release jobs #86
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
workflow_dispatch: | |
inputs: | |
ovewriteArtifacts: | |
description: Ovewrite artifacts on the release. Some will only be skipped. | |
required: true | |
type: boolean | |
default: true | |
checkBump: | |
description: check-bump adds a release entry to github so it's disabled by default. | |
required: true | |
type: boolean | |
default: false | |
push: | |
tags: | |
- v* | |
env: | |
GHJK_VERSION: "7bef036" | |
DENO_VERSION: "1.39.0" | |
REGISTRY_IMAGE: ghcr.io/${{ github.repository_owner }}/typegate | |
jobs: | |
check-bump: | |
runs-on: ubuntu-latest | |
if: github.ref_type == 'tag' | |
|| ( | |
github.event_name == 'workflow_dispatch' | |
&& inputs.checkBump | |
) | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: WyriHaximus/[email protected] | |
id: latest-tag | |
- uses: denoland/setup-deno@v1 | |
with: | |
deno-version: v${{ env.DENO_VERSION }} | |
- uses: kenji-miyake/setup-git-cliff@v2 | |
- run: | | |
VERSION=$(deno run -A dev/lock.ts --version) | |
if [[ "${{ steps.latest-tag.outputs.tag }}" != "v$VERSION" ]]; then | |
echo "Tag ${{ steps.latest-tag.outputs.tag }} does not match code version v$VERSION, stopping." | |
exit -1 | |
fi | |
echo "Releasing v$VERSION" | |
git cliff --latest --strip header --output CHANGE.md | |
cat CHANGE.md | |
- uses: ncipollo/release-action@v1 | |
with: | |
tag: ${{ steps.latest-tag.outputs.tag }} | |
makeLatest: true | |
bodyFile: "CHANGE.md" | |
discussionCategory: "Announcements" | |
prerelease: ${{ contains(steps.latest-tag.outputs.tag, 'dev') || contains(steps.latest-tag.outputs.tag, 'alpha') }} | |
meta-cli: | |
needs: | |
- check-bump | |
# using `always()` makes the job evaulte despite | |
# status of check-bump | |
# we combine that with our own conditions | |
if: | | |
always() | |
&& ( | |
needs.check-bump.result == 'success' | |
|| github.event_name == 'workflow_dispatch' | |
) | |
runs-on: "${{ matrix.os }}" | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- os: macos-latest | |
target: x86_64-apple-darwin | |
suffix: "" | |
- os: macos-latest | |
target: aarch64-apple-darwin | |
suffix: "" | |
- os: ubuntu-latest | |
target: x86_64-unknown-linux-gnu | |
suffix: "" | |
- os: ubuntu-latest | |
target: x86_64-unknown-linux-musl | |
suffix: "" | |
- os: ubuntu-latest | |
target: aarch64-unknown-linux-gnu | |
suffix: "" | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: WyriHaximus/[email protected] | |
id: latest-tag | |
- uses: dsherret/rust-toolchain-file@v1 | |
with: | |
targets: ${{ matrix.target }} | |
- uses: rui314/setup-mold@v1 | |
if: contains(matrix.target, 'linux') | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
key: ${{ runner.os }}-${{ matrix.target }} | |
- run: | | |
# sometimes, dtolnay/rust-toolchain does not select the correct default target | |
rustup target add ${{ matrix.target }} | |
- uses: actions-rs/cargo@v1 | |
with: | |
use-cross: true | |
command: build | |
args: "--locked --release --package meta-cli --target ${{ matrix.target }}" | |
- run: | | |
cd target/${{ matrix.target }}/release | |
tar czvf ../../../meta-cli-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz "meta${{ matrix.suffix }}" | |
- uses: svenstaro/upload-release-action@v2 | |
with: | |
tag: ${{ steps.latest-tag.outputs.tag }} | |
file: "meta-cli-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz" | |
asset_name: "meta-cli-${{ steps.latest-tag.outputs.tag }}-${{ matrix.target }}.tar.gz" | |
overwrite: ${{ inputs.ovewriteArtifacts }} | |
typegraph: | |
needs: | |
- check-bump | |
if: | | |
always() | |
&& ( | |
needs.check-bump.result == 'success' | |
|| github.event_name == 'workflow_dispatch' | |
) | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: WyriHaximus/[email protected] | |
id: latest-tag | |
- uses: dsherret/rust-toolchain-file@v1 | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
shared-key: ${{ runner.os }}-rust-${{ hashFiles('**/rust-toolchain.toml') }}-${{ hashFiles('**/Cargo.lock') }} | |
- uses: denoland/setup-deno@v1 | |
with: | |
deno-version: ${{ env.DENO_VERSION }} | |
- uses: metatypedev/setup-ghjk@a4453d20156edde8e1c9b19784f8188a36b3bf23 | |
- shell: bash | |
env: | |
POETRY_PYPI_TOKEN_PYPI: ${{ secrets.PYPI_TOKEN }} | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
WASM_FILE: target/release/typegraph_core.wasm | |
run: | | |
cargo build -p typegraph_core --target wasm32-unknown-unknown --target-dir target/wasm --release | |
mkdir -p $(dirname $WASM_FILE) | |
wasm-opt -Oz target/wasm/wasm32-unknown-unknown/release/typegraph_core.wasm -o $WASM_FILE.opt | |
wasm-tools component new $WASM_FILE.opt -o $WASM_FILE | |
poetry install --no-root | |
