...

Text file src/github.com/tetratelabs/wazero/.github/workflows/release.yaml

Documentation: github.com/tetratelabs/wazero/.github/workflows

     1name: Release CLI
     2on:
     3  pull_request:
     4    branches: [main]
     5    paths-ignore:  # ignore docs as they are built with Netlify.
     6      - '**/*.md'
     7      - 'site/**'
     8      - 'netlify.toml'
     9  push:
    10    branches: [main]
    11    tags: 'v[0-9]+.[0-9]+.[0-9]+**'  # Ex. v0.2.0 v0.2.1-rc2
    12
    13env: # Update this prior to requiring a higher minor version in go.mod
    14  GO_VERSION: "1.21"  # 1.xx == latest patch of 1.xx
    15
    16defaults:
    17  run:  # use bash for all operating systems unless overridden
    18    shell: bash
    19
    20concurrency:
    21  # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-concurrency-to-cancel-any-in-progress-job-or-run
    22  group: ${{ github.ref }}-${{ github.workflow }}-${{ github.actor }}
    23  cancel-in-progress: true
    24
    25jobs:
    26  pre_release:
    27    name: Pre-release build
    28    # This only runs on Windows so that we can simplify the installation of necessary toolchain to build artifacts.
    29    runs-on: windows-2022
    30    # This allows us to test in the following job regardless of the event (tag or not).
    31    outputs:
    32      VERSION: ${{ steps.output-version.outputs.VERSION }}
    33    steps:
    34      - uses: actions/checkout@v3
    35
    36      - uses: actions/setup-go@v4
    37        with:
    38          cache: false
    39          go-version: ${{ env.GO_VERSION }}
    40
    41      - uses: actions/cache@v3
    42        with:
    43          path: |
    44            ~/go/pkg/mod
    45            ~/go/bin
    46          key: pre-release-check-${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum', 'Makefile') }}
    47
    48      # windows-2022 is missing osslsigncode (no issue, yet)
    49      - name: "Install osslsigncode, infozip; setup wix"
    50        run: |
    51          choco install osslsigncode -y
    52          choco install zip -y
    53          echo "C:\Program Files (x86)\WiX Toolset v3.11\bin" >> $GITHUB_PATH
    54
    55      - name: Download Windows code signing certificate
    56        env:
    57          WINDOWS_CODESIGN_P12_BASE64: ${{ secrets.WINDOWS_CODESIGN_P12_BASE64 }}
    58        run: | # On the fork PRs, our org secret is not visible.
    59          if [ $WINDOWS_CODESIGN_P12_BASE64 ]; then
    60            echo $WINDOWS_CODESIGN_P12_BASE64 | base64 --decode > windows-certificate.p12
    61            echo "WINDOWS_CODESIGN_P12=windows-certificate.p12" >> $GITHUB_ENV
    62          fi
    63        shell: bash
    64
    65      - name: Make artifacts (test)
    66        if: github.event_name != 'push' || !contains(github.ref, 'refs/tags/')
    67        run: | # On the fork PRs, our org secret is not visible. We unset the required env so that `make dist` uses default self-signed cert.
    68          if [ $WINDOWS_CODESIGN_P12 ]; then
    69            export WINDOWS_CODESIGN_PASSWORD=${{ secrets.WINDOWS_CODESIGN_PASSWORD }}
    70          fi
    71          VERSION=${{ github.sha }}
    72          make dist VERSION=$VERSION
    73          echo "VERSION=${VERSION}" >> $GITHUB_ENV
    74        shell: bash
    75
    76      - name: Make artifacts
    77        # Triggers only on tag creation.
    78        if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
    79        env:
    80          WINDOWS_CODESIGN_PASSWORD: ${{ secrets.WINDOWS_CODESIGN_PASSWORD }}
    81        run: | # Note: MSI_VERSION requires . as a separator, so replace "-" in the tag with ".".
    82          VERSION=${GITHUB_REF#refs/tags/v}
    83          MSI_VERSION=${VERSION//-/.}
    84          make dist VERSION=$VERSION MSI_VERSION=$MSI_VERSION
    85          echo "VERSION=${VERSION}" >> $GITHUB_ENV
    86        shell: bash
    87
    88      # This allows us to test in the following job regardless of the event (tag or not).
    89      - id: output-version
    90        run: echo "VERSION=${VERSION}" >> "$GITHUB_OUTPUT"
    91        shell: bash
    92
