create web release #51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: create web release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Version number for the release (x.x.x)' | |
| required: true | |
| type: string | |
| jobs: | |
| run-tests: | |
| uses: ./.github/workflows/web-tests.yml | |
| build-and-release: | |
| needs: run-tests | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write # required to create a branch | |
| pull-requests: write # required to open a Pull Request | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set release name | |
| run: echo "RELEASE_NAME=capa-explorer-web-v${{ github.event.inputs.version }}-${GITHUB_SHA::7}" >> $GITHUB_ENV | |
| - name: Check if release already exists | |
| run: | | |
| if ls web/explorer/releases/capa-explorer-web-v${{ github.event.inputs.version }}-* 1> /dev/null 2>&1; then | |
| echo "::error:: A release with version ${{ github.event.inputs.version }} already exists" | |
| exit 1 | |
| fi | |
| - name: Set up Node.js | |
| uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
| with: | |
| node-version: 20 | |
| cache: 'npm' | |
| cache-dependency-path: 'web/explorer/package-lock.json' | |
| - name: Install dependencies | |
| run: npm ci | |
| working-directory: web/explorer | |
| - name: Build offline bundle | |
| run: npm run build:bundle | |
| working-directory: web/explorer | |
| - name: Compress bundle | |
| run: zip -r ${{ env.RELEASE_NAME }}.zip capa-explorer-web | |
| working-directory: web/explorer | |
| - name: Create releases directory | |
| run: mkdir -vp web/explorer/releases | |
| - name: Move release to releases folder | |
| run: mv web/explorer/${{ env.RELEASE_NAME }}.zip web/explorer/releases | |
| - name: Compute release SHA256 hash | |
| run: | | |
| echo "RELEASE_SHA256=$(sha256sum web/explorer/releases/${{ env.RELEASE_NAME }}.zip | awk '{print $1}')" >> $GITHUB_ENV | |
| - name: Update CHANGELOG.md | |
| run: | | |
| echo "## ${{ env.RELEASE_NAME }}" >> web/explorer/releases/CHANGELOG.md | |
| echo "- Release Date: $(date -u '+%Y-%m-%d %H:%M:%S UTC')" >> web/explorer/releases/CHANGELOG.md | |
| echo "- SHA256: ${{ env.RELEASE_SHA256 }}" >> web/explorer/releases/CHANGELOG.md | |
| echo "" >> web/explorer/releases/CHANGELOG.md | |
| cat web/explorer/releases/CHANGELOG.md | |
| - name: Remove older releases | |
| # keep only the latest 3 releases | |
| run: ls -t capa-explorer-web-v*.zip | tail -n +4 | xargs -r rm -- | |
| working-directory: web/explorer/releases | |
| - name: Create Pull Request | |
| run: | | |
| git config --local user.email "capa-dev@mandiant.com" | |
| git config --local user.name "Capa Bot" | |
| git add -f web/explorer/releases/${{ env.RELEASE_NAME }}.zip web/explorer/releases/CHANGELOG.md | |
| git add -u web/explorer/releases/ | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@v7 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| title: "explorer web: add release v${{ github.event.inputs.version }}" | |
| body: | | |
| This PR adds a new capa Explorer Web release v${{ github.event.inputs.version }}. | |
| Release details: | |
| - Name: ${{ env.RELEASE_NAME }} | |
| - SHA256: ${{ env.RELEASE_SHA256 }} | |
| This PR was automatically created by the web release workflow. | |
| - [x] No CHANGELOG update needed | |
| - [x] No new tests needed | |
| - [x] No documentation update needed | |
| commit-message: ":robot: explorer web: add release ${{ env.RELEASE_NAME }}" | |
| branch: release/web-v${{ github.event.inputs.version }} | |
| add-paths: web/explorer/releases/${{ env.RELEASE_NAME }}.zip | |
| base: master | |
| labels: webui | |
| delete-branch: true | |
| committer: Capa Bot <capa-dev@mandiant.com> | |
| author: Capa Bot <capa-dev@mandiant.com> |