Releaser #657
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# When a tag is push on the repo, this workflow will run to create a release and add some artifact to it. | |
name: Releaser | |
on: | |
pull_request: | |
paths: | |
- .github/workflows/package-server.yml | |
- .github/workflows/releaser.yml | |
push: | |
tags: | |
- v[0-9]+.[0-9]+.[0-9]+* | |
- nightly | |
schedule: | |
- cron: 30 22 * * * # At 22:30 | |
permissions: | |
contents: write | |
# We set `concurrency` to prevent having this workflow being more than once for the same tag. | |
concurrency: | |
group: releaser-${{ github.workflow }}-${{ github.ref_name }} | |
cancel-in-progress: true | |
env: | |
NIGHTLY_RELEASE: ${{ (github.event_name == 'schedule' || github.ref == 'refs/tags/nightly') && 'true' || 'false' }} | |
jobs: | |
scheduled-nightly-build: | |
if: github.event_name == 'schedule' | |
uses: ./.github/workflows/_releaser_nightly_build.yml | |
version: | |
needs: scheduled-nightly-build | |
# Always run the job if `scheduled-nightly-build` job is skipped otherwise only if `scheduled-nightly-build` job was successful. | |
if: github.event_name != 'schedule' && always() || success() | |
uses: ./.github/workflows/_parse_version.yml | |
with: | |
version: >- | |
${{ | |
(github.event_name == 'schedule' && needs.scheduled-nightly-build.outputs.version_full) || | |
(github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') && github.ref_name != 'nightly' && github.ref_name) || | |
'' | |
}} | |
commit_sha: ${{ needs.scheduled-nightly-build.outputs.commit_sha || github.sha }} | |
package-parsec-server: | |
needs: version | |
if: needs.version.result == 'success' && always() | |
uses: ./.github/workflows/package-server.yml | |
with: | |
version: ${{ needs.version.outputs.full }} | |
version_patch_run_id: ${{ github.run_id }} | |
commit_sha: ${{ needs.version.outputs.commit_sha }} | |
package-parsec-client: | |
needs: version | |
if: needs.version.result == 'success' && always() | |
uses: ./.github/workflows/package-client.yml | |
with: | |
version: ${{ needs.version.outputs.full }} | |
version_patch_run_id: ${{ github.run_id }} | |
commit_sha: ${{ needs.version.outputs.commit_sha }} | |
nightly_build: ${{ github.event_name == 'schedule' || github.ref == 'refs/tags/nightly' }} | |
secrets: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
package-parsec-cli: | |
needs: version | |
if: needs.version.result == 'success' && always() | |
uses: ./.github/workflows/package-cli.yml | |
with: | |
version: ${{ needs.version.outputs.full }} | |
version_patch_run_id: ${{ github.run_id }} | |
commit_sha: ${{ needs.version.outputs.commit_sha }} | |
releaser: | |
needs: | |
- version | |
- package-parsec-server | |
- package-parsec-client | |
- package-parsec-cli | |
name: 🚛 Releaser | |
permissions: | |
contents: write | |
if: needs.version.result == 'success' && needs.package-parsec-client.result == 'success' && needs.package-parsec-server.result && always() | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Download every artifact generated (and uploaded) | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # pin v4.1.8 | |
with: | |
path: artifacts | |
timeout-minutes: 5 | |
- name: List downloaded artifacts | |
run: tree artifacts | |
- name: Create the folder that will contain the release files | |
run: mkdir release-files | |
