dart/list_or
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Refactor CI workflows: streamline CI configuration and add publish and release workflows (#2)

Browse Source 
Signed-off-by: Hans Kokx <hans.d.kokx@gmail.com>
Reviewed-on: #2
This commit is contained in:
Hans Kokx
2026-05-13 13:24:47 +02:00
parent 221faa9c97
commit edf228c010
3 changed files with 183 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/ci.yml
+19 -105
View File
@@ -1,12 +1,9 @@
name: CI and Release name: CI
on: on:
pull_request: pull_request:
branches: branches:
- main - main
push:
branches:
- main
jobs: jobs:
format: format:
@@ -107,6 +104,12 @@ jobs:
git fetch origin "${GITHUB_BASE_REF}" --depth=1 git fetch origin "${GITHUB_BASE_REF}" --depth=1
if git diff --quiet "origin/${GITHUB_BASE_REF}...HEAD" -- pubspec.yaml README.md ':(glob)**/*.dart'; then
echo "No release-relevant files changed (pubspec.yaml, README.md, *.dart); skipping version/changelog gate."
exit 0
fi
PACKAGE_NAME="$(sed -nE 's/^name:\s*([^[:space:]]+)\s*$/\1/p' pubspec.yaml | head -n1)"
PR_VERSION="$(sed -nE 's/^version:\s*([^[:space:]]+)\s*$/\1/p' pubspec.yaml | head -n1)" PR_VERSION="$(sed -nE 's/^version:\s*([^[:space:]]+)\s*$/\1/p' pubspec.yaml | head -n1)"
BASE_HAS_PUBSPEC="false" BASE_HAS_PUBSPEC="false"
BASE_VERSION="" BASE_VERSION=""
@@ -116,8 +119,8 @@ jobs:
BASE_VERSION="$(git show "origin/${GITHUB_BASE_REF}:pubspec.yaml" | sed -nE 's/^version:\s*([^[:space:]]+)\s*$/\1/p' | head -n1)" BASE_VERSION="$(git show "origin/${GITHUB_BASE_REF}:pubspec.yaml" | sed -nE 's/^version:\s*([^[:space:]]+)\s*$/\1/p' | head -n1)"
fi fi
if [ -z "$PR_VERSION" ]; then if [ -z "$PACKAGE_NAME" ] || [ -z "$PR_VERSION" ]; then
echo "Unable to read version from PR pubspec.yaml." echo "Unable to read package name/version from PR pubspec.yaml."
exit 1 exit 1
fi fi
@@ -164,10 +167,19 @@ jobs:
exit 1 exit 1
fi fi
if [ "$PR_MAJOR" -eq "$BASE_MAJOR" ] && [ "$PR_MINOR" -eq "$BASE_MINOR" ] && [ "$PR_PATCH" -le "$BASE_PATCH" ]; then if [ "$PR_MAJOR" -eq "$BASE_MAJOR" ] && [ "$PR_MINOR" -eq "$BASE_MINOR" ] && [ "$PR_PATCH" -lt "$BASE_PATCH" ]; then
echo "pubspec.yaml version must be greater than base version ($BASE_VERSION -> $PR_VERSION)."
exit 1
fi
if [ "$PR_MAJOR" -eq "$BASE_MAJOR" ] && [ "$PR_MINOR" -eq "$BASE_MINOR" ] && [ "$PR_PATCH" -eq "$BASE_PATCH" ]; then
if curl -fsSL "https://pub.dev/api/packages/${PACKAGE_NAME}" | grep -q "\"version\":\"${PR_VERSION}\""; then
echo "pubspec.yaml version must be at least 0.0.1 greater than base version ($BASE_VERSION -> $PR_VERSION)." echo "pubspec.yaml version must be at least 0.0.1 greater than base version ($BASE_VERSION -> $PR_VERSION)."
exit 1 exit 1
fi fi
echo "Version unchanged ($PR_VERSION), but this version is not yet on pub.dev; allowing first publish."
