Scheduled Release #178
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Scheduled Release | |
on: | |
schedule: | |
- cron: '14 3 * * 0' # every Sunday at 03:14 UTC | |
jobs: | |
create_release: | |
env: | |
LATEST_RELEASE: replace | |
CREATE_PR: false | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v2 | |
- name: Set up Go | |
uses: actions/setup-go@v2 | |
with: | |
go-version: '1.20' | |
- run: go version | |
- name: Install dependencies | |
run: | | |
go install git.wntrmute.dev/kyle/goutils/cmd/certdump@latest | |
go install github.com/cloudflare/cfssl/cmd/... | |
go install github.com/cloudflare/cfssl_trust/... | |
- name: Setup git user | |
run: | | |
git config --global user.name "$(git --no-pager log --format=format:'%an' -n 1)" | |
git config --global user.email "$(git --no-pager log --format=format:'%ae' -n 1)" | |
- name: Run release | |
# 504h is 21d or 3w | |
run: | | |
EXPIRATION_WINDOW=504h ALLOW_SKIP_PR=true ./release.sh | |
echo "LATEST_RELEASE=$(cfssl-trust -d cert.db releases | awk ' NR==1 { print $2 }')" >> $GITHUB_ENV | |
echo "CREATE_PR=$(git branch --show-current | grep -q release && echo true)" >> $GITHUB_ENV | |
- name: Create pull request | |
id: open-pr | |
if: ${{ env.CREATE_PR == 'true'}} | |
uses: repo-sync/pull-request@v2 | |
with: | |
source_branch: "release/${{ env.LATEST_RELEASE }}" | |
destination_branch: "master" | |
pr_reviewer: "lgarofalo,mihirjham,vasilzhigilei,nickysemenza" | |
pr_assignee: "lgarofalo,mihirjham,vasilzhigilei,nickysemenza" | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Google Chat Notification | |
uses: Co-qn/google-chat-notification@releases/v1 | |
with: | |
name: Scheduled Release ${{steps.open-pr.outputs.pr_url}} | |
url: ${{ secrets.SSL_TEAM_GOOGLE_CHAT_WEBHOOK }} | |
status: ${{ job.status }} | |
if: always() |