nextcloud/.github/workflows/generate-release-changelog.yml

# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
# SPDX-License-Identifier: MIT

name: Generate changelog on release

on:
  release:
    types: [published]

permissions:
  contents: write

jobs:
  changelog_generate:
    runs-on: ubuntu-latest

    # Only allowed to be run on nextcloud-releases repositories
    if: ${{ github.repository_owner == 'nextcloud-releases' }}

    steps:
      - name: Check actor permission
        uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v3.0
        with:
          require: write

      - name: Checkout github_helper
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
          repository: nextcloud/github_helper
          path: github_helper

      - name: Checkout server
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
          path: server
          fetch-depth: 0

      - name: Get previous tag
        shell: bash
        run: |
          cd server
          # Print all tags
          git log --decorate --oneline | egrep 'tag: ' | sed -r 's/^.+tag: ([^,\)]+)[,\)].+$/\1/g'
          # Get the current tag
          TAGS=$(git log --decorate --oneline | egrep 'tag: ' | sed -r 's/^.+tag: ([^,\)]+)[,\)].+$/\1/g')
          CURRENT_TAG=$(echo "$TAGS" | head -n 1)

          # If current tag is the first beta, we use the previous major RC1
          if echo "$CURRENT_TAG" | grep -q 'beta1'; then
            MAJOR=$(echo "$CURRENT_TAG" | sed -E 's/^v([0-9]+).*/\1/')
            PREV=$((MAJOR - 1))
            PREVIOUS_TAG="v${PREV}.0.0rc1"
          # Get the previous tag - filter pre-releases only if current tag is stable
          elif echo "$CURRENT_TAG" | grep -q 'rc\|beta\|alpha'; then
            # Current tag is pre-release, don't filter
            PREVIOUS_TAG=$(echo "$TAGS" | sed -n '2p')
          else
            # Current tag is stable, filter out pre-releases
            PREVIOUS_TAG=$(echo "$TAGS" | grep -v 'rc\|beta\|alpha' | sed -n '2p')
          fi

          echo "CURRENT_TAG=$CURRENT_TAG" >> $GITHUB_ENV
          echo "PREVIOUS_TAG=$PREVIOUS_TAG" >> $GITHUB_ENV          

      # Since this action only runs on nextcloud-releases, ignoring is okay
      - name: Verify current tag # zizmor: ignore[template-injection]
        run: |
         if [ "${{ github.ref_name }}" != "${{ env.CURRENT_TAG }}" ]; then
           echo "Current tag does not match the release tag. Exiting."
           exit 1
         fi         

      - name: Set up php 8.2
        uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
        timeout-minutes: 5
        with:
          php-version: 8.2
          coverage: none
          ini-file: development
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Set credentials
        run: |
          echo '{"username": "github-actions"}' > github_helper/credentials.json          

      # Since this action only runs on nextcloud-releases, ignoring is okay
      - name: Generate changelog between ${{ env.PREVIOUS_TAG }} and ${{ github.ref_name }} # zizmor: ignore[template-injection]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          cd github_helper/changelog
          composer install
          php index.php generate:changelog --no-bots --format=forum server ${{ env.PREVIOUS_TAG }} ${{ github.ref_name }} > changelog.md          

      # Since this action only runs on nextcloud-releases, ignoring is okay
      - name: Set changelog to release # zizmor: ignore[template-injection]
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
         cd server
         gh release edit ${{ github.ref_name }} --notes-file "../github_helper/changelog/changelog.md" --title "${{ github.ref_name }}"