cseeman/ruby-gem-release.yml

## ruby-gem-release.yml
# Generic Ruby Gem Release Workflow (with RubyGems Trusted Publishing)
#
# This workflow demonstrates a streamlined Ruby gem release process using:
# - Reissue gem for version management and changelog handling, https://rubygems.org/gems/reissue
# - Discharger gem for release automation (optional, https://rubygems.org/gems/discharger/)
# - RubyGems Trusted Publishing for secure, keyless authentication
# - Single-click releases with automatic version bumping
#
# Prerequisites:
# 1. Configure RubyGems Trusted Publisher at https://rubygems.org/gems/YOUR_GEM
#    - Owner: YOUR_GITHUB_ORG
#    - Repository: YOUR_REPO_NAME  (Do NOT add a .git at the end here)
#    - Workflow filename: release.yml (No folders needed, just the filename)
# 2. Add reissue configuration to your Rakefile (see example below)

name: Release gem to RubyGems.org

on:
  workflow_dispatch:
    inputs:
      version_segment:
        description: 'Version segment to bump (patch, minor, major)'
        required: false
        default: 'patch'
        type: choice
        options:
        - patch
        - minor
        - major

jobs:
  release:
    name: Release gem to RubyGems.org
    runs-on: ubuntu-latest

    permissions:
      id-token: write  # Required for RubyGems Trusted Publishing
      contents: write  # Required for git operations and tagging
      pull-requests: write  # Required for creating post-release PR
      issues: write    # Required for release activities

    steps:
      # Set up git configuration for commits
      - name: Setup Git
        run: |
          git config --global user.email "releases@yourcompany.com"
          git config --global user.name "Release Bot"

      # Check out the repository with full history
      - uses: actions/checkout@v5
        with:
          ref: main
          fetch-depth: 0

      # Set up Ruby environment with bundler caching
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          bundler-cache: true
          ruby-version: ruby

      # Allow bundler to modify Gemfile.lock if needed
      - name: Configure Bundler
        run: |
          bundle config set frozen false

      # Finalize changelog and build gem with checksum
      # This step runs reissue:finalize automatically via build task dependencies
      - name: Finalize and build gem with checksum
        run: bundle exec rake build:checksum

      # Get current version for commit message
      - name: Get current version
        id: current_version
        run: |
          current_version=$(ruby -r ./lib/your_gem/version.rb -e 'puts YourGem::VERSION')
          echo "current_version=$current_version" >> $GITHUB_OUTPUT

      # Commit finalization changes if any exist
      - name: Commit finalization changes if needed
        run: |
          git add -A
          if ! git diff --cached --quiet; then
            git commit -m "Finalize version ${{ steps.current_version.outputs.current_version }} for release"
            echo "Changes committed for finalization"
          else
            echo "No changes to commit - changelog already finalized"
          fi

      # Release gem using official RubyGems action with Trusted Publishing
      - name: Release gem to RubyGems
        uses: rubygems/release-gem@v1

      # Get the new version after automatic bump by rake release
      - name: Get new version
        id: new_version
        run: |
          new_version=$(ruby -r ./lib/your_gem/version.rb -e 'puts YourGem::VERSION')
          echo "new_version=$new_version" >> $GITHUB_OUTPUT

      # Create PR for next version to continue development
      - name: Create Pull Request for next version
        uses: peter-evans/create-pull-request@v7
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          branch: bump-version-${{ steps.new_version.outputs.new_version }}
          base: main
          commit-message: "Bump version to ${{ steps.new_version.outputs.new_version }}"
          title: "Bump version to ${{ steps.new_version.outputs.new_version }}"
          body: |
            ## 🔄 Post-Release Version Bump

            This PR prepares the codebase for development of version ${{ steps.new_version.outputs.new_version }}.

