MokoConsulting/MokoCassiopeia
1
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Releases 1 Activity

Update release_from_version.yml

Browse Source
This commit is contained in:
Jonathan Miller
2025-12-23 19:51:39 -06:00
parent 16c2b8843e
commit c64a84374f
1 changed files with 23 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

136
.github/workflows/release_from_version.yml vendored
View File

@@ -21,7 +21,7 @@
# FILE INFORMATION # FILE INFORMATION
# DEFGROUP: GitHub.Workflow # DEFGROUP: GitHub.Workflow
# INGROUP: MokoStandards.Release # INGROUP: MokoStandards.Release
# REPO: https://github.com/mokoconsulting-tech/moko-cassiopeia # REPO: https://github.com/mokoconsulting-tech/MokoStandards
# PATH: /.github/workflows/release_from_version.yml # PATH: /.github/workflows/release_from_version.yml
# VERSION: 01.00.00 # VERSION: 01.00.00
# BRIEF: Enterprise release pipeline that promotes dev/<version> to version/<version>, deletes dev branch, builds Joomla artifacts, publishes prereleases, and optionally creates a squash PR to main. # BRIEF: Enterprise release pipeline that promotes dev/<version> to version/<version>, deletes dev branch, builds Joomla artifacts, publishes prereleases, and optionally creates a squash PR to main.
@@ -450,141 +450,51 @@ jobs:
echo "- SHA256SUMS.txt" echo "- SHA256SUMS.txt"
} >> RELEASE_NOTES.md } >> RELEASE_NOTES.md
- name: Upload build artifacts - name: Publish JSON report to job summary (JSON-only, no file)
uses: actions/upload-artifact@v4
with:
name: release-assets
path: |
dist/*.zip
dist/SHA256SUMS.txt
dist/release-report.json
updates.xml
RELEASE_NOTES.md
retention-days: 30
- name: Attest build provenance
uses: actions/attest-build-provenance@v2
with:
subject-path: |
dist/*.zip
dist/SHA256SUMS.txt
- name: Create GitHub prerelease and attach assets
id: gh_release
uses: softprops/action-gh-release@v2
with:
token: ${{ github.token }}
tag_name: ${{ needs.guard.outputs.version }}
name: Prerelease ${{ needs.guard.outputs.version }}
draft: false
prerelease: true
make_latest: false
body_path: RELEASE_NOTES.md
files: |
dist/*.zip
updates.xml
dist/SHA256SUMS.txt
dist/release-report.json
- name: Post-release command hook
env:
GH_TOKEN: ${{ github.token }}
run: |
set -euo pipefail
OWNER="${{ github.repository_owner }}"
REPO="${{ github.event.repository.name }}"
TAG="${{ needs.guard.outputs.version }}"
# Confirm release exists (enterprise audit trail)
RELEASE_JSON="$(gh api "repos/${OWNER}/${REPO}/releases/tags/${TAG}")"
RELEASE_URL="$(printf "%s" "${RELEASE_JSON}" | python3 -c 'import json,sys; print(json.load(sys.stdin).get("html_url",""))')"
echo "Release URL: ${RELEASE_URL}"
# Optional repo-defined hook
if [ -f scripts/post_release.sh ]; then
chmod +x scripts/post_release.sh
scripts/post_release.sh "${TAG}" "${RELEASE_URL}"
else
echo "No scripts/post_release.sh found. Skipping post-release hook."
fi
- name: Write JSON release report
run: | run: |
set -euo pipefail set -euo pipefail
VERSION="${{ needs.guard.outputs.version }}" VERSION="${{ needs.guard.outputs.version }}"
REPO_FULL="${{ github.repository }}"
REPO_NAME="${{ github.event.repository.name }}"
BRANCH="${{ needs.guard.outputs.version_branch }}" BRANCH="${{ needs.guard.outputs.version_branch }}"
TAG="${{ needs.guard.outputs.version }}" TAG="${{ needs.guard.outputs.version }}"
TODAY_UTC="${{ needs.guard.outputs.today_utc }}" TODAY_UTC="${{ needs.guard.outputs.today_utc }}"
