From d1f13f704a2f02eabe234d34486d0e68f3ea0398 Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Fri, 17 Nov 2023 04:47:13 +0100 Subject: [PATCH 1/2] add-release-action --- .github/workflows/update-main-version.yml | 36 +++++++++++++++++++++++ RELEASE.md | 23 +++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 .github/workflows/update-main-version.yml create mode 100644 RELEASE.md diff --git a/.github/workflows/update-main-version.yml b/.github/workflows/update-main-version.yml new file mode 100644 index 0000000..08f9ddf --- /dev/null +++ b/.github/workflows/update-main-version.yml @@ -0,0 +1,36 @@ +name: Update main release version +run-name: Move ${{ github.event.inputs.main_version }} to ${{ github.event.inputs.target }} + +on: + workflow_dispatch: + inputs: + target: + description: The tag of the target version which should be used as the new main version + required: true + main_version: + type: choice + description: The main version to update + options: + - v1 + +jobs: + move-version: + permissions: + id-token: write + contents: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Required since we need to ensure all tags are contained within the checkout. + + - name: Setup GitSign + uses: chainguard-dev/actions/setup-gitsign@main + + - name: Move main version tag + run: | + git config --global user.email "roxbot@stackrox.com" + git config --global user.name "Robot Rox" + # Move the main version tag to the target tag. + git tag -f ${{ github.event.inputs.main_version }} ${{ github.event.inputs.target }} + git push origin ${{ github.event.inputs.main_version }} --force diff --git a/RELEASE.md b/RELEASE.md new file mode 100644 index 0000000..5326820 --- /dev/null +++ b/RELEASE.md @@ -0,0 +1,23 @@ +# Releasing a new version + +This documents all steps requires to release a new version of the central-login GitHub Action. + +## Create a new GitHub release incl. tag + +Once you're ready to release, create a GitHub release including a new release. +Currently, no special GitHub action is used to draft the release, we use the default GitHub template for the release +notes. + +We strive to version according to [semantic versioning](https://semver.org/). + +## Move the main version tag to the new version + +Once the new release is created including the new tag, we move the main version tag (i.e `v1`) to point to the newly +released version. + +This is done by manually triggering the workflow `update-main-version`. + +As input, you have to choose the main version for which you want to move the referenced Git commit (i.e. `v1`) as well +as the newly created release tag. + +Once the action run has been successful, the release of the new version is complete. From 96b9d6e75b9d4a5c6ec9d6877f74930031022608 Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Mon, 20 Nov 2023 11:01:45 +0100 Subject: [PATCH 2/2] Only push tags and sign them. --- .github/workflows/update-main-version.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-main-version.yml b/.github/workflows/update-main-version.yml index 08f9ddf..f93e9a7 100644 --- a/.github/workflows/update-main-version.yml +++ b/.github/workflows/update-main-version.yml @@ -32,5 +32,5 @@ jobs: git config --global user.email "roxbot@stackrox.com" git config --global user.name "Robot Rox" # Move the main version tag to the target tag. - git tag -f ${{ github.event.inputs.main_version }} ${{ github.event.inputs.target }} - git push origin ${{ github.event.inputs.main_version }} --force + git tag -s -f ${{ github.event.inputs.main_version }} ${{ github.event.inputs.target }} + git push origin ${{ github.event.inputs.main_version }} --force --tags