diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4dac39c9a..6981fde2d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,7 +1,7 @@ name: CI on: - pull_request: + # pull_request is not needed because cargo-dist's plan steps will run on pull_request and that calls ci.yml workflow_call: workflow_dispatch: push: diff --git a/.github/workflows/docker-release.yml b/.github/workflows/docker-release.yml new file mode 100644 index 000000000..cf90c94ef --- /dev/null +++ b/.github/workflows/docker-release.yml @@ -0,0 +1,22 @@ +name: Build release Docker image + +on: + workflow_call: + inputs: + # comes from cargo-dist workflow call + plan: + required: true + type: string + +env: + PLAN: ${{ inputs.plan }} + +jobs: + build-docker-image: + name: Build release Docker image + needs: [run-tests] + uses: ./.github/workflows/docker.yml + secrets: inherit + with: + pushToDockerHub: true + parca: true diff --git a/.github/workflows/helm.yml b/.github/workflows/helm.yml index 74296a3a3..e6bfa3c5f 100644 --- a/.github/workflows/helm.yml +++ b/.github/workflows/helm.yml @@ -3,23 +3,24 @@ name: Release helm chart on: workflow_call: inputs: - ref: - description: 'ref to build eg v0.8.0' - required: false - type: string - version: - description: 'push helm chart with this version, eg v0.8.0' + # comes from cargo-dist workflow call + plan: + required: true type: string workflow_dispatch: inputs: ref: - description: 'ref to build eg v0.8.0' + description: "ref to build eg v0.8.0" required: false type: string version: - description: 'push helm chart with this version, eg v0.8.0' + description: "push helm chart with this version, eg 0.8.0" + required: true type: string +env: + PLAN: ${{ inputs.plan }} + jobs: release-helm-chart: runs-on: ubuntu-latest @@ -31,9 +32,9 @@ jobs: - name: Write release version id: version run: | - VERSION=${{ inputs.version }} - echo Version: ${VERSION#v} - echo "VERSION=${VERSION#v}" >> "$GITHUB_OUTPUT" + VERSION="${{ inputs.version || "$(echo "$PLAN" | jq -r '[.releases[] | select(.app_name == "restate-server")][0].app_version')" }}" + echo Version: ${VERSION} + echo "VERSION=${VERSION}" >> "$GITHUB_OUTPUT" - name: Check helm versions run: | grep -qF 'version: "${{ steps.version.outputs.VERSION }}"' charts/restate-helm/Chart.yaml diff --git a/.github/workflows/npm.yml b/.github/workflows/npm.yml index 12e8ec8c4..29a81b8f5 100644 --- a/.github/workflows/npm.yml +++ b/.github/workflows/npm.yml @@ -3,11 +3,14 @@ name: Publish npm binary packages on: workflow_call: inputs: - version: - description: 'version to label npm packages' + # comes from cargo-dist workflow call + plan: required: true type: string +env: + PLAN: ${{ inputs.plan }} + jobs: publish-npm-binaries: permissions: @@ -16,6 +19,9 @@ jobs: runs-on: ubuntu-latest strategy: matrix: + app_name: + - restate-cli + - restate-server build: - target: aarch64-apple-darwin node_arch: arm64 @@ -29,6 +35,7 @@ jobs: - target: aarch64-unknown-linux-musl node_arch: arm64 node_os: linux + steps: - name: Checkout uses: actions/checkout@v4 @@ -36,56 +43,60 @@ jobs: - uses: actions/setup-node@v4 with: node-version: "18.x" - registry-url: 'https://registry.npmjs.org' + registry-url: "https://registry.npmjs.org" - - name: Download binary build from in-progress workflow + - name: "Download GitHub Artifacts" uses: actions/download-artifact@v4 with: - name: restate.${{ matrix.build.target }}.tar.gz + pattern: artifacts-* + merge-multiple: true - name: Extract binaries - run: tar -xvzf restate.