Start on `announce-release` job #57

Workflow file for this run

.github/workflows/release.yml at 47ab5e8

	# Much of this workflow is adapted from the ripgrep release workflow.
	# https://github.com/BurntSushi/ripgrep/blob/master/.github/workflows/release.yml

	name: release

	on:
	push:
	# Enable when testing release infrastructure on a branch.
	# branches:
	# - fix-releases
	tags:
	- 'v*'
	workflow_dispatch:

	permissions:
	contents: read # This is set more permissively in jobs that need `write`.

	defaults:
	run:
	shell: bash

	jobs:
	# Create a draft release, initially with no binary assets attached.
	create-release:
	runs-on: ubuntu-latest

	permissions:
	contents: write

	# env:
	# # Set to force version number, e.g., when no tag exists.
	# VERSION: TEST-0.0.0

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Get the release version from the tag
	if: env.VERSION == ''
	run: echo "VERSION=$REF_NAME" >> "$GITHUB_ENV"
	env:
	REF_NAME: ${{ github.ref_name }}

	- name: Validate version against Cargo.toml
	run: \|
	manifest_version="$(yq -r .package.version Cargo.toml)"
	echo "version to name the release: $VERSION"
	echo "version Cargo.toml suggests: v$manifest_version"

	case "$VERSION" in
	"v$manifest_version" )
	echo 'OK: Release name/version agrees with Cargo.toml version.'
	;;
	TEST-* \| *-DO-NOT-USE ) # NOTE: If changed, change it in `announce-release` below, too.
	echo 'OK: Release name/version is strange but marked as such.'
	;;
	"$manifest_version" )
	echo 'STOPPING: Release name/version is missing the leading "v".'
	exit 1
	;;
	* )
	echo 'STOPPING: Release name/version and Cargo.toml version do not match.'
	echo 'STOPPING: Usually this means either a wrong tag name or wrong version in Cargo.toml.'
	echo 'STOPPING: If intended, prepend `TEST-` or append `-DO-NOT-USE` to the release name.'
	exit 1
	;;
	esac

	- name: Create GitHub release
	run: gh release create "$VERSION" --title="$VERSION" --draft
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	outputs:
	version: ${{ env.VERSION }}

