containerd-shim-wasmtime@0.5.0 (DryRun:true) #20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# yaml-language-server: $schema=https://json.schemastore.org/github-action.json | |
name: Release | |
run-name: ${{ inputs.crate }}@${{ inputs.version }} (DryRun:${{ inputs.dry_run }}) | |
on: | |
workflow_dispatch: | |
inputs: | |
dry_run: | |
description: "Run the release without actually releasing bits" | |
type: boolean | |
default: true | |
crate: | |
description: "The crate to release" | |
required: true | |
type: choice | |
options: | |
- containerd-shim-wasm-test-modules | |
- oci-tar-builder | |
- containerd-shim-wasm | |
# shims | |
- containerd-shim-wasmer | |
- containerd-shim-wasmedge | |
- containerd-shim-wasmtime | |
version: | |
description: "The version of the crate to release. (e.g., 1.2.3)" | |
type: string | |
required: true | |
concurrency: | |
group: release-${{ github.workflow }}-${{ inputs.crate }}-${{ inputs.version }} | |
cancel-in-progress: true | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
pre-release: | |
name: pre-release checks | |
runs-on: "ubuntu-latest" | |
steps: | |
- name: Fail if branch is not main | |
if: github.event_name == 'workflow_dispatch' && github.ref != 'refs/heads/main' | |
run: | | |
echo "::error::This workflow should not be triggered with workflow_dispatch on a branch other than main" | |
exit 1 | |
- uses: actions/checkout@v4 | |
- name: substring runtime | |
id: runtime_sub | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
const crate = '${{ inputs.crate }}'; | |
const non_shim_crates = ['wasm', 'wasm-test-modules', 'oci-tar-builder']; | |
if non_shim_crates.includes(runtime) { | |
core.setOutput('is_shim', false) | |
} else { | |
core.setOutput('is_shim', true); | |
} | |
### If we are releasing a crate rather than producing a bin, check for crates.io access | |
- name: Check crates.io ownership | |
if: ${{ steps.runtime_sub.outputs.is_shim != 'true' }} | |
run: | | |
cargo owner --list ${{ inputs.crate }} | grep github:containerd:runwasi-committers || \ | |
cargo owner --add github:containerd:runwasi-committers ${{ inputs.crate }} | |
env: | |
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }} | |
- name: Update crate version and make a PR | |
run: | | |
# replace the version inline in the Cargo.toml | |
set -ex | |
git fetch origin | |
sed -i -E 's/^version.+=.+".+"/version = "${{ inputs.version }}"/' crates/${{ inputs.crate }}/Cargo.toml | |
git diff | |
git config user.name "${GITHUB_ACTOR}" | |
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" | |
if [ "${{ inputs.dry_run }}" = true ]; then | |
TITLE="[dry-run] Release ${{ inputs.crate }} v${{ inputs.version }}" | |
else | |
TITLE="Release ${{ inputs.crate }} v${{ inputs.version }}" | |
fi | |
git commit --allow-empty -a -F-<<EOF | |
$TITLE | |
[automatically-tag-and-release-this-commit] | |
EOF | |
git push origin HEAD:ci/release-${{ inputs.crate }}-${{ inputs.version }} | |
echo "PR_HEAD=ci/release-${{ inputs.crate }}-${{ inputs.version }}" >> $GITHUB_ENV | |
echo "PR_TITLE=$TITLE" >> $GITHUB_ENV | |
echo "PR_BASE=main" >> $GITHUB_ENV | |
cat > pr-body <<-EOF | |
This is an automated pull request from CI to release | |
${{ inputs.crate }} v${{ inputs.version }} when merged. The commit | |
message for this PR has a marker that is detected by CI to create | |
tags and publish crate artifacts. | |
When first opened this PR will not have CI run because it is generated | |
by a bot. A maintainer should close this PR and then reopen it to | |
trigger CI to execute which will then enable merging this PR. | |
EOF | |
- name: Make a PR | |
run: gh pr create -B "$PR_BASE" -H "$PR_HEAD" --title "$PR_TITLE" --body "$(cat ./pr-body)" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |