name: "release" on: workflow_call: inputs: dry-run-flag: description: 'enable dry-run on artifact push' required: false type: boolean default: true workflow_dispatch: inputs: dry-run-flag: description: 'enable dry-run on artifact push' required: false type: boolean default: true pull_request: types: [closed] branches: - develop - master - develop-patch* - master-patch* permissions: id-token: write # Required for OIDC contents: read concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: false env: BASE_REF: ${{ github.base_ref }} HEAD_REF: ${{ github.head_ref }} GH_COMMIT: ${{ github.sha }} GH_BUILD_NUMBER: ${{ github.run_id }} LOG_LEVEL: "ERROR" NODE_OPTIONS: "--max-old-space-size=5120" jobs: setup: timeout-minutes: 20 if: github.event.pull_request.merged == true || github.ref_name == 'master' || github.ref_name == 'master-patch-*' || github.event_name == 'workflow_dispatch' name: "Setup" runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - uses: ./.github/actions/setup with: enable-node-modules-cache: false - name: install run: | npm ci npm run bundle:js-api npm run bundle:cli - uses: ./.github/actions/upload-node-modules-and-artifacts release-npm: needs: [setup] outputs: release_version: ${{ steps.set-version.outputs.release_version }} timeout-minutes: 30 if: github.event.pull_request.merged == true || github.ref_name == 'master' || github.ref_name == 'master-patch-*' || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest permissions: id-token: write # Required for OIDC contents: read packages: write steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - id: setup uses: ./.github/actions/setup with: enable-node-modules-cache: false - id: set-dryrun uses: ./.github/actions/enable-dryrun with: dry-run-flag: ${{ inputs.dry-run-flag }} - uses: ./.github/actions/download-node-modules-and-artifacts - name: Set libraries versions id: set-version run: | set -u; ./scripts/github/build/bumpversion.sh - name: Set migrations uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: script: | const setMigrations = require('./scripts/github/release/set-migrations.js'); setMigrations(); - name: build libraries run: | npm run build:libs npm run build:schematics - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 name: release libraries GH registry with: node-version-file: '.nvmrc' registry-url: 'https://npm.pkg.github.com' scope: '@alfresco' - run: npm run publish -- --tag=${{ steps.setup.outputs.npm-tag }} env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 name: release libraries Npm registry with: node-version-file: '.nvmrc' registry-url: 'https://${{ vars.NPM_REGISTRY_ADDRESS }}' scope: '@alfresco' - run: npm run publish -- --tag=${{ steps.setup.outputs.npm-tag }} create-git-tag: runs-on: ubuntu-latest needs: [setup, release-npm] if: github.event_name != 'workflow_dispatch' name: Create github tag permissions: contents: write steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 1 - uses: './.github/actions/create-git-tag' with: tagName: ${{ needs.release-npm.outputs.release_version }} propagate: needs: [release-npm] if: ${{ contains(toJson(github.event.pull_request.labels.*.name), 'hxp-upstream') }} runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: HxP upstream invoke uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7 # v4.0.0 with: repo: Alfresco/hxp-frontend-apps ref: develop workflow: upstream-adf.yml token: ${{ secrets.ALFRESCO_BUILD_GH_TOKEN }} wait-for-completion: false inputs: > { "tag_version": "alpha" } npm-check-bundle: needs: [release-npm] timeout-minutes: 15 if: github.event.pull_request.merged == true || github.ref_name == 'master' || github.ref_name == 'master-patch-*' || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.github/actions/npm-check-bundle push-translation-keys-to-crowdin: name: Push translations keys to Crowdin if: github.ref_name == 'develop' && github.event_name != 'workflow_dispatch' runs-on: ubuntu-latest needs: [setup] permissions: contents: read packages: read actions: read steps: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Push Source Files to Crowdin uses: crowdin/github-action@5587c43063e52090026857d386174d2599ad323b # v2.14.1 with: upload_sources: true upload_sources_args: --delete-obsolete env: CROWDIN_TOKEN: ${{ secrets.CROWDIN_TRANSLATIONS_TOKEN }} pull-translation-keys-from-crowdin: needs: push-translation-keys-to-crowdin name: Run Crowdin pull pipeline for up-to-date sync uses: ./.github/workflows/pull-from-crowdin.yml secrets: BOT_GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} CROWDIN_TRANSLATIONS_TOKEN: ${{ secrets.CROWDIN_TRANSLATIONS_TOKEN }} finalize: if: always() runs-on: ubuntu-latest name: Final Results needs: [release-npm, npm-check-bundle] steps: - name: Check job execution status if: >- ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} run: exit 1