Update release.yml #114

Summary
Jobs
- build
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/release.yml at 33e0f94

	name: Release Version

	on:
	push:
	branches: [main]
	# paths-ignore:
	# - ".github/**"

	permissions:
	contents: read

	jobs:
	build:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	contents: write
	attestations: write
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
	with:
	egress-policy: audit

	- name: Checkout repository
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	ref: main
	- name: Set up Python 3
	uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
	with:
	python-version: \|
	3.12
	check-latest: true
	allow-prereleases: true
	- name: Get Version
	id: version
	shell: bash
	run: \|
	version="$(python3 ./.github/actions/get_version.py)"
	echo "version=$version" >> $GITHUB_OUTPUT
	- name: Is Tag exists
	uses: mukunku/tag-exists-action@bdad1eaa119ce71b150b952c97351c75025c06a9 # v1.6.0
	id: checkTag
	with:
	tag: ${{ steps.version.outputs.version }}
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- if: steps.checkTag.outputs.exists == 'false'
	name: Check Tag
	id: check-tag
	run: \|
	if [[ "${{ steps.version.outputs.version }}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
	echo "match=true" >> $GITHUB_OUTPUT
	fi
	- name: ZIP Component Dir
	if: steps.checkTag.outputs.exists == 'false'
	run: \|
	cd ${{ github.workspace }}/custom_components/ipv64
	zip -r ipv64.zip ./

	- name: Generate artifact attestation
	if: steps.checkTag.outputs.exists == 'false'
	id: attestation
	uses: actions/attest-build-provenance@v2
	with:
	subject-path: ${{ github.workspace }}/custom_components/ipv64/ipv64.zip

	- name: Debug attestation output
	if: steps.checkTag.outputs.exists == 'false'
	run: \|
	echo "Bundle path: ${{ steps.attestation.outputs.bundle-path }}"
	ls -l "${{ steps.attestation.outputs.bundle-path }}"
	- name: Copy attestation
	if: steps.checkTag.outputs.exists == 'false'
	run: \|
	cp "${{ steps.attestation.outputs.bundle-path }}" ${{ github.workspace }}/custom_components/ipv64/ipv64.zip.sigstore

	- name: Import GPG key
	if: steps.checkTag.outputs.exists == 'false'
	env:
	GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
	PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
	run: \|
	mkdir -p ~/.gnupg
	chmod 700 ~/.gnupg
	echo "$GPG_PRIVATE_KEY" \| gpg --batch --import
	echo "use-agent" > ~/.gnupg/gpg.conf
	echo "allow-loopback-pinentry" >> ~/.gnupg/gpg.conf
	gpg --list-keys

	- name: Debug Passphrase
	if: steps.checkTag.outputs.exists == 'false'
	run: \|
	if [ -z "$PASSPHRASE" ]; then
	echo "Passphrase is empty!"
	exit 1
	else
	echo "Passphrase is set."
	fi
	env:
	PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

	- name: Sign ZIP file
	if: steps.checkTag.outputs.exists == 'false'
	env:
	PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
	run: \|
	gpg --detach-sign --batch --yes --pinentry-mode loopback --passphrase "$PASSPHRASE" \
	-o ${{ github.workspace }}/custom_components/ipv64/ipv64.zip.asc \
	${{ github.workspace }}/custom_components/ipv64/ipv64.zip

	- name: Upload zip to release
	if: steps.checkTag.outputs.exists == 'false'
	uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2
	with:
	repo_token: ${{ secrets.GITHUB_TOKEN }}
	file: ${{ github.workspace }}/custom_components/ipv64/ipv64.zip
	asset_name: ipv64.zip
	tag: ${{ steps.version.outputs.version }}
	overwrite: true

	- name: Upload zip to release
	if: steps.checkTag.outputs.exists == 'false'
	uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2
	with:
	repo_token: ${{ secrets.GITHUB_TOKEN }}
	file: ${{ github.workspace }}/custom_components/ipv64/ipv64.zip.asc
	asset_name: ipv64.zip.asc
	tag: ${{ steps.version.outputs.version }}
	overwrite: true

	- name: Upload zip to release
	if: steps.checkTag.outputs.exists == 'false'
	uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2
	with:
	repo_token: ${{ secrets.GITHUB_TOKEN }}
	file: ${{ github.workspace }}/custom_components/ipv64/ipv64.zip.sigstore
	asset_name: ipv64.zip.asc
	tag: ${{ steps.version.outputs.version }}
	overwrite: true

	- name: Create Release
	if: steps.checkTag.outputs.exists == 'false'
	uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2.0.9
	with:
	tag_name: ${{ steps.version.outputs.version }}
	name: v${{ steps.version.outputs.version }}
	draft: false
	prerelease: false
	token: ${{ secrets.GITHUB_TOKEN }}
	generate_release_notes: true

	# - name: Upload zip to release
	# if: steps.checkTag.outputs.exists == 'false'
	# uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974 # v2.1.0
	# with:
	# files: ${{ github.workspace }}/custom_components/ipv64/ipv64.zip
	# token: ${{ secrets.GITHUB_TOKEN }}
	# tag_name: ${{ steps.version.outputs.version }}
	# generate_release_notes: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update release.yml #114

Workflow file

Update release.yml #114

Jobs

Run details

Workflow file for this run