mirror of
https://github.com/natelandau/obsidian-metadata.git
synced 2025-11-18 09:53:40 -05:00
755151e2ed
ci(deps): bump step-security/harden-runner from 2.1.0 to 2.2.0
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](18bf8ad2ca...c8454efe5d)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
106 lines
3.7 KiB
YAML
106 lines
3.7 KiB
YAML
---
|
|
name: Create Release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- "v*" # Push events to matching v*, i.e. v1.0, v20.15.10
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
permissions:
|
|
contents: write
|
|
|
|
jobs:
|
|
autorelease:
|
|
name: Create Release
|
|
runs-on: "ubuntu-latest"
|
|
strategy:
|
|
fail-fast: true
|
|
matrix:
|
|
python-version: ["3.11"]
|
|
steps:
|
|
- uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v2.2.0
|
|
with:
|
|
egress-policy: block
|
|
disable-sudo: true
|
|
allowed-endpoints: >
|
|
api.github.com:443
|
|
files.pythonhosted.org:443
|
|
github.com:443
|
|
install.python-poetry.org:443
|
|
pypi.org:443
|
|
python-poetry.org:443
|
|
uploads.github.com:443
|
|
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup Python and Poetry
|
|
uses: ./.github/actions/setup-poetry
|
|
|
|
- name: Add version to environment vars
|
|
run: |
|
|
PROJECT_VERSION=$(poetry version --short)
|
|
echo "PROJECT_VERSION=$PROJECT_VERSION" >> $GITHUB_ENV
|
|
|
|
# ----------------------------------------------
|
|
# Confirm we did, in fact, update the version
|
|
# ----------------------------------------------
|
|
|
|
- name: Check if tag version matches project version
|
|
run: |
|
|
TAG=$(git describe HEAD --tags --abbrev=0)
|
|
echo $TAG
|
|
echo $PROJECT_VERSION
|
|
if [[ "$TAG" != "v$PROJECT_VERSION" ]]; then exit 1; fi
|
|
echo "current_tag=refs/tags/${TAG}" >> $GITHUB_ENV
|
|
|
|
# ----------------------------------------------
|
|
# Test and then build the package
|
|
# ----------------------------------------------
|
|
|
|
- name: run poetry build
|
|
run: |
|
|
poetry run poetry check
|
|
poetry run coverage run
|
|
poetry build
|
|
# ----------------------------------------------
|
|
# Generate release notes
|
|
# ----------------------------------------------
|
|
|
|
# - name: Release Notes
|
|
# run: git log $(git describe HEAD~ --tags --abbrev=0)..HEAD --pretty='format:* %h %s' --no-merges >> ".github/RELEASE-TEMPLATE.md"
|
|
|
|
- name: Export tag name to env variable
|
|
run: |
|
|
TAG=$(git describe HEAD --tags --abbrev=0)
|
|
echo "CURRENT_TAG=refs/tags/${TAG}" >> $GITHUB_ENV
|
|
|
|
- name: Get notes
|
|
id: generate_notes
|
|
uses: anmarkoulis/commitizen-changelog-reader@master
|
|
with:
|
|
tag_name: ${{ env.CURRENT_TAG }}
|
|
changelog: CHANGELOG.md
|
|
|
|
# ----------------------------------------------
|
|
# Build draft release (Note: Will need to manually publish)
|
|
# ----------------------------------------------
|
|
|
|
- name: Create Release Draft
|
|
uses: softprops/action-gh-release@v1
|
|
with:
|
|
# body_path: ".github/RELEASE-TEMPLATE.md"
|
|
body: ${{join(fromJson(steps.generate_notes.outputs.notes).notes, '')}}
|
|
draft: true
|
|
files: |
|
|
dist/*-${{env.PROJECT_VERSION}}-py3-none-any.whl
|
|
dist/*-${{env.PROJECT_VERSION}}.tar.gz
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|