# Copyright (c) 2025-2026 Zensical and contributors # SPDX-License-Identifier: MIT # All contributions are certified under the DCO # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to # deal in the Software without restriction, including without limitation the # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or # sell copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # The above copyright notice and this permission notice shall be included in # all copies or substantial portions of the Software. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS # IN THE SOFTWARE. name: Release on: pull_request: types: - closed branches: - master permissions: contents: write # Required for tags and releases attestations: write # Required for attestations id-token: write # Required for OIDC jobs: build: name: Build if: | github.event.pull_request.merged == true && startsWith(github.event.pull_request.head.ref, 'release/') uses: ./.github/workflows/build.yml with: ref: ${{ github.event.pull_request.merge_commit_sha }} attestations: true tag: name: Create tag runs-on: ubuntu-latest needs: build outputs: version: ${{ steps.version.outputs.version }} steps: - name: Checkout repository uses: actions/checkout@v6 with: ref: ${{ github.event.pull_request.merge_commit_sha }} fetch-depth: 0 - name: Determine version id: version run: | BRANCH="${{ github.event.pull_request.head.ref }}" VERSION=${BRANCH#release/} echo "version=$VERSION" >> $GITHUB_OUTPUT - name: Create and push tag run: | VERSION="${{ steps.version.outputs.version }}" git config user.name "github-actions[bot]" git config user.email "github-actions[bot]@users.noreply.github.com" git tag -a $VERSION -m "Release $VERSION" git push origin $VERSION release: name: Create release runs-on: ubuntu-latest needs: tag env: VERSION: ${{ needs.tag.outputs.version }} steps: - name: Checkout repository uses: actions/checkout@v6 with: ref: ${{ github.event.pull_request.merge_commit_sha }} fetch-depth: 0 fetch-tags: true - name: Set up mono uses: zensical/mono@v0 - name: Download artifacts uses: actions/download-artifact@v8 with: path: artifacts merge-multiple: true - name: Create release env: GH_TOKEN: ${{ github.token }} run: | mono version changelog -s $VERSION > notes.txt gh release create $VERSION \ --title ${VERSION#v} \ --notes-file notes.txt \ --draft - name: Upload release artifacts env: GH_TOKEN: ${{ github.token }} run: gh release upload $VERSION artifacts/* - name: Publish release env: GH_TOKEN: ${{ github.token }} run: gh release edit $VERSION --draft=false publish: name: Publish runs-on: ubuntu-latest needs: - tag - release steps: - name: Checkout repository uses: actions/checkout@v6 with: ref: ${{ github.event.pull_request.merge_commit_sha }} fetch-depth: 0 fetch-tags: true - name: Download artifacts uses: actions/download-artifact@v8 with: path: artifacts merge-multiple: true - name: Publish to pypi.org uses: PyO3/maturin-action@v1 with: command: upload args: --non-interactive --skip-existing artifacts/*