Enhancement: Prepare release #20
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://docs.github.com/en/actions | |
| name: "Release" | |
| on: # yamllint disable-line rule:truthy | |
| push: | |
| tags: | |
| - "**" | |
| jobs: | |
| release: | |
| name: "Release" | |
| runs-on: "ubuntu-latest" | |
| timeout-minutes: 5 | |
| strategy: | |
| matrix: | |
| php-version: | |
| - "7.4" | |
| dependencies: | |
| - "locked" | |
| env: | |
| GPG_KEYS: ".build/phar/keys.asc" | |
| GPG_KEYS_ENCRYPTED: "phar/keys.asc.gpg" | |
| PHPUNIT_SLOW_TEST_DETECTOR_PHAR: ".build/phar/phpunit-slow-test-detector.phar" | |
| PHPUNIT_SLOW_TEST_DETECTOR_PHAR_SIGNATURE: ".build/phar/phpunit-slow-test-detector.phar.asc" | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v4.1.7" | |
| - name: "Set up PHP" | |
| uses: "shivammathur/setup-php@2.30.5" | |
| with: | |
| coverage: "none" | |
| extensions: "none, ctype, curl, dom, json, mbstring, phar, simplexml, tokenizer, xml, xmlwriter" | |
| ini-values: "memory_limit=-1, phar.readonly=0" | |
| php-version: "${{ matrix.php-version }}" | |
| tools: "phive" | |
| - name: "Set up problem matchers for PHP" | |
| run: "echo \"::add-matcher::${{ runner.tool_cache }}/php.json\"" | |
| - name: "Determine composer cache directory" | |
| uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2" | |
| - name: "Cache dependencies installed with composer" | |
| uses: "actions/cache@v4.0.2" | |
| with: | |
| path: "${{ env.COMPOSER_CACHE_DIR }}" | |
| key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}" | |
| restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-" | |
| - name: "Remove incompatible dependencies with composer" | |
| run: "composer remove ergebnis/composer-normalize ergebnis/license ergebnis/php-cs-fixer-config psalm/plugin-phpunit rector/rector vimeo/psalm --ansi --dev --no-interaction --no-progress" | |
| - name: "Remove phpunit/phpunit with composer" | |
| run: "composer remove phpunit/phpunit --ansi --no-interaction --ignore-platform-reqs --no-progress" | |
| - name: "Install ${{ matrix.dependencies }} dependencies with composer" | |
| uses: "ergebnis/.github/actions/composer/install@1.9.2" | |
| with: | |
| dependencies: "${{ matrix.dependencies }}" | |
| - name: "Install dependencies with phive" | |
| uses: "ergebnis/.github/actions/phive/install@1.9.2" | |
| with: | |
| trust-gpg-keys: "0x2DF45277AEF09A2F,0x033E5F8D801A2F8D" | |
| - name: "Validate configuration for humbug/box" | |
| run: ".phive/box validate box.json --ansi" | |
| - name: "Compile phpunit-slow-test-detector.phar with humbug/box" | |
| run: ".phive/box compile --ansi --config=box.json" | |
| - name: "Show info about phpunit-slow-test-detector.phar with humbug/box" | |
| run: ".phive/box info ${{ env.PHPUNIT_SLOW_TEST_DETECTOR_PHAR }} --ansi --list" | |
| - name: "Show gpg version" | |
| run: "gpg --version" | |
| - name: "Decrypt keys.asc.gpg with gpg" | |
| run: "gpg --batch --output ${{ env.GPG_KEYS }} --passphrase \"${{ secrets.GPG_DECRYPT_PASSPHRASE }}\" --yes --decrypt ${{ env.GPG_KEYS_ENCRYPTED }}" | |
| - name: "Import keys from keys.asc with gpg" | |
| run: "gpg --batch --import ${{ env.GPG_KEYS }}" | |
| - name: "Sign phpunit-slow-test-detector.phar with gpg" | |
| run: "gpg --armor --local-user \"${{ secrets.GPG_LOCAL_USER }}\" --output ${{ env.PHPUNIT_SLOW_TEST_DETECTOR_PHAR_SIGNATURE }} --passphrase \"${{ secrets.GPG_KEY_PASSPHRASE }}\" --pinentry-mode loopback --yes --detach-sig ${{ env.PHPUNIT_SLOW_TEST_DETECTOR_PHAR }}" | |
| - name: "Remove decrypted keys.asc" | |
| run: "rm ${{ env.GPG_KEYS }}" | |
| - name: "Determine tag" | |
| run: "echo \"RELEASE_TAG=${GITHUB_REF#refs/tags/}\" >> $GITHUB_ENV" | |
| - name: "Create release" | |
| uses: "ergebnis/.github/actions/github/release/create@1.9.2" | |
| with: | |
| github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" | |
| - name: "Upload release assets" | |
| uses: "actions/github-script@v7.0.1" | |
| with: | |
| github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" | |
| script: | | |
| const fs = require("fs"); | |
| const files = [ | |
| { | |
| name: "phpunit-slow-test-detector.phar", | |
| path: process.env.PHPUNIT_SLOW_TEST_DETECTOR_PHAR, | |
| }, | |
| { | |
| name: "phpunit-slow-test-detector.phar.asc", | |
| path: process.env.PHPUNIT_SLOW_TEST_DETECTOR_PHAR_SIGNATURE, | |
| }, | |
| ]; | |
| for (const file of files) { | |
| try { | |
| await github.rest.repos.uploadReleaseAsset({ | |
| data: fs.readFileSync(file.path), | |
| name: file.name, | |
| origin: process.env.RELEASE_UPLOAD_URL, | |
| owner: context.repo.owner, | |
| release_id: process.env.RELEASE_ID, | |
| repo: context.repo.repo, | |
| }); | |
| } catch (error) { | |
| core.setFailed(error.message); | |
| } | |
| } | |
| - name: "Post to twitter.com about release" | |
| uses: "Eomm/why-don-t-you-tweet@v2.0.0" | |
| env: | |
| TWITTER_ACCESS_TOKEN: "${{ secrets.ERGEBNIS_TWITTER_ACCESS_TOKEN }}" | |
| TWITTER_ACCESS_TOKEN_SECRET: "${{ secrets.ERGEBNIS_TWITTER_ACCESS_TOKEN_SECRET }}" | |
| TWITTER_CONSUMER_API_KEY: "${{ secrets.ERGEBNIS_TWITTER_CONSUMER_API_KEY }}" | |
| TWITTER_CONSUMER_API_SECRET: "${{ secrets.ERGEBNIS_TWITTER_CONSUMER_API_KEY_SECRET }}" | |
| with: | |
| tweet-message: | | |
| ⏱️ Just released: ${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}:${{ env.RELEASE_TAG }}. | |
| ${{ env.RELEASE_HTML_URL }} |