fi
else else
echo "Base branch has no pubspec.yaml; treating this as first release." echo "Base branch has no pubspec.yaml; treating this as first release."
fi fi
@@ -187,101 +199,3 @@ jobs:
else else
echo "Version/changelog gate passed for first release: $PR_VERSION" echo "Version/changelog gate passed for first release: $PR_VERSION"
fi fi
publish:
name: publish
runs-on: ubuntu-latest
needs:
- format
- analyze
- test
- pana
- version_and_changelog
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Dart
uses: dart-lang/setup-dart@v1
- name: Publish package and create Gitea release on push to main
env:
PUB_CREDENTIALS_JSON: ${{ secrets.PUB_CREDENTIALS_JSON }}
RELEASE_TOKEN: ${{ secrets.GITHUB_TOKEN }}
FALLBACK_RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
run: |
set -euo pipefail
if [ "${GITHUB_EVENT_NAME}" != "push" ] || [ "${GITHUB_REF}" != "refs/heads/main" ]; then
echo "Not a push to main; skipping publish."
exit 0
fi
PACKAGE_NAME="$(sed -nE 's/^name:\s*([^[:space:]]+)\s*$/\1/p' pubspec.yaml | head -n1)"
PACKAGE_VERSION="$(sed -nE 's/^version:\s*([^[:space:]]+)\s*$/\1/p' pubspec.yaml | head -n1)"
if [ -z "$PACKAGE_NAME" ] || [ -z "$PACKAGE_VERSION" ]; then
echo "Failed to parse package name/version from pubspec.yaml."
exit 1
fi
if curl -fsSL "https://pub.dev/api/packages/${PACKAGE_NAME}" | grep -q "\"version\":\"${PACKAGE_VERSION}\""; then
echo "${PACKAGE_NAME} ${PACKAGE_VERSION} is already published; skipping."
exit 0
fi
if [ -z "${PUB_CREDENTIALS_JSON:-}" ]; then
echo "Missing required secret PUB_CREDENTIALS_JSON."
exit 1
fi
mkdir -p "$HOME/.pub-cache"
printf '%s' "$PUB_CREDENTIALS_JSON" > "$HOME/.pub-cache/credentials.json"
chmod 600 "$HOME/.pub-cache/credentials.json"
dart pub get
dart pub publish --dry-run
dart pub publish --force
TOKEN="${RELEASE_TOKEN:-}"
if [ -z "$TOKEN" ]; then
TOKEN="${FALLBACK_RELEASE_TOKEN:-}"
fi
if [ -z "$TOKEN" ]; then
echo "Missing release token. Provide default workflow token or RELEASE_TOKEN."
exit 1
fi
SERVER_URL="${GITHUB_SERVER_URL:-${GITEA_SERVER_URL:-}}"
REPO_PATH="${GITHUB_REPOSITORY:-${GITEA_REPOSITORY:-}}"
if [ -z "$SERVER_URL" ] || [ -z "$REPO_PATH" ]; then
echo "Missing repository context required for Gitea API release creation."
exit 1
fi
TAG="v${PACKAGE_VERSION}"
RELEASE_BY_TAG_URL="${SERVER_URL}/api/v1/repos/${REPO_PATH}/releases/tags/${TAG}"
if curl -fsS -H "Authorization: token ${TOKEN}" "$RELEASE_BY_TAG_URL" >/dev/null; then
echo "Release ${TAG} already exists; skipping release creation."