${{ matrix.build.target }}.tar.gz + run: tar -xvzf ${{ matrix.package.artifact }}-${{ matrix.build.target }}.tar.xz - name: Publish to NPM shell: bash run: | + bin="$(echo "$PLAN" | jq -r '.artifacts["${{ matrix.package.artifact }}-${{ matrix.build.target }}.tar.xz"].assets[] | select(.kind == "executable").name') + cd npm - for bin in restate restate-server - do - export node_os="${{ matrix.build.node_os }}" - export node_os - node_arch="${{ matrix.build.node_arch }}" - export node_arch - # set the version - node_version="${{ inputs.version }}" - node_version="${node_version#v}" - export node_version - # set the package name - export node_pkg="${bin}-${node_os}-${node_arch}" - if npm view "@restatedev/${node_pkg}@${node_version}" - then - continue - fi - # create the package directory - mkdir -p "${node_pkg}/bin" - # generate package.json from the template - envsubst < package.json.tmpl > "${node_pkg}/package.json" - # copy the binary into the package - cp "../${bin}" "${node_pkg}/bin" - cp ../NOTICE "${node_pkg}" - cp ../LICENSE "${node_pkg}" - cp ../README.md "${node_pkg}" - # publish the package - pushd "${node_pkg}" - npm publish --access public - popd - done + node_os="${{ matrix.build.node_os }}" + export node_os + node_arch="${{ matrix.build.node_arch }}" + export node_arch + # set the version + node_version=$(echo "$PLAN" | jq -r '.releases[] | select(.app_name == "${{ matrix.app_name }}").app_version')" + export node_version + # set the package name + export node_pkg="${bin}-${node_os}-${node_arch}" + if npm view "@restatedev/${node_pkg}@${node_version}" + then + continue + fi + # create the package directory + mkdir -p "${node_pkg}/bin" + # generate package.json from the template + envsubst < package.json.tmpl > "${node_pkg}/package.json" + # copy the binary into the package + cp "../${bin}" "${node_pkg}/bin" + cp ../NOTICE "${node_pkg}" + cp ../LICENSE "${node_pkg}" + cp ../README.md "${node_pkg}" + # publish the package + pushd "${node_pkg}" + npm publish --access public + popd env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} publish-npm-base: needs: publish-npm-binaries runs-on: ubuntu-latest + strategy: + matrix: + app_name: + - restate-cli + - restate-server steps: - name: Checkout uses: actions/checkout@v4 @@ -93,34 +104,32 @@ jobs: - uses: actions/setup-node@v4 with: node-version: "18.x" - registry-url: 'https://registry.npmjs.org' + registry-url: "https://registry.npmjs.org" - name: Publish to npm shell: bash run: | - node_version="${{ inputs.version }}" - node_version="${node_version#v}" + node_version=$(echo "$PLAN" | jq -r '.releases[] | select(.app_name == "${{ matrix.app_name }}").app_version')" + bin="$(echo "$PLAN" | jq -r '.artifacts["${{ matrix.package.artifact }}-${{ matrix.build.target }}.tar.xz"].assets[] | select(.kind == "executable").name') + cd npm - for bin in restate restate-server + if npm view "@restatedev/${bin}@${node_version}" + then + continue + fi + pushd "${bin}" + sed -i "s/\"version\": \".*\",/\"version\": \"${node_version}\",/" package.json + for os in linux darwin do - if npm view "@restatedev/${bin}@${node_version}" - then - continue - fi - pushd "${bin}" - sed -i "s/\"version\": \".*\",/\"version\": \"${node_version}\",/" package.json - for os in linux darwin + for arch in x64 arm64 do - for arch in x64 arm64 - do - sed -i "s|\"@restatedev/${bin}-${os}-${arch}\": \".*\"|\"@restatedev/${bin}-${os}-${arch}\": \"${node_version}\"|" package.json - done + sed -i "s|\"@restatedev/${bin}-${os}-${arch}\": \".*\"|\"@restatedev/${bin}-${os}-${arch}\": \"${node_version}\"|" package.json done - curl https://raw.githubusercontent.com/restatedev/restate/main/README.md -o README.md - npm install - npm run build - npm publish --access public - popd done + curl https://raw.githubusercontent.com/restatedev/restate/main/README.md -o README.md + npm install + npm run build + npm publish --access public + popd env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1abb5e839..d03f5fa1e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,102 +1,402 @@ -name: Create new release +# This file was autogenerated by dist: https://opensource.axo.dev/cargo-dist/ +# +# Copyright 2022-2024, axodotdev +# SPDX-License-Identifier: MIT or Apache-2.0 +# +# CI that: +# +# * checks for a Git Tag that looks like a release +# * builds artifacts with dist (archives, installers, hashes) +# * uploads those artifacts to temporary workflow zip +# * on success, uploads