Merge pull request #10 from advanced-security/dependabot/cargo/cargo-… #56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: [ main ] | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| jobs: | |
| set-version: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| outdated: ${{ steps.set-version.outputs.outdated }} | |
| version: ${{ steps.set-version.outputs.version }} | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: "Checkout" | |
| uses: actions/checkout@v4 | |
| - name: "Get and Set version" | |
| id: set-version | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| set -e | |
| set -e | |
| if [[ -f .release.yml ]]; then | |
| pip install yq > /dev/null | |
| current_version=$(yq -r ".version" .release.yml) | |
| echo "💻 Current Version :: $current_version" | |
| echo "version=$current_version" >> $GITHUB_OUTPUT | |
| elif [[ -f Cargo.toml ]]; then | |
| current_version=$(grep "version =" Cargo.toml | cut -d '"' -f 2) | |
| echo "💻 Current Version :: $current_version" | |
| echo "version=$current_version" >> $GITHUB_OUTPUT | |
| else | |
| echo "Failed to find version..." | |
| exit 1 | |
| fi | |
| released_version=$(gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /repos/:owner/:repo/releases/latest | jq -r ".tag_name") | |
| if [[ $released_version == v* ]]; then | |
| released_version=${released_version:1} | |
| fi | |
| echo "🦀 GitHub Release Version :: $released_version" | |
| if [ "$current_version" != "$released_version" ]; then | |
| echo "🚀 The crate is outdated... Let's update it!" | |
| echo "outdated=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "🍹 Crate is up to date. Lets sit back and relax..." | |
| echo "outdated=false" >> $GITHUB_OUTPUT | |
| fi | |
| publish-image: | |
| uses: advanced-security/reusable-workflows/.github/workflows/container-publish.yml@main | |
| needs: [ set-version ] | |
| if: ${{ needs.set-version.outputs.outdated == 'true' }} | |
| secrets: inherit | |
| permissions: | |
| contents: write | |
| id-token: write | |
| packages: write | |
| actions: read | |
| attestations: write | |
| with: | |
| version: ${{ needs.set-version.outputs.version }} | |
| sbom: true | |
| github-release: | |
| uses: advanced-security/reusable-workflows/.github/workflows/release.yml@main | |
| if: ${{ needs.set-version.outputs.outdated == 'true' }} | |
| needs: [ publish-image ] | |
| secrets: inherit | |
| permissions: | |
| contents: write | |
| packages: write | |
| pull-requests: write | |
| with: | |
| version: ${{ needs.set-version.outputs.version }} | |