install bumpversion as user #40

	---
	on:
	workflow_dispatch:
	push:
	branches:
	- main
	- develop
	- releases/**
	tags:
	- "v" # Push events to matching v, i.e. v1.0, v20.15.10

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- run: jq '.' $GITHUB_EVENT_PATH
	- run: make build
	- uses: actions/upload-artifact@v3
	with:
	name: release-artifacts
	path: \|
	dist/*.zip
	dist/*.zip.asc
	dist/*.zip.md5
	!dist/VERSION
	retention-days: 1

	# don't run scans on release tags - scanning is done on main
	scan:
	if: ${{ ! startsWith(github.ref, 'refs/tags/v') }}
	runs-on: ubuntu-latest
	needs: [build]
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- run: echo "scan something"

	# only run the release on version tags
	release:
	if: startsWith(github.ref, 'refs/tags/v')
	runs-on: ubuntu-latest
	needs: [build]
	permissions:
	contents: write
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	steps:
	- uses: actions/checkout@v4
	- id: revision
	run: cat .bumpversion.cfg \| grep current_version \| awk '{ printf "version=%s\n", $3 }' >> "${GITHUB_OUTPUT}"
	- run: echo "publish with version ${{ steps.revision.outputs.version }}"
	- uses: actions/download-artifact@v3
	with:
	name: release-artifacts
	path: dist/
	- run: ls -al dist/
	- name: Create Release
	id: release
	uses: softprops/action-gh-release@v1
	if: startsWith(github.ref, 'refs/tags/v')
	with:
	name: Release v${{ steps.revision.outputs.version }}
	tag_name: ${{ github.ref }}
	draft: true
	files: \|
	dist/*
	!dist/VERSION

Provide feedback