-
-
Notifications
You must be signed in to change notification settings - Fork 7
233 lines (226 loc) · 9.57 KB
/
changelog.yaml
File metadata and controls
233 lines (226 loc) · 9.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
---
name: 🆙 Changelog & versions
"on":
workflow_call:
secrets:
WORKFLOW_UPDATE_GITHUB_PAT:
required: false
workflow_dispatch:
schedule:
# Run daily at 6:00 UTC for bump-version job.
- cron: "0 6 * * *"
push:
branches:
- main
paths:
- changelog.md
- "**/pyproject.toml"
# Trigger on any workflow change to make sure version gets hard-coded everywhere.
- .github/workflows/*.yaml
# Trigger on lockfile changes so bump-version recreates its PRs before they conflict.
- uv.lock
# Trigger after release workflow completes to ensure tags exist before bump-version.
# This avoids race conditions where changelog workflow checks for tags before they're pushed.
workflow_run:
workflows:
- "Build & release"
types:
- completed
branches:
- main
env:
HAS_WORKFLOW_PAT: ${{ secrets.WORKFLOW_UPDATE_GITHUB_PAT && 'true' || '' }}
concurrency:
# Include event_name to prevent cross-event cancellation.
# See repomatic/github/actions.py for rationale.
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }}
cancel-in-progress: true
jobs:
metadata:
name: 🧬 Project metadata
# Run on schedule, manual dispatch, push, or after release workflow completes successfully.
# Push events keep bump-version PRs conflict-free by recreating them on every main change.
if: >
github.event_name == 'schedule' ||
github.event_name == 'workflow_dispatch' ||
github.event_name == 'push' ||
(github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success')
runs-on: ubuntu-slim
outputs:
metadata: ${{ steps.metadata.outputs.metadata }}
steps:
- uses: actions/checkout@v6.0.2
with:
# Use github.sha, not workflow_run.head_sha (stale after release cycle).
# See repomatic/github/actions.py for rationale.
ref: ${{ github.sha }}
fetch-tags: true
- uses: astral-sh/setup-uv@v7.3.1
- name: Run repomatic metadata
id: metadata
run: >
uvx --no-progress --from . repomatic metadata
--format github-json --output "$GITHUB_OUTPUT"
minor_bump_allowed major_bump_allowed release_commits_matrix
fix-changelog:
name: 📋 Fix changelog
needs:
- metadata
# Skip during release cycle (push event with release commits).
# The workflow_run event after "Build & release" completes handles
# the post-release case, when the GitHub release is published and
# visible to the public API.
if: >-
github.event_name == 'workflow_run'
|| !fromJSON(needs.metadata.outputs.metadata).release_commits_matrix
runs-on: ubuntu-slim
steps:
- uses: actions/checkout@v6.0.2
with:
ref: ${{ github.sha }}
fetch-tags: true
- uses: astral-sh/setup-uv@v7.3.1
- name: Fix changelog dates and admonitions
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: uvx --no-progress --from . repomatic lint-changelog --fix
- id: pr-metadata
run: >
uvx --no-progress --from . repomatic pr-body
--template fix-changelog
--output "$GITHUB_OUTPUT"
- uses: peter-evans/create-pull-request@v8.1.0
with:
assignees: ${{ github.actor }}
commit-message: ${{ steps.pr-metadata.outputs.commit_message }}
title: ${{ steps.pr-metadata.outputs.title }}
body: ${{ steps.pr-metadata.outputs.body }}
labels: "🆙 changelog"
base: main
branch: fix-changelog
bump-version:
name: 🆙 Bump versions
needs:
- metadata
# Always run since metadata already filters appropriate events.
runs-on: ubuntu-slim
strategy:
matrix:
part:
- minor
- major
# The condition must be repeated on each step because:
# 1. Job-level `if:` is evaluated before matrix expansion, so `matrix.*` isn't available there
# 2. GitHub Actions lacks conditional step groups to skip multiple steps with one condition
steps:
- uses: actions/checkout@v6.0.2
if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)]
with:
