chore(release): v0.4.17 #21
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: 'Tag to release (vX.Y.Z)' | |
| required: true | |
| type: string | |
| jobs: | |
| release: | |
| runs-on: windows-latest | |
| permissions: | |
| contents: write | |
| env: | |
| RELEASE_TAG: ${{ github.event_name == 'workflow_dispatch' && inputs.tag || github.ref_name }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.RELEASE_TAG }} | |
| - name: Prepare signing certificate | |
| shell: pwsh | |
| env: | |
| CLOUDSQLCTL_SIGN_CERT_B64: ${{ secrets.CLOUDSQLCTL_SIGN_CERT_B64 }} | |
| CLOUDSQLCTL_SIGN_PWD: ${{ secrets.CLOUDSQLCTL_SIGN_PWD }} | |
| run: | | |
| if (-not $env:CLOUDSQLCTL_SIGN_CERT_B64) { | |
| Write-Host "Signing cert not provided; skipping signing setup." | |
| exit 0 | |
| } | |
| $certPath = Join-Path $env:RUNNER_TEMP "cloudsqlctl-signing.pfx" | |
| [IO.File]::WriteAllBytes($certPath, [Convert]::FromBase64String($env:CLOUDSQLCTL_SIGN_CERT_B64)) | |
| "CLOUDSQLCTL_SIGN_CERT=$certPath" | Out-File -FilePath $env:GITHUB_ENV -Append | |
| "CLOUDSQLCTL_SIGN_PWD=$env:CLOUDSQLCTL_SIGN_PWD" | Out-File -FilePath $env:GITHUB_ENV -Append | |
| - name: Use Node.js 22.x | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22.x | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Check Version | |
| run: | | |
| $tag = $env:RELEASE_TAG -replace '^v', '' | |
| $pkg = Get-Content package.json | ConvertFrom-Json | |
| if ($pkg.version -ne $tag) { | |
| Write-Error "Version mismatch: Tag $tag vs Package $($pkg.version)" | |
| exit 1 | |
| } | |
| - name: Build | |
| run: npm run build | |
| - name: Package (SEA) | |
| run: npm run package | |
| - name: Install Inno Setup | |
| run: choco install innosetup -y --no-progress | |
| - name: Build Installer | |
| run: npm run installer | |
| - name: Sign artifacts | |
| if: ${{ env.CLOUDSQLCTL_SIGN_CERT != '' }} | |
| shell: pwsh | |
| run: | | |
| powershell -ExecutionPolicy Bypass -File tools/sign-exe.ps1 -ExePath "bin/cloudsqlctl.exe" | |
| powershell -ExecutionPolicy Bypass -File tools/sign-exe.ps1 -ExePath "dist/cloudsqlctl-setup.exe" | |
| - name: Generate Docs | |
| run: npm run docs:generate | |
| - name: Stage Artifacts | |
| run: npm run stage | |
| - name: Verify Artifacts | |
| run: | | |
| if (-not (Test-Path artifacts/cloudsqlctl.exe)) { throw "Missing cloudsqlctl.exe" } | |
| if (-not (Test-Path artifacts/cloudsqlctl-setup.exe)) { throw "Missing cloudsqlctl-setup.exe" } | |
| if (-not (Test-Path artifacts/cloudsqlctl-windows-x64.zip)) { throw "Missing zip bundle" } | |
| if (-not (Test-Path artifacts/SHA256SUMS.txt)) { throw "Missing SHA256SUMS.txt" } | |
| - name: Delete existing release assets (same tag) | |
| shell: pwsh | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| $tag = $env:RELEASE_TAG | |
| $headers = @{ | |
| Authorization = "Bearer $env:GITHUB_TOKEN" | |
| Accept = "application/vnd.github+json" | |
| } | |
| try { | |
| $release = Invoke-RestMethod -Method Get -Uri "https://api.github.com/repos/$env:GITHUB_REPOSITORY/releases/tags/$tag" -Headers $headers | |
| } catch { | |
| if ($_.Exception.Response.StatusCode.value__ -eq 404) { | |
| Write-Host "No existing release for $tag" | |
| exit 0 | |
| } | |
| throw | |
| } | |
| if (-not $release) { | |
| Write-Host "No existing release data for $tag" | |
| exit 0 | |
| } | |
| foreach ($asset in $release.assets) { | |
| Write-Host "Deleting asset $($asset.name)" | |
| Invoke-RestMethod -Method Delete -Uri "https://api.github.com/repos/$env:GITHUB_REPOSITORY/releases/assets/$($asset.id)" -Headers $headers | |
| } | |
| - name: Release | |
| uses: softprops/action-gh-release@v2 | |
| if: ${{ github.event_name == 'workflow_dispatch' || startsWith(github.ref, 'refs/tags/') }} | |
| with: | |
| tag_name: ${{ env.RELEASE_TAG }} | |
| files: artifacts/* | |
| generate_release_notes: true |