Skip to content

add(ci): Check that dependencies have all been published to crates.io on release PRs #3293

add(ci): Check that dependencies have all been published to crates.io on release PRs

add(ci): Check that dependencies have all been published to crates.io on release PRs #3293

# This workflow checks that Zebra's crates.io release script works.
#
# We use a separate action, because the changed files are different to a Continuous Deployment
# or Docker release.
#
# This workflow is triggered when:
# - A PR that changes Rust files, a README, or this workflow is opened or updated
# - A change is pushed to the main branch
#
# TODO:
# If we decide to automate crates.io releases, we can also publish crates using this workflow, when:
# - A release is published
# - A pre-release is changed to a release
name: Release crates
# Ensures that only one workflow task will run at a time. Previous releases, if
# already in process, won't get cancelled. Instead, we let the first release complete,
# then queue the latest pending workflow, cancelling any workflows in between.
#
# Since the different event types do very different things (test vs release),
# we can run different event types concurrently.
#
# For pull requests, we only run the tests from this workflow, and don't do any releases.
# So an in-progress pull request gets cancelled, just like other tests.
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
on:
# disabled for now
# release:
# types:
# - released
# Only runs the release tests, doesn't release any crates.
#
# We test all changes on the main branch, just in case the PR paths are too strict.
push:
branches:
- main
pull_request:
paths:
# code and tests
- '**/*.rs'
# hard-coded checkpoints (and proptest regressions, which are not actually needed)
- '**/*.txt'
# dependencies
- '**/Cargo.toml'
- '**/Cargo.lock'
# configuration files
- '.cargo/config.toml'
- '**/clippy.toml'
# READMEs, which are shown on the crate page
- '**/README.md'
# workflow definitions
- '.github/workflows/release-crates.io.yml'
jobs:
# Test that Zebra can be released to crates.io using `cargo`.
# This checks that Zebra's dependencies and release configs are correct.
check-release:
name: Check crate release dry run
timeout-minutes: 15
runs-on: ubuntu-latest
steps:
- uses: r7kamura/[email protected]
- name: Checkout git repository
uses: actions/[email protected]
with:
persist-credentials: false
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
with:
short-length: 7
# Setup Rust with stable toolchain and minimal profile
- name: Setup Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=stable --profile=minimal
- name: Install cargo-release
uses: baptiste0928/[email protected]
with:
crate: cargo-release
# Make sure Zebra can be released!
#
# These steps should be kept up to date with the release checklist.
#
- name: Crate release dry run
run: |
./.github/workflows/scripts/release-crates-dry-run.sh
# TODO: actually do the release here
#release-crates:
# name: Release Zebra Crates
# needs: [ check-release ]
# runs-on: ubuntu-latest
# timeout-minutes: 30
# if: ${{ !cancelled() && !failure() && github.event_name == 'release' }}
# steps:
# ...
failure-issue:
name: Open or update issues for release crates failures
# When a new job is added to this workflow, add it to this list.
needs: [ check-release ]
# Only open tickets for failed or cancelled jobs that are not coming from PRs.
# (PR statuses are already reported in the PR jobs list, and checked by Mergify.)
if: (failure() && github.event.pull_request == null) || (cancelled() && github.event.pull_request == null)
runs-on: ubuntu-latest
steps:
- uses: jayqi/failed-build-issue-action@v1
with:
title-template: "{{refname}} branch CI failed: {{eventName}} in {{workflow}}"
# New failures open an issue with this label.
label-name: S-ci-fail-release-crates-auto-issue
# If there is already an open issue with this label, any failures become comments on that issue.
always-create-new-issue: false
github-token: ${{ secrets.GITHUB_TOKEN }}