Code-Kit-Ultra/.github/workflows/version-bump-release.yml at main · eybersjp/Code-Kit-Ultra · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
name: Manual Release Preparation

on:
  workflow_dispatch:
    inputs:
      bump_type:
        description: 'Release type (major, minor, patch) OR explicit version (e.g., 1.2.1)'
        required: true
        default: 'patch'
      release_summary:
        description: 'Optional summary for the changelog and release notes'
        required: false
        default: 'Internal maintenance and synchronization.'

jobs:
  prepare-release:
    runs-on: ubuntu-latest
    permissions:
      contents: write

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v4
        with:
          fetch-depth: 0 # Needed for git log and tagging
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'

      - name: Setup pnpm
        uses: pnpm/action-setup@v4
        with:
          version: 10
          run_install: true

      - name: Verify Repository Health
        run: pnpm run typecheck

      - name: Configure Git
        run: |
          git config --global user.name "GitHub Actions"
          git config --global user.email "actions@github.com"

      - name: Bump Version
        run: pnpm run version:bump -- ${{ github.event.inputs.bump_type }}

      - name: Generate Release Notes
        run: pnpm run release:notes

      - name: Update Changelog
        run: |
          SUMMARY="${{ github.event.inputs.release_summary }}"
          pnpm run changelog:update -- "" "$SUMMARY"

      - name: Generate Release Control Center Report
        env:
          MILESTONE_NAME: "Manual Release: v$(node -p \"require('./package.json').version\")"
          RELEASE_SUMMARY: ${{ github.event.inputs.release_summary }}
        run: pnpm run release:control-center

      - name: Enforce Release Control Gate
        run: |
          LATEST_JSON=$(ls -t releases/control-center/manifests/*.json | head -n 1)
          DECISION=$(node -p "require('./$LATEST_JSON').governance.decision")
          echo "Release Decision: $DECISION"
          if [ "$DECISION" = "NO-GO" ]; then
            echo "❌ Release Rejected by Control Center (NO-GO). Failing workflow."
            exit 1
          fi
          if [ "$DECISION" = "GO WITH RISKS" ]; then
            echo "::warning title=RCC Decision::Approved with Risks. Check the report for details."
          fi

      - name: Commit Release Metadata
        run: |
          NEW_VERSION=$(node -p "require('./package.json').version")

          git add package.json VERSION CHANGELOG.md RELEASE_NOTES_*.md
          git add "releases/control-center/**/*"
          git add "**/package.json"

          git commit -m "chore(release): v$NEW_VERSION"
          git push origin HEAD:${{ github.ref }}

      - name: Create and Push Tag
        run: |
          NEW_VERSION=$(node -p "require('./package.json').version")
          TAG="v$NEW_VERSION"

          git tag -a "$TAG" -m "Release $TAG"
          git push origin "$TAG"

      - name: Create GitHub Release
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          NEW_VERSION=$(node -p "require('./package.json').version")
          TAG="v$NEW_VERSION"
          NOTES_FILE="RELEASE_NOTES_v$NEW_VERSION.md"

          gh release create "$TAG" \
            --title "Code Kit Ultra $TAG" \
            --notes-file "$NOTES_FILE" \
            --verify-tag