exit 0
fi
CREATE_RELEASE_URL="${SERVER_URL}/api/v1/repos/${REPO_PATH}/releases"
RELEASE_PAYLOAD="{\"tag_name\":\"${TAG}\",\"target\":\"${GITHUB_SHA}\",\"target_commitish\":\"${GITHUB_SHA}\",\"title\":\"${TAG}\",\"name\":\"${TAG}\",\"note\":\"Release ${TAG}\",\"body\":\"Release ${TAG}\",\"draft\":false,\"prerelease\":false}"
HTTP_CODE="$(curl -sS -o /tmp/gitea-release-response.json -w '%{http_code}' \
-X POST "$CREATE_RELEASE_URL" \
-H "Authorization: token ${TOKEN}" \
-H 'Content-Type: application/json' \
-d "$RELEASE_PAYLOAD")"
if [ "$HTTP_CODE" = "201" ]; then
echo "Created Gitea release for ${TAG}."
elif [ "$HTTP_CODE" = "409" ]; then
echo "Release or tag ${TAG} already exists; treating as success."
else
echo "Failed to create Gitea release. HTTP ${HTTP_CODE}."
cat /tmp/gitea-release-response.json
exit 1
fi
.gitea/workflows/publish.yml
+68
View File
@@ -0,0 +1,68 @@
name: Publish
on:
push:
tags:
- "v*"
jobs:
publish:
name: publish
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Dart
uses: dart-lang/setup-dart@v1
- name: Publish package from version tag
env:
PUB_CREDENTIALS_JSON: ${{ secrets.PUB_CREDENTIALS_JSON }}
FALLBACK_PUB_CREDENTIALS_JSON: ${{ secrets.REPO_PUB_CREDENTIALS_JSON }}
run: |
set -euo pipefail
TAG="${GITHUB_REF#refs/tags/}"
if ! printf '%s' "$TAG" | grep -Eq '^v[0-9]+\.[0-9]+\.[0-9]+$'; then
echo "Tag $TAG does not match required semver pattern vX.Y.Z; skipping."
exit 0
fi
PACKAGE_NAME="$(sed -nE 's/^name:\s*([^[:space:]]+)\s*$/\1/p' pubspec.yaml | head -n1)"
PACKAGE_VERSION="$(sed -nE 's/^version:\s*([^[:space:]]+)\s*$/\1/p' pubspec.yaml | head -n1)"
if [ -z "$PACKAGE_NAME" ] || [ -z "$PACKAGE_VERSION" ]; then
echo "Failed to parse package name/version from pubspec.yaml."
exit 1
fi
if [ "$TAG" != "v${PACKAGE_VERSION}" ]; then
echo "Tag ($TAG) does not match pubspec version (v${PACKAGE_VERSION})."
exit 1
fi
if curl -fsSL "https://pub.dev/api/packages/${PACKAGE_NAME}" | grep -q "\"version\":\"${PACKAGE_VERSION}\""; then
echo "${PACKAGE_NAME} ${PACKAGE_VERSION} is already published; skipping."
exit 0
fi
RESOLVED_PUB_CREDENTIALS_JSON="${PUB_CREDENTIALS_JSON:-}"
if [ -z "$RESOLVED_PUB_CREDENTIALS_JSON" ]; then
RESOLVED_PUB_CREDENTIALS_JSON="${FALLBACK_PUB_CREDENTIALS_JSON:-}"
fi
if [ -z "$RESOLVED_PUB_CREDENTIALS_JSON" ]; then
echo "Missing required pub.dev credentials secret."
echo "Expected one of: PUB_CREDENTIALS_JSON (preferred) or REPO_PUB_CREDENTIALS_JSON."
echo "If using user-level secrets, verify this repository is allowed to read them; otherwise set the same secret at repo level."
