actions/cargo-binstall
1
0
Fork 0
mirror of https://github.com/cargo-bins/cargo-binstall.git synced 2025-04-22 13:38:43 +00:00
Code Issues Projects Releases Packages Wiki Activity
cargo-binstall/.github/workflows/release-cli.yml
Jiahao XU d02d7b2a69
Fix setting release to latest in release-cli.yml (#1879) 
* Fix setting release to latest in release-cli.yml

Using gh-release-edit

Signed-off-by: Jiahao XU <30436523+NobodyXu@users.noreply.github.com>

* Update .github/workflows/release-cli.yml

Signed-off-by: Jiahao XU <30436523+NobodyXu@users.noreply.github.com>

---------

Signed-off-by: Jiahao XU <30436523+NobodyXu@users.noreply.github.com>
2024-08-12 13:57:22 +00:00

135 lines
4.1 KiB
YAML
Raw Blame History

name: Release CLI
on:
workflow_call:
inputs:
info:
description: "The release metadata JSON"
required: true
type: string
CARGO_PROFILE_RELEASE_LTO:
description: "Used to speed up CI"
required: false
type: string
CARGO_PROFILE_RELEASE_CODEGEN_UNITS:
description: "Used to speed up CI"
required: false
type: string
jobs:
tag:
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- if: fromJSON(inputs.info).is-release == 'true'
name: Push cli release tag
uses: mathieudutour/github-tag-action@v6.2
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
custom_tag: ${{ fromJSON(inputs.info).version }}
tag_prefix: v
keygen:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cargo-bins/cargo-binstall@main
env:
GITHUB_TOKEN: ${{ secrets.CI_RELEASE_TEST_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
- name: Install binaries required
run: cargo binstall -y --force rsign2 rage
env:
GITHUB_TOKEN: ${{ secrets.CI_RELEASE_TEST_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
- name: Create ephemeral keypair
id: keypair
env:
AGE_KEY_PUBLIC: ${{ vars.AGE_KEY_PUBLIC }}
run: .github/scripts/ephemeral-gen.sh
- uses: actions/upload-artifact@v4
with:
name: minisign.pub
path: minisign.pub
- uses: actions/upload-artifact@v4
with:
name: minisign.key.age
path: minisign.key.age
retention-days: 1
- name: Check that key can be decrypted
env:
AGE_KEY_SECRET: ${{ secrets.AGE_KEY_SECRET }}
shell: bash
run: .github/scripts/ephemeral-sign.sh minisign.pub
package:
needs:
- tag
- keygen
uses: ./.github/workflows/release-packages.yml
secrets: inherit
with:
publish: ${{ inputs.info }}
CARGO_PROFILE_RELEASE_LTO: ${{ inputs.CARGO_PROFILE_RELEASE_LTO }}
CARGO_PROFILE_RELEASE_CODEGEN_UNITS: ${{ inputs.CARGO_PROFILE_RELEASE_CODEGEN_UNITS }}
publish:
needs: package
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: minisign.pub
- run: rustup toolchain install stable --no-self-update --profile minimal
- run: .github/scripts/ephemeral-crate.sh
- if: fromJSON(inputs.info).is-release != 'true' && fromJSON(inputs.info).crate != ''
name: DRY-RUN Publish to crates.io
env:
crate: ${{ fromJSON(inputs.info).crate }}
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
run: cargo publish --dry-run -p "$crate" --allow-dirty --no-default-features
- if: fromJSON(inputs.info).is-release != 'true' && fromJSON(inputs.info).crate != ''
name: Upload crate package as artifact
uses: actions/upload-artifact@v4
with:
name: crate-package
path: target/package/*.crate
- if: fromJSON(inputs.info).is-release == 'true'
name: Publish to crates.io
env:
crate: ${{ fromJSON(inputs.info).crate }}
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
run: cargo publish -p "$crate" --allow-dirty --no-default-features
- if: fromJSON(inputs.info).is-release == 'true'
name: Upload minisign.pub
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
release_name: v${{ fromJSON(inputs.info).version }}
tag: v${{ fromJSON(inputs.info).version }}
body: ${{ fromJSON(inputs.info).notes }}
promote: true
file: minisign.pub
- if: fromJSON(inputs.info).is-release == 'true'
name: Make release latest
run: gh release edit v${{ fromJSON(inputs.info).version }} --latest --draft=false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: fromJSON(inputs.info).is-release == 'true'
name: Delete signing key artifact
uses: geekyeggo/delete-artifact@v5
with:
name: minisign.key.age
failOnError: false
Reference in a new issue View git blame Copy permalink