name: Release PR on: push: branches: [main] workflow_dispatch: permissions: contents: write pull-requests: write issues: write concurrency: group: release-pr-${{ github.ref }} cancel-in-progress: true jobs: release-pr: runs-on: ubuntu-latest outputs: cli_release_created: ${{ steps.release.outputs.release_created }} cli_tag_name: ${{ steps.release.outputs.tag_name }} steps: - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Setup Bun uses: oven-sh/setup-bun@v2 with: bun-version: latest - name: Install dependencies run: bun install --frozen-lockfile - name: Validate release metadata scripts run: bun run release:validate - name: Close stale release PR run: | PR=$(gh pr list --head release-please--branches--main --json number --jq '.[0].number') if [ -n "$PR" ]; then echo "Closing stale release PR #$PR so release-please regenerates with full changelog" gh pr close "$PR" --delete-branch=false fi env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Maintain release PR id: release uses: googleapis/release-please-action@v4.4.0 with: token: ${{ secrets.GITHUB_TOKEN }} config-file: .github/release-please-config.json manifest-file: .github/.release-please-manifest.json skip-labeling: true publish-cli: needs: release-pr if: needs.release-pr.outputs.cli_release_created == 'true' runs-on: ubuntu-latest permissions: contents: read id-token: write concurrency: group: publish-${{ needs.release-pr.outputs.cli_tag_name }} cancel-in-progress: false steps: - uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{ needs.release-pr.outputs.cli_tag_name }} - name: Setup Bun uses: oven-sh/setup-bun@v2 with: bun-version: latest - name: Install dependencies run: bun install --frozen-lockfile - name: Run tests run: bun test - name: Setup Node.js for release uses: actions/setup-node@v4 with: node-version: "24" - name: Publish package run: npm publish --provenance --access public