poetry run python -m wasmtime.bindgen $WASM_FILE --out-dir typegraph/python/typegraph/gen | |
cd typegraph/python | |
poetry install | |
poetry build | |
[ ${{ github.event_name == 'workflow_dispatch' && inputs.ovewriteArtifacts }} == 'true' ] \ | |
&& poetry publish --skip-existing \ | |
|| poetry publish | |
cd ../.. | |
npm install --global @bytecodealliance/jco@$JCO_VERSION | |
jco transpile $WASM_FILE -o typegraph/node/sdk/src/gen | |
cd typegraph/node | |
pnpm install | |
pnpm run sdk-build | |
cp ./sdk/{package.json,package-lock.json,LICENSE.md} ./sdk/dist | |
cd ../.. | |
cd typegraph/node/sdk/dist | |
pnpm config set '//registry.npmjs.org/:_authToken' "${NODE_AUTH_TOKEN}" | |
[ ${{ github.event_name == 'workflow_dispatch' && inputs.ovewriteArtifacts }} == 'true' ] \ | |
&& pnpm publish --no-git-checks --force \ | |
|| pnpm publish --no-git-checks | |
- uses: svenstaro/upload-release-action@v2 | |
with: | |
tag: ${{ steps.latest-tag.outputs.tag }} | |
file: "typegraph/python/dist/*" | |
file_glob: true | |
overwrite: ${{ inputs.ovewriteArtifacts }} | |
typegate: | |
needs: | |
- check-bump | |
if: | | |
always() | |
&& ( | |
needs.check-bump.result == 'success' | |
|| github.event_name == 'workflow_dispatch' | |
) | |
runs-on: ${{ matrix.runner }} | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- platform: linux/amd64 | |
runner: ubuntu-latest | |
- platform: linux/arm64 | |
runner: custom-macos | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: docker/setup-buildx-action@v3 | |
- uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- uses: docker/build-push-action@v5 | |
id: build | |
with: | |
file: dev/Dockerfile | |
platforms: ${{ matrix.platform }} | |
target: prd | |
cache-from: type=registry,ref=${{ env.REGISTRY_IMAGE }}:latest | |
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true | |
- run: | | |
mkdir -p ./digests | |
digest="${{ steps.build.outputs.digest }}" | |
touch "./digests/${digest#sha256:}" | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: digests | |
path: ./digests/* | |
if-no-files-found: error | |
retention-days: 1 | |
docker: | |
needs: | |
- typegate | |
# needs hack required here as well because | |
# `typegate` uses it | |
if: always() && needs.typegate.result == 'success' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: WyriHaximus/[email protected] | |
id: latest-tag | |
- uses: actions/download-artifact@v4 | |
with: | |
name: digests | |
path: ./digests | |
- uses: docker/setup-buildx-action@v3 | |
- uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- run: | | |
cd ./digests | |
docker buildx imagetools create --tag ${{ env.REGISTRY_IMAGE }}:${{ steps.latest-tag.outputs.tag }} --tag ${{ env.REGISTRY_IMAGE }}:latest $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) | |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:latest | |
vscode-extension: | |
needs: | |
- check-bump | |
if: | | |
always() | |
&& ( | |
needs.check-bump.result == 'success' | |
|| github.event_name == 'workflow_dispatch' | |
) | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: WyriHaximus/[email protected] | |
id: latest-tag | |
- uses: metatypedev/setup-ghjk@a4453d20156edde8e1c9b19784f8188a36b3bf23 | |
- shell: bash | |
run: | | |
cd dev-tools | |
pnpm install --frozen-lockfile | |
cd ts-language-server | |
pnpm install --frozen-lockfile | |
cd ../vscode-metatype-support | |
pnpm install --frozen-lockfile | |
cd .. | |
pnpm compile:ts-server | |
pnpm compile:vscode | |
pnpm vscode:package | |
[ ${{ github.event_name == 'workflow_dispatch' && inputs.ovewriteArtifacts }} == 'true' ] \ | |
&& pnpm run vscode:publish -p ${{ secrets.AZURE_DEVOPS_TOKEN }} --skip-duplicate \ | |
|| pnpm run vscode:publish -p ${{ secrets.AZURE_DEVOPS_TOKEN }} | |
- uses: svenstaro/upload-release-action@v2 | |
with: | |
tag: ${{ steps.latest-tag.outputs.tag }} | |
file: "dev-tools/*.vsix" | |
file_glob: true | |
overwrite: ${{ inputs.ovewriteArtifacts }} | |
bump: | |
needs: | |
- meta-cli | |
- typegraph | |
- typegate | |
- docker | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: dsherret/rust-toolchain-file@v1 | |
- uses: denoland/setup-deno@v1 | |
with: | |
deno-version: v${{ env.DENO_VERSION }} | |
- uses: kenji-miyake/setup-git-cliff@v2 | |
- id: bump | |
run: | | |
deno run -A dev/lock.ts --bump prerelease | |
echo "version=$(deno run -A dev/lock.ts --version)" >> $GITHUB_OUTPUT | |
git cliff --output CHANGELOG.md | |
- uses: peter-evans/create-pull-request@v5 | |
with: | |
branch: bump-${{ steps.bump.outputs.version }} | |
delete-branch: true | |
commit-message: "chore(release): prepare for ${{ steps.bump.outputs.version }}" | |
title: "chore(release): prepare for ${{ steps.bump.outputs.version }}" | |
body: "Automatic suggested bump" | |
base: main |