--- name: "release-please-manifest-action" description: >- Opinionated action for running release-please in manifest mode with optional support to authenticate as a GitHub App. author: "jimeh" inputs: token: description: "GitHub token used to authenticate." default: ${{ github.token }} app-id: description: >- ID of the GitHub App to use for authentication. If set, takes precedence over token input. private-key: description: >- Private key of the GitHub App (can be Base64 encoded). Required when app-id is provided. target-branch: description: >- Branch to open pull release PR against. Defaults to the repository's default branch. default: "" target-branch-pattern: description: >- Regular expression pattern to determine if current ref name is a target branch or not. When specified, the action will only run if the current ref name matches the pattern, and the current ref name will be used as the target branch. When not specified, the action will always run, and target the specified target-branch, or the repository's default branch if target-branch is not specified. default: "" config-file: description: Path to config file within the project. default: ".github/release-please-config.json" manifest-file: description: Path to manifest file within the project. default: ".github/.release-please-manifest.json" outputs: release_created: description: "Whether or not a release was created." value: ${{ steps.release-please.outputs.release_created }} upload_url: description: "Release upload URL." value: ${{ steps.release-please.outputs.upload_url }} html_url: description: "Release URL." value: ${{ steps.release-please.outputs.html_url }} tag_name: description: "Release tag name." value: ${{ steps.release-please.outputs.tag_name }} version: description: "Version that was released." value: ${{ steps.release-please.outputs.version }} major: description: "Major version that was released." value: ${{ steps.release-please.outputs.major }} minor: description: "Minor version that was released." value: ${{ steps.release-please.outputs.minor }} patch: description: "Patch version that was released." value: ${{ steps.release-please.outputs.patch }} sha: description: "Release SHA." value: ${{ steps.release-please.outputs.sha }} pr: description: "Pull request number." value: ${{ steps.release-please.outputs.pr }} path: description: "Path that was released." value: ${{ steps.release-please.outputs.path }} releases_created: description: "Whether or not a release was created." value: ${{ steps.release-please.outputs.releases_created }} paths_released: description: "Paths that were released." value: ${{ steps.release-please.outputs.paths_released }} id: description: "Release ID." value: ${{ steps.release-please.outputs.id }} name: description: "Release name." value: ${{ steps.release-please.outputs.name }} body: description: "Release body." value: ${{ steps.release-please.outputs.body }} draft: description: "Whether or not the release is a draft." value: ${{ steps.release-please.outputs.draft }} prs_created: description: "Whether or not a pull request was created." value: ${{ steps.release-please.outputs.prs_created }} pr_number: description: "Pull request number that created the release." value: ${{ steps.release-please.outputs.prNumber }} prs: description: "Pull request numbers." value: ${{ steps.release-please.outputs.prs }} raw: description: "All outputs from release-please action as a JSON string." value: ${{ toJSON(steps.release-please.outputs) }} runs: using: "composite" steps: - name: preflight shell: bash id: preflight run: | echo "❯ Determining if action should run..." if [[ -n "$TARGET_BRANCH_PATTERN" ]]; then echo "❯ Evaluating target branch pattern:" echo "❯ - pattern: $TARGET_BRANCH_PATTERN" echo "❯ - ref name: $GITHUB_REF_NAME" if [[ "$GITHUB_REF_NAME" =~ $TARGET_BRANCH_PATTERN ]]; then echo "✔ Target branch pattern matches ref name" RUN="true" TARGET_BRANCH="$GITHUB_REF_NAME" else echo "✘ Target branch pattern does not match ref name" fi else RUN="true" fi if [[ -z "$RUN" ]]; then echo "✘ Not on a target branch, skipping run." fi echo "target-branch=${TARGET_BRANCH}" >> "$GITHUB_OUTPUT" echo "run=${RUN:-false}" >> "$GITHUB_OUTPUT" env: TARGET_BRANCH: "${{ inputs.target-branch }}" TARGET_BRANCH_PATTERN: "${{ inputs.target-branch-pattern }}" - name: resolve private key if: >- steps.preflight.outputs.run == 'true' && inputs.app-id != null && inputs.app-id != '' id: resolve-private-key shell: bash run: | echo "❯ Detecting private key format..." if [[ "$INPUT_PRIVATE_KEY" =~ ^-----BEGIN ]]; then echo "✔ PEM format detected" private_key="$INPUT_PRIVATE_KEY" else echo "✔ Base64 format detected, decoding..." private_key="$(echo "$INPUT_PRIVATE_KEY" | base64 -d)" &> /dev/null fi echo "❯ Formatting private key for output..." private_key="$(echo "$private_key" | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2)" &> /dev/null echo "::add-mask::$private_key" echo "private-key=$private_key" >> "$GITHUB_OUTPUT" echo "✔ Private key format detected and securely passed to create-github-app-token action..." env: INPUT_PRIVATE_KEY: "${{ inputs.private-key }}" - uses: actions/create-github-app-token@v2 if: >- steps.preflight.outputs.run == 'true' && inputs.app-id != null && inputs.app-id != '' id: github-app-token with: app-id: ${{ inputs.app-id }} private-key: ${{ steps.resolve-private-key.outputs.private-key }} - name: resolve token if: steps.preflight.outputs.run == 'true' id: token shell: bash run: |- echo "token=${APP_TOKEN:-$INPUT_TOKEN}" >> "$GITHUB_OUTPUT" env: APP_TOKEN: "${{ steps.github-app-token.outputs.token }}" INPUT_TOKEN: "${{ inputs.token }}" - uses: googleapis/release-please-action@v4 if: steps.preflight.outputs.run == 'true' id: release-please with: token: ${{ steps.token.outputs.token }} target-branch: ${{ steps.preflight.outputs.target-branch }} config-file: ${{ inputs.config-file }} manifest-file: ${{ inputs.manifest-file }}