| # Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved. |
| # |
| # Licensed under the Apache License 2.0 (the "License"). You may not use |
| # this file except in compliance with the License. You can obtain a copy |
| # in the file LICENSE in the source distribution or at |
| # https://www.openssl.org/source/license.html |
| |
| name: "Make release" |
| |
| on: |
| push: |
| tags: |
| - "openssl-*" |
| |
| permissions: {} |
| |
| jobs: |
| release: |
| runs-on: "releaser" |
| steps: |
| - name: "Checkout" |
| uses: "actions/checkout@v5" |
| with: |
| fetch-depth: 1 |
| ref: ${{ github.ref_name }} |
| github-server-url: "https://github.openssl.org/" |
| repository: "openssl/openssl" |
| token: ${{ secrets.GHE_TOKEN }} |
| path: ${{ github.ref_name }} |
| persist-credentials: false |
| - name: "Prepare assets" |
| env: |
| SIGNING_KEY_UID: ${{ vars.signing_key_uid }} |
| run: | |
| cd "$GITHUB_REF_NAME" |
| ./util/mktar.sh |
| mkdir -p assets && mv "$GITHUB_REF_NAME.tar.gz" assets/ && cd assets |
| openssl sha1 -r "$GITHUB_REF_NAME.tar.gz" > "$GITHUB_REF_NAME.tar.gz.sha1" |
| openssl sha256 -r "$GITHUB_REF_NAME.tar.gz" > "$GITHUB_REF_NAME.tar.gz.sha256" |
| gpg -u "$SIGNING_KEY_UID" -o "$GITHUB_REF_NAME.tar.gz.asc" -sba "$GITHUB_REF_NAME.tar.gz" |
| - name: "Create release" |
| env: |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} |
| run: | |
| VERSION=$(echo "$GITHUB_REF_NAME" | cut -d "-" -f 2-) |
| PRE_RELEASE=$([[ "$GITHUB_REF_NAME" =~ alpha|beta ]] && echo "-p" || echo "") |
| NOTES=$(curl -s "https://api.openssl.org/release-metadata/news/?version=$VERSION&capture_title=False") |
| gh release create "$GITHUB_REF_NAME" $PRE_RELEASE -t "OpenSSL $VERSION" -d --notes "$NOTES" -R "$GITHUB_REPOSITORY" "$GITHUB_REF_NAME/assets/"* |
