meshtastic/Meshtastic-Android
1
0
Fork 0
mirror of https://github.com/meshtastic/Meshtastic-Android.git synced 2026-04-20 22:23:37 +00:00
Code Issues Projects Releases Packages Wiki Activity

fix(ci): switch to pre-emptive tagging workflow (#4414)

Browse source
This commit is contained in:
James Rich 2026-02-02 13:34:34 -06:00 committed by GitHub
parent 773b481a58
commit cf0af91ae1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 10 additions and 116 deletions
Download patch file Download diff file Expand all files Collapse all files

51
.github/workflows/create-or-promote-release.yml vendored
View file

@ -35,7 +35,6 @@ jobs:
release_name: ${{ steps.calculate_tags.outputs.release_name }}
final_tag: ${{ steps.calculate_tags.outputs.final_tag }}
from_channel: ${{ steps.calculate_tags.outputs.from_channel }}
release_commit_sha: ${{ steps.get_sha.outputs.release_commit_sha }}
steps:
- name: Checkout code
uses: actions/checkout@v6
@ -241,57 +240,20 @@ jobs:
else
echo "No changes to commit."
fi
# Pre-emptive Tagging: Tag the commit (new or existing) and push immediately
# This ensures downstream workflows can simply checkout the tag.
echo "Tagging and pushing $FINAL_TAG..."
git tag "$FINAL_TAG"
git push origin "$FINAL_TAG"
shell: bash
- name: Get Commit SHA to Tag
id: get_sha
run: |
CHANNEL="${{ inputs.channel }}"
echo "Debug: Determining SHA for channel '$CHANNEL'"
SHA=""
if [[ "$CHANNEL" == "internal" ]]; then
# Internal build uses the latest commit (including any asset updates)
SHA=$(git rev-parse HEAD)
else
# Promotions use the SHA of the tag we are promoting
TAG_TO_PROCESS="${{ steps.calculate_tags.outputs.tag_to_process }}"
echo "Debug: Promoting tag '$TAG_TO_PROCESS'"
SHA=$(git rev-parse $TAG_TO_PROCESS)
fi
# Trim whitespace to ensure clean output
SHA=$(echo "$SHA" | xargs)
echo "Debug: Resolved SHA: '$SHA'"
if [ -z "$SHA" ]; then
echo "::error::Calculated SHA is empty! Cannot proceed."
exit 1
fi
# Save SHA to file for artifact upload (bypassing secret masking in outputs)
echo "$SHA" > release_sha.txt
# We don't output release_commit_sha to GITHUB_OUTPUT anymore to avoid it being dropped if masked.
# Downstream workflows will read the artifact.
shell: bash
- name: Upload Release SHA Artifact
uses: actions/upload-artifact@v4
with:
name: release_sha
path: release_sha.txt
retention-days: 1
call-release-workflow:
if: ${{ !inputs.dry_run && inputs.channel == 'internal' }}
needs: determine-tags
uses: ./.github/workflows/release.yml
with:
tag_name: ${{ needs.determine-tags.outputs.final_tag }}
commit_sha: ${{ needs.determine-tags.outputs.release_commit_sha }}
channel: ${{ inputs.channel }}
base_version: ${{ inputs.base_version }}
secrets: inherit
@ -304,7 +266,6 @@ jobs:
tag_name: ${{ needs.determine-tags.outputs.tag_to_process }}
release_name: ${{ needs.determine-tags.outputs.release_name }}
final_tag: ${{ needs.determine-tags.outputs.final_tag }}
commit_sha: ${{ needs.determine-tags.outputs.release_commit_sha }}
channel: ${{ inputs.channel }}
base_version: ${{ inputs.base_version }}
from_channel: ${{ needs.determine-tags.outputs.from_channel }}

