confluence-cli/.github/workflows/release.yml at main · sofq/confluence-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
name: Release

on:
  push:
    tags:
      - "v*"
  workflow_dispatch:
    inputs:
      tag:
        description: "Tag to release (e.g. v0.5.6). Reruns publish jobs for an existing release."
        required: true

permissions:
  contents: read

env:
  TAG: ${{ github.event.inputs.tag || github.ref_name }}

jobs:
  release:
    runs-on: ubuntu-latest
    permissions:
      contents: write
      packages: write
    # Run for both tag push and workflow_dispatch
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
          fetch-depth: 0
          ref: ${{ env.TAG }}

      - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
        with:
          go-version-file: go.mod

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4

      - name: Login to GitHub Container Registry
        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@ec59f474b9834571250b370d4735c50f8e2d1e29 # v7
        with:
          version: "~> v2"
          args: release --clean
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          HOMEBREW_TAP_TOKEN: ${{ secrets.HOMEBREW_TAP_TOKEN }}

  npm-publish:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    needs: release
    if: always() && (needs.release.result == 'success' || needs.release.result == 'skipped')
    continue-on-error: true
    environment: npm-publish
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
        with:
          node-version: 24
          registry-url: https://registry.npmjs.org

      - name: Set version from tag
        run: |
          VERSION="${TAG#v}"
          cd npm
          npm version "$VERSION" --no-git-tag-version

      - name: Publish to npm
        run: npm publish --provenance --access public
        working-directory: npm

  pypi-publish:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    needs: release
    if: always() && (needs.release.result == 'success' || needs.release.result == 'skipped')
    continue-on-error: true
    environment: pypi-publish
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

      - name: Set version from tag
        run: |
          VERSION="${TAG#v}"
          sed -i "s/^version = .*/version = \"$VERSION\"/" python/pyproject.toml

      - name: Build package
        run: |
          pip install build==1.4.0
          cd python && python -m build

      - name: Publish to PyPI
        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
        with:
          packages-dir: python/dist/