Skip to content

Build release

Build release #56

Workflow file for this run

# Matomo Release Action
#
# Required GitHub secrets:
#
# RELEASE_PASSWORD | password that needs to be provided to start the action
# GITHUB_TOKEN | github release token to publish
# SVN_USERNAME | the svn username to publish a new plugin release
# SVN_PASSWORD | the svn password to publish a new plugin release
name: Build release
permissions:
actions: none
checks: none
contents: write # required to create tag and release
deployments: none
issues: none
packages: none
pull-requests: none
repository-projects: none
security-events: none
statuses: none
on:
workflow_dispatch:
inputs:
version:
description: 'Version'
required: false
default: ''
password:
description: 'Release password'
required: true
env:
RELEASE_PASSWORD: ${{ secrets.RELEASE_PASSWORD }}
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: "Check release password"
if: ${{ github.event.inputs.password != env.RELEASE_PASSWORD }}
uses: actions/github-script@v3
with:
script: |
core.setFailed('Release password didn\'t match.')
- name: "Check if user is allowed"
if: ${{ github.actor != 'mattab' && github.actor != 'tsteur' && github.actor != 'mattmary' && github.actor != 'justinvelluppillai' && github.actor != 'lance-matomo' && github.actor != 'diosmosis' }}
uses: actions/github-script@v3
with:
script: |
core.setFailed('User is not allowed to release.')
- uses: actions/checkout@v3
with:
lfs: true
fetch-depth: '0'
token: ${{ secrets.GITHUB_TOKEN }} # for pushing to protected branch
submodules: true
- run: git lfs pull
- name: "Check tag"
run: |
if [[ -n "${{ github.event.inputs.version }}" ]]
then
version="${{ github.event.inputs.version }}"
else
version=$(cat readme.txt | grep -oP "Stable tag: \K(.+)")
fi
echo "Version to build: '$version'"
echo "Check tag does not exist"
git fetch --all -q 2>/dev/null
tag_exists=$( git tag --list "$version" )
if [[ -n "$tag_exists" ]]
then
echo "A tag for $tag_exists already exists."
exit 1
fi
echo "version=$version" >> $GITHUB_ENV
# start local environment so we can run the wordpress:build-release command
- run: |
cat > .env <<EOF
UID=$UID
EOF
- run: mkdir -p ./docker/wordpress
- run: chmod -R 777 . # required to build the release
- run: docker compose --env-file .env.default --env-file .env up -d wordpress
- run: sleep 60 # wait for docker-compose launch to finish
- run: npm run compose logs wordpress --no-color # for debugging failures to start
- name: "Build releases"
run: npm run compose -- run console wordpress:build-release --name=${{ env.version }} --zip --tgz
- name: "Create release"
uses: ncipollo/release-action@c4bf6c1ab090090498fb7f3ddc9f99ba5ab619b9
with:
artifacts: "matomo-${{ env.version }}.*"
allowUpdates: ${{ steps.tag.outputs.update }}
tag: ${{ env.version }}
body: "If you download this release, make sure the directory name within the 'wordpress/wp-content' directory is 'matomo' and not for example 'matomo-for-wordpress'. [View changes](https://github.com/matomo-org/matomo-for-wordpress/blob/develop/CHANGELOG.md)"
prerelease: ${{ steps.tag.outputs.prerelease }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: "Stop docker"
run: npm run compose stop
- name: "Deploy on wordpress"
run: |
chmod +x ./scripts/*.sh
cd scripts
./deploy.sh $version ${{ secrets.SVN_USERNAME }} "${{ secrets.SVN_PASSWORD }}"
cd ..
echo "update=false" >> $GITHUB_OUTPUT
shell: bash