name: "Release" on: push: tags: - "*" permissions: contents: read env: COMPOSER_FLAGS: "--ansi --no-interaction --no-progress --no-suggest --prefer-dist" jobs: build: permissions: contents: write # for actions/create-release to create a release name: Upload Release Asset runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v3 - name: "Install PHP" uses: "shivammathur/setup-php@v2" with: coverage: "none" extensions: "intl" ini-values: "memory_limit=-1" php-version: "8.1" - name: "Install dependencies from composer.lock using composer binary provided by system" run: "composer install ${{ env.COMPOSER_FLAGS }}" - name: "Run install again using composer binary from source" run: "bin/composer install ${{ env.COMPOSER_FLAGS }}" - name: "Validate composer.json" run: "bin/composer validate" - name: Build phar file run: "php -d phar.readonly=0 bin/compile" - name: Create release id: create_release uses: actions/create-release@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: tag_name: ${{ github.ref }} release_name: ${{ github.ref }} draft: true body: TODO - name: Upload phar uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./composer.phar asset_name: composer.phar asset_content_type: application/octet-stream - name: Configure GPG key and sign phar run: | mkdir -p ~/.gnupg/ chmod 0700 ~/.gnupg/ echo "$GPG_SIGNING_KEY" > ~/.gnupg/private.key gpg --import ~/.gnupg/private.key gpg -u contact@packagist.com --detach-sign --output composer.phar.asc composer.phar env: GPG_SIGNING_KEY: | ${{ secrets.GPG_KEY_161DFBE342889F01DDAC4E61CBB3D576F2A0946F }} - name: Upload phar signature uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./composer.phar.asc asset_name: composer.phar.asc asset_content_type: application/octet-stream # This step requires a secret token with `pull` access to composer/docker. The default # secrets.GITHUB_TOKEN is scoped to this repository only which is not sufficient. - name: "Open issue @ Docker repository" uses: actions/github-script@v6 with: github-token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} script: | // github.ref value looks like 'refs/tags/TAG', cleanup const tag = "${{ github.ref }}".replace(/refs\/tags\//, ''); // create new issue on Docker repository github.rest.issues.create({ owner: "${{ github.repository_owner }}", repo: "docker", title: `New Composer tag: ${ tag }`, body: `https://github.com/${{ github.repository }}/releases/tag/${ tag }`, });