-
Notifications
You must be signed in to change notification settings - Fork 103
60 lines (51 loc) · 1.75 KB
/
release.yaml
File metadata and controls
60 lines (51 loc) · 1.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# .github/workflows/release.yml
name: Publish Release (from build artifacts)
on:
workflow_run:
workflows: ["Build su-exec"] # must match the 'name:' of build.yml
types: [completed]
permissions:
contents: write # needed for creating/updating releases & uploading assets
jobs:
release:
runs-on: ubuntu-latest
# Only continue if the triggering run:
# - succeeded
# - came from THIS repo (not a fork)
# - and was a tag push (head_branch starts with 'v')
if: >
${{
github.event.workflow_run.conclusion == 'success' &&
github.event.workflow_run.head_repository.full_name == github.repository &&
startsWith(github.event.workflow_run.head_branch, 'v')
}}
steps:
- name: Determine version (tag)
id: ver
run: |
echo "version=${{ github.event.workflow_run.head_branch }}" >> "$GITHUB_OUTPUT"
- name: Download artifacts from the build run
uses: dawidd6/action-download-artifact@v6
with:
run_id: ${{ github.event.workflow_run.id }}
repo: ${{ github.repository }}
path: dist
# leave 'name' unset to fetch all artifacts from that run
skip_unpack: false
- name: List retrieved artifacts
run: ls -l dist || true
- name: Generate SHA256SUMS
run: |
cd dist
sha256sum su-exec-* > SHA256SUMS
cat SHA256SUMS
- name: Create/Update GitHub Release and upload assets
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ steps.ver.outputs.version }}
files: |
dist/su-exec-*
dist/SHA256SUMS
fail_on_unmatched_files: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}