11name : CLI - Automated Release
22
3+ concurrency :
4+ group : cli-release
5+ cancel-in-progress : false
6+
37permissions :
48 contents : write # needed for semantic-release to create releases and update files
59 issues : write # needed for semantic-release to comment on issues
610 pull-requests : write # needed for semantic-release to comment on PRs
711 id-token : write # needed for npm provenance
812
913on :
10- push :
11- branches :
12- - main
14+ schedule :
15+ - cron : ' 30 7 * * 1,3' # Run at 7:30 AM GMT on Monday and Wednesday
1316 workflow_dispatch : # Allow manual triggering
1417
1518jobs :
1619 analyze :
1720 runs-on : ubuntu-latest
18- if : ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
1921 outputs :
2022 should-release : ${{ steps.check.outputs.should-release }}
2123 release-type : ${{ steps.check.outputs.release-type }}
2224 next-version : ${{ steps.check.outputs.next-version }}
2325 current-version : ${{ steps.check.outputs.current-version }}
2426 steps :
25- - uses : actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
27+ - uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
2628 with :
2729 fetch-depth : 0
2830 token : ${{ secrets.GITHUB_TOKEN }}
2931
3032 - uses : actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
3133 with :
3234 node-version : 22
33- registry-url : ' https://registry.npmjs.org'
3435
3536 - run : npm ci
3637
37- - name : Debug NPM Token
38+ - name : Check build-cli workflow status
3839 run : |
39- if [ -n "$NPM_TOKEN" ]; then
40- echo "✅ NPM_TOKEN is set (length: ${#NPM_TOKEN})"
40+ echo "Checking if build-cli.yml has passed on main branch..."
41+
42+ # Get the latest build-cli workflow run for main branch
43+ BUILD_CLI_OUTPUT=$(gh run list \
44+ --workflow=build-cli.yml \
45+ --branch=main \
46+ --limit=1)
47+
48+ echo "Latest build-cli run details:"
49+ echo "$BUILD_CLI_OUTPUT"
50+
51+ if echo "$BUILD_CLI_OUTPUT" | grep -q "success"; then
52+ echo "✅ build-cli.yml has passed on main branch."
4153 else
42- echo "❌ NPM_TOKEN is not set"
54+ echo "❌ build-cli.yml has not passed on main branch. Skipping release."
55+ echo "Please ensure the CLI build is successful before releasing."
56+ exit 1
4357 fi
4458env :
45- NPM_TOKEN : ${{ secrets.NPM_TOKEN_SEMANTIC_RELEASE }}
59+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
60+
61+ - name : Check build-shared workflow status
62+ run : |
63+ echo "Checking if build-shared.yml has passed on main branch..."
64+
65+ # Get the latest build-shared workflow run for main branch
66+ BUILD_SHARED_OUTPUT=$(gh run list \
67+ --workflow=build-shared.yml \
68+ --branch=main \
69+ --limit=1)
70+
71+ echo "Latest build-shared run details:"
72+ echo "$BUILD_SHARED_OUTPUT"
73+
74+ if echo "$BUILD_SHARED_OUTPUT" | grep -q "success"; then
75+ echo "✅ build-shared.yml has passed on main branch. Proceeding with release check."
76+ else
77+ echo "❌ build-shared.yml has not passed on main branch. Skipping release."
78+ echo "Please ensure the shared library build is successful before releasing."
79+ exit 1
80+ fi
81+ env :
82+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
4683
4784 - name : Check release type
4885 id : check
5996
6097 if grep -q "The next release version is" analysis.txt; then
6198 NEXT_VERSION=$(grep "The next release version is" analysis.txt | sed 's/.*The next release version is \([^[:space:]]\+\).*/\1/')
62- CURRENT_VERSION=$(node -p "require('./package.json').version")
99+
100+ # Get current version from latest git tag instead of package.json
101+ CURRENT_VERSION=$(git describe --tags --abbrev=0 2>/dev/null | sed 's/cli-v//')
63102
64103 echo "📋 Extracted versions:"
65104 echo " Current: $CURRENT_VERSION"
@@ -96,15 +135,14 @@ jobs:
96135 runs-on : ubuntu-latest
97136 if : needs.analyze.outputs.should-release == 'true' && needs.analyze.outputs.release-type != 'major'
98137 steps :
99- - uses : actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
138+ - uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
100139 with :
101140 fetch-depth : 0
102141 token : ${{ secrets.GITHUB_TOKEN }}
103142
104143 - uses : actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
105144 with :
106145 node-version : 22
107- registry-url : ' https://registry.npmjs.org'
108146
109147 - run : npm ci
110148 - run : npm run build
@@ -123,12 +161,32 @@ jobs:
123161 echo "**Version**: ${{ needs.analyze.outputs.current-version }} → ${{ needs.analyze.outputs.next-version }}" >> $GITHUB_STEP_SUMMARY
124162 echo "**Type**: ${{ needs.analyze.outputs.release-type }}" >> $GITHUB_STEP_SUMMARY
125163
164+ name : Create Changelog PR
165+ if : needs.analyze.outputs.should-release == 'true'
166+ run : |
167+ CHANGELOG_BRANCH="release/changelog-cli-v${{ needs.analyze.outputs.next-version }}"
168+
169+ # Check if the branch was created and pushed
170+ if git ls-remote --heads origin $CHANGELOG_BRANCH | grep -q $CHANGELOG_BRANCH; then
171+ gh pr create \
172+ --title "docs(cli): update changelog for v${{ needs.analyze.outputs.next-version }}" \
173+ --body "Automated changelog update for CLI release v${{ needs.analyze.outputs.next-version }}" \
174+ --head "$CHANGELOG_BRANCH" \
175+ --base main
176+ echo "📋 Changelog PR created for branch: $CHANGELOG_BRANCH" >> $GITHUB_STEP_SUMMARY
177+ else
178+ echo "No changelog branch found - no CHANGELOG.md updates needed"
179+ echo "ℹ️ No changelog updates needed" >> $GITHUB_STEP_SUMMARY
180+ fi
181+ env :
182+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
183+
126184 prepare-major-release :
127185 needs : analyze
128186 runs-on : ubuntu-latest
129187 if : needs.analyze.outputs.should-release == 'true' && needs.analyze.outputs.release-type == 'major'
130188 steps :
131- - uses : actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
189+ - uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
132190 with :
133191 fetch-depth : 0
134192 token : ${{ secrets.GITHUB_TOKEN }}
0 commit comments