    93      # In order to share the built artifacts in the subsequent tests, we use cache instead of actions/upload-artifacts.
    94      # The reason is that upload-artifacts are not globally consistent and sometimes pre_release_test won't be able to
    95      # find the artifacts uploaded here. See https://github.com/actions/upload-artifact/issues/21 for more context.
    96      # Downside of this is that, we pressure the cache capacity set per repository. We delete all caches created
    97      # on PRs on close. See .github/workflows/clear_cache.yaml. On main branch, in any way this cache will be deleted
    98      # in 7 days, also this at most a few MB, so this won't be an issue.
    99      - uses: actions/cache@v3
   100        id: cache
   101        with:
   102          # Use share the cache containing archives across OSes.
   103          enableCrossOsArchive: true
   104          # Note: this creates a cache per run.
   105          key: release-artifacts-${{ github.run_id }}
   106          path:
   107            dist/
   108
   109  # pre_release_test tests the artifacts built by pre_release in the OS dependent way.
   110  pre_release_test:
   111    needs: pre_release
   112    name: Pre-release test (${{ matrix.os }})
   113    runs-on: ${{ matrix.os }}
   114    strategy:
   115      fail-fast: false # don't fail fast as sometimes failures are arch/OS specific
   116      matrix:
   117        os: [ubuntu-22.04, macos-12, windows-2022]
   118
   119    steps:
   120      - uses: actions/checkout@v3
   121
   122      - uses: actions/cache@v3
   123        id: cache
   124        with:
   125          # We need this cache to run tests.
   126          fail-on-cache-miss: true
   127          enableCrossOsArchive: true
   128          key: release-artifacts-${{ github.run_id }}
   129          path:
   130            dist/
   131
   132      - name: Test (linux)
   133         # Check if the version was correctly inserted with VERSION variable
   134        if: runner.os == 'Linux'
   135        run: |
   136          tar xf dist/wazero_${{ needs.pre_release.outputs.VERSION }}_linux_amd64.tar.gz
   137          ./wazero version | grep ${{ needs.pre_release.outputs.VERSION }}
   138
   139      - name: Test (darwin)
   140        # Check if the version was correctly inserted with VERSION variable
   141        if: runner.os == 'macOS'
   142        run: |
   143          tar xf dist/wazero_${{ needs.pre_release.outputs.VERSION }}_darwin_amd64.tar.gz
   144          ./wazero version | grep ${{ needs.pre_release.outputs.VERSION }}
   145
   146      # This only checks the installer when built on Windows as it is simpler than switching OS.
   147      # refreshenv is from choco, and lets you reload ENV variables (used here for PATH).
   148      - name: Test Windows Installer
   149        if: runner.os == 'Windows'
   150        run: |
   151          set MSI_FILE="dist\wazero_${{ needs.pre_release.outputs.VERSION }}_windows_amd64.msi"
   152          call packaging\msi\verify_msi.cmd
   153        shell: cmd
   154
   155  # Triggers only on the tag creation.
   156  release:
   157    if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
   158    needs: pre_release_test
   159    name: Release
   160    runs-on: ubuntu-22.04
   161    steps:
   162      - uses: actions/checkout@v3
   163        with:  # Ensure release_notes.sh can see prior commits
   164          fetch-depth: 0
   165
   166      - uses: actions/cache@v3
   167        id: cache
   168        with:
   169          fail-on-cache-miss: true
   170          enableCrossOsArchive: true
   171          key: release-artifacts-${{ github.run_id }}
   172          path:
   173            dist/
   174
   175      - name: Create draft release
   176        run: |
   177          ls dist
   178          tag="${GITHUB_REF#refs/tags/}"
   179          ./.github/workflows/release_notes.sh ${tag} > release-notes.txt
   180          gh release create ${tag} --draft --notes-file release-notes.txt --title ${GITHUB_REF#refs/tags/} ./dist/*
   181        env:
   182          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

View as plain text