name: release-ci on: workflow_dispatch: schedule: - cron: '0 0 * * *' # In case we change the some build scripts: push: branches: - master paths: - 'utils/**' - '.ci/release-ci/**' - '.github/workflows/release-ci.yml' pull_request: paths: - 'utils/**' - '.ci/release-ci/**' - '.github/workflows/release-ci.yml' concurrency: group: ${{ github.head_ref || github.run_id }} cancel-in-progress: true jobs: existing: runs-on: ubuntu-latest strategy: matrix: include: - release-type: deb release-env: debian - release-type: deb release-env: ubuntu - release-type: rpm release-env: fedora - release-type: rpm release-env: rocky - release-type: rpm release-env: alma - release-type: apk release-env: alpine steps: - uses: actions/checkout@v3 - name: Run checks run: | SECRETS_RELEASE_ENV="${{ matrix.release-env }}" \ SECRETS_RELEASE_TYPE="${{ matrix.release-type }}" \ make release-ci # Keep in sync with `release.yml`: dryrun: runs-on: ubuntu-latest strategy: matrix: release-type: - apk - deb - rpm steps: - uses: actions/checkout@v3 - name: Run dry run of the release process run: | SECRETS_RELEASE_TYPE="${{ matrix.release-type }}" \ SECRETS_DEPLOY_DRY_RUN=1 \ SECRETS_ARTIFACTORY_CREDENTIALS='fake' \ make release # https://github.community/t/run-github-actions-job-only-if-previous-job-has-failed/174786/2 create-issue-on-failure: name: Create an issue if release-ci cron failed runs-on: ubuntu-latest needs: [existing, dryrun] if: ${{ github.event_name == 'schedule' && github.repository == 'sobolevn/git-secret' && always() && (needs.existing.result == 'failure' || needs.dryrun.result == 'failure') }} permissions: issues: write steps: - uses: actions/github-script@v6 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | await github.rest.issues.create({ owner: "sobolevn", repo: "git-secret", title: `release-ci failure on ${new Date().toDateString()}`, body: "Details: https://github.com/sobolevn/git-secret/actions/workflows/release-ci.yml", })