--- # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: Release on: push: tags: - "v*.*.*" workflow_dispatch: inputs: version: description: "Version to release (e.g., 1.0.0)" required: true type: string concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: false jobs: checkout: name: Checkout Repository runs-on: ubuntu-latest timeout-minutes: 5 steps: - name: Checkout Code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 validate: name: ๐Ÿ” Validate Release runs-on: ubuntu-latest timeout-minutes: 10 outputs: version: ${{ steps.version.outputs.version }} steps: - name: โคต๏ธ Checkout Repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - name: ๐Ÿ”ข Extract Version id: version run: | if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then VERSION="${{ github.event.inputs.version }}" echo "version=v${VERSION}" >> "$GITHUB_OUTPUT" else VERSION="${GITHUB_REF#refs/tags/}" echo "version=${VERSION}" >> "$GITHUB_OUTPUT" fi echo "Releasing version: ${VERSION}" - name: โœ… Validate Version Format run: | VERSION="${{ steps.version.outputs.version }}" if [[ ! $VERSION =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.-]+)?$ ]]; then echo "โŒ Invalid version format: $VERSION" echo "Expected format: v1.0.0 or v1.0.0-beta.1" exit 1 fi echo "โœ… Version format is valid: $VERSION" # Tests and linting are handled by the CI workflow that runs on push # This workflow only needs to run once CI passes on the tag check-ci: name: โœ… Verify CI Status runs-on: ubuntu-latest timeout-minutes: 5 needs: validate steps: - name: ๐Ÿ“‹ Check CI Workflow Status uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 with: script: | const { data: workflows } = await github.rest.actions.listWorkflowRuns({ owner: context.repo.owner, repo: context.repo.repo, workflow_id: 'test.yml', head_sha: context.sha, status: 'completed' }); const latestRun = workflows.workflow_runs[0]; if (!latestRun || latestRun.conclusion !== 'success') { core.setFailed('CI workflow has not passed for this commit'); } console.log(`CI status: ${latestRun?.conclusion || 'not found'}`) security: name: ๐Ÿ”’ Security Scan runs-on: ubuntu-latest timeout-minutes: 15 needs: validate steps: - name: ๐Ÿ—๏ธ Setup Node.js Environment uses: ./.github/actions/setup-node - name: ๐Ÿ” Run Security Audit run: npm audit --audit-level=high release: name: ๐Ÿš€ Release runs-on: ubuntu-latest timeout-minutes: 15 needs: [validate, check-ci, security] if: always() && needs.validate.result == 'success' && needs.check-ci.result == 'success' && needs.security.result == 'success' permissions: contents: write packages: write issues: write pull-requests: write steps: - name: โคต๏ธ Checkout Repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - name: ๐Ÿ—๏ธ Setup Development Environment uses: ./.github/actions/setup-dev with: registry-url: "https://registry.npmjs.org" skip-checkout: "true" - name: ๐Ÿ—๏ธ Build Parser run: npm run build - name: ๐Ÿ“‹ Update Package Version if: github.event_name == 'workflow_dispatch' run: | VERSION="${{ github.event.inputs.version }}" npm version ${VERSION} --no-git-tag-version git config user.name "github-actions[bot]" git config user.email "github-actions[bot]@users.noreply.github.com" git add package.json package-lock.json git commit -m "chore: bump version to ${VERSION}" || true - name: ๐Ÿท๏ธ Create Tag if: github.event_name == 'workflow_dispatch' run: | VERSION="v${{ github.event.inputs.version }}" git tag ${VERSION} git push origin ${VERSION} - name: ๐Ÿ“ Generate Release Notes id: release_notes run: | VERSION="${{ needs.validate.outputs.version }}" PREV_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "") { echo "## Release ${VERSION}" echo "" } > release_notes.md if [ -n "$PREV_TAG" ]; then { echo "### Changes since ${PREV_TAG}" echo "" } >> release_notes.md git log --oneline --pretty=format:"- %s" "${PREV_TAG}..HEAD" >> release_notes.md else { echo "### Initial Release" echo "" echo "- Initial release of tree-sitter-shellspec" echo "- Complete ShellSpec grammar support" echo "- 59 comprehensive test cases" echo "- Real-world compatibility with official ShellSpec examples" } >> release_notes.md fi { echo "" echo "### Installation" echo "" echo "\`\`\`bash" echo "npm install @ivuorinen/tree-sitter-shellspec" echo "\`\`\`" } >> release_notes.md - name: ๐Ÿš€ Create GitHub Release uses: softprops/action-gh-release@6cbd405e2c4e67a21c47fa9e383d020e4e28b836 # v2.3.3 with: tag_name: ${{ needs.validate.outputs.version }} name: Release ${{ needs.validate.outputs.version }} body_path: release_notes.md draft: false prerelease: ${{ contains(needs.validate.outputs.version, '-') }} generate_release_notes: false - name: ๐Ÿ“ฆ Publish to npm run: npm publish --access public env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - name: ๐Ÿ“Š Release Summary run: | echo "๐ŸŽ‰ Successfully released ${{ needs.validate.outputs.version }}" echo "๐Ÿ“ฆ Published to npm: https://www.npmjs.com/package/@ivuorinen/tree-sitter-shellspec" echo "๐Ÿท๏ธ GitHub Release: ${{ github.server_url }}/${{ github.repository }}/releases/tag/${{ needs.validate.outputs.version }}"