            ### Changes Made
            - ✅ Version bumped to ${{ steps.new_version.outputs.new_version }}
            - ✅ CHANGELOG.md prepared with new Unreleased section
            - ✅ Gemfile.lock updated with new version
            - ✅ All dependencies resolved via bundle install

            ### Next Steps
            1. Review the version bump
            2. Merge this PR to continue development

            All future commits will be tracked under version ${{ steps.new_version.outputs.new_version }}.
          labels: |
            dependencies
            automated

---
# Example Rakefile configuration for reissue gem:
#
# require "bundler/setup"
# require "bundler/gem_tasks"
# require "rake/testtask"
# require "reissue/gem"  # This adds build:checksum task and release enhancements
#
# Reissue::Task.create :reissue do |task|
#   task.version_file = "lib/your_gem/version.rb"
#   task.commit = !ENV["GITHUB_ACTIONS"]  # Don't commit in CI
#   task.commit_finalize = !ENV["GITHUB_ACTIONS"]  # Don't commit in CI
#   task.push_finalize = :branch  # Create branch for finalization
#   task.clear_fragments = true   # Clear changelog fragments after release
# end
#
# Rake::TestTask.new(:test) do |t|
#   t.libs << "test"
#   t.pattern = "test/**/*_test.rb"
#   t.verbose = false
# end
#
# task default: :test

---
# Example gemspec additions for reissue + discharger:
#
# spec.add_dependency "reissue"
# spec.add_dependency "discharger"  # Optional: for additional release automation

---
# What this workflow does:
#
# 1. **Manual Trigger**: Run via GitHub Actions UI with version segment choice
# 2. **Finalization**: Updates CHANGELOG.md with release date via reissue
# 3. **Build**: Creates gem file with SHA512 checksum
# 4. **Clean Check**: Commits any finalization changes to satisfy rake release
# 5. **Release**: Uses RubyGems Trusted Publishing to publish securely
# 6. **Tagging**: Creates git tag automatically via rake release
# 7. **Version Bump**: Automatically bumps to next development version
# 8. **PR Creation**: Opens PR with version bump for continued development
#
# Benefits:
# - ✅ Single-click releases
# - ✅ No API keys to manage (uses OIDC)
# - ✅ Automatic version management
# - ✅ Secure authentication via Trusted Publishing
# - ✅ Complete audit trail
# - ✅ Automatic post-release setup
	# Generic Ruby Gem Release Workflow (with RubyGems Trusted Publishing)
	#
	# This workflow demonstrates a streamlined Ruby gem release process using:
	# - Reissue gem for version management and changelog handling, https://rubygems.org/gems/reissue
	# - Discharger gem for release automation (optional, https://rubygems.org/gems/discharger/)
	# - RubyGems Trusted Publishing for secure, keyless authentication
	# - Single-click releases with automatic version bumping
	#
	# Prerequisites:
	# 1. Configure RubyGems Trusted Publisher at https://rubygems.org/gems/YOUR_GEM
	# - Owner: YOUR_GITHUB_ORG
	# - Repository: YOUR_REPO_NAME (Do NOT add a .git at the end here)
	# - Workflow filename: release.yml (No folders needed, just the filename)
	# 2. Add reissue configuration to your Rakefile (see example below)

	name: Release gem to RubyGems.org

	on:
	workflow_dispatch:
	inputs:
	version_segment:
	description: 'Version segment to bump (patch, minor, major)'
	required: false
	default: 'patch'
	type: choice
	options:
	- patch
	- minor
	- major

	jobs:
	release:
	name: Release gem to RubyGems.org
	runs-on: ubuntu-latest

	permissions:
	id-token: write # Required for RubyGems Trusted Publishing
	contents: write # Required for git operations and tagging
	pull-requests: write # Required for creating post-release PR
	issues: write # Required for release activities

	steps:
	# Set up git configuration for commits
	- name: Setup Git
	run: \|
	git config --global user.email "releases@yourcompany.com"
	git config --global user.name "Release Bot"

	# Check out the repository with full history
	- uses: actions/checkout@v5
	with:
	ref: main
	fetch-depth: 0

	# Set up Ruby environment with bundler caching
	- name: Set up Ruby
	uses: ruby/setup-ruby@v1
	with:
	bundler-cache: true
	ruby-version: ruby

	# Allow bundler to modify Gemfile.lock if needed
	- name: Configure Bundler
	run: \|
	bundle config set frozen false

	# Finalize changelog and build gem with checksum
	# This step runs reissue:finalize automatically via build task dependencies
	- name: Finalize and build gem with checksum
	run: bundle exec rake build:checksum

