Skip to content

Merge branch 'dev' into rec #264

Merge branch 'dev' into rec

Merge branch 'dev' into rec #264

Workflow file for this run

name: Release
on:
push:
branches:
- main
- main-release
- rec
- rec-release
workflow_dispatch:
permissions:
contents: read # for checkout
jobs:
# This job is used to sync the main branch to the main:release branch and the rec branch to the rec:release branch
sync:
name: Sync
runs-on: ubuntu-latest
permissions:
contents: write # to be able to push to the main:release and rec:release branches
id-token: write # to enable use of OIDC for npm provenance
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/rec'
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v2
with:
app_id: ${{ secrets.MYBOT_APP_ID }}
private_key: ${{ secrets.MYBOT_PRIVATE_KEY }}
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ steps.generate_token.outputs.token }}
- name: Setup Git Config
run: |
git config user.name "GitHub Actions"
git config user.email "[email protected]"
- name: Sync Branch
run: |
SOURCE_BRANCH="${GITHUB_REF_NAME}"
TARGET_BRANCH="${GITHUB_REF_NAME}-release"
MAIN_RELEASE_BRANCH="main-release"
# Fetch all
git fetch origin
# Create the main-release branch from main if it doesn't exist
if ! git show-ref --verify --quiet "refs/remotes/origin/${MAIN_RELEASE_BRANCH}"; then
echo "Target branch ${MAIN_RELEASE_BRANCH} does not exist. Creating it from main."
git checkout -b ${MAIN_RELEASE_BRANCH} origin/main
git push --set-upstream origin ${MAIN_RELEASE_BRANCH}
fi
# Check if the target branch exists and checkout to it
if git show-ref --verify --quiet "refs/remotes/origin/${TARGET_BRANCH}"; then
git checkout ${TARGET_BRANCH}
else
echo "Target branch ${TARGET_BRANCH} does not exist. Creating it from ${SOURCE_BRANCH}."
git checkout -b ${TARGET_BRANCH} origin/${SOURCE_BRANCH}
git push --set-upstream origin ${TARGET_BRANCH}
fi
# Merge changes from SOURCE_BRANCH to TARGET_BRANCH, favoring 'theirs' for conflicts
git merge -X theirs origin/${SOURCE_BRANCH}
# Push changes to TARGET_BRANCH
git push origin ${TARGET_BRANCH}
env:
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
release:
name: Release
runs-on: ubuntu-latest
permissions:
contents: write # to be able to publish a GitHub release
issues: write # to be able to comment on released issues
pull-requests: write # to be able to comment on released pull requests
id-token: write # to enable use of OIDC for npm provenance
if: (github.ref == 'refs/heads/main-release' || github.ref == 'refs/heads/rec-release')
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v2
with:
app_id: ${{ secrets.MYBOT_APP_ID }}
private_key: ${{ secrets.MYBOT_PRIVATE_KEY }}
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ steps.generate_token.outputs.token }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "20.x"
cache: "npm"
- name: Install dependencies
run: npm install
- name: Cache for Turbo
uses: rharkor/[email protected]
- name: Build
run: npx turbo run build --filter='@next-boilerplate/cli'
# - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
# run: npm audit signatures
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npx semantic-release