# Use github.sha, not workflow_run.head_sha (stale after release cycle).
ref: ${{ github.sha }}
- uses: astral-sh/setup-uv@v7.3.1
if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)]
- name: ${{ matrix.part }} version bump
if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)]
run: uvx --no-progress --from . repomatic run bump-my-version -- bump --verbose ${{ matrix.part }}
- name: Sync uv.lock
if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)]
run: uv --no-progress sync
- id: pr-metadata
if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)]
run: >
uvx --no-progress --from . repomatic pr-body
--template bump-version
--part "${{ matrix.part }}"
--output "$GITHUB_OUTPUT"
- uses: peter-evans/create-pull-request@v8.1.0
if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)]
with:
assignees: ${{ github.actor }}
commit-message: ${{ steps.pr-metadata.outputs.commit_message }}
title: ${{ steps.pr-metadata.outputs.title }}
body: ${{ steps.pr-metadata.outputs.body }}
labels: "🆙 changelog"
base: main
branch: ${{ matrix.part }}-version-increment
delete-branch: true
draft: always-true
prepare-release:
name: 🎬 Prepare release
# Skip schedule (exists for bump-version only) and workflow_run (would double-run
# on every push to main, since push already triggers this job directly).
if: github.event_name != 'schedule' && github.event_name != 'workflow_run'
runs-on: ubuntu-slim
steps:
- uses: actions/checkout@v6.0.2
- uses: astral-sh/setup-uv@v7.3.1
# --- Freeze commit: freeze everything to the release version. ---
- name: Strip dev suffix for release
# Bump the "dev" part: .dev0 → release (omitted), producing a clean X.Y.Z version.
run: uvx --no-progress --from . repomatic run bump-my-version -- bump --verbose dev
- name: Extract version
id: get_version
run: >
echo "current_version=$(
uvx --no-progress --from . repomatic run bump-my-version -- show current_version
)" | tee -a "$GITHUB_OUTPUT"
- name: Prepare release
# Updates changelog and citation dates, comparison URL, and removes warning.
# Also hard-codes version in workflow URLs for kdeldycke/repomatic repository.
run: uvx --no-progress --from . repomatic release-prep
- name: Prepare repository
env:
GIT_AUTHOR: ${{ github.actor }}
run: |
git config --global user.name "$GIT_AUTHOR"
git config --global user.email "$GIT_AUTHOR@users.noreply.github.com"
git clean -fd
- name: Create freeze commit
env:
CURRENT_VERSION: ${{ steps.get_version.outputs.current_version }}
run: git commit --all --message="[changelog] Release v${CURRENT_VERSION}"
# --- Unfreeze commit: revert to development references. ---
- name: Re-target main branch in workflows
# This step is only used in the original repository to automate remote URL tagging.
if: github.repository == 'kdeldycke/repomatic'
run: uvx --no-progress --from . repomatic release-prep --post-release
- name: Add new changelog entry
run: uvx --no-progress --from . repomatic changelog ./changelog.md
- name: Version bump
run: uvx --no-progress --from . repomatic run bump-my-version -- bump --verbose patch
- name: Sync uv.lock
run: uv --no-progress sync
- name: Create unfreeze commit
env:
CURRENT_VERSION: ${{ steps.get_version.outputs.current_version }}
run: >
git commit --all --message="[changelog] Post-release bump
v${CURRENT_VERSION} → v$(uvx --no-progress --from . repomatic run bump-my-version -- show current_version)"
- id: pr-metadata
env:
CURRENT_VERSION: ${{ steps.get_version.outputs.current_version }}
run: >
uvx --no-progress --from . repomatic pr-body
--template prepare-release
--version "${CURRENT_VERSION}"
--output "$GITHUB_OUTPUT"
- uses: peter-evans/create-pull-request@v8.1.0
with:
# We need custom PAT with workflows permission to hard-code version numbers in URLs in
# .github/workflows/*.yaml files.
token: ${{ secrets.WORKFLOW_UPDATE_GITHUB_PAT || secrets.GITHUB_TOKEN }}
assignees: ${{ github.actor }}
commit-message: ${{ steps.pr-metadata.outputs.commit_message }}
title: ${{ steps.pr-metadata.outputs.title }}
body: ${{ steps.pr-metadata.outputs.body }}
labels: "🆙 changelog"
base: main
branch: prepare-release
delete-branch: true
draft: always-true
- name: PAT setup hint
if: failure() && !env.HAS_WORKFLOW_PAT
run: >
echo "::error::WORKFLOW_UPDATE_GITHUB_PAT is not configured.
The default GITHUB_TOKEN cannot push changes to .github/workflows/ files.
See ${{ github.server_url }}/${{ github.repository }}/issues?q=is:issue+WORKFLOW_UPDATE_GITHUB_PAT+in:title"