Skip to content

release jobs for refs/tags/v0.5.0-rc.9 #122

release jobs for refs/tags/v0.5.0-rc.9

release jobs for refs/tags/v0.5.0-rc.9 #122

Workflow file for this run

name: release jobs
run-name: release jobs for ${{ github.ref }}
on:
workflow_dispatch:
inputs:
ovewriteArtifacts:
description: Ovewrite artifacts on the release. Some will only be skipped.
required: true
type: boolean
default: true
checkBump:
description: check-bump adds a release entry to github so it's disabled by default.
required: true
type: boolean
default: false
push:
tags:
- v*
env:
GHJK_VERSION: "v0.2.1"
GHJK_ENV: "ci"
REGISTRY_IMAGE: ghcr.io/${{ github.repository_owner }}/typegate
DOCKER_BUILD_NO_SUMMARY: true
jobs:
check-bump:
runs-on: ubuntu-latest
if: github.ref_type == 'tag' || ( github.event_name == 'workflow_dispatch' && inputs.checkBump )
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: WyriHaximus/[email protected]
id: latest-tag
- uses: kenji-miyake/setup-git-cliff@v2
- uses: metatypedev/setup-ghjk@318209a9d215f70716a4ac89dbeb9653a2deb8bc
- shell: bash
run: |
VERSION=$(ghjk x version-print)
if [[ "${{ steps.latest-tag.outputs.tag }}" != "v$VERSION" ]]; then
echo "Tag ${{ steps.latest-tag.outputs.tag }} does not match code version v$VERSION, stopping."
exit -1
fi
echo "Releasing v$VERSION"
git cliff --latest --strip header --output CHANGE.md
cat CHANGE.md
- uses: ncipollo/release-action@v1
with:
tag: ${{ steps.latest-tag.outputs.tag }}
allowUpdates: ${{ github.event_name == 'workflow_dispatch' }}
makeLatest: true
bodyFile: "CHANGE.md"
discussionCategory: "Announcements"
prerelease: ${{ contains(steps.latest-tag.outputs.tag, 'dev') || contains(steps.latest-tag.outputs.tag, 'alpha') }}
pub-meta-cli:
needs:
- check-bump
# using `always()` makes the job evaulte despite
# status of check-bump
# we combine that with our own conditions
if: |
always()
&& (
needs.check-bump.result == 'success'
|| github.event_name == 'workflow_dispatch'
)
runs-on: "${{ matrix.os }}"
strategy:
fail-fast: false
matrix:
include:
- os: macos-13
target: x86_64-apple-darwin
suffix: ""
cross: false
- os: macos-14
target: aarch64-apple-darwin
suffix: ""
cross: false
- os: ubuntu-latest
target: x86_64-unknown-linux-gnu
suffix: ""
cross: false
# FIXME: deno doesn't support musl today https://github.com/denoland/deno/issues/3711
# - os: ubuntu-latest
# target: x86_64-unknown-linux-musl
# suffix: ""
# cross: false
- os: ubuntu-latest
target: aarch64-unknown-linux-gnu
suffix: ""
cross: true
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
# some targets don't use cross so will require the deps in the host
- uses: metatypedev/setup-ghjk@318209a9d215f70716a4ac89dbeb9653a2deb8bc
- uses: WyriHaximus/[email protected]
id: latest-tag
- uses: dsherret/rust-toolchain-file@v1
with:
targets: ${{ matrix.target }}
- uses: mozilla-actions/[email protected]
- run: |
# sometimes, dtolnay/rust-toolchain does not select the correct default target
rustup target add ${{ matrix.target }}
# we use cross for building on this platform
- if: ${{ matrix.cross }}
shell: bash
env:
# arguments for our custom cross.Dockerfile
CROSS_BUILD_OPTS: "--build-arg 'CROSS_TARGET=${{ matrix.target }}'"
run: |
cargo install cross
# NOTE: we only build the thin cli
cross build --release --locked --package meta-cli --target ${{ matrix.target }} --verbose
# we cd next to the file so that the its parent dirs
# aren't present in the tar
cd target/${{ matrix.target }}/release/
tar czvf ../../../meta-cli-thin-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz "meta${{ matrix.suffix }}"
cd ../../../
- if: ${{ matrix.cross != true }}
shell: bash
run: |
cargo build --release --locked --package meta-cli --target ${{ matrix.target }} --features typegate --verbose
cd target/${{ matrix.target }}/release/
tar czvf ../../../meta-cli-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz "meta${{ matrix.suffix }}"
cd ../../../
cargo build --release --locked --package meta-cli --target ${{ matrix.target }}
cd target/${{ matrix.target }}/release/
tar czvf ../../../meta-cli-thin-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz "meta${{ matrix.suffix }}"
cd ../../../
# fat meta-cli is not avail for arm64 linux (waiting on arm64 linux machines for Gh CI)
- if: ${{ matrix.cross != true }}
uses: svenstaro/upload-release-action@v2
with:
tag: ${{ steps.latest-tag.outputs.tag }}
file: "meta-cli-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz"
asset_name: "meta-cli-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz"