ZIP_NAME="${{ steps.build.outputs.zip_name }}" ZIP_NAME="${{ steps.build.outputs.zip_name }}"
ZIP_SHA256="${{ steps.sha.outputs.sha256 }}" ZIP_SHA256="${{ steps.sha.outputs.sha256 }}"
EXT_ROOT="${{ steps.build.outputs.root }}" EXT_ROOT="${{ steps.build.outputs.root }}"
MANIFEST_PATH="${{ steps.build.outputs.manifest }}" MANIFEST_PATH="${{ steps.build.outputs.manifest }}"
EXT_TYPE="${{ steps.build.outputs.ext_type }}" EXT_TYPE="${{ steps.build.outputs.ext_type }}"
OWNER="${{ github.repository_owner }}" OWNER="${{ github.repository_owner }}"
DOWNLOAD_URL="https://github.com/${OWNER}/${REPO_NAME}/releases/download/${VERSION}/${ZIP_NAME}" REPO="${{ github.event.repository.name }}"
DOWNLOAD_URL="https://github.com/${OWNER}/${REPO}/releases/download/${VERSION}/${ZIP_NAME}"
COMMIT_SHA="$(git rev-parse HEAD)" echo "### Release report (JSON)" >> "${GITHUB_STEP_SUMMARY}"
echo "\`\`\`json" >> "${GITHUB_STEP_SUMMARY}"
mkdir -p dist cat <<'JSON' >> "${GITHUB_STEP_SUMMARY}"
{
python3 - <<'PY' "repository": "${{ github.repository }}",
import json, os "version": "${VERSION}",
payload = { "branch": "${BRANCH}",
"repository": os.environ["REPO_FULL"], "tag": "${TAG}",
"version": os.environ["VERSION"], "prerelease": true,
"branch": os.environ["BRANCH"], "today_utc": "${TODAY_UTC}",
"tag": os.environ["TAG"], "commit_sha": "${{ github.sha }}",
"prerelease": True,
"today_utc": os.environ["TODAY_UTC"],
"commit_sha": os.environ["COMMIT_SHA"],
"joomla": { "joomla": {
"extension_type": os.environ.get("EXT_TYPE") or "unknown", "extension_type": "${EXT_TYPE}",
"extension_root": os.environ.get("EXT_ROOT") or "", "extension_root": "${EXT_ROOT}",
"manifest_path": os.environ.get("MANIFEST_PATH") or "", "manifest_path": "${MANIFEST_PATH}"
}, },
"assets": { "assets": {
"zip": { "zip": {
"name": os.environ["ZIP_NAME"], "name": "${ZIP_NAME}",
"sha256": os.environ["ZIP_SHA256"], "sha256": "${ZIP_SHA256}",
"download_url": os.environ["DOWNLOAD_URL"], "download_url": "${DOWNLOAD_URL}"
}, },
"updates_xml": "updates.xml", "updates_xml": "updates.xml",
"sha256sums": "dist/SHA256SUMS.txt", "sha256sums": "dist/SHA256SUMS.txt",
"release_notes": "RELEASE_NOTES.md", "release_notes": "RELEASE_NOTES.md"
} }
} }
with open("dist/release-report.json", "w", encoding="utf-8") as f: JSON
json.dump(payload, f, indent=2, sort_keys=True)
f.write("\\n")
print("Wrote dist/release-report.json")
PY
env:
VERSION: ${{ needs.guard.outputs.version }}
REPO_FULL: ${{ github.repository }}
BRANCH: ${{ needs.guard.outputs.version_branch }}
TAG: ${{ needs.guard.outputs.version }}
TODAY_UTC: ${{ needs.guard.outputs.today_utc }}
ZIP_NAME: ${{ steps.build.outputs.zip_name }}
ZIP_SHA256: ${{ steps.sha.outputs.sha256 }}
EXT_ROOT: ${{ steps.build.outputs.root }}
MANIFEST_PATH: ${{ steps.build.outputs.manifest }}
EXT_TYPE: ${{ steps.build.outputs.ext_type }}
DOWNLOAD_URL: ${{ format('https://github.com/{0}/{1}/releases/download/{2}/{3}', github.repository_owner, github.event.repository.name, needs.guard.outputs.version, steps.build.outputs.zip_name) }}
COMMIT_SHA: ${{ github.sha }}
- name: Publish JSON report to job summary
run: |
set -euo pipefail
echo "### Release report (JSON)" >> "${GITHUB_STEP_SUMMARY}"
echo "\`\`\`json" >> "${GITHUB_STEP_SUMMARY}"
cat dist/release-report.json >> "${GITHUB_STEP_SUMMARY}"
echo "\`\`\`" >> "${GITHUB_STEP_SUMMARY}" echo "\`\`\`" >> "${GITHUB_STEP_SUMMARY}"
squash_to_main: squash_to_main: