Skip to content

Version Bump

Version Bump #144

Workflow file for this run

name: Version Bump
on:
push: { branches: main, paths: "share/node-build/**" }
schedule: [{ cron: "0 10 * * SAT" }] # weekly: https://crontab.guru/#0_10_*_*_SAT
workflow_dispatch:
inputs:
version: # checkov:skip=CKV_GHA_7
description: "An explicit version (or major|minor|patch) to tag."
default: ""
required: false
type: string
permissions: { contents: read }
jobs:
bump:
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with: { egress-policy: audit }
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 0
token: ${{ secrets.BOT_TOKEN }}
persist-credentials: true # need creds for subsequent git ops
- if: ${{ !inputs.version }}
run: |-
npm run preversion --silent -- -o -v -- share/node-build || status=$?
case "${status:-0}" in
0) echo "bump=patch" >> "$GITHUB_ENV";;
1) exit 0;; # exit successfully to mask error, but don't release
*) exit "$status" ;; # all other error codes are true failures
esac
- if: ${{ inputs.version || env.bump }}
run: npm version "$NEWVERSION"
env:
GIT_AUTHOR_NAME: ${{ vars.NODENV_BOT_NAME }}
GIT_AUTHOR_EMAIL: ${{ vars.NODENV_BOT_EMAIL }}
GIT_COMMITTER_NAME: ${{ vars.GHA_BOT_NAME }}
GIT_COMMITTER_EMAIL: ${{ vars.GHA_BOT_EMAIL }}
NEWVERSION: ${{ inputs.version || env.bump }}