overwrite: ${{ inputs.ovewriteArtifacts }}
- uses: svenstaro/upload-release-action@v2
with:
tag: ${{ steps.latest-tag.outputs.tag }}
file: "meta-cli-thin-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz"
asset_name: "meta-cli-thin-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz"
overwrite: ${{ inputs.ovewriteArtifacts }}
pub-typegraph:
needs:
- check-bump
if: |
always()
&& (
needs.check-bump.result == 'success'
|| github.event_name == 'workflow_dispatch'
)
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write # The OIDC ID token is used for authentication with JSR.
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: WyriHaximus/[email protected]
id: latest-tag
- uses: dsherret/rust-toolchain-file@v1
- uses: mozilla-actions/[email protected]
- uses: metatypedev/setup-ghjk@318209a9d215f70716a4ac89dbeb9653a2deb8bc
- shell: bash
env:
POETRY_PYPI_TOKEN_PYPI: ${{ secrets.PYPI_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
WASM_FILE: target/release/typegraph_core.wasm
OVERWRITE: ${{ github.event_name == 'workflow_dispatch' && inputs.ovewriteArtifacts }}
run: |
ghjk x install-ts
ghjk x install-py
source .venv/bin/activate
WASM_OPT=1 ghjk x build-tgraph
cd src/typegraph/python
poetry build
[ "$OVERWRITE" == 'true' ] \
&& poetry publish --skip-existing \
|| poetry publish
cd -
cd src/typegraph/node
pnpm config set '//registry.npmjs.org/:_authToken' "${NODE_AUTH_TOKEN}"
[ "$OVERWRITE" == 'true' ] \
&& (pnpm publish --no-git-checks --force || true) \
|| pnpm publish --no-git-checks
cd -
cd src/typegraph/deno/
ghjk x build-tgraph-ts-jsr
[ "$OVERWRITE" == 'true' ] \
&& (deno publish --allow-slow-types --allow-dirty || true) \
|| deno publish --allow-slow-types --allow-dirty
cd -
- uses: svenstaro/upload-release-action@v2
with:
tag: ${{ steps.latest-tag.outputs.tag }}
file: "src/typegraph/python/dist/*"
file_glob: true
overwrite: ${{ inputs.ovewriteArtifacts }}
build-docker:
needs:
- check-bump
if: |
always()
&& (
needs.check-bump.result == 'success'
|| github.event_name == 'workflow_dispatch'
)
runs-on: ${{ matrix.runner }}
strategy:
fail-fast: false
matrix:
include:
- platform: linux/amd64
runner: ubuntu-latest
- platform: linux/arm64
runner: custom-macos
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/build-push-action@v6
id: build
with:
file: tools/Dockerfile
platforms: ${{ matrix.platform }}
cache-from: type=registry,ref=${{ env.REGISTRY_IMAGE }}:latest
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
build-args: |
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
- run: |
mkdir -p ./digests
digest="${{ steps.build.outputs.digest }}"
touch "./digests/${digest#sha256:}"
- uses: actions/upload-artifact@v4
with:
name: digests-${{ matrix.runner }}
path: ./digests/*
if-no-files-found: error
retention-days: 1
pub-docker:
needs:
- build-docker
# needs hack required here as well because
# `build-docker` uses it
if: always() && needs.build-docker.result == 'success'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: WyriHaximus/[email protected]
id: latest-tag
- uses: actions/download-artifact@v4
with:
path: ./digests
pattern: digests-*
merge-multiple: true
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- run: |
cd ./digests
docker buildx imagetools create --tag ${{ env.REGISTRY_IMAGE }}:${{ steps.latest-tag.outputs.tag }} --tag ${{ env.REGISTRY_IMAGE }}:latest $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:latest
bump:
needs:
- pub-meta-cli
- pub-typegraph
- build-docker
- pub-docker
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: dsherret/rust-toolchain-file@v1
- uses: kenji-miyake/setup-git-cliff@v2
- uses: metatypedev/setup-ghjk@318209a9d215f70716a4ac89dbeb9653a2deb8bc
- id: bump
run: |
ghjk x version-bump prerelease
echo "version=$(ghjk x version-print)" >> $GITHUB_OUTPUT
git cliff --output CHANGELOG.md
# exclude .ghjk from the changeset to avoid modifying
# the lockfile
git checkout -- .ghjk
- uses: peter-evans/create-pull-request@v7
with:
branch: bump-${{ steps.bump.outputs.version }}
delete-branch: true
commit-message: "chore(release): prepare for ${{ steps.bump.outputs.version }}"
title: "chore(release): prepare for ${{ steps.bump.outputs.version }}"
body: "Automatic suggested bump"
base: main
# since PRs created from workflows won't have actions run
# on them, we create it as a draft PR
# the actions will then run when it's readied for review
# https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs
draft: "always-true"