[Main] Create New Release #17

Workflow file for this run

.github/workflows/flow-trigger-release.yaml at 6d28519

	##
	# Copyright (C) 2025 Hedera Hashgraph, LLC
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	##

	name: "[Main] Create New Release"
	on:
	workflow_dispatch:
	inputs:
	build_number:
	description: "Build Number (ex: 43 = build_00043)"
	type: string
	required: true
	dry-run-enabled:
	description: "Perform Dry Run"
	type: boolean
	required: false
	default: false

	defaults:
	run:
	shell: bash

	permissions:
	id-token: write
	contents: read
	actions: read

	jobs:
	create-new-release:
	name: Create New Release
	runs-on: network-node-linux-medium
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
	with:
	egress-policy: audit

	- name: Process, Validate, and Pad Build Input
	id: validate
	run: \|
	echo "The input is ${{ inputs.build_number }}"
	if ! [[ "${{ inputs.build_number }}" =~ ^[0-9]+$ ]]; then
	echo "Input is not a valid integer"
	exit 1
	fi
	echo "Input is a valid integer: $(( ${{ inputs.build_number }} ))"

	# 5-digit padding
	padded_number=$(printf "%05d" ${{ inputs.build_number }})
	echo "Padded number is: $padded_number"

	# Add "build_" prefix to the padded number
	build_tag="build-$padded_number"
	echo "Prefixed number is: $build_tag"

	# Export to Github output
	echo "BUILD_TAG=$build_tag" >> $GITHUB_OUTPUT

	- name: Checkout Code
	id: checkout_code
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	fetch-depth: "0"
	ref: ${{ steps.validate.outputs.BUILD_TAG }}
	token: ${{ secrets.GH_ACCESS_TOKEN }}

	- name: Checkout Code
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	path: "private"
	ref: "14967-semantic-release-workflow-update"

	- name: Copy Private .releaserc file to Github Workspace
	run: \|
	echo "Copying the .releaserc file"
	cp -f private/.releaserc .releaserc

	echo "Removing private directory"
	rm -rf private

	- name: Display Current Branch or Tag
	run: \|
	# Check if it's a tag
	if git describe --exact-match --tags >/dev/null 2>&1; then
	echo "Checked out tag: $(git describe --exact-match --tags)"
	else
	echo "Checked out branch: $(git symbolic-ref --short HEAD)"
	fi

	- name: Import GPG Key
	uses: step-security/ghaction-import-gpg@6c8fe4d0126a59d57c21f87c9ae5dd3451fa3cca # v6.1.0
	with:
	git_commit_gpgsign: true
	git_tag_gpgsign: true
	git_user_signingkey: true
	gpg_private_key: ${{ secrets.SVCS_GPG_KEY_CONTENTS }}
	passphrase: ${{ secrets.SVCS_GPG_KEY_PASSPHRASE }}

	- name: Setup Node
	uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
	with:
	node-version: 20

	- name: Install Dependencies
	run: \|
	echo "Installing semantic-release"
	npm install -g [email protected] @semantic-release/[email protected] @semantic-release/[email protected] \
	@semantic-release/[email protected] [email protected] \
	[email protected] \
	@commitlint/[email protected] @commitlint/[email protected] \
	[email protected] [email protected] [email protected]

	- name: Calculate Temporary Semantic Release Branch Name
	id: branch_name
	run: \|
	echo "BRANCH_NAME=temp/${{ steps.validate.outputs.BUILD_TAG }}" >> $GITHUB_OUTPUT
	echo "The temp branch name is: ${BRANCH_NAME}"

	- name: Create a Temporary Semantic Release Branch
	run: \|
	echo "Going to run the following command:"
	echo "git checkout -b ${{ steps.branch_name.outputs.BRANCH_NAME }}"
	git checkout -b ${{ steps.branch_name.outputs.BRANCH_NAME }}

	echo "Checked out to:"
	echo git status

	echo "Pushing branch to origin:"
	git push --set-upstream origin ${{ steps.branch_name.outputs.BRANCH_NAME }}

	- name: Publish Semantic Release
	env:
	GITHUB_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }}
	GIT_AUTHOR_NAME: ${{ secrets.GIT_USER_NAME }}
	GIT_AUTHOR_EMAIL: ${{ secrets.GIT_USER_EMAIL }}
	GIT_COMMITTER_NAME: ${{ secrets.GIT_USER_NAME }}
	GIT_COMMITTER_EMAIL: ${{ secrets.GIT_USER_EMAIL }}
	run: \|
	ARGS=""
	if [[ "${{ github.event.inputs.dry-run-enabled }}" == true ]]; then
	ARGS="--dry-run"
	fi
	npx semantic-release ${ARGS}

	- name: Ensure Branch Not in Use and Delete Worktree
	if: always()
	run: \|
	set +x
	# Switch to a safe branch (e.g., main)
	git checkout main

	# Check if the branch is associated with a worktree and remove the worktree if it exists
	worktree_path=$(git worktree list \| grep ${{ steps.branch_name.outputs.BRANCH_NAME }} \| awk '{print $1}')

	if [ -n "$worktree_path" ]; then
	echo "Removing worktree at $worktree_path"
	git worktree remove "$worktree_path"
	else
	echo "No worktree found for branch ${{ steps.branch_name.outputs.BRANCH_NAME }}"
	fi

	- name: Delete the Temporary Semantic Release Branch
	if: always()
	run: \|
	echo "Deleting the temporary semantic release branch"
	echo "Deleting local branch now:"
	git branch -d ${{ steps.branch_name.outputs.BRANCH_NAME }}

	echo "Deleting remote branch now:"
	git push -d origin ${{ steps.branch_name.outputs.BRANCH_NAME }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Main] Create New Release #17

Workflow file

[Main] Create New Release #17

Jobs

Run details

Workflow file for this run