Semantic Release #1215
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Semantic Release | |
| on: | |
| push: | |
| branches: [main] | |
| workflow_run: | |
| workflows: ["Quality Checks", "Unit Tests", "Security Scanning", "Workflow Validation", "Changelog Validation", "Container Build", "PyPI Publishing", "Documentation"] | |
| types: [completed] | |
| branches: [main] | |
| workflow_dispatch: | |
| inputs: | |
| commit: | |
| description: 'Commit hash (for historical releases)' | |
| required: false | |
| type: string | |
| version: | |
| description: 'Version (for historical releases)' | |
| required: false | |
| type: string | |
| force_level: | |
| description: 'Force a specific bump level (auto = commit analysis)' | |
| required: false | |
| default: 'auto' | |
| type: choice | |
| options: | |
| - auto | |
| - major | |
| - minor | |
| - patch | |
| - prerelease | |
| permissions: | |
| contents: write | |
| packages: write | |
| concurrency: | |
| group: "semantic-release" | |
| cancel-in-progress: false | |
| jobs: | |
| preview: | |
| name: Preview next version | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| if: | | |
| (github.ref == 'refs/heads/main' && contains(github.event.head_commit.message, 'release:')) || | |
| github.event_name == 'workflow_dispatch' || | |
| (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success' && contains(github.event.workflow_run.head_commit.message, 'release:')) | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup UV | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Install dependencies | |
| run: uv sync | |
| - name: Compute next version (dry run) | |
| id: next_version | |
| run: | | |
| FORCE_FLAG=${{ inputs.force_level != 'auto' && format('--{0}', inputs.force_level) || '' }} | |
| NEXT=$(uv run semantic-release version --print $FORCE_FLAG 2>/dev/null || echo "no-release") | |
| echo "next_version=$NEXT" >> "$GITHUB_OUTPUT" | |
| { | |
| echo "## Semantic Release Preview" | |
| echo "" | |
| echo "Next version: **$NEXT**" | |
| } >> "$GITHUB_STEP_SUMMARY" | |
| release: | |
| name: Semantic Release | |
| runs-on: ubuntu-latest | |
| needs: [preview] | |
| environment: release-approval | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Generate GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v3 | |
| with: | |
| app-id: ${{ secrets.GH_APP_ID }} | |
| private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ steps.app-token.outputs.token }} | |
| - name: Setup UV | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Install ORB | |
| run: uv sync --all-extras --group ci | |
| - name: Python Semantic Release | |
| id: release | |
| uses: python-semantic-release/python-semantic-release@v10.5.3 | |
| with: | |
| github_token: ${{ steps.app-token.outputs.token }} | |
| git_committer_name: "github-actions[bot]" | |
| git_committer_email: "github-actions[bot]@users.noreply.github.com" | |
| force: ${{ inputs.force_level != 'auto' && inputs.force_level || '' }} | |
| - name: Publish to GitHub Release Assets | |
| uses: python-semantic-release/publish-action@v10.5.3 | |
| if: steps.release.outputs.released == 'true' | |
| with: | |
| github_token: ${{ steps.app-token.outputs.token }} | |
| tag: ${{ steps.release.outputs.tag }} | |
| - name: Export OpenAPI spec for Go SDK | |
| if: steps.release.outputs.released == 'true' | |
| run: make sdk-go-export-spec | |
| - name: Update Go SDK version | |
| if: steps.release.outputs.released == 'true' | |
| run: make sdk-go-update-version VERSION=${{ steps.release.outputs.version }} |