Adjust deploy.yml for V4 actions.

rbruhn · rbruhn · commit 4fbf030a3e22 · 2026-05-10T14:21:31.000-04:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -2,7 +2,7 @@
 #
 # WORKFLOW:
 # - Push to 'development' branch → Deploys to DEVELOPMENT automatically
-# - Push to 'main' branch → Creates GitHub release with semantic version → Deploys to PRODUCTION
+# - Push to 'main' branch → Calculates version → Deploys to PRODUCTION → Creates GitHub release (only on success)
 #
 # VERSION CONTROL:
 # Use commit message tags to control version bumps:
@@ -21,24 +21,21 @@ name: Build and Deploy
 on:
   push:
     branches:
-      - main        # Creates release and deploys to production
+      - main        # Calculates version, deploys to production, then creates release
       - development # Development environment
-  release:
-    types: [published] # Production deployment trigger
 
 permissions:
   id-token: write
   contents: read
 
 jobs:
-  # Create release when pushing to main
-  create-release:
+  # Calculate the next version number — deployment and release creation happen in subsequent jobs
+  calculate-version:
     runs-on: ubuntu-latest
-    permissions:
-      contents: write
     if: "github.ref == 'refs/heads/main' && !contains(github.event.head_commit.message, '[skip deploy]') && !contains(github.event.head_commit.message, '[no deploy]')"
     outputs:
-      release-tag: ${{ steps.create_release.outputs.tag_name }}
+      new_version: ${{ steps.new_version.outputs.new_version }}
+      current_version: ${{ steps.version_bump.outputs.current_version }}
     steps:
       - uses: actions/checkout@v4
         with:
@@ -115,39 +112,9 @@ jobs:
           echo "New version: $NEW_VERSION"
           echo "new_version=$NEW_VERSION" >> $GITHUB_OUTPUT
 
-      - name: Create Release
-        id: create_release
-        run: |
-          NOTES_FILE="$(mktemp)"
-
-          cat > "$NOTES_FILE" <<'EOF'
-          ## What's Changed
-
-          Auto-generated release from main branch.
-
-          **Commits included:**
-          ```
-          __COMMITS_HERE__
-          ```
-
-          **Full Changelog**: https://github.com/${{ github.repository }}/compare/${{ steps.version_bump.outputs.current_version }}...${{ steps.new_version.outputs.new_version }}
-          EOF
-
-          # Replace placeholder with the commit message safely (no shell expansion)
-          perl -0777 -pe 's/__COMMITS_HERE__/\Q$ENV{COMMIT_MESSAGE}\E/g' -i "$NOTES_FILE"
-
-          gh release create "${{ steps.new_version.outputs.new_version }}" \
-            --title "Release ${{ steps.new_version.outputs.new_version }}" \
-            --notes-file "$NOTES_FILE"
-
-          echo "tag_name=${{ steps.new_version.outputs.new_version }}" >> "$GITHUB_OUTPUT"
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
-
-  # Production deployment (runs after release creation)
+  # Production deployment (runs after version is calculated)
   build-and-deploy-production:
-    needs: create-release
+    needs: calculate-version
     runs-on: ubuntu-latest
     environment: production
     if: "github.ref == 'refs/heads/main' && !contains(github.event.head_commit.message, '[skip deploy]') && !contains(github.event.head_commit.message, '[no deploy]')"
@@ -245,6 +212,45 @@ jobs:
             --port 22 \
             --cidr ${{ steps.ip.outputs.ipv4 }}/32
 
+  # Create release only after a successful production deployment
+  create-release:
+    needs: [calculate-version, build-and-deploy-production]
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    if: "github.ref == 'refs/heads/main' && !contains(github.event.head_commit.message, '[skip deploy]') && !contains(github.event.head_commit.message, '[no deploy]')"
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Create Release
+        run: |
+          NOTES_FILE="$(mktemp)"
+
+          cat > "$NOTES_FILE" <<'EOF'
+          ## What's Changed
+
+          Auto-generated release from main branch.
+
+          **Commits included:**
+          ```
+          __COMMITS_HERE__
+          ```
+
+          **Full Changelog**: https://github.com/${{ github.repository }}/compare/${{ needs.calculate-version.outputs.current_version }}...${{ needs.calculate-version.outputs.new_version }}
+          EOF
+
+          # Replace placeholder with the commit message safely (no shell expansion)
+          perl -0777 -pe 's/__COMMITS_HERE__/\Q$ENV{COMMIT_MESSAGE}\E/g' -i "$NOTES_FILE"
+
+          gh release create "${{ needs.calculate-version.outputs.new_version }}" \
+            --title "Release ${{ needs.calculate-version.outputs.new_version }}" \
+            --notes-file "$NOTES_FILE"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          COMMIT_MESSAGE: ${{ github.event.head_commit.message }}
+
   build-and-deploy-development:
     runs-on: ubuntu-latest
     environment: development
