diff --git a/.github/workflows/example_app_release_pr.yml b/.github/workflows/example_app_release_pr.yml index b15b389..d1f5bd3 100644 --- a/.github/workflows/example_app_release_pr.yml +++ b/.github/workflows/example_app_release_pr.yml @@ -2,24 +2,34 @@ name: Make example app release PR on: - pull_request_target: + pull_request: types: - - labeled + - closed branches: - main workflow_dispatch: jobs: pull-request-creation: - if: contains(github.event.pull_request.labels.*.name, format('autorelease{0} tagged', ':')) || github.event_name == 'workflow_dispatch' + if: github.event.pull_request.merged && contains( github.event.pull_request.labels.*.name, format('autorelease{0} pending', ':')) || github.event_name == 'workflow_dispatch' permissions: pull-requests: write contents: write runs-on: ubuntu-latest steps: + - name: Generate Token + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ vars.APPBAKERYGITHUBAPP_APPID }} + private-key: ${{ secrets.APPBAKERYGITHUBAPP_PRIVATEKEY }} + - name: Clone Repository uses: actions/checkout@v4 + with: + token: ${{ steps.app-token.outputs.token }} + persist-credentials: false - name: Read new build_name from root pubspec.yaml. id: read_build_name @@ -44,12 +54,14 @@ jobs: - name: Create Pull Request uses: peter-evans/create-pull-request@v7 with: + token: ${{ steps.app-token.outputs.token }} + committer: sbb-app-bakery[bot] <914587+sbb-app-bakery[bot]@users.noreply.github.com> commit-message: ${{ format('chore{0} example app release v{1}', ':', steps.read_build_name.outputs.pubspec_build_name) }} branch: "chore/example-release" title: ${{ format('Release example app v{0}', steps.read_build_name.outputs.pubspec_build_name) }} body: | Update pubspec version to ${{ steps.read_build_name.outputs.pubspec_build_name }}+${{ steps.read_build_number.outputs.pubspec_build_number }} - **Merging this PR will trigger the release into the enterprise app stores.** + **Merging this PR will trigger the release into the enterprise app store.** labels: | exampleAppRelease:pending diff --git a/.github/workflows/publish_pub_dev.yml b/.github/workflows/publish_pub_dev.yml index 0264609..608ff44 100644 --- a/.github/workflows/publish_pub_dev.yml +++ b/.github/workflows/publish_pub_dev.yml @@ -3,24 +3,10 @@ name: Publish to pub.dev on: push: tags: - - "[0-9]+.[0-9]+.[0-9]+" # tag pattern on pub.dev: '{{version}' + - "[0-9]+.[0-9]+.[0-9]+" -# Publish using custom workflow jobs: publish: permissions: id-token: write # Required for authentication using OIDC - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - uses: subosito/flutter-action@v2 - with: - channel: stable - cache: true - - - run: flutter doctor -v - - run: flutter pub get - - run: dart run build_runner build --delete-conflicting-outputs - - - run: flutter pub publish --force + uses: dart-lang/setup-dart/.github/workflows/publish.yml@v1 diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index cc72825..100506d 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -15,8 +15,16 @@ jobs: outputs: release-created: ${{ steps.release.outputs.release_created }} steps: + - name: Generate Token + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ vars.APPBAKERYGITHUBAPP_APPID }} + private-key: ${{ secrets.APPBAKERYGITHUBAPP_PRIVATEKEY }} + - uses: googleapis/release-please-action@v4 id: release with: config-file: ci/release-please-config.json manifest-file: ci/.release-please-manifest.json + token: ${{ steps.app-token.outputs.token }} diff --git a/RELEASE.md b/RELEASE.md index 4f5cdf9..2409f4a 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -2,14 +2,26 @@ The releases will be done through [Release Please]. This project uses the [Github Action version]. +For triggering subsequent workflows, we use the *sbb-app-bakery* Github App with a private key stored in the +Github Actions secrets. + All configuration files for [Release Please] are found in the `./ci` directory. -### Example App +#### Pub Dev + +Merging the release please PR will result in the `publish_pub_dev` workflow to be triggered. This workflow +takes care of the release to pub.dev. + +#### Example App + +Merging the release please PR will trigger the `example_app_release_pr` Github action. This will +* open a PR with a commit + * syncing the example app to the package version + * increasing the build number by one. -Merging a release please PR will open another PR with a commit syncing the example app to the -package version and increasing the build number by one. +Upon merging this PR, the example app will be released to the enterprise app store. -Upon merging this PR, the example app will be released to the enterprise app stores. +This PR can also be opened manually and will fail silently if no changes are commited. [Release Please]: https://github.com/googleapis/release-please [Github Action version]: https://github.com/googleapis/release-please-action \ No newline at end of file diff --git a/ci/release-please-config.json b/ci/release-please-config.json index e622c43..6d03a9d 100644 --- a/ci/release-please-config.json +++ b/ci/release-please-config.json @@ -9,5 +9,6 @@ }, "include-v-in-tag": false, "include-component-in-tag": false, - "pull-request-title-pattern": "Release ${version}" + "pull-request-title-pattern": "Release ${version}", + "pull-request-footer": "This PR was generated with Release Please. See documentation.\n\n**Merging this PR will create a Github Release, a Pub Dev release and open a PR for the Example App relase**" }