Skip to content

feat: Check encryptionScheme against MCap (#6484) #1637

feat: Check encryptionScheme against MCap (#6484)

feat: Check encryptionScheme against MCap (#6484) #1637

name: Release
on:
push:
branches:
- main
- v[0-9]*
jobs:
release:
runs-on: ubuntu-latest
outputs:
release_created: ${{ steps.release.outputs.release_created }}
tag_name: ${{ steps.release.outputs.tag_name }}
patch: ${{ steps.release.outputs.patch }}
steps:
# Create/update release PR
- uses: google-github-actions/release-please-action@v4
id: release
with:
# Make sure we create the PR against the correct branch.
target-branch: ${{ github.ref_name }}
# Use a special shaka-bot access token for releases.
token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
# See also settings in these files:
manifest-file: .release-please-manifest.json
config-file: .release-please-config.json
# The jobs below are all conditional on a release having been created by
# someone merging the release PR. They all run in parallel.
tag-main:
runs-on: ubuntu-latest
needs: release
if: needs.release.outputs.release_created && needs.release.outputs.patch != '0'
steps:
- uses: actions/checkout@v4
with:
# Check out the origin repo, and do it at main, not the PR branch.
ref: main
# Use a special shaka-bot access token for releases.
token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
- name: Tag the main branch
run: |
# Set missing git config for the tag.
git config user.name "shaka-bot"
git config user.email "shaka-bot@users.noreply.github.com"
# Tag the main branch.
VERSION=${{ needs.release.outputs.tag_name }}
git tag -m "$VERSION-main" "$VERSION-main"
git push origin "$VERSION-main"
npm:
runs-on: ubuntu-latest
needs: release
if: needs.release.outputs.release_created
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 16
registry-url: 'https://registry.npmjs.org'
- name: Compute NPM tags
run: |
# NPM publish always sets a tag. If you don't provide an explicit
# tag, you get the "latest" tag by default, but we want "latest" to
# always point to the highest version number. So we set an explicit
# tag on every "publish" command, then follow up with a command to
# set "latest" only if this release was the highest version yet.
# The explicit tag is based on the branch. If the git tag is v4.4.1,
# the branch was v4.4.x, and the explicit NPM tag should be
# v4.4-latest.
GIT_TAG_NAME=${{ needs.release.outputs.tag_name }}
NPM_TAG=$(echo "$GIT_TAG_NAME" | cut -f 1-2 -d .)-latest
echo "NPM_TAG=$NPM_TAG" >> $GITHUB_ENV
# We only tag the NPM package as "latest" if this release is the
# highest version to date.
RELEASE_TAGS=$(git tag | grep ^v[0-9] | grep -Ev -- '-(master|main)')
LATEST_RELEASE=$(echo "$RELEASE_TAGS" | sort --version-sort | tail -1)
if [[ "$GIT_TAG_NAME" == "$LATEST_RELEASE" ]]; then
NPM_LATEST=true
else
NPM_LATEST=false
fi
echo NPM_LATEST=$NPM_LATEST >> $GITHUB_ENV
# Debug the decisions made here.
echo "Latest release: $LATEST_RELEASE"
echo "This release: $GIT_TAG_NAME"
echo "NPM tag: $NPM_TAG"
echo "NPM latest: $NPM_LATEST"
- run: npm ci
- name: Publish
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
run: |
# Publish with an explicit tag.
npm publish --tag "$NPM_TAG"
# Add the "latest" tag if needed.
if [[ "$NPM_LATEST" == "true" ]]; then
NPM_VERSION=$(npm version --json | jq -r '."shaka-player"')
npm dist-tag add "shaka-player@$NPM_VERSION" latest
fi
- run: npm pack
- name: Attach to release
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_PLEASE_TOKEN }}
run: |
gh release upload \
${{ needs.release.outputs.tag_name }} shaka-player-*.tgz \
--clobber
appspot:
runs-on: ubuntu-latest
needs: release
if: needs.release.outputs.release_created
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 16
registry-url: 'https://registry.npmjs.org'
- name: Compute appspot subdomain and promotion
run: |
# This is the same as the version tag, but with dots replaced by
# dashes. For example, v3.2.2 would have the subdomain v3-2-2.
APPSPOT_SUBDOMAIN=$( echo ${{ needs.release.outputs.tag_name }} | sed -e 's/\./-/g' )
echo APPSPOT_SUBDOMAIN=$APPSPOT_SUBDOMAIN >> $GITHUB_ENV
# "Promoting" an appspot deployment makes it the default which shows
# up on shaka-player-demo.appspot.com (no subdomain). This should be
# done for the latest release version from the latest release branch.
RELEASE_TAGS=$(git tag | grep ^v[0-9] | grep -Ev -- '-(master|main)')
LATEST_RELEASE=$(echo "$RELEASE_TAGS" | sort --version-sort | tail -1)
TAG_NAME=${{ needs.release.outputs.tag_name }}
if [[ "$TAG_NAME" == "$LATEST_RELEASE" ]]; then
APPSPOT_PROMOTE=true
else
APPSPOT_PROMOTE=false
fi
echo APPSPOT_PROMOTE=$APPSPOT_PROMOTE >> $GITHUB_ENV
# Debug the decisions made here.
echo "Subdomain: $APPSPOT_SUBDOMAIN"
echo "Latest release: $LATEST_RELEASE"
echo "This release: $TAG_NAME"
echo "Promote: $APPSPOT_PROMOTE"
- uses: ./.github/workflows/custom-actions/prep-for-appspot
- uses: google-github-actions/auth@v2
with:
credentials_json: '${{ secrets.APPENGINE_DEPLOY_KEY }}'
- uses: google-github-actions/deploy-appengine@v2
with:
project_id: shaka-player-demo
version: ${{ env.APPSPOT_SUBDOMAIN }}
promote: ${{ env.APPSPOT_PROMOTE }}
auto-branch:
runs-on: ubuntu-latest
needs: release
if: needs.release.outputs.release_created && needs.release.outputs.patch == '0'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
# Use a special shaka-bot access token for releases.
token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
- name: Create release branch
run: |
TAG=${{ needs.release.outputs.tag_name }}
BRANCH=$(echo "$TAG" | sed -e 's/\.0$/.x/')
git push origin HEAD:"$BRANCH"