From edf577d7f7131a30706fe204cc3fc4101152c3b1 Mon Sep 17 00:00:00 2001 From: bo0tzz Date: Wed, 19 Nov 2025 04:03:49 +0100 Subject: [PATCH] feat: publish on release pr merge (#23867) --- .github/workflows/release.yml | 147 ++++++++++++++++++++++++++++++++++ 1 file changed, 147 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000000..bb4ea9e245 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,147 @@ +name: release.yml +on: + pull_request: + types: [closed] + paths: + - CHANGELOG.md + +jobs: + # Maybe double check PR source branch? + + merge_translations: + uses: ./.github/workflows/merge-translations.yml + permissions: + pull-requests: write + secrets: + PUSH_O_MATIC_APP_ID: ${{ secrets.PUSH_O_MATIC_APP_ID }} + PUSH_O_MATIC_APP_KEY: ${{ secrets.PUSH_O_MATIC_APP_KEY }} + WEBLATE_TOKEN: ${{ secrets.WEBLATE_TOKEN }} + + build_mobile: + uses: ./.github/workflows/build-mobile.yml + needs: merge_translations + permissions: + contents: read + secrets: + KEY_JKS: ${{ secrets.KEY_JKS }} + ALIAS: ${{ secrets.ALIAS }} + ANDROID_KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }} + ANDROID_STORE_PASSWORD: ${{ secrets.ANDROID_STORE_PASSWORD }} + # iOS secrets + APP_STORE_CONNECT_API_KEY_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ID }} + APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ISSUER_ID }} + APP_STORE_CONNECT_API_KEY: ${{ secrets.APP_STORE_CONNECT_API_KEY }} + IOS_CERTIFICATE_P12: ${{ secrets.IOS_CERTIFICATE_P12 }} + IOS_CERTIFICATE_PASSWORD: ${{ secrets.IOS_CERTIFICATE_PASSWORD }} + IOS_PROVISIONING_PROFILE: ${{ secrets.IOS_PROVISIONING_PROFILE }} + IOS_PROVISIONING_PROFILE_SHARE_EXTENSION: ${{ secrets.IOS_PROVISIONING_PROFILE_SHARE_EXTENSION }}misc/release/notes.tmpl + IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION: ${{ secrets.IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION }} + IOS_DEVELOPMENT_PROVISIONING_PROFILE: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE }} + IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION }} + IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION }} + FASTLANE_TEAM_ID: ${{ secrets.FASTLANE_TEAM_ID }} + with: + ref: main + environment: production + + prepare_release: + runs-on: ubuntu-latest + needs: build_mobile + permissions: + actions: read # To download the app artifact + steps: + - name: Generate a token + id: generate-token + uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 + with: + app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }} + private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }} + + - name: Checkout + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + token: ${{ steps.generate-token.outputs.token }} + persist-credentials: false + ref: main + + - name: Extract changelog + id: changelog + run: | + CHANGELOG_PATH=$RUNNER_TEMP/changelog.md + sed -n '1,/^---$/p' CHANGELOG.md | head -n -1 > $CHANGELOG_PATH + echo "path=$CHANGELOG_PATH" >> $GITHUB_OUTPUT + VERSION=$(sed -n 's/^# //p' $CHANGELOG_PATH) + echo "version=$VERSION" >> $GITHUB_OUTPUT + + - name: Download APK + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + with: + name: release-apk-signed + github-token: ${{ steps.generate-token.outputs.token }} + + - name: Create draft release + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 + with: + tag_name: ${{ steps.version.outputs.result }} + token: ${{ steps.generate-token.outputs.token }} + body_path: ${{ steps.changelog.outputs.path }} + files: | + docker/docker-compose.yml + docker/example.env + docker/hwaccel.ml.yml + docker/hwaccel.transcoding.yml + docker/prometheus.yml + *.apk + + - name: Rename Outline document + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + continue-on-error: true + env: + OUTLINE_API_KEY: ${{ secrets.OUTLINE_API_KEY }} + VERSION: ${{ steps.changelog.outputs.version }} + with: + github-token: ${{ steps.generate-token.outputs.token }} + script: | + const outlineKey = process.env.OUTLINE_API_KEY; + const version = process.env.VERSION; + const parentDocumentId = 'da856355-0844-43df-bd71-f8edce5382d9'; + const baseUrl = 'https://outline.immich.cloud'; + + const listResponse = await fetch(`${baseUrl}/api/documents.list`, { + method: 'POST', + headers: { + 'Authorization': `Bearer ${outlineKey}`, + 'Content-Type': 'application/json' + }, + body: JSON.stringify({ parentDocumentId }) + }); + + if (!listResponse.ok) { + throw new Error(`Outline list failed: ${listResponse.statusText}`); + } + + const listData = await listResponse.json(); + const allDocuments = listData.data || []; + const document = allDocuments.find(doc => doc.title === 'next'); + + if (document) { + console.log(`Found document 'next', renaming to '${version}'...`); + + const updateResponse = await fetch(`${baseUrl}/api/documents.update`, { + method: 'POST', + headers: { + 'Authorization': `Bearer ${outlineKey}`, + 'Content-Type': 'application/json' + }, + body: JSON.stringify({ + id: document.id, + title: version + }) + }); + + if (!updateResponse.ok) { + throw new Error(`Failed to rename document: ${updateResponse.statusText}`); + } + } else { + console.log('No document titled "next" found to rename'); + }