-
Notifications
You must be signed in to change notification settings - Fork 189
179 lines (153 loc) · 5.89 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
# Build and release a new version of the extension.
# Based on example workflow at https://github.com/actions/upload-release-asset
# licensed under https://github.com/actions/upload-release-asset/blob/master/LICENSE.
# Reference for passing data between steps:
# https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
name: Release
on:
workflow_dispatch:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+*'
jobs:
build:
name: Release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: extensions/ql-vscode/.nvmrc
- name: Install dependencies
run: |
cd extensions/ql-vscode
npm ci
shell: bash
- name: Build
env:
APP_INSIGHTS_KEY: '${{ secrets.APP_INSIGHTS_KEY }}'
run: |
echo "APP INSIGHTS KEY LENGTH: ${#APP_INSIGHTS_KEY}"
cd extensions/ql-vscode
npm run build -- --release
shell: bash
- name: Prepare artifacts
id: prepare-artifacts
run: |
mkdir artifacts
cp dist/*.vsix artifacts
# Record the VSIX path as an output of this step.
# This will be used later when uploading a release asset.
VSIX_PATH="$(ls dist/*.vsix)"
echo "vsix_path=$VSIX_PATH" >> "$GITHUB_OUTPUT"
# Transform the GitHub ref so it can be used in a filename.
# The last sed invocation is used for testing branches that modify this workflow.
REF_NAME="$(echo ${{ github.ref }} | sed -e 's:^refs/tags/::' | sed -e 's:/:-:g')"
echo "ref_name=$REF_NAME" >> "$GITHUB_OUTPUT"
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: vscode-codeql-extension
path: artifacts
- name: Upload source maps
uses: actions/upload-artifact@v4
with:
name: vscode-codeql-sourcemaps
path: dist/vscode-codeql/out/*.map
# TODO Run tests, or check that a test run on the same branch succeeded.
- name: Create sourcemap ZIP file
run: |
cd dist/vscode-codeql/out
zip -r ../../vscode-codeql-sourcemaps.zip *.map
- name: Create release
id: create-release
run: |
gh release create ${{ github.ref_name }} --draft --title "Release ${{ github.ref_name }}" \
'${{ steps.prepare-artifacts.outputs.vsix_path }}#${{ format('vscode-codeql-{0}.vsix', steps.prepare-artifacts.outputs.ref_name) }}' \
'dist/vscode-codeql-sourcemaps.zip#${{ format('vscode-codeql-sourcemaps-{0}.zip', steps.prepare-artifacts.outputs.ref_name) }}'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
###
# Do Post release work: version bump and changelog PR
# Only do this if we are running from a PR (ie- this is part of the release process)
# The checkout action does not fetch the main branch.
# Fetch the main branch so that we can base the version bump PR against main.
- name: Fetch main branch
run: |
git fetch --depth=1 origin main:main
git checkout main
- name: Bump patch version
id: bump-patch-version
if: success()
run: |
cd extensions/ql-vscode
# Bump to the next patch version. Major or minor version bumps will have to be done manually.
# Record the next version number as an output of this step.
NEXT_VERSION="$(npm version patch)"
echo "next_version=$NEXT_VERSION" >> "$GITHUB_OUTPUT"
- name: Add changelog for next release
if: success()
run: |
cd extensions/ql-vscode
perl -i -pe 's/^/## \[UNRELEASED\]\n\n/ if($.==3)' CHANGELOG.md
- name: Create version bump PR
uses: ./.github/actions/create-pr
if: success()
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Bump version to ${{ steps.bump-patch-version.outputs.next_version }}
title: Bump version to ${{ steps.bump-patch-version.outputs.next_version }}
body: This PR was automatically generated by the GitHub Actions release workflow in this repository.
head-branch: ${{ format('version/bump-to-{0}', steps.bump-patch-version.outputs.next_version) }}
base-branch: main
vscode-publish:
name: Publish to VS Code Marketplace
needs: build
environment: publish-vscode-marketplace
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: extensions/ql-vscode/.nvmrc
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: vscode-codeql-extension
- name: Azure User-assigned managed identity login
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
allow-no-subscriptions: true
- name: Publish to Registry
uses: azure/cli@v2
with:
azcliversion: latest
inlineScript: |
npx @vscode/vsce publish --azure-credential --packagePath *.vsix
open-vsx-publish:
name: Publish to Open VSX Registry
needs: build
environment: publish-open-vsx
runs-on: ubuntu-latest
env:
OPEN_VSX_TOKEN: ${{ secrets.OPEN_VSX_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: extensions/ql-vscode/.nvmrc
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: vscode-codeql-extension
- name: Publish to Registry
run: |
npx ovsx publish -p $OPEN_VSX_TOKEN *.vsix