name: Prepare permissions: # To create a draft release contents: write # To sign artifacts. id-token: write on: workflow_call: inputs: ref: required: true description: "GitHub ref to use" type: string version: required: true description: "Version to produce" type: string project: required: true description: "Project name, e.g.: the repository name" type: string release-notes: required: true description: "Release notes" type: string prerelease: required: false default: true description: "Whether to create a prerelease" type: boolean draft: required: false default: true description: "Whether to create a draft release" type: boolean env: PULUMI_VERSION: ${{ inputs.version }} jobs: sign: name: sign uses: ./.github/workflows/sign.yml with: ref: ${{ inputs.ref }} version: ${{ inputs.version }} publish: name: release needs: [sign] runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: ref: ${{ inputs.ref }} - name: Get commit hash id: commit-info run: | SHA=$(git rev-parse HEAD) ./.github/scripts/set-output sha "$SHA" - name: Download all artifacts uses: actions/download-artifact@v2 with: path: artifacts.tmp - name: Rename SDKs # This step must match the rename SDKs step in the "sign" job above. run: | ( cd artifacts.tmp/artifacts-python-sdk for file in *.whl ; do mv -vT "$file" "sdk-python-$file" done ) ( cd artifacts.tmp/artifacts-nodejs-sdk for file in *.tgz ; do mv -vT "$file" "sdk-nodejs-$file" done ) - name: Flatten artifact directories run: | mkdir -p ./artifacts mv ./artifacts.tmp/artifacts-*/* ./artifacts - uses: ncipollo/release-action@3d2de22e3d0beab188d8129c27f103d8e91bf13a with: token: ${{ secrets.PULUMI_BOT_TOKEN }} name: v${{ inputs.version }} tag: v${{ inputs.version }} commit: "${{ fromJSON(steps.commit-info.outputs.sha) }}" draft: ${{ inputs.draft }} prerelease: ${{ inputs.prerelease }} allowUpdates: true body: | ${{ inputs.release-notes }} removeArtifacts: true replacesArtifacts: true artifactErrorsFailBuild: true artifacts: | artifacts/*