chore(deps): update pre-commit hook returntocorp/semgrep to v1.103.0 #41
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow is triggered when a pull request is merged and the label 'release' is present. | |
# It fetches the last draft release, updates it to a non-draft release and sends a Slack message with the release notes. | |
name: Publish Release | |
on: | |
pull_request: | |
types: | |
- closed | |
jobs: | |
release: | |
if: github.event.pull_request.merged == true && contains(github.event.pull_request.labels.*.name, 'release') | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install taskfile.dev | |
uses: arduino/setup-task@v2 | |
with: | |
version: 3.x | |
repo-token: ${{ github.token }} | |
- name: Create release zip file | |
shell: bash | |
run: | | |
task dist | |
- name: Fetch last draft release | |
id: fetch-release-draft | |
shell: bash | |
run: | | |
# Call Github releases API and filter draft releases | |
DRAFT_RELEASE=$(curl \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "Authorization: Bearer ${{ github.token }}" \ | |
https://api.github.com/repos/${{ github.repository }}/releases | \ | |
jq 'map(select(.draft == true))' \ | |
) | |
# Fail if 0 or more than 1 draft release is found | |
if [[ $(echo $DRAFT_RELEASE | jq 'length') -ne 1 ]] | |
then | |
echo "No draft release found or more than one draft release found" | |
exit 1 | |
fi | |
DRAFT_RELEASE=$(echo $DRAFT_RELEASE | jq first) | |
# Retrieve name, id and body of the draft release | |
# We need to remove the quotes from the JSON output | |
NAME=$(echo $DRAFT_RELEASE | jq '.name' | sed 's/"//g') | |
ID=$(echo $DRAFT_RELEASE | jq '.id') | |
BODY=$(echo $DRAFT_RELEASE | jq '.body' | sed 's/"//g') | |
# Add URLs to GitHub pull requests | |
PULL_REQUEST_URL_START=${{ github.server_url }}/${{ github.repository }}/pull/ | |
ESCAPED_PULL_REQUEST_URL_START=$(printf '%s\n' "$PULL_REQUEST_URL_START" | sed -e 's/[\/&]/\\&/g') | |
BODY=$(echo -e "$BODY" | sed -E "s/#([0-9]+)/[#\1](${ESCAPED_PULL_REQUEST_URL_START}\1)/g") | |
# Add URLs to GitHub profiles | |
PROFILE_URL_START=${{ github.server_url }}/ | |
ESCAPED_PROFILE_URL_START=$(printf '%s\n' "$PROFILE_URL_START" | sed -e 's/[\/&]/\\&/g') | |
BODY=$(echo -e "$BODY" | sed -E "s/@([[:alnum:]-]+)/[@\1](${ESCAPED_PROFILE_URL_START}\1)/g") | |
# Write the output variables | |
echo "name=$NAME" >> $GITHUB_OUTPUT | |
echo "id=$ID" >> $GITHUB_OUTPUT | |
echo "body<<EOF" >> $GITHUB_OUTPUT | |
echo -e "$BODY" >> $GITHUB_OUTPUT | |
echo "EOF" >> $GITHUB_OUTPUT | |
- name: Add zip file to the release assets | |
shell: bash | |
run: | | |
curl \ | |
-X POST \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "Authorization: Bearer ${{ github.token }}" \ | |
-H "Content-Type: application/zip" \ | |
-T "dist/alma-php-client.zip" \ | |
https://uploads.github.com/repos/${{ github.repository }}/releases/${{ steps.fetch-release-draft.outputs.id }}/assets?name=alma-php-client.zip | |
- name: Publish Github release | |
uses: actions/github-script@v7 | |
with: | |
# target_commitish is set to refs/heads/develop by release-drafter as we need to retrieve pull requests merged into develop | |
# We need to override it to refs/heads/main to point to the last commit of main branch instead of develop branch | |
script: | | |
const { owner, repo } = context.repo; | |
await github.rest.repos.updateRelease({ | |
owner, | |
repo, | |
release_id: "${{ steps.fetch-release-draft.outputs.id }}", | |
draft: false, | |
make_latest: true, | |
tag_name: "${{ steps.fetch-release-draft.outputs.name }}", | |
target_commitish: "refs/heads/main" | |
}); | |
- name: Format release notes for Slack | |
uses: LoveToKnow/[email protected] | |
id: slack-markdown-release-notes | |
with: | |
text: | | |
New release of ${{ github.repository }}, **[${{ steps.fetch-release-draft.outputs.name }}](https://github.com/${{ github.repository }}/releases/tag/${{ steps.fetch-release-draft.outputs.name }})**: | |
${{ steps.fetch-release-draft.outputs.body }} | |
cc <@france.berut> <@khadija.cherif> | |
- name: Send changelog to Slack | |
uses: slackapi/[email protected] | |
with: | |
method: chat.postMessage | |
token: ${{ secrets.SLACK_RELEASE_CHANGELOG_BOT_TOKEN }} | |
payload: | | |
channel: CR9C57YM6 | |
username: "${{ github.event.sender.login }}" | |
icon_url: "${{ github.event.sender.avatar_url }}" | |
text: ${{ toJson(steps.slack-markdown-release-notes.outputs.text) }} |