Separate tag and user privillege

bobleesj · Oct 23, 2024 · 22e88e4 · 22e88e4
1 parent 9908bda
commit 22e88e4
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 28 deletions.
diff --git a/.github/workflows/_build-wheel-release-upload.yml b/.github/workflows/_build-wheel-release-upload.yml
@@ -17,36 +17,11 @@ on:
         required: true
 
 jobs:
-  tag-check:
-    runs-on: ubuntu-latest
-    outputs:
-      tag_valid: ${{ steps.tag-check.outputs.tag_valid }}
-    steps:
-      - name: Extract and validate tag for (pre)-release
-        id: tag-check
-        run: |
-          TAG_NAME=${GITHUB_REF#refs/tags/}
-
-          # Check if the tag matches the pattern, e.g. 3.1.32 or 0.1.3rc0
-          if [[ "$TAG_NAME" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]] || [[ "$TAG_NAME" =~ ^[0-9]+\.[0-9]+\.[0-9]+rc[0-9]+$ ]]; then
-            echo "tag_valid=true" >> $GITHUB_OUTPUT
-          fi
+  tag-privilege-check:
+    uses: bobleesj/release-scripts/.github/workflows/_build-wheel-release-upload.yml@{{ VERSION/v0 }}
 
-  privilege-check:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check user role
-        # FIXME: Replace sbillinge to bobleesj
-        run: |
-          if [ "${{ github.actor }}" != "bobleesj" ]; then
-            echo "Error: Unauthorized user"
-            exit 1
-          fi
-          echo "User sbillinge is allowed to run this workflow."
-        
   build-package:
-    needs: [tag-check, privilege-check]
-    if: needs.tag-check.outputs.tag_valid == 'true'
+    needs: [tag-privilege-check]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

diff --git a/.github/workflows/_release_tag_privilege_check.yml b/.github/workflows/_release_tag_privilege_check.yml
@@ -0,0 +1,32 @@
+name: Check release tag and user privilege for release
+
+on:
+  workflow_call:
+
+jobs:
+  tag-check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Extract and validate tag for (pre)-release
+        id: tag-check
+        # Check if the tag matches the pattern, e.g. 3.1.32 or 0.1.3rc0
+        run: |
+          TAG_NAME=${GITHUB_REF#refs/tags/}
+          if [[ "$TAG_NAME" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]] || [[ "$TAG_NAME" =~ ^[0-9]+\.[0-9]+\.[0-9]+rc[0-9]+$ ]]; then
+            echo "Valid tag: $TAG_NAME"
+          else
+            echo "Invalid tag: $TAG_NAME"
+            exit 1
+          fi
+
+  privilege-check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check user role
+        # FIXME: Replace sbillinge to bobleesj
+        run: |
+          if [ "${{ github.actor }}" != "bobleesj" ]; then
+            echo "Error: Unauthorized user"
+            exit 1
+          fi
+          echo "User sbillinge is allowed to run this workflow."