flappie-api/.github/workflows/release.yml at main · ooswald/flappie-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Create a GitHub Release whenever a v*-tag is pushed.
#
# Publishing to npm is deliberately NOT part of this workflow: it requires
# 2FA, which is done interactively from the maintainer's machine. Typical flow:
#
#   1. Bump version + tag locally:
#        npm version minor              # writes package.json, commits, tags
#        git push origin main           # GitLab (source of truth)
#        git push github HEAD:main      # GitHub (via PR/squash; this push is
#                                       #         only for tags, see step 2)
#        git push github vX.Y.Z         # triggers this workflow -> Release
#
#   2. Publish to npm by hand, in a 2FA-capable terminal:
#        npm login                      # browser passkey flow
#        npm publish                    # uses the same vX.Y.Z tag
#
# The workflow runs CI (build + test) on the tagged commit and, if green,
# creates the GitHub Release with auto-generated notes from PRs since the
# previous tag.

name: Release

on:
  push:
    tags:
      - "v*"

permissions:
  contents: write       # required to create the GitHub Release

concurrency:
  group: release-${{ github.ref }}
  cancel-in-progress: false

jobs:
  release:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5  # v4
        with:
          fetch-depth: 0     # full history so release notes can diff against the previous tag

      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020  # v4
        with:
          node-version: "22"
          cache: "npm"

      - run: npm ci
      - run: npm test

      - name: Create GitHub Release
        uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65  # v2
        with:
          generate_release_notes: true