name: 'Release: Create Pull Request' on: workflow_call: inputs: base-branch: description: 'The branch, tag, or commit to create this release PR from.' required: true type: string release-type: description: 'A SemVer release type.' required: true type: string outputs: pull-request-number: description: 'Number of the created pull request' value: ${{ jobs.create-release-pr.outputs.pull-request-number }} workflow_dispatch: inputs: base-branch: description: 'The branch, tag, or commit to create this release PR from.' required: true default: 'master' release-type: description: 'A SemVer release type.' required: true type: choice default: 'minor' options: - patch - minor - major - experimental - premajor permissions: contents: write pull-requests: write jobs: create-release-pr: runs-on: ubuntu-latest permissions: contents: write pull-requests: write timeout-minutes: 5 outputs: pull-request-number: ${{ steps.create-pr.outputs.pull-request-number }} steps: - name: Generate GitHub App Token id: generate_token uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 with: app-id: ${{ secrets.N8N_ASSISTANT_APP_ID }} private-key: ${{ secrets.N8N_ASSISTANT_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 token: ${{ steps.generate_token.outputs.token }} # Checkout base branch via separate step to prevent unsafe actions/checkout ref usage. # poutine: untrusted_checkout_exec - name: Switch to base branch env: BASE_BRANCH: ${{ inputs.base-branch }} run: git checkout "$BASE_BRANCH" - name: Setup Node.js uses: ./.github/actions/setup-nodejs with: build-command: '' install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace - name: Setup corepack and pnpm run: | npm i -g corepack@0.33 corepack enable - name: Bump package versions run: | echo "NEXT_RELEASE=$(node .github/scripts/bump-versions.mjs)" >> "$GITHUB_ENV" env: RELEASE_TYPE: ${{ inputs.release-type }} - name: Update Changelog run: node .github/scripts/update-changelog.mjs - name: Push the base branch env: BASE_BRANCH: ${{ inputs.base-branch }} run: | git push -f origin "refs/remotes/origin/${{ env.BASE_BRANCH }}:refs/heads/release/${{ env.NEXT_RELEASE }}" - name: Generate PR body id: generate-body run: | set -e CHANGELOG_FILE="CHANGELOG-${{ env.NEXT_RELEASE }}.md" DELIMITER="EOF_$(uuidgen)" if [ -f "${CHANGELOG_FILE}" ]; then { echo "content<<${DELIMITER}" cat "${CHANGELOG_FILE}" echo "${DELIMITER}" } >> "$GITHUB_OUTPUT" else echo "content=No changelog generated. Likely points to fixes in our CI." >> "$GITHUB_OUTPUT" fi - name: Push the release branch, and Create the PR uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0 id: create-pr with: token: ${{ steps.generate_token.outputs.token }} base: 'release/${{ env.NEXT_RELEASE }}' branch: 'release-pr/${{ env.NEXT_RELEASE }}' commit-message: ':rocket: Release ${{ env.NEXT_RELEASE }}' delete-branch: true labels: release,release:${{ inputs.release-type }} title: ':rocket: Release ${{ env.NEXT_RELEASE }}' body: ${{ steps.generate-body.outputs.content }} approve-and-automerge: needs: [create-release-pr] if: | needs.create-release-pr.outputs.pull-request-number != '' uses: ./.github/workflows/util-approve-and-set-automerge.yml secrets: inherit with: pull-request-number: ${{ needs.create-release-pr.outputs.pull-request-number }}