* Fix CI: Dry-run `cargo-publish` on crate to be published
If there's no crate to publish, do not dry-run `cargo-publish`.
Only dry-run `cargo-publish` on crate to be published to avoid
`cargo-publish` error on `cargo-binstall` when one of its direct
dependencies is bumped.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix passing of crate to `release-cli.yml`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix passing of `needs.pr-info.outpus.crate`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix `release-dry-run`: Only run if is release or is not PR event
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix passing of crate
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Rm `just-setup` from `release-cli.yml` since it cannot be cached
release is trigged by the closing of PR, so the cache is saved under the
branch `release/*` which cannot be reused.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix dry-run publish
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix `release-cli.yml`: Do not dry run `cargo-publish`
If dependencies of `carog-binstall` is bumped, then `cargo-publish` dry
run will fail since the dependency has not published yet
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Speedup step publish in `release-cli.yml`
Use `just-setup` to cache rust/zig compilation, also
disable all features to reduce dependencies pulled in.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* `release-cli.yml`: Restore rust cache before ephermal-crate.sh is run
which writes the key to `Cargo.toml` and invalidates the cache.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix ci: Install deps before caching and include `JUST*` env values in caching key
To make sure caching is done properly and does not accidentally include
(old) pre-built binaries that we don't want.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix missing `shell`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix justfile target `check`: Call `cargo hack check` directly
without using the `CARGO=cargo-zigbuild` env since `leon` does not use
external C/C++ compiler anyway.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* CI: Dowgrade cargo-hack to 0.6.10
This is the last version working
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
For PRs opened by contributors who are not part of the cargo-bins team and for
PRs opened by dependabot, they cannot access the secrets, thus signing will
always fail.
Skipping release-dry-run on pull_request would fix that for them, while
retaining the signing stage on merge_queue and on main to ensure that the
release workflow is working.
It will also speedup CI for PR.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix build again
* Recommend (r)age over minisign password
* Dry-run the entire release process
* Reorg a bit so dry-run works
* Fix secret name
* Add check on age key
* Pass secrets down
* Use a cross-platform "date"
* Delete signing key artifact to be extra safe
* Last little bits
* Revert "release: cargo-binstall v1.4.0 (#1397)"
This reverts commit 99e8256018.
* --allow-dirty on publish
* Remove private key file after generation
* Write public key file to bin crate and to package
* Upload public key file to release
* Sign our releases
* Use secrets instead of artifacts
* And the universal
* Apparently we can’t use secrets like that?
* Minor fixes to doc
* Private key requires untrusted comment
* Dogfood one deeper
* Fix `detect-targets` on ubuntu 20.04, glibc 2.31
Fixed#1375 and fixed#1378
glibc 2.31 does not support `--version`, so we need to detect and
fallback to passing an executable linked with that glibc to check if it
is indeed glibc.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix compilation faillure on ubuntu-20.04
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
Since the merge_queue requires every PR to be tested, there is no need
to run the test again in `release.yml`.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
Add a unique value to `concurrency.group` in `ci.yml` to prevent it from
being cancelled when releasing crates.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
`binstalk-downloader` contains stuff about http(s) before the
git code is moved into it and now it becomes http and git.
While git indeed uses http stuff, which is why I decided to put
it into binstalk-downloader, it is more than just downloading
since it is stateful (can be cached locally and updated)
where as http is stateless.
Also `binstalk-downloader`'s codegen time now increases
dramatically and it also creates extra dependencies for
binstalk-fetchers, delaying its execution.
The git code also don't use anything from `binstalk-downloader`
at all, it makes sense to be an independent crate.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
Set `CARGO_PROFILE_RELEASE_CODEGEN_UNITS` to 4
since 1024 units are too many and our CI only have 2-3 cores.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
Which guarantees:
- faster linking on all targets when `cargo-zigbuild` is not used
- allow cross-lang-lto to be enabled
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
instead of `x86_64-apple-darwin` for better optimization since any
machine that support universal support x86_64h.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
Run `cargo-publish` without `--no-verify` to verify the publish is valid
and does not depend on unpublished crates in job tag of workflow
`release.yml`, which could be caused by incorrect merge order.
Also enabled `check-semver` to `cargo-bins/release-pr@v2` and install
`cargo-semver-checks` using `taiki-e/install-action@v2` in
job make-release-pr of workflow `release-pr.yml`, since
`release-pr` would try to use `cargo-binstall` for installing
`cargo-semver-checks` used in `check-semver`, but we did not explicitly
require `taiki-e/install-actions@v2` to install `cargo-binstall`, so
`release-pr` could fallback to `cargo-install` which is just too slow.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
- ci: Check feat powerset of leon & binstalk-downloader in `ci.yml`
- fix leon feature `cli`: Enable dep `miette` in feature `cli`
- fix binstalk-downloader when default feature is disabled and no other
tls related feature is enabled (breaking change due to replace of
`tls::Version` with newtype `TLSVersion`).
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
- Remove trigger on "auto merge" enablement, which is just annoying now with the merge queue and was only ever an additional workaround for the release PRs.
- Always run the PR CIs, don't ignore markdown files. That made it impossible to merge PRs that only touched those files (without bypassing requirements).
for upgrading transitive dependencies.
While dependabot is great, it opens one PR for each of these transitive
dependencies, which makes merging harder:
- have to approve every PR
- have to click merge when ci is done
it also creates merge queue runs and commits to main, thus creates a lot
of unused caches and unnecessary CI runs.
This PR creates `upgrade-transitive-deps.yml` that creates one PR for
all transitive change per-day.
It also configures dependabot to only `increase-if-necessary`, same as
library crates.
Since we have several library crates in our workspace, this would mean
that we would have less unnecessary deps bump on these library crates.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
Fixed#1038
sccache is not very effective at caching dependencies, the external
C/C++ is recompiled in every ci and it takes a lot of time.
Compilation of other Rust dependencies also takes quite some time and
sccache is not helping at all, so I decided to switch to
`Swatinem/rust-cache@v2`.
The downside of the new caching method is that a new cache conntaining
part of the `.cargo/` and `target/` will be created whenver
`Cargo.lock`/`Cargo.toml` changes, but it can still reuse the old cache
to create new caching.
This is acceptable given that `sccache` often fails to reuse
cache due to rate limiting from GHA, since it is not designed for use
like a s3 object pool, and `sccache` will create a lot of new cache
artifacts for a given branch that cannot be reused in main and would
have to cleanup via a cronjob.
Edit:
rust 1.70 uses llvm 16.0, however ubuntu-latest still uses llvm 15.0
As such, during release-build, cross-lang-lto failed due to llvm is too
old.
Temporarily disable linker-plugin-lto to fix this.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
`cargo-test` cannot share its artifacts with `cargo-build` and vice
versa, plus running `e2e-tests` in release build is enough to find out
potential miscompilation.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
`leon_macros::template!` can parse template at compile-time.
It accepts a utf-8 string literal and uses `leon` internally to parse it, then generate code that evaluates to `Template<'static>`.
- Exclude fuzz from crate leon when publishing
- Impl fn-like proc-macro `leon_macros::template!`
- Add dep `leon-macros` to binstalk
- Use `leon_macros::template!` in `binstalk::fetchers::gh_crate_meta::hosting`
- Add doc for `leon-macros` in `leon`
- Improve `std::fmt::Display` impl for `leon::ParseError`
- Fixed broken infra link in leon
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
