Skip to content
Build & Sign Info Release

Build & Sign Info Release #12

Sign in to view logs

Build & Sign Info Release

Build & Sign Info Release #12

Workflow file for this run

.github/workflows/main.yml at be01c45
name: Build & Sign Info Release
on:
workflow_dispatch:
inputs:
version:
description: "Version tag (e.g. 5.1.0)"
required: true
start_day:
description: "day/month/year(optional)"
required: true
end_day:
description: "day/month/year(optional"
required: true
info_title:
description: "Title for info update"
required: true
info_md_file:
description: "Path to your .md file (optional, default=whatsnew.md)"
required: false
default: "whatsnew.md"
survey_title:
description: "Survey title"
required: false
survey_url:
description: "Survey form URL"
required: false
permissions:
contents: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install deps
run: pip install cryptography
- name: Prepare info file
run: |
mkdir -p artifacts
if [ -f "${{ github.event.inputs.info_md_file }}" ]; then
cp "${{ github.event.inputs.info_md_file }}" artifacts/whatsnew.md
else
echo "No markdown file found. Creating default whatsnew.md"
echo "# Update Information\n\nNo new details provided." > artifacts/whatsnew.md
fi
- name: Create manifest
id: make_manifest
run: |
python - <<'PY'
import json, datetime, os, re
version = "${{ github.event.inputs.version }}"
start_raw = "${{ github.event.inputs.start_day }}".strip()
end_raw = "${{ github.event.inputs.end_day }}".strip()
def parse_date(date_str):
pattern = r"^(\d{1,2})/(\d{1,2})(?:/(\d{4}))?$"
match = re.match(pattern, date_str)
if not match:
raise ValueError(f"Invalid date format: {date_str}. Use dd/mm or dd/mm/yyyy")
day, month, year = match.groups()
day = int(day)
month = int(month)
if year:
year = int(year)
else:
year = datetime.datetime.utcnow().year
# Validate actual calendar date
dt = datetime.datetime(year, month, day)
return dt.strftime("%Y-%m-%d"), (match.group(3) is None)
start_date, start_recurring = parse_date(start_raw)
end_date, end_recurring = parse_date(end_raw)
updates = [
{
"type": "info",
"title": "${{ github.event.inputs.info_title }}",
"content_url": f"https://github.com/${{ github.repository }}/releases/download/{version}/whatsnew.md"
}
]
survey_title = "${{ github.event.inputs.survey_title }}".strip()
survey_url = "${{ github.event.inputs.survey_url }}".strip()
if survey_title and survey_url:
updates.append({
"type": "survey",
"title": survey_title,
"form_url": survey_url
})
manifest = {
"version": version,
"release_date": datetime.datetime.utcnow().strftime("%Y-%m-%dT%H:%M:%SZ"),
"start_date": start_date,
"end_date": end_date,
"recurring_annually": (start_recurring and end_recurring),
"updates": updates
}
with open("update.json", "w") as f:
f.write(json.dumps(manifest, separators=(',', ':'), sort_keys=True))
print("Created update.json successfully")
PY
- name: Prepare private key
env:
PRIVATE_PEM_BASE64: ${{ secrets.PRIVATE_PEM_BASE64 }}
run: |
echo "$PRIVATE_PEM_BASE64" | base64 -d > private.pem
- name: Sign manifest
run: python tools/sign_manifest.py update.json private.pem update.json.sig
- name: Create Release
id: create_release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ github.event.inputs.version }}
name: Info Update ${{ github.event.inputs.version }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload manifest (gh CLI)
run: |
gh release upload "${{ github.event.inputs.version }}" update.json update.json.sig artifacts/whatsnew.md --clobber
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}