name: Release Build (dev → main) on: push: branches: - dev workflow_dispatch: env: GITEA_HOST: git.hexahost.dev REPO_PATH: smueller/HexaHost-Frontend jobs: release-build: if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }} runs-on: ubuntu-latest steps: - name: Checkout (volle History) uses: actions/checkout@v4 with: fetch-depth: 0 repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend ref: dev - name: Merge dev in CI-Workspace (Basis main) env: GITEA_TOKEN: ${{ github.token }} run: | git config user.name "gitea-actions" git config user.email "actions@local" git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git" git fetch origin main dev if git show-ref --verify --quiet refs/remotes/origin/main; then git checkout -B main origin/main git merge origin/dev -X theirs --no-edit -m "ci: merge dev for release build" else echo "main branch missing, initializing from dev" git checkout -B main origin/dev fi - name: Setup Python uses: actions/setup-python@v5 with: python-version: "3.12" - name: Setup Node uses: actions/setup-node@v4 with: node-version: "20" - name: Run release obfuscation run: python scripts/obfuscate_release.py --root . --hash-assets - name: Publish release to main env: GITEA_TOKEN: ${{ github.token }} run: | git config user.name "gitea-actions" git config user.email "actions@local" git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git" git add -A if git diff --cached --quiet; then echo "No release changes to publish." exit 0 fi git commit -m "chore(release): obfuscate and hash production assets [skip ci]" git push origin main