diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 36cb00d86d..4858c0b2a0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -4,6 +4,14 @@ on: push: branches: - release/** + workflow_call: + inputs: + is-snapshot: + type: boolean + default: false + checkout-ref: + type: string + default: '' jobs: linux: @@ -32,6 +40,8 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} - name: Add Rustup Target run: | @@ -68,6 +78,8 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} - name: Add Rustup Target run: rustup target add ${{ matrix.target }} @@ -155,6 +167,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} - name: Install `rcodesign` run: | @@ -219,6 +233,8 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} # When rustup is updated, it tries to replace its binary, which on Windows is somehow locked. # This can result in the CI failure, see: https://github.com/rust-lang/rustup/issues/3029 @@ -247,10 +263,12 @@ jobs: node: name: NPM Package runs-on: ubuntu-24.04 - needs: [linux, macos, macos_universal, windows] + needs: [linux, sign-macos-binaries, windows] steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 6.2.0 with: @@ -280,10 +298,13 @@ jobs: if-no-files-found: 'error' python-base: + if: ${{ !inputs.is-snapshot }} name: python (base) runs-on: ubuntu-24.04 steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} - name: Add Rustup Target run: rustup target add x86_64-unknown-linux-musl - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # 6.2.0 @@ -297,11 +318,14 @@ jobs: if-no-files-found: 'error' python: + if: ${{ !inputs.is-snapshot }} name: python runs-on: ubuntu-24.04 needs: [linux, sign-macos-binaries, windows, python-base] steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # 6.2.0 with: python-version: '3.11' @@ -328,6 +352,8 @@ jobs: needs: [linux, sign-macos-binaries, windows] steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 6.2.0 with: node-version: '20.10.0' @@ -366,6 +392,7 @@ jobs: if-no-files-found: 'error' platform-specific-docker: + if: ${{ !inputs.is-snapshot }} name: Build Docker Image (${{ matrix.platform }}) strategy: matrix: @@ -380,6 +407,8 @@ jobs: packages: write steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + with: + ref: ${{ inputs.checkout-ref }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # 3.12.0 @@ -402,6 +431,7 @@ jobs: cache-to: type=gha,mode=max,scope=${{ matrix.platform }} multiarch-docker: + if: ${{ !inputs.is-snapshot }} name: Create Multi-Architecture Docker Image needs: platform-specific-docker runs-on: ubuntu-24.04 @@ -422,6 +452,7 @@ jobs: ghcr.io/${{ github.repository }}:${{ github.sha }}-arm64 merge: + if: ${{ !inputs.is-snapshot }} name: Create Release Artifact runs-on: ubuntu-24.04 needs: [linux, sign-macos-binaries, windows, npm-distributions, node, python] diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml new file mode 100644 index 0000000000..9ab5add368 --- /dev/null +++ b/.github/workflows/snapshot.yml @@ -0,0 +1,117 @@ +name: Snapshot Release + +on: + push: + branches: [master] + +permissions: + contents: write + +jobs: + prepare: + name: Prepare Snapshot + runs-on: ubuntu-24.04 + outputs: + version: ${{ steps.version.outputs.version }} + ref: ${{ steps.push.outputs.ref }} + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 6.0.2 + + # Computes a semver-compliant snapshot version based on the current + # version in Cargo.toml. The patch version is bumped so that the + # snapshot sorts higher than the current release but lower than the + # next real release. For example, if Cargo.toml has 3.3.1, the + # snapshot version will be 3.3.2-snapshot.20260312.abc1234. + - name: Compute snapshot version + id: version + run: | + CURRENT=$(cargo metadata --no-deps --format-version 1 \ + | jq -er '(.workspace_default_members[0]) as $id | .packages[] | select(.id == $id) | .version') + MAJOR=$(echo "$CURRENT" | cut -d. -f1) + MINOR=$(echo "$CURRENT" | cut -d. -f2) + PATCH=$(echo "$CURRENT" | cut -d. -f3) + NEXT_PATCH=$((PATCH + 1)) + DATE=$(date -u +%Y%m%d) + SHORT_SHA=$(git rev-parse --short HEAD) + VERSION="${MAJOR}.${MINOR}.${NEXT_PATCH}-snapshot.${DATE}.${SHORT_SHA}" + echo "version=$VERSION" >> "$GITHUB_OUTPUT" + echo "current=$CURRENT" >> "$GITHUB_OUTPUT" + echo "Snapshot version: $VERSION" + + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 6.2.0 + with: + node-version: '20.10.0' + + - name: Bump versions + run: scripts/bump-version.sh "${{ steps.version.outputs.current }}" "${{ steps.version.outputs.version }}" + + - name: Push snapshot branch + id: push + run: | + BRANCH="snapshot/${{ steps.version.outputs.version }}" + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + git checkout -b "$BRANCH" + git add -A + git commit -m "snapshot: ${{ steps.version.outputs.version }}" + git push origin "$BRANCH" + echo "ref=$BRANCH" >> "$GITHUB_OUTPUT" + + build: + name: Build + needs: prepare + uses: ./.github/workflows/build.yml + with: + is-snapshot: true + checkout-ref: ${{ needs.prepare.outputs.ref }} + secrets: inherit + + publish-npm: + name: Publish to npm + needs: [prepare, build] + runs-on: ubuntu-24.04 + steps: + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 6.2.0 + with: + node-version: '20.10.0' + registry-url: 'https://registry.npmjs.org' + + - name: Download npm binary distributions + uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # 8.0.0 + with: + name: artifact-npm-binary-distributions + path: npm-distributions + + - name: Download node package + uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # 8.0.0 + with: + name: artifact-pkg-node + path: node-package + + - name: Publish platform packages + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + run: | + for pkg in npm-distributions/*/*.tgz; do + echo "Publishing $pkg" + npm publish "$pkg" --tag snapshot + done + + - name: Publish main package + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + run: | + npm publish node-package/*.tgz --tag snapshot + + cleanup: + name: Cleanup + needs: [prepare, publish-npm] + if: always() + runs-on: ubuntu-24.04 + steps: + - name: Delete snapshot branch + if: needs.prepare.outputs.ref != '' + env: + GH_TOKEN: ${{ github.token }} + run: | + gh api -X DELETE "repos/${{ github.repository }}/git/refs/heads/${{ needs.prepare.outputs.ref }}"