- name: Copy artifacts to the release folder | |
run: | | |
set -ex | |
# Python Files | |
cp ${CP_ARGS} artifacts/Linux-X64-wheel/parsec_cloud-${{ needs.version.outputs.pep440 }}-*.whl release-files | |
cp ${CP_ARGS} artifacts/Linux-X64-wheel/requirements.txt release-files/python-linux-requirements.txt | |
cp ${CP_ARGS} artifacts/macOS-X64-wheel/parsec_cloud-${{ needs.version.outputs.pep440 }}-*.whl release-files | |
cp ${CP_ARGS} artifacts/macOS-X64-wheel/requirements.txt release-files/python-macos-requirements.txt | |
cp ${CP_ARGS} artifacts/Windows-X64-wheel/parsec_cloud-${{ needs.version.outputs.pep440 }}-*.whl release-files | |
cp ${CP_ARGS} artifacts/Windows-X64-wheel/requirements.txt release-files/python-win-requirements.txt | |
# Snapcraft | |
cp ${CP_ARGS} artifacts/linux-snap-X64-electron/Parsec_${{ needs.version.outputs.full }}_linux_*.snap release-files | |
# AppImage | |
cp ${CP_ARGS} artifacts/linux-appimage-X64-electron/Parsec_${{ needs.version.outputs.full }}_linux_*.AppImage release-files | |
cp ${CP_ARGS} artifacts/linux-appimage-X64-electron/latest-linux-*.yml release-files | |
# DMG & ZIP | |
cp ${CP_ARGS} artifacts/macos-dmg-X64-electron/Parsec_${{ needs.version.outputs.full }}_mac_*.unsigned{.dmg,.zip}{,.blockmap} release-files | |
cp ${CP_ARGS} artifacts/macos-dmg-X64-electron/latest-mac-*.yml release-files | |
# EXE | |
cp ${CP_ARGS} artifacts/windows-exe-X64-electron/Parsec_${{ needs.version.outputs.full }}_win_*.unsigned.exe{,.blockmap} release-files | |
cp ${CP_ARGS} artifacts/windows-exe-X64-electron/latest-win-*.yml release-files | |
# CLI | |
cp ${CP_ARGS} artifacts/Linux-X64-cli/parsec-cli_${{ needs.version.outputs.full }}_linux_* release-files | |
env: | |
# TODO: Current version of cp don't support `--update` with argument, | |
# recent version (coreutils-9.5) allows for `none-fail` that make `cp` fail if it would have overwritten a file. | |
CP_ARGS: -v --no-clobber | |
BASH_XTRACEFD: 1 | |
- name: Copy SBOM files | |
run: cp -v artifacts/**/Parsec-SBOM-*.spdx.json release-files | |
- name: Generate version file | |
run: | |
( | |
echo "full=${{ needs.version.outputs.full }}"; | |
echo "pep440=${{ needs.version.outputs.pep440 }}"; | |
echo "major=${{ needs.version.outputs.major }}"; | |
echo "minor=${{ needs.version.outputs.minor }}"; | |
echo "patch=${{ needs.version.outputs.patch }}"; | |
echo "pre=${{ needs.version.outputs.pre }}"; | |
echo "dev=${{ needs.version.outputs.dev }}"; | |
echo "local=${{ needs.version.outputs.local }}"; | |
) | tee release-files/version | |
- name: Generate checksums file released files | |
run: sha256sum release-files/* | sed 's;release-files/;;' | tee checksums.sha256 | |
- name: Extract checksum for each file | |
run: | | |
set -x | |
# Every files that don't end with '.sha256' | |
for file in $(find release-files -type f -not -name '*.sha256'); do | |
grep "$(basename "$file")" checksums.sha256 | cut -d ' ' -f 1 > "$file".sha256 | |
done | |
- name: List files in 'release-files'. | |
run: tree release-files | |
- name: Generate summary | |
id: summary | |
run: | | |
EOF="EOF-$(dd if=/dev/urandom bs=15 count=1 status=none | base64)" | |
( | |
set -e | |
echo "output<<$EOF" | |
echo '# Parsec ${{ needs.version.outputs.full }}' | |
echo | |
echo 'You can find all assets checksums below, or use `<asset name>.sha256`' | |
echo | |
echo '```txt' | |
cat checksums.sha256 | |