	# Build for a particular feature and target, and attach an archive for it.
	build-release:
	needs: [ create-release ]

	strategy:
	matrix:
	target:
	- x86_64-unknown-linux-musl
	- x86_64-unknown-linux-gnu
	- i686-unknown-linux-musl
	- i686-unknown-linux-gnu
	- aarch64-unknown-linux-musl
	- aarch64-unknown-linux-gnu
	- arm-unknown-linux-musleabihf
	- arm-unknown-linux-gnueabihf
	- powerpc64le-unknown-linux-gnu
	- riscv64gc-unknown-linux-gnu
	- s390x-unknown-linux-gnu
	- x86_64-apple-darwin
	- aarch64-apple-darwin
	- x86_64-pc-windows-msvc
	- x86_64-pc-windows-gnu
	- i686-pc-windows-msvc
	- aarch64-pc-windows-msvc
	# When changing these features, make the same change in build-macos-universal2-release.
	feature: [ small, lean, max, max-pure ]
	include:
	- rust: stable
	- target: x86_64-unknown-linux-musl
	os: ubuntu-latest
	- target: x86_64-unknown-linux-gnu
	os: ubuntu-latest
	- target: i686-unknown-linux-musl
	os: ubuntu-latest
	- target: i686-unknown-linux-gnu
	os: ubuntu-latest
	- target: aarch64-unknown-linux-musl
	os: ubuntu-latest
	- target: aarch64-unknown-linux-gnu
	os: ubuntu-latest
	- target: arm-unknown-linux-musleabihf
	os: ubuntu-latest
	- target: arm-unknown-linux-gnueabihf
	os: ubuntu-latest
	- target: powerpc64le-unknown-linux-gnu
	os: ubuntu-latest
	- target: riscv64gc-unknown-linux-gnu
	os: ubuntu-latest
	- target: s390x-unknown-linux-gnu
	os: ubuntu-latest
	- target: x86_64-apple-darwin
	os: macos-latest
	- target: aarch64-apple-darwin
	os: macos-latest
	- target: x86_64-pc-windows-msvc
	os: windows-latest
	- target: x86_64-pc-windows-gnu
	os: windows-latest
	rust: stable-x86_64-gnu
	- target: i686-pc-windows-msvc
	os: windows-latest
	- target: aarch64-pc-windows-msvc
	os: windows-latest
	# on linux we build with musl which causes trouble with open-ssl. For now, just build max-pure there
	# even though we could also build with `--features max-control,http-client-reqwest,gitoxide-core-blocking-client,gix-features/fast-sha1` for fast hashing.
	# It's a TODO.
	exclude:
	- target: x86_64-unknown-linux-musl
	feature: small
	- target: x86_64-unknown-linux-musl
	feature: lean
	- target: x86_64-unknown-linux-musl
	feature: max
	- target: x86_64-unknown-linux-gnu
	feature: small
	- target: x86_64-unknown-linux-gnu
	feature: lean
	- target: x86_64-unknown-linux-gnu
	feature: max
	- target: i686-unknown-linux-musl
	feature: small
	- target: i686-unknown-linux-musl
	feature: lean
	- target: i686-unknown-linux-musl
	feature: max
	- target: i686-unknown-linux-gnu
	feature: small
	- target: i686-unknown-linux-gnu
	feature: lean
	- target: i686-unknown-linux-gnu
	feature: max
	- target: aarch64-unknown-linux-musl
	feature: small
	- target: aarch64-unknown-linux-musl
	feature: lean
	- target: aarch64-unknown-linux-musl
	feature: max
	- target: aarch64-unknown-linux-gnu
	feature: small
	- target: aarch64-unknown-linux-gnu
	feature: lean
	- target: aarch64-unknown-linux-gnu
	feature: max
	- target: arm-unknown-linux-musleabihf
	feature: small
	- target: arm-unknown-linux-musleabihf
	feature: lean
	- target: arm-unknown-linux-musleabihf
	feature: max
	- target: arm-unknown-linux-gnueabihf
	feature: small
	- target: arm-unknown-linux-gnueabihf
	feature: lean
	- target: arm-unknown-linux-gnueabihf
	feature: max
	- target: powerpc64le-unknown-linux-gnu
	feature: small
	- target: powerpc64le-unknown-linux-gnu
	feature: lean
	- target: powerpc64le-unknown-linux-gnu
	feature: max
	- target: riscv64gc-unknown-linux-gnu
	feature: small
	- target: riscv64gc-unknown-linux-gnu
	feature: lean
	- target: riscv64gc-unknown-linux-gnu
	feature: max
	- target: s390x-unknown-linux-gnu
	feature: small
	- target: s390x-unknown-linux-gnu
	feature: lean
	- target: s390x-unknown-linux-gnu
	feature: max

	runs-on: ${{ matrix.os }}

	permissions:
	contents: write

	env:
	RUST_BACKTRACE: '1' # Emit backtraces on panics.
	CARGO_TERM_COLOR: always
	CLICOLOR: '1'
	CARGO: cargo # On Linux, this will be changed to `cross` in a later step.
	FEATURE: ${{ matrix.feature }}
	VERSION: ${{ needs.create-release.outputs.version }}
	TARGET: ${{ matrix.target }}
	TARGET_FLAGS: --target=${{ matrix.target }}
	TARGET_DIR: target/${{ matrix.target }}
	PROFILE: release-github

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Install packages (Ubuntu)
	# Because openssl doesn't work on musl by default, we resort to max-pure.
	# And that won't need any dependency, so we can skip this or use `continue-on-error`.
	# Once we want to support better zlib performance, we might have to re-add it.
	if: matrix.os == 'ubuntu-latest-disabled'
	run: \|
	sudo apt-get update
	sudo apt-get install -y --no-install-recommends xz-utils liblz4-tool musl-tools

