout promoted branch
uses: actions/checkout@v4
with:
@@ -551,14 +535,13 @@ jobs:
sep=",";
done
printf '],"channel":"%s","deploy_dry_run":"%s","credential_presence":{"FTP_KEY":"%s","FTP_PASSWORD":"%s"}}
' \
"${CHANNEL}" "${DEPLOY_DRY_RUN:-false}" \
"$( [ "${key_present}" = "true" ] && echo present || echo missing )" \
"$( [ "${pw_present}" = "true" ] && echo present || echo missing )"
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
if [ "${#missing[@]}" -gt 0 ]; then
'
"${CHANNEL}" "${DEPLOY_DRY_RUN:-false}"
"$( [ "${key_present}" = "true" ] && echo present || echo missing )"
"$( [ "${pw_present}" = "true" ] && echo present || echo missing )" echo "```" } >> "${GITHUB_STEP_SUMMARY}"
if [ "${#missing[@]}" -gt 0 ]; then
exit 1
fi
@@ -600,13 +583,10 @@ jobs:
sep=",";
done
printf ']}
'
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
exit 1
fi
ran=()
' echo "```" } >> "${GITHUB_STEP_SUMMARY}" exit 1 fi
ran=()
skipped=()
for s in "${required_scripts[@]}" "${optional_scripts[@]}"; do
@@ -657,11 +637,10 @@ jobs:
done
printf ']}
'
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
- name: Build Joomla ZIP (extension type aware, src-only archive)
' echo "```" } >> "${GITHUB_STEP_SUMMARY}"
- name: Build Joomla ZIP (extension type aware, src-only archive)
id: build
run: |
set -euo pipefail
@@ -830,11 +809,10 @@ jobs:
printf '"FTP_PASSWORD":"%s"' "$( [ "${PASSWORD_PRESENT}" = "true" ] && echo present || echo missing )"
printf '}'
printf '}
'
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
if [ "${KEY_PRESENT}" = "true" ] && [ "${PASSWORD_PRESENT}" = "true" ]; then
' echo "```" } >> "${GITHUB_STEP_SUMMARY}"
if [ "${KEY_PRESENT}" = "true" ] && [ "${PASSWORD_PRESENT}" = "true" ]; then
echo "Password provided but ignored because key auth is in use." >> "${GITHUB_STEP_SUMMARY}"
fi
@@ -1035,7 +1013,7 @@ jobs:
VERSION="${{ needs.guard.outputs.version }}"
ZIP_ASSET="${{ steps.build.outputs.zip_name }}"
awk "/^## \[${VERSION}\]/{flag=1;next}/^## \[/ {flag=0}flag" CHANGELOG.md > RELEASE_NOTES.md || true
awk "/^## ${VERSION}/{flag=1;next}/^## \[/ {flag=0}flag" CHANGELOG.md > RELEASE_NOTES.md || true
if [ ! -s RELEASE_NOTES.md ]; then
echo "ERROR: Release notes extraction failed for ${VERSION}" >> "${GITHUB_STEP_SUMMARY}"
@@ -1082,20 +1060,15 @@ jobs:
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
push_version_to_main:
name: 04 Promote version branch to main (stable only, keep version branch)
runs-on: ubuntu-latest
needs:
- guard
- build_and_release
push_version_to_main: name: 04 Promote version branch to main (stable only, keep version branch) runs-on: ubuntu-latest needs: - guard - build_and_release
if: ${{ github.event_name == 'workflow_dispatch' && needs.guard.outputs.release_mode == 'stable' }}
if: ${{ github.event_name == 'workflow_dispatch' && needs.guard.outputs.release_mode == 'stable' }}
permissions:
permissions:
contents: write
pull-requests: write
steps:
steps:
- name: Checkout main
uses: actions/checkout@v4
with:
@@ -1153,17 +1126,14 @@ jobs:
echo "```"
} >> "${GITHUB_STEP_SUMMARY}"
release_event_report:
name: 99 Release event report (GitHub UI created release)
runs-on: ubuntu-latest
needs: guard
release_event_report: name: 99 Release event report (GitHub UI created release) runs-on: ubuntu-latest needs: guard
if: ${{ github.event_name == 'release' }}
if: ${{ github.event_name == 'release' }}
permissions:
permissions:
contents: read
steps:
steps:
- name: Checkout tag
uses: actions/checkout@v4
with: