Release
Automates releases using release-please. Opens release PRs, creates GitHub Releases, and keeps the v<major> tag alias in sync.
Usage
yaml
jobs:
release:
uses: KevinDeBenedetti/github-workflows/.github/workflows/release.yml@main
with:
config-file: release-please-config.json
manifest-file: .release-please-manifest.json
git-user-name: ${{ secrets.GITHUB_USERNAME }}
git-user-email: ${{ secrets.GITHUB_EMAIL }}
secrets:
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}Inputs
| Input | Type | Default | Description |
|---|---|---|---|
release-type | string | '' | release-please release type (e.g. node, python, simple). Ignored when config-file is provided. |
initial-version | string | '1.0.0' | Initial version for new releases (e.g. 0.1.0, 1.0.0). Only used if the manifest file doesn't exist. |
config-file | string | '' | Path to release-please-config.json. If empty, checks .github/release/release-please-config.json then release-please-config.json. |
manifest-file | string | '' | Path to .release-please-manifest.json. If empty, checks .github/release/.release-please-manifest.json then .release-please-manifest.json. |
git-user-name | string | '' | Name for the git tagger identity when moving the major version tag. Falls back to the GIT_USER_NAME repo variable, then github-actions[bot]. |
git-user-email | string | '' | Email for the git tagger identity when moving the major version tag. Falls back to the GIT_USER_EMAIL repo variable, then the Actions noreply address. |
runner | string | '"ubuntu-latest"' | Runner labels as JSON — e.g. '"ubuntu-latest"' or '["self-hosted","linux","k3s","kaniko"]'. |
notify-reviewers | string | '' | Comma-separated GitHub usernames to notify when a release PR is opened. Each user is requested as a reviewer and @mentioned in a PR comment, so a notification reliably reaches them. Each PR is notified at most once. Leave empty to disable. |
release-pending-label | string | 'autorelease: pending' | Label used to find the open release PR on runs where release-please didn't create/update it (the fallback path for notify-reviewers). Override only if you customized pull-request-label in your release-please config. |
app-client-id | string | '' | Client ID (or App ID) of a GitHub App with contents/pull-requests/issues write. When set, a short-lived App token is used instead of GITHUB_TOKEN, so the release PR is attributed to the App (avoids the workflow-approval gate and lets CI run on the release PR). |
Secrets
| Secret | Required | Description |
|---|---|---|
RELEASE_TOKEN | no | PAT with contents: write and pull-requests: write. Falls back to GITHUB_TOKEN. |
APP_PRIVATE_KEY | no | Private key of the GitHub App referenced by app-client-id. Required when app-client-id is set. |
Outputs
| Output | Description |
|---|---|
released | 'true' if a GitHub Release was created |
tag | Tag name of the release (e.g. v1.2.3) |
Jobs
| Job | Description |
|---|---|
release | Runs release-please; creates release PR or GitHub Release |
tag-workflows | Moves the v<major> alias tag after each release |
Notes
- The
tag-workflowsjob only runs whenreleased == 'true'. - The major alias (e.g.
v1) is force-pushed after each release, enabling callers to pin to@v1without a breaking update. - When using a monorepo, prefer
config-file+manifest-fileoverrelease-type. - With
notify-reviewersset, the PR comment carries a hidden<!-- release-please-notify -->marker. Both the review request and the comment are gated on this marker, so once a PR is notified, later runs (on any push while the PR stays open) skip it entirely — reviewers are never re-requested or re-pinged. - Notification also fires on release PRs that release-please left untouched this run (e.g.
notify-reviewerswas added after the PR opened): the workflow falls back to finding the open PR byrelease-pending-label. - A review request alone can be missed (it depends on each user's notification settings), which is why an @mention comment is also posted — mentions notify reliably. This matters when the release PR is opened by a GitHub App (
app-client-id) rather than by you.