	- name: Install Rust
	uses: dtolnay/rust-toolchain@master
	with:
	toolchain: ${{ matrix.rust }}
	targets: ${{ matrix.target }}

	- name: Use Cross
	if: matrix.os == 'ubuntu-latest'
	run: \|
	cargo install cross
	echo 'CARGO=cross' >> "$GITHUB_ENV"

	- name: Show command used for Cargo
	run: \|
	echo "cargo command is: $CARGO"
	echo "target flag is: $TARGET_FLAGS"
	echo "target dir is: $TARGET_DIR"

	- name: Build release binary (with extra optimizations)
	run: \|
	"$CARGO" build --verbose --profile="$PROFILE" "$TARGET_FLAGS" --no-default-features --features="$FEATURE"

	- name: Determine archive basename
	run: echo "ARCHIVE=gitoxide-$FEATURE-$VERSION-$TARGET" >> "$GITHUB_ENV"

	- name: Pre-populate directory for archive
	run: \|
	mkdir -- "$ARCHIVE"
	cp -- {README.md,LICENSE-*,CHANGELOG.md} "$ARCHIVE/"

	- name: Build archive (Windows)
	if: matrix.os == 'windows-latest'
	run: \|
	file -- "$TARGET_DIR/$PROFILE"/{ein,gix}.exe
	cp -- "$TARGET_DIR/$PROFILE"/{ein,gix}.exe "$ARCHIVE/"
	7z a "$ARCHIVE.zip" "$ARCHIVE"
	/usr/bin/core_perl/shasum --algorithm=256 --binary -- "$ARCHIVE.zip" > "$ARCHIVE.zip.sha256"
	echo "ASSET=$ARCHIVE.zip" >> "$GITHUB_ENV"
	echo "ASSET_SUM=$ARCHIVE.zip.sha256" >> "$GITHUB_ENV"

	- name: Build archive (Unix)
	if: matrix.os != 'windows-latest'
	run: \|
	file -- "$TARGET_DIR/$PROFILE"/{ein,gix}
	cp -- "$TARGET_DIR/$PROFILE"/{ein,gix} "$ARCHIVE/"
	tar czf "$ARCHIVE.tar.gz" -- "$ARCHIVE"
	shasum --algorithm=256 --binary -- "$ARCHIVE.tar.gz" > "$ARCHIVE.tar.gz.sha256"
	echo "ASSET=$ARCHIVE.tar.gz" >> "$GITHUB_ENV"
	echo "ASSET_SUM=$ARCHIVE.tar.gz.sha256" >> "$GITHUB_ENV"

	- name: Upload release archive
	run: gh release upload "$VERSION" "$ASSET" "$ASSET_SUM"
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	# Add a macOS universal binary archive for a feature using its built aarch64 and x86_64 assets.
	build-macos-universal2-release:
	runs-on: macos-latest

	needs: [ create-release, build-release ]

	strategy:
	matrix:
	# These features need to be exactly the same as the features in build-release.
	feature: [ small, lean, max, max-pure ]

	permissions:
	contents: write

	env:
	BASH_ENV: ./helpers.sh
	REPOSITORY: ${{ github.repository }}
	FEATURE: ${{ matrix.feature }}
	VERSION: ${{ needs.create-release.outputs.version }}

	steps:
	- name: Define helper function
	run: \|
	name() { echo "gitoxide-$FEATURE-$VERSION-$1-apple-darwin"; }
	declare -f name >> "$BASH_ENV"

	- name: Obtain single-architecture releases
	run: \|
	gh release --repo="$REPOSITORY" download "$VERSION" \
	--pattern="$(name aarch64).tar.gz" --pattern="$(name aarch64).tar.gz.sha256" \
	--pattern="$(name x86_64).tar.gz" --pattern="$(name x86_64).tar.gz.sha256"
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Unpack single-architecture releases
	run: \|
	shasum --check -- "$(name aarch64).tar.gz.sha256" "$(name x86_64).tar.gz.sha256"
	tar xf "$(name aarch64).tar.gz"
	tar xf "$(name x86_64).tar.gz"

