diff --git a/RELEASE.md b/RELEASE.md new file mode 100644 index 0000000..55d97e6 --- /dev/null +++ b/RELEASE.md @@ -0,0 +1,30 @@ +# Release Instructions + +Follow the steps below to tag a new release for the +`actions/attest-sbom` action. + +If changes were made to the internal `actions/attest-sbom/predicate` +action (any updates to [`./predicate/action.yaml`](./predicate/action.yml) or +any of the code in the [`./src`](./src) directory), start with step #1; +otherwise, skip directly to step #5. + +1. Merge the latest changes to the `main` branch. +1. Create and push a new predicate tag of the form `predicate@X.X.X` following + SemVer conventions: + + ```shell + git tag -a "predicate@X.X.X" -m "predicate@X.X.X Release" + git push --tags + ``` + +1. Update the reference to the `actions/attest-sbom/predicate` + action in [`action.yml`](./action.yml) to point to the SHA of the newly + created tag. +1. Push the `action.yml` change and open a PR. Once it has been reviewed, merge + the PR and proceed with the release instructions. +1. Create a new release for the top-level action using a tag of the form + `vX.X.X` following SemVer conventions: + + ```shell + gh release create vX.X.X + ``` diff --git a/script/release b/script/release deleted file mode 100755 index 1ae8d07..0000000 --- a/script/release +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash - -# About: -# -# This is a helper script to tag and push a new release. GitHub Actions use -# release tags to allow users to select a specific version of the action to use. -# -# See: https://github.com/actions/typescript-action#publishing-a-new-release -# -# This script will do the following: -# -# 1. Get the latest release tag -# 2. Prompt the user for a new release tag -# 3. Tag the new release -# 4. Push the new tag to the remote -# -# Usage: -# -# script/release - -# Terminal colors -OFF='\033[0m' -RED='\033[0;31m' -GREEN='\033[0;32m' -BLUE='\033[0;34m' - -# Get the latest release tag -latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)") - -if [[ -z "$latest_tag" ]]; then - # There are no existing release tags - echo -e "No tags found (yet) - Continue to create and push your first tag" - latest_tag="[unknown]" -fi - -# Display the latest release tag -echo -e "The latest release tag is: ${BLUE}${latest_tag}${OFF}" - -# Prompt the user for the new release tag -read -r -p 'Enter a new release tag (vX.X.X format): ' new_tag - -# Validate the new release tag -tag_regex='v[0-9]+\.[0-9]+\.[0-9]+$' -if echo "$new_tag" | grep -q -E "$tag_regex"; then - echo -e "Tag: ${BLUE}$new_tag${OFF} is valid" -else - # Release tag is not `vX.X.X` format - echo -e "Tag: ${BLUE}$new_tag${OFF} is ${RED}not valid${OFF} (must be in vX.X.X format)" - exit 1 -fi - -# Tag the new release -git tag -a "$new_tag" -m "$new_tag Release" -echo -e "${GREEN}Tagged: $new_tag${OFF}" - -# Push the new tag to the remote -git push --tags -echo -e "${GREEN}Release tag pushed to remote${OFF}" -echo -e "${GREEN}Done!${OFF}"