the artifacts to a GitHub Release +# +# Note that the GitHub Release will be created with a generated +# title/body based on your changelogs. +name: Release +permissions: + "attestations": "write" + "contents": "write" + "id-token": "write" + +# This task will run whenever you push a git tag that looks like a version +# like "1.0.0", "v0.1.0-prerelease.1", "my-app/0.1.0", "releases/v1.0.0", etc. +# Various formats will be parsed into a VERSION and an optional PACKAGE_NAME, where +# PACKAGE_NAME must be the name of a Cargo package in your workspace, and VERSION +# must be a Cargo-style SemVer Version (must have at least major.minor.patch). +# +# If PACKAGE_NAME is specified, then the announcement will be for that +# package (erroring out if it doesn't have the given version or isn't dist-able). +# +# If PACKAGE_NAME isn't specified, then the announcement will be for all +# (dist-able) packages in the workspace with that version (this mode is +# intended for workspaces with only one dist-able package, or with all dist-able +# packages versioned/released in lockstep). +# +# If you push multiple tags at once, separate instances of this workflow will +# spin up, creating an independent announcement for each one. However, GitHub +# will hard limit this to 3 tags per commit, as it will assume more tags is a +# mistake. +# +# If there's a prerelease-style suffix to the version, then the release(s) +# will be marked as a prerelease. on: + pull_request: push: tags: - - v** + - '**[0-9]+.[0-9]+.[0-9]+*' jobs: - verify-version: - name: Verify version - runs-on: ubuntu-latest - + # Run 'dist plan' (or host) to determine what tasks we need to do + plan: + runs-on: "ubuntu-20.04" + outputs: + val: ${{ steps.plan.outputs.manifest }} + tag: ${{ !github.event.pull_request && github.ref_name || '' }} + tag-flag: ${{ !github.event.pull_request && format('--tag={0}', github.ref_name) || '' }} + publishing: ${{ !github.event.pull_request }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Install dasel - run: | - wget -q https://github.com/TomWright/dasel/releases/download/v2.3.1/dasel_linux_amd64 && \ - mv dasel_linux_amd64 dasel && \ - chmod +x dasel && \ - ./dasel --version - - - name: Verify version + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Install dist + # we specify bash to get pipefail; it guards against the `curl` command + # failing. otherwise `sh` won't catch that `curl` returned non-0 + shell: bash + run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.28.0/cargo-dist-installer.sh | sh" + - name: Cache dist + uses: actions/upload-artifact@v4 + with: + name: cargo-dist-cache + path: ~/.cargo/bin/dist + # sure would be cool if github gave us proper conditionals... + # so here's a doubly-nested ternary-via-truthiness to try to provide the best possible + # functionality based on whether this is a pull_request, and whether it's from a fork. + # (PRs run on the *source* but secrets are usually on the *target* -- that's *good* + # but also really annoying to build CI around when it needs secrets to work right.) + - id: plan run: | - # write yaml to remove quotes - version=$(./dasel --file Cargo.toml --read toml 'workspace.package.version' --write yaml) - tag_version=${{ github.ref_name }} - tag_version=${tag_version#v} - if [ ${tag_version} != ${version} ]; then - echo "::error file=release.yml,line=28::Cargo.toml version '${version}' is not equal to tag version '${tag_version}'. Please align them." - exit 1; - fi + dist ${{ (!github.event.pull_request && format('host --steps=create --tag={0}', github.ref_name)) || 'plan' }} --output-format=json > plan-dist-manifest.json + echo "dist ran successfully" + cat plan-dist-manifest.json + echo "manifest=$(jq -c "." plan-dist-manifest.json)" >> "$GITHUB_OUTPUT" + - name: "Upload dist-manifest.json" + uses: actions/upload-artifact@v4 + with: + name: artifacts-plan-dist-manifest + path: plan-dist-manifest.json - run-tests: - name: Test release - needs: [ verify-version ] + custom-ci: uses: ./.github/workflows/ci.yml secrets: inherit - build-docker-image: - name: Build release Docker image - needs: [ run-tests ] - uses: ./.github/workflows/docker.yml - secrets: inherit - with: - pushToDockerHub: true - parca: true + # Build and packages all the platform-specific things + build-local-artifacts: + name: build-local-artifacts (${{ join(matrix.targets, ', ') }}) + # Let the initial task tell us to not run (currently very blunt) + needs: + - plan + - custom-ci + if: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix.include != null && (needs.plan.outputs.publishing == 'true' || fromJson(needs.plan.outputs.val).ci.github.pr_run_mode == 'upload') }} + strategy: + fail-fast: false + # Target platforms/runners are computed by dist in create-release. + # Each member of the matrix has the following arguments: + # + # - runner: the github runner + # - dist-args: cli flags to pass to dist + # - install-dist: expression to run to install dist on the runner + # + # Typically there will be: + # - 1 "global" task that builds universal installers + # - N "local" tasks that build each platform's binaries and platform-specific installers + matrix: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix }} + runs-on: ${{ matrix.runner }} + container: ${{ matrix.container && matrix.container.image || null }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + BUILD_MANIFEST_NAME: target/distrib/${{ join(matrix.targets, '-') }}-dist-manifest.json + CODESIGN_CERTIFICATE: ${{ secrets.CODESIGN_CERTIFICATE }} + CODESIGN_CERTIFICATE_PASSWORD: ${{ secrets.CODESIGN_CERTIFICATE_PASSWORD }} + CODESIGN_IDENTITY: ${{ secrets.CODESIGN_IDENTITY }} + steps: + - name: enable windows longpaths + run: | + git config --global core.longpaths true + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Install Rust non-interactively if not already installed + if: ${{ matrix.container }} + run: | + if ! command -v cargo > /dev/null 2>&1; then + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + echo "$HOME/.cargo/bin" >> $GITHUB_PATH + fi + - name: "Run sccache-cache" + uses: "mozilla-actions/sccache-action@v0.0.6" + - name: "Cache Rust" + uses: "Swatinem/rust-cache@v2" + - name: "Install cargo-license" + run: "cargo install cargo-license" + - name: "Setup just" + uses: "extractions/setup-just@v2" + env: + "GITHUB_TOKEN": "${{ secrets.GITHUB_TOKEN }}" + - name: "Generate notice" + run: "just notice-file" + - name: Install dist + run: ${{ matrix.install_dist.run }} + # Get the dist-manifest + - name: Fetch local artifacts + uses: actions/download-artifact@v4 + with: + pattern: artifacts-* + path: target/distrib/ + merge-multiple: true + - name: Install dependencies + run: | + ${{ matrix.packages_install }} + - name: Build artifacts + run: | + # Actually do builds and make zips and whatnot + dist build ${{ needs.plan.outputs.tag-flag }} --print=linkage --output-format=json ${{ matrix.dist_args }} > dist-manifest.json + echo "dist ran successfully" + - name: Attest + uses: actions/attest-build-provenance@v1 + with: + subject-path: "target/distrib/*${{ join(matrix.targets, ', ') }}*" + - id: cargo-dist + name: Post-build + # We force bash here just because github makes it really hard to get values up + # to "real" actions without writing to env-vars, and writing to env-vars has + # inconsistent syntax between shell and powershell. + shell: bash + run: | + # Parse out what we just built and upload it to scratch storage + echo "paths<> "$GITHUB_OUTPUT" + dist print-upload-files-from-manifest --manifest dist-manifest.json >> "$GITHUB_OUTPUT" + echo "EOF" >> "$GITHUB_OUTPUT" - release-helm: - name: Release helm chart - needs: [ build-docker-image ] - uses: ./.github/workflows/helm.yml - secrets: inherit - with: - version: ${{ github.ref_name }} + cp dist-manifest.json "$BUILD_MANIFEST_NAME" + - name: "Upload artifacts" + uses: actions/upload-artifact@v4 + with: + name: artifacts-build-local-${{ join(matrix.targets, '_') }} + path: | + ${{ steps.cargo-dist.outputs.paths }} + ${{ env.BUILD_MANIFEST_NAME }} - build-binaries: - name: Build binaries - needs: [ run-tests ] - uses: ./.github/workflows/binaries.yml - secrets: inherit - with: - npmVersion: ${{ github.ref_name }} + # Build and package all the platform-agnostic(ish) things + build-global-artifacts: + needs: + - plan + - build-local-artifacts + runs-on: "ubuntu-20.04" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + BUILD_MANIFEST_NAME: target/distrib/global-dist-manifest.json + steps: + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Install cached dist + uses: actions/download-artifact@v4 + with: + name: cargo-dist-cache + path: ~/.cargo/bin/ + - run: chmod +x ~/.cargo/bin/dist + # Get all the local artifacts for the global tasks to use (for e.g. checksums) + - name: Fetch local artifacts + uses: actions/download-artifact@v4 + with: + pattern: artifacts-* + path: target/distrib/ + merge-multiple: true + - id: cargo-dist + shell: bash + run: | + dist build ${{ needs.plan.outputs.tag-flag }} --output-format=json "--artifacts=global" > dist-manifest.json + echo "dist ran successfully" - create-release: - name: Create release - runs-on: ubuntu-latest - needs: [ build-docker-image, build-binaries ] + # Parse out what we just built and upload it to scratch storage + echo "paths<> "$GITHUB_OUTPUT" + jq --raw-output ".upload_files[]" dist-manifest.json >> "$GITHUB_OUTPUT" + echo "EOF" >> "$GITHUB_OUTPUT" + cp dist-manifest.json "$BUILD_MANIFEST_NAME" + - name: "Upload artifacts" + uses: actions/upload-artifact@v4 + with: + name: artifacts-build-global + path: | + ${{ steps.cargo-dist.outputs.paths }} + ${{ env.BUILD_MANIFEST_NAME }} + # Determines if we should publish/announce + host: + needs: + - plan + - build-local-artifacts + - build-global-artifacts + # Only run if we're "publishing", and only if local and global didn't fail (skipped is fine) + if: ${{ always() && needs.plan.outputs.publishing == 'true' && (needs.build-global-artifacts.result == 'skipped' || needs.build-global-artifacts.result == 'success') && (needs.build-local-artifacts.result == 'skipped' || needs.build-local-artifacts.result == 'success') }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + runs-on: "ubuntu-20.04" + outputs: + val: ${{ steps.host.outputs.manifest }} steps: - - name: Download aarch64-apple-darwin binaries + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Install cached dist uses: actions/download-artifact@v4 with: - name: restate.aarch64-apple-darwin.tar.gz - - - name: Download x86_64-apple-darwin binaries + name: cargo-dist-cache + path: ~/.cargo/bin/ + - run: chmod +x ~/.cargo/bin/dist + # Fetch artifacts from scratch-storage + - name: Fetch artifacts uses: actions/download-artifact@v4 with: - name: restate.x86_64-apple-darwin.tar.gz - - - name: Download x86_64-unknown-linux-musl binaries + pattern: artifacts-* + path: target/distrib/ + merge-multiple: true + - id: host + shell: bash + run: | + dist host ${{ needs.plan.outputs.tag-flag }} --steps=upload --steps=release --output-format=json > dist-manifest.json + echo "artifacts uploaded and released successfully" + cat dist-manifest.json + echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT" + - name: "Upload dist-manifest.json" + uses: actions/upload-artifact@v4 + with: + # Overwrite the previous copy + name: artifacts-dist-manifest + path: dist-manifest.json + # Create a GitHub Release while uploading all files to it + - name: "Download GitHub Artifacts" uses: actions/download-artifact@v4 with: - name: restate.x86_64-unknown-linux-musl.tar.gz + pattern: artifacts-* + path: artifacts + merge-multiple: true + - name: Cleanup + run: | + # Remove the granular manifests + rm -f artifacts/*-dist-manifest.json + - name: Create GitHub Release + env: + PRERELEASE_FLAG: "${{ fromJson(steps.host.outputs.manifest).announcement_is_prerelease && '--prerelease' || '' }}" + ANNOUNCEMENT_TITLE: "${{ fromJson(steps.host.outputs.manifest).announcement_title }}" + ANNOUNCEMENT_BODY: "${{ fromJson(steps.host.outputs.manifest).announcement_github_body }}" + RELEASE_COMMIT: "${{ github.sha }}" + run: | + # Write and read notes from a file to avoid quoting breaking things + echo "$ANNOUNCEMENT_BODY" > $RUNNER_TEMP/notes.txt + + gh release create "${{ needs.plan.outputs.tag }}" --target "$RELEASE_COMMIT" $PRERELEASE_FLAG --title "$ANNOUNCEMENT_TITLE" --notes-file "$RUNNER_TEMP/notes.txt" artifacts/* - - name: Download aarch64-unknown-linux-musl binaries + publish-homebrew-formula: + needs: + - plan + - host + runs-on: "ubuntu-20.04" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PLAN: ${{ needs.plan.outputs.val }} + GITHUB_USER: "axo bot" + GITHUB_EMAIL: "admin+bot@axo.dev" + if: ${{ !fromJson(needs.plan.outputs.val).announcement_is_prerelease || fromJson(needs.plan.outputs.val).publish_prereleases }} + steps: + - uses: actions/checkout@v4 + with: + repository: "restatedev/homebrew-tap" + token: ${{ secrets.HOMEBREW_TAP_TOKEN }} + # So we have access to the formula + - name: Fetch homebrew formulae uses: actions/download-artifact@v4 with: - name: restate.aarch64-unknown-linux-musl.tar.gz + pattern: artifacts-* + path: Formula/ + merge-multiple: true + # This is extra complex because you can make your Formula name not match your app name + # so we need to find releases with a *.rb file, and publish with that filename. + - name: Commit formula files + run: | + git config --global user.name "${GITHUB_USER}" + git config --global user.email "${GITHUB_EMAIL}" + + for release in $(echo "$PLAN" | jq --compact-output '.releases[] | select([.artifacts[] | endswith(".rb")] | any)'); do + filename=$(echo "$release" | jq '.artifacts[] | select(endswith(".rb"))' --raw-output) + name=$(echo "$filename" | sed "s/\.rb$//") + version=$(echo "$release" | jq .app_version --raw-output) + + export PATH="/home/linuxbrew/.linuxbrew/bin:$PATH" + brew update + # We avoid reformatting user-provided data such as the app description and homepage. + brew style --except-cops FormulaAudit/Homepage,FormulaAudit/Desc,FormulaAuditStrict --fix "Formula/${filename}" || true + + git add "Formula/${filename}" + git commit -m "${name} ${version}" + done + git push + + custom-docker-release: + needs: + - plan + - host + if: ${{ !fromJson(needs.plan.outputs.val).announcement_is_prerelease || fromJson(needs.plan.outputs.val).publish_prereleases }} + uses: ./.github/workflows/docker-release.yml + with: + plan: ${{ needs.plan.outputs.val }} + secrets: inherit + # publish jobs get escalated permissions + permissions: + "id-token": "write" + "packages": "write" - - name: Create release - uses: softprops/action-gh-release@v2 + custom-npm: + needs: + - plan + - host + if: ${{ !fromJson(needs.plan.outputs.val).announcement_is_prerelease || fromJson(needs.plan.outputs.val).publish_prereleases }} + uses: ./.github/workflows/npm.yml + with: + plan: ${{ needs.plan.outputs.val }} + secrets: inherit + # publish jobs get escalated permissions + permissions: + "id-token": "write" + "packages": "write" + + announce: + needs: + - plan + - host + - publish-homebrew-formula + - custom-docker-release + - custom-npm + # use "always() && ..." to allow us to wait for all publish jobs while + # still allowing individual publish jobs to skip themselves (for prereleases). + # "host" however must run to completion, no skipping allowed! + if: ${{ always() && needs.host.result == 'success' && (needs.publish-homebrew-formula.result == 'skipped' || needs.publish-homebrew-formula.result == 'success') && (needs.custom-docker-release.result == 'skipped' || needs.custom-docker-release.result == 'success') && (needs.custom-npm.result == 'skipped' || needs.custom-npm.result == 'success') }} + runs-on: "ubuntu-20.04" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 with: - # create a draft release which needs manual approval - draft: true - files: | - restate.aarch64-apple-darwin.tar.gz - restate.x86_64-apple-darwin.tar.gz - restate.x86_64-unknown-linux-musl.tar.gz - restate.aarch64-unknown-linux-musl.tar.gz + submodules: recursive + custom-helm: + needs: + - plan + - announce + uses: ./.github/workflows/helm.yml + with: + plan: ${{ needs.plan.outputs.val }} + secrets: inherit diff --git a/.github/workflows/steps/release-build-setup.yml b/.github/workflows/steps/release-build-setup.yml new file mode 100644 index 000000000..9c564ff97 --- /dev/null +++ b/.github/workflows/steps/release-build-setup.yml @@ -0,0 +1,16 @@ +- name: Run sccache-cache + uses: mozilla-actions/sccache-action@v0.0.6 + +- name: Cache Rust + uses: Swatinem/rust-cache@v2 + +- name: Install cargo-license + run: cargo install cargo-license + +- name: Setup just + uses: extractions/setup-just@v2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +- name: Generate notice + run: just notice-file diff --git a/Cargo.toml b/Cargo.toml index 5e3b5971b..6ee204af6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -30,6 +30,7 @@ edition = "2021" rust-version = "1.82.0" license = "BUSL-1.1" repository = "https://github.com/restatedev/restate" +homepage = "https://github.com/restatedev/restate" description = "Restate makes distributed applications easy!" [workspace.dependencies] @@ -236,3 +237,7 @@ strip = true # Automatically strip symbols from the binary. [profile.bench] # Should be enabled for benchmarking runs; increases binary size debug = true + +# The profile that 'dist' will build with +[profile.dist] +inherits = "release" diff --git a/cli/Cargo.toml b/cli/Cargo.toml index 0e0f017ff..09b395e53 100644 --- a/cli/Cargo.toml +++ b/cli/Cargo.toml @@ -2,14 +2,20 @@ name = "restate-cli" version = { workspace = true } authors = { workspace = true } -description = { workspace = true } +description = "Restate CLI" edition = { workspace = true } license = { workspace = true } rust-version = { workspace = true } +repository = { workspace = true } +homepage = { workspace = true } publish = false default-run = "restate" build = "build.rs" +[package.metadata.dist] +dist = true +formula = "restate" + [features] default = ["cloud"] cloud = [] diff --git a/dist-workspace.toml b/dist-workspace.toml new file mode 100644 index 000000000..848f753ba --- /dev/null +++ b/dist-workspace.toml @@ -0,0 +1,36 @@ +[workspace] +members = ["cargo:."] + +# Config for 'dist' +[dist] +# The preferred dist version to use in CI (Cargo.toml SemVer syntax) +cargo-dist-version = "0.28.0" +# CI backends to support +ci = "github" +github-attestations = true +# The installers to generate for each app +installers = ["homebrew"] +# A GitHub repo to push Homebrew formulas to +tap = "restatedev/homebrew-tap" +# Target platforms to build apps for (Rust target-triple syntax) +targets = ["aarch64-apple-darwin", "x86_64-apple-darwin", "aarch64-unknown-linux-musl", "x86_64-unknown-linux-musl"] +macos-sign = true + +github-build-setup = "steps/release-build-setup.yml" +includes = ["NOTICE"] + +plan-jobs = ["./ci"] +publish-jobs = ["./docker-release", "homebrew", "./npm"] +post-announce-jobs = ["./helm"] + +[dist.dependencies.homebrew] +protobuf = "*" +[dist.dependencies.apt] +protobuf-compiler = "*" +libprotoc-dev = "*" + +[dist.github-custom-runners] +aarch64-apple-darwin = "warp-macos-latest-arm64-6x" +x86_64-apple-darwin = "macos-latest" +aarch64-unknown-linux-musl = "warp-ubuntu-latest-arm64-16x" +x86_64-unknown-linux-musl = "warp-ubuntu-latest-x64-16x" diff --git a/server/Cargo.toml b/server/Cargo.toml index 9f2cb456e..6b700edb7 100644 --- a/server/Cargo.toml +++ b/server/Cargo.toml @@ -3,12 +3,17 @@ name = "restate-server" version.workspace = true authors.workspace = true edition.workspace = true +repository.workspace = true +homepage.workspace = true rust-version.workspace = true license.workspace = true publish = false -description.workspace = true +description = "Restate Server" build = "build.rs" +[package.metadata.dist] +dist = true + [features] default = ["replicated-loglet"] console = [