ci: seperate semantic-release from ci

Signed-off-by: msclock <msclock@qq.com>
serious-scaffold · Jul 11, 2024 · c509786 · c509786
1 parent cfc5647
commit c509786
Show file tree

Hide file tree

Showing 4 changed files with 118 additions and 102 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -918,54 +918,3 @@ jobs:
         uses: re-actors/alls-green@release/v1
         with:
           jobs: ${{ toJSON(needs) }}
-
-  release:
-    name: release
-    runs-on: ubuntu-22.04
-    if: github.event_name != 'pull_request'
-    permissions:
-      contents: write
-      id-token: write
-      issues: write
-      pull-requests: write
-    needs: [pass]
-
-    steps:
-      - name: Generate a bot token with BOT_APP_ID
-        id: bot_token
-        if: vars.BOT_APP_ID && env.BOT_PRIVATE_KEY != null
-        uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1
-        env:
-          BOT_PRIVATE_KEY: ${{ secrets.BOT_PRIVATE_KEY }}
-        with:
-          app-id: ${{ vars.BOT_APP_ID }}
-          private-key: ${{ secrets.BOT_PRIVATE_KEY }}
-
-      - name: Warn if use GITHUB_TOKEN
-        if: env._GITHUB_TOKEN == env._TO_BE_VERIFIED_TOKEN
-        env:
-          _GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          _TO_BE_VERIFIED_TOKEN: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
-        run: |
-          echo "# :warning: GITHUB_TOKEN is used" >> $GITHUB_STEP_SUMMARY
-          echo "The GITHUB_TOKEN is used instead of a bot token or PAT that will not emit the released publish event for triggering a released workflow." >> $GITHUB_STEP_SUMMARY
-
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
-        with:
-          fetch-depth: 0
-          token: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
-
-      - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4
-        with:
-          node-version: 20
-
-      - uses: cycjimmy/semantic-release-action@v4
-        id: semantic
-        with:
-          semantic_version: 22
-          extra_plugins: |
-            @semantic-release/exec
-            @semantic-release/github
-            conventional-changelog-conventionalcommits@7
-        env:
-          GITHUB_TOKEN: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml
@@ -0,0 +1,59 @@
+name: Semantic Release
+
+on:
+  workflow_run:
+    workflows: [CI]
+    types: [completed]
+    branches: [master]
+
+jobs:
+  semantic-release:
+    name: Semantic Release
+    runs-on: ubuntu-22.04
+    if: github.event.workflow_run.conclusion == 'success' && github.repository == 'serious-scaffold/ss-cpp'
+    permissions:
+      contents: write
+      id-token: write
+      issues: write
+      pull-requests: write
+    needs: [pass]
+
+    steps:
+      - name: Generate a bot token with BOT_APP_ID
+        id: bot_token
+        if: vars.BOT_APP_ID && env.BOT_PRIVATE_KEY != null
+        uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1
+        env:
+          BOT_PRIVATE_KEY: ${{ secrets.BOT_PRIVATE_KEY }}
+        with:
+          app-id: ${{ vars.BOT_APP_ID }}
+          private-key: ${{ secrets.BOT_PRIVATE_KEY }}
+
+      - name: Warn if use GITHUB_TOKEN
+        if: env._GITHUB_TOKEN == env._TO_BE_VERIFIED_TOKEN
+        env:
+          _GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          _TO_BE_VERIFIED_TOKEN: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
+        run: |
+          echo "# :warning: GITHUB_TOKEN is used" >> $GITHUB_STEP_SUMMARY
+          echo "The GITHUB_TOKEN is used instead of a bot token or PAT that will not emit the released publish event for triggering a released workflow." >> $GITHUB_STEP_SUMMARY
+
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+        with:
+          fetch-depth: 0
+          token: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
+
+      - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4
+        with:
+          node-version: 20
+
+      - uses: cycjimmy/semantic-release-action@v4
+        id: semantic
+        with:
+          semantic_version: 22
+          extra_plugins: |
+            @semantic-release/exec
+            @semantic-release/github
+            conventional-changelog-conventionalcommits@7
+        env:
+          GITHUB_TOKEN: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
diff --git a/template/[% if repo_platform == 'github' %].github[% endif %]/workflows/ci.yml.jinja b/template/[% if repo_platform == 'github' %].github[% endif %]/workflows/ci.yml.jinja
