mirror of
https://github.com/BetterCorp/BetterFrame.git
synced 2026-05-26 22:26:33 +00:00
b05cdfc153
Master pushes now check git diff for kiosk/, deploy/, .github/ changes. Server-only commits skip the expensive Rust cross-compile + pi-gen image. Tag pushes and workflow_dispatch always build everything.
156 lines
5.6 KiB
YAML
156 lines
5.6 KiB
YAML
# Single entrypoint for release automation.
|
|
#
|
|
# Triggers:
|
|
# - push to master → auto-tag next patch from latest tag + -dev.<sha>,
|
|
# create prerelease, invoke build.yml
|
|
# - push of v* tag → infer channel from tag, auto-tag next patch,
|
|
# create release (or update), invoke build.yml
|
|
#
|
|
# Build steps live in build.yml (reusable). This file only owns versioning
|
|
# + release creation. Every channel builds the kiosk binary and Pi image.
|
|
|
|
name: release
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
tags:
|
|
- "v*"
|
|
workflow_dispatch:
|
|
inputs:
|
|
bump:
|
|
description: "Force a tagged dev release (one-off)."
|
|
type: boolean
|
|
default: false
|
|
|
|
concurrency:
|
|
group: release-${{ github.ref }}
|
|
cancel-in-progress: ${{ github.ref_type != 'tag' }}
|
|
|
|
permissions:
|
|
contents: write
|
|
|
|
jobs:
|
|
# ---- Tag + release record -------------------------------------------------
|
|
meta:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
version: ${{ steps.compute.outputs.version }}
|
|
tag: ${{ steps.compute.outputs.tag }}
|
|
channel: ${{ steps.compute.outputs.channel }}
|
|
ref: ${{ steps.compute.outputs.ref }}
|
|
build_image: ${{ steps.compute.outputs.build_image }}
|
|
needs_build: ${{ steps.compute.outputs.needs_build }}
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
fetch-depth: 0 # need tags for git describe
|
|
|
|
- name: Compute version / channel / tag
|
|
id: compute
|
|
shell: bash
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: |
|
|
set -e
|
|
short=$(git rev-parse --short HEAD)
|
|
|
|
if [[ "$GITHUB_REF" == refs/tags/v* ]]; then
|
|
requested_tag="${GITHUB_REF#refs/tags/}"
|
|
requested_version="${requested_tag#v}"
|
|
if [[ "$requested_version" == *"-beta"* ]]; then
|
|
channel=beta
|
|
elif [[ "$requested_version" == *"-dev"* ]]; then
|
|
channel=dev
|
|
else
|
|
channel=stable
|
|
fi
|
|
else
|
|
channel=dev
|
|
fi
|
|
|
|
# Stable, beta, and dev all advance the patch number per build.
|
|
latest=$(git tag --list 'v[0-9]*.[0-9]*.[0-9]*' --sort=-v:refname \
|
|
| head -1 || true)
|
|
if [ -z "$latest" ]; then latest="v0.0.0"; fi
|
|
base="${latest#v}"
|
|
base="${base%%-*}"
|
|
IFS=. read -r MAJ MIN PAT <<< "$base"
|
|
PAT=$((PAT + 1))
|
|
|
|
case "$channel" in
|
|
stable)
|
|
version="${MAJ}.${MIN}.${PAT}"
|
|
;;
|
|
beta)
|
|
version="${MAJ}.${MIN}.${PAT}-beta.${short}"
|
|
;;
|
|
dev)
|
|
version="${MAJ}.${MIN}.${PAT}-dev.${short}"
|
|
;;
|
|
esac
|
|
tag="v${version}"
|
|
build_image=true
|
|
needs_build=true
|
|
|
|
# Skip kiosk+image builds on master push when only server code changed
|
|
if [[ "$GITHUB_EVENT_NAME" == "push" && "$GITHUB_REF" == refs/heads/master ]]; then
|
|
kiosk_relevant=$(git diff --name-only HEAD~1 HEAD -- kiosk/ deploy/ .github/ | wc -l)
|
|
if [[ "$kiosk_relevant" -eq 0 ]]; then
|
|
echo "::notice::No kiosk/deploy/.github changes — skipping binary + image builds"
|
|
needs_build=false
|
|
build_image=false
|
|
fi
|
|
fi
|
|
|
|
echo "version=$version" >> "$GITHUB_OUTPUT"
|
|
echo "tag=$tag" >> "$GITHUB_OUTPUT"
|
|
echo "channel=$channel" >> "$GITHUB_OUTPUT"
|
|
echo "ref=$GITHUB_SHA" >> "$GITHUB_OUTPUT"
|
|
echo "build_image=$build_image" >> "$GITHUB_OUTPUT"
|
|
echo "needs_build=$needs_build" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Create / ensure release record (lightweight tag for master pushes)
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
TAG: ${{ steps.compute.outputs.tag }}
|
|
CHANNEL: ${{ steps.compute.outputs.channel }}
|
|
run: |
|
|
set -e
|
|
# The workflow computes the release tag for all channels so every
|
|
# build bumps the patch version. A pushed tag only selects channel.
|
|
if ! git rev-parse "$TAG" >/dev/null 2>&1; then
|
|
git config user.email "actions@github.com"
|
|
git config user.name "github-actions[bot]"
|
|
git tag -a "$TAG" -m "Auto-tag $TAG ($CHANNEL)"
|
|
git push origin "$TAG"
|
|
fi
|
|
# Create release if missing. Mark dev/beta as prerelease.
|
|
if ! gh release view "$TAG" --repo "$GITHUB_REPOSITORY" >/dev/null 2>&1; then
|
|
extra=""
|
|
[[ "$CHANNEL" != "stable" ]] && extra="--prerelease"
|
|
gh release create "$TAG" \
|
|
--repo "$GITHUB_REPOSITORY" \
|
|
--title "$TAG" \
|
|
--target "$GITHUB_SHA" \
|
|
--notes "Channel: ${CHANNEL}. Commit ${GITHUB_SHA}." \
|
|
$extra
|
|
fi
|
|
|
|
# ---- Build assets ---------------------------------------------------------
|
|
build:
|
|
needs: meta
|
|
if: needs.meta.outputs.needs_build == 'true'
|
|
uses: ./.github/workflows/build.yml
|
|
with:
|
|
version: ${{ needs.meta.outputs.version }}
|
|
tag: ${{ needs.meta.outputs.tag }}
|
|
channel: ${{ needs.meta.outputs.channel }}
|
|
ref: ${{ needs.meta.outputs.ref }}
|
|
build-image: ${{ needs.meta.outputs.build_image == 'true' }}
|
|
secrets:
|
|
BF_AUTOIMPORT_URL: ${{ secrets.BF_AUTOIMPORT_URL }}
|
|
BF_AUTOIMPORT_API_KEY: ${{ secrets.BF_AUTOIMPORT_API_KEY }}
|
|
BF_RAUC_SIGNING_CERT: ${{ secrets.BF_RAUC_SIGNING_CERT }}
|
|
BF_RAUC_SIGNING_KEY: ${{ secrets.BF_RAUC_SIGNING_KEY }}
|