	- name: Determine archive basename
	run: echo "ARCHIVE=$(name universal)" >> "$GITHUB_ENV"

	- name: Pre-populate directory for archive
	run: \|
	cp -R -- "$(name aarch64)" "$ARCHIVE"
	rm -- "$ARCHIVE"/{ein,gix}

	- name: Create Universal 2 binaries
	run: \|
	for bin in ein gix; do
	lipo -create "$(name aarch64)/$bin" "$(name x86_64)/$bin" -output "$ARCHIVE/$bin"
	file -- "$ARCHIVE/$bin"
	done

	- name: Build archive
	run: \|
	tar czf "$ARCHIVE.tar.gz" -- "$ARCHIVE"
	shasum --algorithm=256 --binary -- "$ARCHIVE.tar.gz" > "$ARCHIVE.tar.gz.sha256"
	echo "ASSET=$ARCHIVE.tar.gz" >> "$GITHUB_ENV"
	echo "ASSET_SUM=$ARCHIVE.tar.gz.sha256" >> "$GITHUB_ENV"

	- name: Upload release archive
	run: gh release --repo="$REPOSITORY" upload "$VERSION" "$ASSET" "$ASSET_SUM"
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	# Check for some problems, consolidate checksum files into one, and mark the release non-draft.
	publish-release:
	runs-on: ubuntu-latest

	needs: [ create-release, build-release, build-macos-universal2-release ]

	permissions:
	contents: write

	env:
	REPOSITORY: ${{ github.repository }}
	VERSION: ${{ needs.create-release.outputs.version }}

	steps:
	- name: Discover assets
	run: \|
	gh release --repo="$REPOSITORY" view "$VERSION" --json assets --jq '.assets.[].name' > assets.txt
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Show all individual asset names
	run: cat assets.txt

	# The `features` array is repeated because GHA doesn't support YAML anchors.
	# We will check that the macOS `universal` features match the others exactly.
	# In the future this and the next step may be removed, or expanded to do more validation.
	- name: Extract macOS asset names by architecture
	run: \|
	for arch in aarch64 x86_64 universal; do
	grep -Fwe "$arch-apple-darwin" assets.txt \| sort \| tee -- "$arch.txt"
	done

	- name: Check macOS archive features
	run: \|
	mask() { sed -E 's/\w+-apple-darwin/<arch>-apple-darwin/' -- "$1.txt"; }
	diff -- <(mask aarch64) <(mask universal)
	diff -- <(mask x86_64) <(mask universal)

	- name: Clean up local temporary macOS asset list files
	run: rm {assets,aarch64,x86_64,universal}.txt

	- name: Retrieve all individual checksums
	run: gh release --repo="$REPOSITORY" download "$VERSION" --pattern='gitoxide-*.sha256'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Concatenate checksums into one file
	run: cat gitoxide-*.sha256 > hashes.sha256

	- name: Upload the combined checksum file
	run: gh release --repo="$REPOSITORY" upload "$VERSION" hashes.sha256
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	# If any step of any job fails before this, the draft still has the individual checksum files.
	- name: Remove the individual checksum file assets
	run: \|
	for sumfile in gitoxide-*.sha256; do
	gh release --repo="$REPOSITORY" delete-asset "$VERSION" "$sumfile" --yes
	done
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Publish the release
	if: vars.DRY_RUN_RELEASE != 'true' && vars.DRY_RUN_RELEASE != 'yes' && vars.DRY_RUN_RELEASE != '1'
	run: gh release --repo="$REPOSITORY" edit "$VERSION" --draft=false
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	announce-release:
	runs-on: ubuntu-latest

	needs: [ create-release, publish-release ]