echo '```' | |
echo | |
echo 'Generated by <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}>' | |
echo "$EOF" | |
) | tee -a $GITHUB_OUTPUT | |
- name: Remove previous nightly release | |
if: env.NIGHTLY_RELEASE == 'true' | |
run: | | |
if gh release ${{ env.GH_ARGS }} view nightly; then | |
gh release ${{ env.GH_ARGS }} delete nightly | |
else | |
echo "No nightly release to remove" | |
fi | |
env: | |
GH_ARGS: --repo=${{ github.server_url}}/${{ github.repository }} | |
GH_TOKEN: ${{ github.token }} | |
- name: Checkout the repository to update the nightly tag | |
if: env.NIGHTLY_RELEASE == 'true' | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin v4.1.7 | |
with: | |
ref: ${{ needs.version.outputs.commit_sha }} | |
path: parsec-cloud | |
timeout-minutes: 5 | |
- name: Update the nightly tag | |
if: env.NIGHTLY_RELEASE == 'true' | |
run: | | |
git tag --force nightly ${{ needs.version.outputs.commit_sha }} | |
git push --force origin refs/tags/nightly | |
working-directory: parsec-cloud | |
- name: Create release | |
if: github.event_name == 'schedule' || (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')) | |
# FIXME: rollback to `softprops/action-gh-release` once the issue <https://github.com/softprops/action-gh-release/issues/362> is fixed. | |
uses: FirelightFlagboy/action-gh-release@d9a17b2b70a11ff00e4a7d0be3ca04e74d66de24 | |
with: | |
draft: ${{ env.NIGHTLY_RELEASE != 'true' }} | |
tag_name: ${{ github.event_name == 'schedule' && 'nightly' || github.ref }} | |
body: ${{ steps.summary.outputs.output }} | |
prerelease: ${{ needs.version.outputs.pre != '' || needs.version.outputs.dev != '' || needs.version.outputs.local != '' }} | |
name: ${{ env.NIGHTLY_RELEASE == 'true' && 'Nightly release' || format('Release v{0}', needs.version.outputs.full) }} | |
files: | | |
release-files/parsec_cloud-${{ needs.version.outputs.pep440 }}-*.whl* | |
release-files/Parsec_${{ needs.version.outputs.full }}_linux_*.AppImage* | |
release-files/Parsec_${{ needs.version.outputs.full }}_linux_*.snap* | |
release-files/Parsec_${{ needs.version.outputs.full }}_win_*.exe* | |
release-files/Parsec_${{ needs.version.outputs.full }}_mac_*.dmg* | |
release-files/Parsec_${{ needs.version.outputs.full }}_mac_*.zip* | |
release-files/parsec-cli_${{ needs.version.outputs.full }}_linux_* | |
release-files/python-*-requirements.txt | |
release-files/python-*-requirements.txt.sha256 | |
release-files/latest-*.yml | |
release-files/latest-*.yml.sha256 | |
release-files/Parsec-SBOM-*.spdx.json | |
release-files/Parsec-SBOM-*.spdx.json.sha256 | |
release-files/version | |
release-files/version.sha256 | |
fail_on_unmatched_files: true | |
generate_release_notes: false | |
timeout-minutes: 5 | |
publish: | |
needs: releaser | |
if: >- | |
(github.event_name == 'schedule' || (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/'))) | |
&& needs.releaser.result == 'success' | |
&& always() | |
uses: ./.github/workflows/publish.yml | |
permissions: | |
contents: read | |
id-token: write | |
with: | |
release_tag: ${{ github.event_name == 'schedule' && 'nightly' || github.ref_name }} | |
nightly: ${{ github.event_name == 'schedule' || github.event_name == 'pull_request' || github.ref == 'refs/tags/nightly' }} | |
secrets: | |
SNAPCRAFT_CREDENTIALS: ${{ secrets.SNAPCRAFT_CREDENTIALS }} | |
PYPI_CREDENTIALS: ${{ secrets.PYPI_CREDENTIALS }} |