exit 1
fi
mkdir -p "$HOME/.pub-cache"
printf '%s' "$RESOLVED_PUB_CREDENTIALS_JSON" > "$HOME/.pub-cache/credentials.json"
chmod 600 "$HOME/.pub-cache/credentials.json"
dart pub get
dart pub publish --dry-run
dart pub publish --force
.gitea/workflows/release.yml
+95
View File
@@ -0,0 +1,95 @@
name: Release
on:
push:
branches:
- main
jobs:
create_tag_and_release:
name: create-tag-and-release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Create version tag and Gitea release
env:
GITEA_RELEASE_TOKEN: ${{ secrets.GITEA_RELEASE_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -euo pipefail
BASE_SHA="${GITHUB_EVENT_BEFORE:-}"
if [ -z "$BASE_SHA" ] || [ "$BASE_SHA" = "0000000000000000000000000000000000000000" ]; then
if git rev-parse --verify HEAD^ >/dev/null 2>&1; then
BASE_SHA="$(git rev-parse HEAD^)"
fi
fi
if [ -n "$BASE_SHA" ] && git diff --quiet "$BASE_SHA...$GITHUB_SHA" -- pubspec.yaml README.md ':(glob)**/*.dart'; then
echo "No release-relevant files changed (pubspec.yaml, README.md, *.dart); skipping tag/release creation."
exit 0
fi
PACKAGE_VERSION="$(sed -nE 's/^version:\s*([^[:space:]]+)\s*$/\1/p' pubspec.yaml | head -n1)"
if [ -z "$PACKAGE_VERSION" ]; then
echo "Failed to parse version from pubspec.yaml."
exit 1
fi
TAG="v${PACKAGE_VERSION}"
TOKEN="${GITEA_RELEASE_TOKEN:-}"
if [ -z "$TOKEN" ]; then
TOKEN="${GITHUB_TOKEN:-}"
fi
if [ -z "$TOKEN" ]; then
echo "Missing release token. Provide GITEA_RELEASE_TOKEN or a usable default workflow token."
exit 1
fi
SERVER_URL="${GITHUB_SERVER_URL:-${GITEA_SERVER_URL:-}}"
REPO_PATH="${GITHUB_REPOSITORY:-${GITEA_REPOSITORY:-}}"
SHA="${GITHUB_SHA:-}"
if [ -z "$SERVER_URL" ] || [ -z "$REPO_PATH" ] || [ -z "$SHA" ]; then
echo "Missing repository context required for Gitea API release creation."
exit 1
fi
RELEASE_BY_TAG_URL="${SERVER_URL}/api/v1/repos/${REPO_PATH}/releases/tags/${TAG}"
LOOKUP_HTTP_CODE="$(curl -sS -o /tmp/gitea-release-lookup.json -w '%{http_code}' \
-H "Authorization: token ${TOKEN}" \
"$RELEASE_BY_TAG_URL")"
if [ "$LOOKUP_HTTP_CODE" = "200" ]; then
echo "Release ${TAG} already exists; skipping release creation."
exit 0
fi
if [ "$LOOKUP_HTTP_CODE" != "404" ]; then
echo "Failed to query release-by-tag endpoint. HTTP ${LOOKUP_HTTP_CODE}."
cat /tmp/gitea-release-lookup.json
exit 1
fi
CREATE_RELEASE_URL="${SERVER_URL}/api/v1/repos/${REPO_PATH}/releases"
RELEASE_PAYLOAD="{\"tag_name\":\"${TAG}\",\"target\":\"${SHA}\",\"target_commitish\":\"${SHA}\",\"title\":\"${TAG}\",\"name\":\"${TAG}\",\"note\":\"Release ${TAG}\",\"body\":\"Release ${TAG}\",\"draft\":false,\"prerelease\":false}"
HTTP_CODE="$(curl -sS -o /tmp/gitea-release-response.json -w '%{http_code}' \
-X POST "$CREATE_RELEASE_URL" \
-H "Authorization: token ${TOKEN}" \
-H 'Content-Type: application/json' \
-d "$RELEASE_PAYLOAD")"
if [ "$HTTP_CODE" = "201" ]; then
echo "Created Gitea release for ${TAG}."
elif [ "$HTTP_CODE" = "409" ]; then
echo "Release or tag ${TAG} already exists; treating as success."
else
echo "Failed to create Gitea release. HTTP ${HTTP_CODE}."
cat /tmp/gitea-release-response.json
exit 1
fi