	permissions:
	contents: read
	discussions: write

	env:
	VERSION: ${{ needs.create-release.outputs.version }}

	steps:
	- name: Find the discussion ID
	run: \|
	[[ "$DISCUSSION_URL" =~ ^https://github\.com/([^/:@]+)/([^/:@]+)/discussions/([0-9]+)$ ]]
	owner="${BASH_REMATCH[1]}"
	name="${BASH_REMATCH[2]}"
	number="${BASH_REMATCH[3]}"

	id="$(gh api graphql -f query='
	query GetDiscussionId($owner: String!, $name: String!, $number: Int!) {
	repository(owner: $owner, name: $name) {
	discussion(number: $number) {
	id
	}
	}
	}' -F owner="$owner" -F name="$name" -F number="$number" --jq .data.repository.discussion.id)"

	echo "DISCUSSION_ID=$id" >> "$GITHUB_ENV"
	env:
	DISCUSSION_URL: ${{ vars.RELEASE_ANNOUNCEMENTS_URL }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	# FIXME: Also consider a release of any name as a test, if it has not been published!
	- name: Avoid announcing a test in a non-test thread
	run: \|
	case "$VERSION" in
	TEST-* \| *-DO-NOT-USE ) # NOTE: Should be the same pattern as in `create-release` above.
	echo "Looks like we're testing releasing. Checking discussion title."

	title="$(gh api graphql -f query='
	query($id: ID!) {
	node(id: $id) {
	... on Discussion {
	title
	}
	}
	}' -F id="$DISCUSSION_ID" --jq .data.node.title)"

	grep -Eiqz '^[[(]?test\b' <<<"$title"
	;;
	esac
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Compose the comment
	run: \|
	grep -Eqx '[[:alnum:]._+-]+' <<<"$VERSION" # Ensure the version needs no sanitization.
	release_url="https://github.com/$REPOSITORY/releases/tag/$VERSION"
	comment_body="`gitoxide` [$VERSION]($release_url) has been released."
	echo "COMMENT_BODY=$comment_body" >> "$GITHUB_ENV"
	env:
	REPOSITORY: ${{ github.repository }}

	- name: Post the comment
	run: \|
	gh api graphql -f query='
	mutation PostComment($discussionId: ID!, $body: String!) {
	addDiscussionComment(input: {discussionId: $discussionId, body: $body}) {
	comment {
	id
	body
	}
	}
	}' -F discussionId="$DISCUSSION_ID" -F body="$COMMENT_BODY"
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	installation:
	strategy:
	matrix:
	build: [ win-msvc, win-gnu, win32-msvc, win32-gnu ]
	include:
	- build: win-msvc
	os: windows-latest
	rust: stable
	target: x86_64-pc-windows-msvc
	- build: win-gnu
	os: windows-latest
	rust: stable-x86_64-gnu
	target: x86_64-pc-windows-gnu
	- build: win32-msvc
	os: windows-latest
	rust: stable
	target: i686-pc-windows-msvc
	- build: win32-gnu
	os: windows-latest
	rust: stable
	target: i686-pc-windows-gnu

	runs-on: ${{ matrix.os }}

	steps:
	- uses: actions/checkout@v4
	- name: Install Rust
	uses: dtolnay/rust-toolchain@master
	with:
	toolchain: ${{ matrix.rust }}
	targets: ${{ matrix.target }}
	- uses: msys2/setup-msys2@v2
	with:
	msystem: MINGW${{ startsWith(matrix.target, 'i686-') && '32' \|\| '64' }}
	pacboy: cc:p
	path-type: inherit
	- name: Install prerequisites
	run: vcpkg install zlib:x64-windows-static-md
	- name: 'Installation from crates.io: gitoxide'
	run: cargo +${{ matrix.rust }} install --target ${{ matrix.target }} --no-default-features --features max-pure --target-dir install-artifacts --debug --force gitoxide
	shell: msys2 {0}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Start on `announce-release` job #57

Workflow file

Start on `announce-release` job #57

Jobs

Run details

Workflow file for this run

Start on announce-release job #57

Workflow file

Workflow file for this run

Start on `announce-release` job #57