cms.fellies.org/.gitea/workflows/release.yml

name: CMS Release

on:
  push:
    tags:
      - "v*"
  workflow_dispatch:
    inputs:
      release_tag:
        description: "Release tag in vX.Y.Z format"
        required: true
      rollback_image_tag:
        description: "Optional rollback image tag"
        required: false

env:
  BUN_VERSION: "1.3.5"
  REGISTRY: ${{ secrets.CMS_IMAGE_REGISTRY }}
  IMAGE_NAMESPACE: ${{ secrets.CMS_IMAGE_NAMESPACE }}

jobs:
  release:
    name: Build Push Changelog
    runs-on: node22-bun
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup Bun
        uses: oven-sh/setup-bun@v2
        with:
          bun-version: ${{ env.BUN_VERSION }}

      - name: Install dependencies
        run: bun install --frozen-lockfile

      - name: Resolve release tag
        id: tag
        run: |
          if [ "${GITHUB_EVENT_NAME}" = "workflow_dispatch" ]; then
            echo "value=${{ github.event.inputs.release_tag }}" >> "$GITHUB_OUTPUT"
          else
            echo "value=${GITHUB_REF_NAME}" >> "$GITHUB_OUTPUT"
          fi

      - name: Validate tag against package version
        run: sh .gitea/scripts/validate-tag-version.sh "${{ steps.tag.outputs.value }}"

      - name: Generate changelog
        run: bun run changelog:release

      - name: Login to image registry
        run: |
          echo "${{ secrets.CMS_IMAGE_REGISTRY_PASSWORD }}" | docker login "${{ env.REGISTRY }}" -u "${{ secrets.CMS_IMAGE_REGISTRY_USER }}" --password-stdin

      - name: Build and push web image
        run: |
          image="${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/cms-web:${{ steps.tag.outputs.value }}"
          docker build -f apps/web/Dockerfile -t "$image" .
          docker push "$image"

      - name: Build and push admin image
        run: |
          image="${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/cms-admin:${{ steps.tag.outputs.value }}"
          docker build -f apps/admin/Dockerfile -t "$image" .
          docker push "$image"

      - name: Release notes placeholder
        run: |
          echo "Release tag: ${{ steps.tag.outputs.value }}"
          echo "TODO: publish CHANGELOG.md content to release notes in Gitea."

  rollback:
    name: Rollback (Manual)
    if: github.event_name == 'workflow_dispatch' && github.event.inputs.rollback_image_tag != ''
    runs-on: ubuntu-latest
    needs: release
    steps:
      - name: Rollback placeholder
        run: |
          echo "Rollback to image tag: ${{ github.event.inputs.rollback_image_tag }}"
          echo "TODO: apply compose update with rollback image tags on production host."