	# Get current version for commit message
	- name: Get current version
	id: current_version
	run: \|
	current_version=$(ruby -r ./lib/your_gem/version.rb -e 'puts YourGem::VERSION')
	echo "current_version=$current_version" >> $GITHUB_OUTPUT

	# Commit finalization changes if any exist
	- name: Commit finalization changes if needed
	run: \|
	git add -A
	if ! git diff --cached --quiet; then
	git commit -m "Finalize version ${{ steps.current_version.outputs.current_version }} for release"
	echo "Changes committed for finalization"
	else
	echo "No changes to commit - changelog already finalized"
	fi

	# Release gem using official RubyGems action with Trusted Publishing
	- name: Release gem to RubyGems
	uses: rubygems/release-gem@v1

	# Get the new version after automatic bump by rake release
	- name: Get new version
	id: new_version
	run: \|
	new_version=$(ruby -r ./lib/your_gem/version.rb -e 'puts YourGem::VERSION')
	echo "new_version=$new_version" >> $GITHUB_OUTPUT

	# Create PR for next version to continue development
	- name: Create Pull Request for next version
	uses: peter-evans/create-pull-request@v7
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	branch: bump-version-${{ steps.new_version.outputs.new_version }}
	base: main
	commit-message: "Bump version to ${{ steps.new_version.outputs.new_version }}"
	title: "Bump version to ${{ steps.new_version.outputs.new_version }}"
	body: \|
	## 🔄 Post-Release Version Bump

	This PR prepares the codebase for development of version ${{ steps.new_version.outputs.new_version }}.

	### Changes Made
	- ✅ Version bumped to ${{ steps.new_version.outputs.new_version }}
	- ✅ CHANGELOG.md prepared with new Unreleased section
	- ✅ Gemfile.lock updated with new version
	- ✅ All dependencies resolved via bundle install

	### Next Steps
	1. Review the version bump
	2. Merge this PR to continue development

	All future commits will be tracked under version ${{ steps.new_version.outputs.new_version }}.
	labels: \|
	dependencies
	automated

	---
	# Example Rakefile configuration for reissue gem:
	#
	# require "bundler/setup"
	# require "bundler/gem_tasks"
	# require "rake/testtask"
	# require "reissue/gem" # This adds build:checksum task and release enhancements
	#
	# Reissue::Task.create :reissue do \|task\|
	# task.version_file = "lib/your_gem/version.rb"
	# task.commit = !ENV["GITHUB_ACTIONS"] # Don't commit in CI
	# task.commit_finalize = !ENV["GITHUB_ACTIONS"] # Don't commit in CI
	# task.push_finalize = :branch # Create branch for finalization
	# task.clear_fragments = true # Clear changelog fragments after release
	# end
	#
	# Rake::TestTask.new(:test) do \|t\|
	# t.libs << "test"
	# t.pattern = "test/*/_test.rb"
	# t.verbose = false
	# end
	#
	# task default: :test

	---
	# Example gemspec additions for reissue + discharger:
	#
	# spec.add_dependency "reissue"
	# spec.add_dependency "discharger" # Optional: for additional release automation

	---
	# What this workflow does:
	#
	# 1. Manual Trigger: Run via GitHub Actions UI with version segment choice
	# 2. Finalization: Updates CHANGELOG.md with release date via reissue
	# 3. Build: Creates gem file with SHA512 checksum
	# 4. Clean Check: Commits any finalization changes to satisfy rake release
	# 5. Release: Uses RubyGems Trusted Publishing to publish securely
	# 6. Tagging: Creates git tag automatically via rake release
	# 7. Version Bump: Automatically bumps to next development version
	# 8. PR Creation: Opens PR with version bump for continued development
	#
	# Benefits:
	# - ✅ Single-click releases
	# - ✅ No API keys to manage (uses OIDC)
	# - ✅ Automatic version management
	# - ✅ Secure authentication via Trusted Publishing
	# - ✅ Complete audit trail
	# - ✅ Automatic post-release setup
No results found