@@ -962,54 +962,3 @@ jobs:
         uses: re-actors/alls-green@release/v1
         with:
           jobs: {{ '${{ toJSON(needs) }}' }}
-
-  release:
-    name: release
-    runs-on: ubuntu-22.04
-    if: github.event_name != 'pull_request'
-    permissions:
-      contents: write
-      id-token: write
-      issues: write
-      pull-requests: write
-    needs: [pass]
-
-    steps:
-      - name: Generate a bot token with BOT_APP_ID
-        id: bot_token
-        if: vars.BOT_APP_ID && env.BOT_PRIVATE_KEY != null
-        uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1
-        env:
-          BOT_PRIVATE_KEY: {{ '${{ secrets.BOT_PRIVATE_KEY }}' }}
-        with:
-          app-id: {{ '${{ vars.BOT_APP_ID }}' }}
-          private-key: {{ '${{ secrets.BOT_PRIVATE_KEY }}' }}
-
-      - name: Warn if use GITHUB_TOKEN
-        if: env._GITHUB_TOKEN == env._TO_BE_VERIFIED_TOKEN
-        env:
-          _GITHUB_TOKEN: {{ '${{ secrets.GITHUB_TOKEN }}' }}
-          _TO_BE_VERIFIED_TOKEN: {{ '${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}' }}
-        run: |
-          echo "# :warning: GITHUB_TOKEN is used" >> $GITHUB_STEP_SUMMARY
-          echo "The GITHUB_TOKEN is used instead of a bot token or PAT that will not emit the released publish event for triggering a released workflow." >> $GITHUB_STEP_SUMMARY
-
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
-        with:
-          fetch-depth: 0
-          token: {{ '${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}' }}
-
-      - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4
-        with:
-          node-version: 20
-
-      - uses: cycjimmy/semantic-release-action@v4
-        id: semantic
-        with:
-          semantic_version: 22
-          extra_plugins: |
-            @semantic-release/exec
-            @semantic-release/github
-            conventional-changelog-conventionalcommits@7
-        env:
-          GITHUB_TOKEN: {{ '${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}' }}
diff --git a/...[% if repo_platform == 'github' %].github[% endif %]/workflows/semantic-release.yml.jinja b/...[% if repo_platform == 'github' %].github[% endif %]/workflows/semantic-release.yml.jinja
@@ -0,0 +1,59 @@
+name: Semantic Release
+
+on:
+  workflow_run:
+    workflows: [CI]
+    types: [completed]
+    branches: [master]
+
+jobs:
+  semantic-release:
+    name: Semantic Release
+    runs-on: ubuntu-22.04
+    if: github.event.workflow_run.conclusion == 'success' && github.repository == '{{ repo_namespace }}/{{ repo_name }}'
+    permissions:
+      contents: write
+      id-token: write
+      issues: write
+      pull-requests: write
+    needs: [pass]
+
+    steps:
+      - name: Generate a bot token with BOT_APP_ID
+        id: bot_token
+        if: vars.BOT_APP_ID && env.BOT_PRIVATE_KEY != null
+        uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1
+        env:
+          BOT_PRIVATE_KEY: {{ '${{ secrets.BOT_PRIVATE_KEY }}' }}
+        with:
+          app-id: {{ '${{ vars.BOT_APP_ID }}' }}
+          private-key: {{ '${{ secrets.BOT_PRIVATE_KEY }}' }}
+
+      - name: Warn if use GITHUB_TOKEN
+        if: env._GITHUB_TOKEN == env._TO_BE_VERIFIED_TOKEN
+        env:
+          _GITHUB_TOKEN: {{ '${{ secrets.GITHUB_TOKEN }}' }}
+          _TO_BE_VERIFIED_TOKEN: {{ '${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}' }}
+        run: |
+          echo "# :warning: GITHUB_TOKEN is used" >> $GITHUB_STEP_SUMMARY
+          echo "The GITHUB_TOKEN is used instead of a bot token or PAT that will not emit the released publish event for triggering a released workflow." >> $GITHUB_STEP_SUMMARY
+
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+        with:
+          fetch-depth: 0
+          token: {{ '${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}' }}
+
+      - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4
+        with:
+          node-version: 20
+
+      - uses: cycjimmy/semantic-release-action@v4
+        id: semantic
+        with:
+          semantic_version: 22
+          extra_plugins: |
+            @semantic-release/exec
+            @semantic-release/github
+            conventional-changelog-conventionalcommits@7
+        env:
+          GITHUB_TOKEN: {{ '${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}' }}