mirror of
https://github.com/cargo-bins/cargo-binstall.git
synced 2025-04-22 13:38:43 +00:00
3d68641a6d
* Fix `release-packages` and `release-cli` workflow Fixed #1419 Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com> * Use `taiki-e/install-action` for `rsign2` & `rage` in `release-packages.yml` Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com> --------- Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
127 lines
3.6 KiB
YAML
127 lines
3.6 KiB
YAML
name: Release CLI
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
info:
|
|
description: "The release metadata JSON"
|
|
required: true
|
|
type: string
|
|
CARGO_PROFILE_RELEASE_LTO:
|
|
description: "Used to speed up CI"
|
|
required: false
|
|
type: string
|
|
CARGO_PROFILE_RELEASE_CODEGEN_UNITS:
|
|
description: "Used to speed up CI"
|
|
required: false
|
|
type: string
|
|
|
|
jobs:
|
|
tag:
|
|
permissions:
|
|
contents: write
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- if: fromJSON(inputs.info).is-release == 'true'
|
|
name: Push cli release tag
|
|
uses: mathieudutour/github-tag-action@v6.1
|
|
with:
|
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
custom_tag: ${{ fromJSON(inputs.info).version }}
|
|
tag_prefix: v
|
|
|
|
keygen:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: cargo-bins/cargo-binstall@main
|
|
- name: Install binaries required
|
|
run: cargo binstall -y --force rsign2 rage
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Create ephemeral keypair
|
|
id: keypair
|
|
env:
|
|
AGE_KEY_PUBLIC: ${{ vars.AGE_KEY_PUBLIC }}
|
|
run: .github/scripts/ephemeral-gen.sh
|
|
- uses: actions/upload-artifact@v3
|
|
with:
|
|
name: minisign.pub
|
|
path: minisign.pub
|
|
- uses: actions/upload-artifact@v3
|
|
with:
|
|
name: minisign.key.age
|
|
path: minisign.key.age
|
|
retention-days: 1
|
|
- name: Check that key can be decrypted
|
|
env:
|
|
AGE_KEY_SECRET: ${{ secrets.AGE_KEY_SECRET }}
|
|
shell: bash
|
|
run: .github/scripts/ephemeral-sign.sh minisign.pub
|
|
|
|
package:
|
|
needs:
|
|
- tag
|
|
- keygen
|
|
uses: ./.github/workflows/release-packages.yml
|
|
secrets: inherit
|
|
with:
|
|
publish: ${{ inputs.info }}
|
|
CARGO_PROFILE_RELEASE_LTO: ${{ inputs.CARGO_PROFILE_RELEASE_LTO }}
|
|
CARGO_PROFILE_RELEASE_CODEGEN_UNITS: ${{ inputs.CARGO_PROFILE_RELEASE_CODEGEN_UNITS }}
|
|
|
|
publish:
|
|
needs: package
|
|
permissions:
|
|
contents: write
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/download-artifact@v3
|
|
with:
|
|
name: minisign.pub
|
|
- run: .github/scripts/ephemeral-crate.sh
|
|
|
|
- if: fromJSON(inputs.info).is-release != 'true'
|
|
name: DRY-RUN Publish to crates.io
|
|
env:
|
|
crate: ${{ fromJSON(inputs.info).crate }}
|
|
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
|
|
run: |
|
|
set -ex
|
|
cargo publish -p "$crate" --allow-dirty --dry-run
|
|
cargo package --no-verify -p "$crate" --allow-dirty
|
|
- if: fromJSON(inputs.info).is-release != 'true'
|
|
name: Upload crate package as artifact
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: crate-package
|
|
path: target/package/*.crate
|
|
|
|
- if: fromJSON(inputs.info).is-release == 'true'
|
|
name: Publish to crates.io
|
|
env:
|
|
crate: ${{ fromJSON(inputs.info).crate }}
|
|
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
|
|
run: cargo publish -p "$crate" --allow-dirty
|
|
|
|
- if: fromJSON(inputs.info).is-release == 'true'
|
|
name: Make release latest
|
|
uses: svenstaro/upload-release-action@v2
|
|
with:
|
|
repo_token: ${{ secrets.GITHUB_TOKEN }}
|
|
release_name: v${{ fromJSON(inputs.info).version }}
|
|
tag: v${{ fromJSON(inputs.info).version }}
|
|
body: ${{ fromJSON(inputs.info).notes }}
|
|
promote: true
|
|
file: minisign.pub
|
|
|
|
- if: fromJSON(inputs.info).is-release == 'true'
|
|
name: Delete signing key artifact
|
|
uses: geekyeggo/delete-artifact@v2
|
|
with:
|
|
name: minisign.key.age
|
|
failOnError: false
|
|
|