75
.github/workflows/release.yml vendored
View file

@ -73,29 +73,10 @@ jobs:
GRADLE_CACHE_USERNAME: ${{ secrets.GRADLE_CACHE_USERNAME }}
GRADLE_CACHE_PASSWORD: ${{ secrets.GRADLE_CACHE_PASSWORD }}
steps:
- name: Download Release SHA Artifact
uses: actions/download-artifact@v4
continue-on-error: true
with:
name: release_sha
path: .
- name: Resolve Commit SHA
id: resolve_sha
run: |
if [ -f release_sha.txt ]; then
SHA=$(cat release_sha.txt)
echo "Using SHA from artifact: $SHA"
echo "SHA=$SHA" >> $GITHUB_OUTPUT
else
echo "Using input SHA or Tag"
echo "SHA=${{ inputs.commit_sha || inputs.tag_name }}" >> $GITHUB_OUTPUT
fi
- name: Checkout code
uses: actions/checkout@v6
with:
ref: ${{ steps.resolve_sha.outputs.SHA }}
ref: ${{ inputs.tag_name }}
fetch-depth: 0
submodules: 'recursive'
- name: Set up JDK 17
@ -130,39 +111,16 @@ jobs:
echo "versionCode=$VERSION_CODE" >> $GITHUB_OUTPUT
shell: bash
release-google:
runs-on: ubuntu-latest
needs: [prepare-build-info, run-lint]
environment: Release
env:
GRADLE_OPTS: "-Dorg.gradle.daemon=false"
GRADLE_CACHE_URL: ${{ secrets.GRADLE_CACHE_URL }}
GRADLE_CACHE_USERNAME: ${{ secrets.GRADLE_CACHE_USERNAME }}
GRADLE_CACHE_PASSWORD: ${{ secrets.GRADLE_CACHE_PASSWORD }}
steps:
- name: Download Release SHA Artifact
uses: actions/download-artifact@v4
continue-on-error: true
with:
name: release_sha
path: .
- name: Resolve Commit SHA
id: resolve_sha
run: |
if [ -f release_sha.txt ]; then
SHA=$(cat release_sha.txt)
echo "Using SHA from artifact: $SHA"
echo "SHA=$SHA" >> $GITHUB_OUTPUT
else
echo "Using input SHA or Tag"
echo "SHA=${{ inputs.commit_sha || inputs.tag_name }}" >> $GITHUB_OUTPUT
fi
- name: Checkout code
uses: actions/checkout@v6
with:
ref: ${{ steps.resolve_sha.outputs.SHA }}
ref: ${{ inputs.tag_name }}
fetch-depth: 0
submodules: 'recursive'
- name: Set up JDK 17
@ -266,29 +224,10 @@ jobs:
GRADLE_CACHE_USERNAME: ${{ secrets.GRADLE_CACHE_USERNAME }}
GRADLE_CACHE_PASSWORD: ${{ secrets.GRADLE_CACHE_PASSWORD }}
steps:
- name: Download Release SHA Artifact
uses: actions/download-artifact@v4
continue-on-error: true
with:
name: release_sha
path: .
- name: Resolve Commit SHA
id: resolve_sha
run: |
if [ -f release_sha.txt ]; then
SHA=$(cat release_sha.txt)
echo "Using SHA from artifact: $SHA"
echo "SHA=$SHA" >> $GITHUB_OUTPUT
else
echo "Using input SHA or Tag"
echo "SHA=${{ inputs.commit_sha || inputs.tag_name }}" >> $GITHUB_OUTPUT
fi
- name: Checkout code
uses: actions/checkout@v6
with:
ref: ${{ steps.resolve_sha.outputs.SHA }}
ref: ${{ inputs.tag_name }}
fetch-depth: 0
submodules: 'recursive'
- name: Set up JDK 17
@ -344,15 +283,9 @@ jobs:
- name: Checkout code
uses: actions/checkout@v6
with:
ref: ${{ inputs.commit_sha || inputs.tag_name }}
ref: ${{ inputs.tag_name }}
fetch-depth: 0
- name: Push Git Tag on Success
if: ${{ inputs.commit_sha != '' }}
run: |
git tag ${{ inputs.tag_name }} ${{ inputs.commit_sha }}
git push origin ${{ inputs.tag_name }}
- name: Download all artifacts
uses: actions/download-artifact@v7
with: