Consolidate changelog #4118
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: 🆙 Changelog & versions | |
| "on": | |
| workflow_call: | |
| secrets: | |
| REPOMATIC_PAT: | |
| required: false | |
| workflow_dispatch: | |
| schedule: | |
| # Run daily at 6:00 UTC for bump-version job. | |
| - cron: "0 6 * * *" | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - changelog.md | |
| - "**/pyproject.toml" | |
| # Trigger on any workflow change to make sure version gets hard-coded everywhere. | |
| - .github/workflows/*.yaml | |
| # Trigger on lockfile changes so bump-version recreates its PRs before they conflict. | |
| - uv.lock | |
| # Trigger after release workflow completes to ensure tags exist before bump-version. | |
| # This avoids race conditions where changelog workflow checks for tags before they're pushed. | |
| workflow_run: | |
| workflows: | |
| - "Build & release" | |
| types: | |
| - completed | |
| branches: | |
| - main | |
| permissions: {} | |
| concurrency: | |
| # Include event_name to prevent cross-event cancellation. | |
| # See repomatic/github/actions.py for rationale. | |
| group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| metadata: | |
| name: 🧬 Project metadata | |
| # Run on schedule, manual dispatch, push, or after release workflow completes successfully. | |
| # Push events keep bump-version PRs conflict-free by recreating them on every main change. | |
| if: > | |
| github.event_name == 'schedule' || | |
| github.event_name == 'workflow_dispatch' || | |
| github.event_name == 'push' || | |
| (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success') | |
| runs-on: ubuntu-slim | |
| outputs: | |
| metadata: ${{ steps.metadata.outputs.metadata }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| # Use github.sha, not workflow_run.head_sha (stale after release cycle). | |
| # See repomatic/github/actions.py for rationale. | |
| ref: ${{ github.sha }} | |
| fetch-tags: true | |
| - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 | |
| - name: Run repomatic metadata | |
| id: metadata | |
| run: > | |
| uvx --no-progress --from . repomatic metadata | |
| --format github-json --output "$GITHUB_OUTPUT" | |
| minor_bump_allowed major_bump_allowed release_commits_matrix | |
| fix-changelog: | |
| name: 📋 Fix changelog | |
| needs: | |
| - metadata | |
| # Skip during release cycle (push event with release commits). | |
| # The workflow_run event after "Build & release" completes handles | |
| # the post-release case, when the GitHub release is published and | |
| # visible to the public API. | |
| if: >- | |
| github.event_name == 'workflow_run' | |
| || !fromJSON(needs.metadata.outputs.metadata).release_commits_matrix | |
| runs-on: ubuntu-slim | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: ${{ github.sha }} | |
| fetch-tags: true | |
| - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 | |
| - name: Fix changelog dates and admonitions | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: uvx --no-progress --from . repomatic lint-changelog --fix | |
| - id: pr-metadata | |
| run: > | |
| uvx --no-progress --from . repomatic pr-body --output-format github-actions | |
| --template fix-changelog | |
| --output "$GITHUB_OUTPUT" | |
| - uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 | |
| with: | |
| token: ${{ secrets.REPOMATIC_PAT || github.token }} | |
| assignees: ${{ github.actor }} | |
| commit-message: ${{ steps.pr-metadata.outputs.commit_message }} | |
| title: ${{ steps.pr-metadata.outputs.title }} | |
| body: ${{ steps.pr-metadata.outputs.body }} | |
| labels: "🆙 changelog" | |
| base: main | |
| branch: fix-changelog | |
| delete-branch: true | |
| bump-version: | |
| name: 🆙 Bump versions | |
| needs: | |
| - metadata | |
| # Always run since metadata already filters appropriate events. | |
| runs-on: ubuntu-slim | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| strategy: | |
| matrix: | |
| part: | |
| - minor | |
| - major | |
| # The condition must be repeated on each step because: | |
| # 1. Job-level `if:` is evaluated before matrix expansion, so `matrix.*` isn't available there | |
| # 2. GitHub Actions lacks conditional step groups to skip multiple steps with one condition | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)] | |
| with: | |
| # Use github.sha, not workflow_run.head_sha (stale after release cycle). | |
| ref: ${{ github.sha }} | |
| - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 | |
| if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)] | |
| - name: ${{ matrix.part }} version bump | |
| if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)] | |
| run: uvx --no-progress --from . repomatic run bump-my-version -- bump --verbose ${{ matrix.part }} | |
| - name: Sync uv.lock | |
| # Use `uv lock --upgrade` (not `uv sync`) so the resolution matches the | |
| # autofix `sync-uv-lock` job. Plain `uv sync` is conservative and | |
| # preserves stale transitive markers, which then oscillate against the | |
| # autofix on the next run. | |
| if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)] | |
| run: uv --no-progress lock --upgrade | |
| - id: pr-metadata | |
| if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)] | |
| run: > | |
| uvx --no-progress --from . repomatic pr-body --output-format github-actions | |
| --template bump-version | |
| --part "${{ matrix.part }}" | |
| --output "$GITHUB_OUTPUT" | |
| - uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 | |
| if: fromJSON(needs.metadata.outputs.metadata)[format('{0}_bump_allowed', matrix.part)] | |
| with: | |
| token: ${{ secrets.REPOMATIC_PAT || github.token }} | |
| assignees: ${{ github.actor }} | |
| commit-message: ${{ steps.pr-metadata.outputs.commit_message }} | |
| title: ${{ steps.pr-metadata.outputs.title }} | |
| body: ${{ steps.pr-metadata.outputs.body }} | |
| labels: "🆙 changelog" | |
| base: main | |
| branch: ${{ matrix.part }}-version-increment | |
| delete-branch: true | |
| draft: always-true | |
| prepare-release: | |
| name: 🎬 Prepare release | |
| # Skip schedule (exists for bump-version only) and workflow_run (would double-run | |
| # on every push to main, since push already triggers this job directly). | |
| if: github.event_name != 'schedule' && github.event_name != 'workflow_run' | |
| runs-on: ubuntu-slim | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 | |
| # --- Freeze commit: freeze everything to the release version. --- | |
| - name: Strip dev suffix for release | |
| # Bump the "dev" part: .dev0 → release (omitted), producing a clean X.Y.Z version. | |
| run: uvx --no-progress --from . repomatic run bump-my-version -- bump --verbose dev | |
| - name: Extract version | |
| id: get_version | |
| run: > | |
| echo "current_version=$( | |
| uvx --no-progress --from . repomatic run bump-my-version -- show current_version | |
| )" | tee -a "$GITHUB_OUTPUT" | |
| - name: Prepare release | |
| # Updates changelog and citation dates, comparison URL, and removes warning. | |
| # Also hard-codes version in workflow URLs for kdeldycke/repomatic repository. | |
| run: uvx --no-progress --from . repomatic release-prep | |
| - name: Prepare repository | |
| env: | |
| GIT_AUTHOR: ${{ github.actor }} | |
| run: | | |
| git config --global user.name "$GIT_AUTHOR" | |
| git config --global user.email "$GIT_AUTHOR@users.noreply.github.com" | |
| git clean -fd | |
| - name: Create freeze commit | |
| env: | |
| CURRENT_VERSION: ${{ steps.get_version.outputs.current_version }} | |
| run: git commit --all --message="[changelog] Release v${CURRENT_VERSION}" | |
| # --- Unfreeze commit: revert to development references. --- | |
| - name: Re-target main branch in workflows | |
| # This step is only used in the original repository to automate remote URL tagging. | |
| if: github.repository == 'kdeldycke/repomatic' | |
| run: uvx --no-progress --from . repomatic release-prep --post-release | |
| - name: Add new changelog entry | |
| run: uvx --no-progress --from . repomatic changelog ./changelog.md | |
| - name: Version bump | |
| run: uvx --no-progress --from . repomatic run bump-my-version -- bump --verbose patch | |
| - name: Sync uv.lock | |
| # See bump-version job above for why this uses `uv lock --upgrade` | |
| # rather than `uv sync`. | |
| run: uv --no-progress lock --upgrade | |
| - name: Create unfreeze commit | |
| env: | |
| CURRENT_VERSION: ${{ steps.get_version.outputs.current_version }} | |
| run: > | |
| git commit --all --message="[changelog] Post-release bump | |
| v${CURRENT_VERSION} → v$(uvx --no-progress --from . repomatic run bump-my-version -- show current_version)" | |
| - id: pr-metadata | |
| env: | |
| CURRENT_VERSION: ${{ steps.get_version.outputs.current_version }} | |
| run: > | |
| uvx --no-progress --from . repomatic pr-body --output-format github-actions | |
| --template prepare-release | |
| --version "${CURRENT_VERSION}" | |
| --output "$GITHUB_OUTPUT" | |
| - uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 | |
| with: | |
| # We need custom PAT with workflows permission to hard-code version numbers in URLs in | |
| # .github/workflows/*.yaml files. | |
| token: ${{ secrets.REPOMATIC_PAT || github.token }} | |
| assignees: ${{ github.actor }} | |
| commit-message: ${{ steps.pr-metadata.outputs.commit_message }} | |
| title: ${{ steps.pr-metadata.outputs.title }} | |
| body: ${{ steps.pr-metadata.outputs.body }} | |
| labels: "🆙 changelog" | |
| base: main | |
| branch: prepare-release | |
| delete-branch: true | |
| draft: always-true |