github.com/gemaraproj/gemara@v1.3.0

.github/workflows/release.yml raw

 1---
 2name: "Release"
 3on:
 4  workflow_dispatch:
 5  pull_request_target:
 6    types: [closed]
 7    branches:
 8      - main
 9jobs:
10  release:
11    permissions:
12      contents: write       # Create release and push tags
13      pull-requests: read   # Read PR labels for release-drafter
14      packages: write       # Push container image to ghcr.io
15      id-token: write       # Federate for artifact attestation
16      attestations: write   # Generate build provenance attestations
17      discussions: write    # Create release announcement discussion
18    uses: github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml@6d7a83e6fc8275128984b0ed3defa4b8cdc40f85 # v1.1.0
19    with:
20      publish: true
21      release-config-name: release-drafter.yml
22    secrets:
23      github-token: ${{ secrets.GITHUB_TOKEN }}
24  publish-cue:
25    needs: release
26    if: needs.release.outputs.full-tag != ''
27    runs-on: ubuntu-latest
28    permissions:
29      contents: read
30    steps:
31      - name: Checkout
32        uses: actions/checkout@v6.0.2
33        with:
34          fetch-depth: 0
35          persist-credentials: false
36      - name: Setup Cue
37        uses: cue-lang/setup-cue@a93fa358375740cd8b0078f76355512b9208acb1 # v1.0.1
38        with:
39          version: "v0.15.1"
40      - name: Login to Central Registry
41        run: cue login --token=${{ secrets.CUE_REG_TOKEN }}
42      - name: Publish the module
43        run: cue mod publish ${{ needs.release.outputs.full-tag }}