-
Notifications
You must be signed in to change notification settings - Fork 167
148 lines (125 loc) · 6.3 KB
/
CargoPublish.yml
File metadata and controls
148 lines (125 loc) · 6.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Publish crates to crates.io
on:
workflow_dispatch:
inputs:
dry_run:
description: "Run the release without actually releasing bits"
type: boolean
default: true
workflow_call:
inputs:
dry_run:
description: "Run the release without actually releasing bits"
type: boolean
default: true
permissions:
contents: read
id-token: write
jobs:
publish-hyperlight-packages:
runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd", "JobId=publish-hyperlight-packages-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}"]
if: ${{ startsWith(github.ref, 'refs/heads/release/v') || inputs.dry_run }}
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
fetch-tags: true
- uses: hyperlight-dev/ci-setup-workflow@v1.9.0
with:
rust-toolchain: "1.89"
- name: Check crate versions
shell: bash
run: |
if ${{ inputs.dry_run }}; then
VERSION=""
else
VERSION="${{ github.ref }}"
VERSION="${VERSION#refs/heads/release/v}"
echo "VERSION=$VERSION" >> $GITHUB_ENV
fi
./dev/verify-version.sh "$VERSION" hyperlight-common hyperlight-guest hyperlight-guest-bin hyperlight-host hyperlight-component-util hyperlight-component-macro hyperlight-guest-tracing
- name: Determine which crates need publishing
run: |
needs_publish() {
local crate=$1
local crate_env_var=$(echo "$crate" | tr '[:lower:]' '[:upper:]' | tr '-' '_')
if [ -z "$VERSION" ]; then
echo "No version set (dry run?), skipping crates.io existence checks."
echo "PUBLISH_${crate_env_var}=true" >> "$GITHUB_ENV"
return
fi
if curl -s "https://crates.io/api/v1/crates/$crate/$VERSION" | jq -e .version > /dev/null; then
echo "PUBLISH_${crate_env_var}=false" >> "$GITHUB_ENV"
echo "✅ $crate@$VERSION already exists."
else
echo "PUBLISH_${crate_env_var}=true" >> "$GITHUB_ENV"
echo "🚀 $crate@$VERSION will be published."
fi
}
needs_publish hyperlight-common
needs_publish hyperlight-guest
needs_publish hyperlight-guest-macro
needs_publish hyperlight-guest-bin
needs_publish hyperlight-component-util
needs_publish hyperlight-component-macro
needs_publish hyperlight-host
needs_publish hyperlight-guest-tracing
- name: Authenticate with crates.io
uses: rust-lang/crates-io-auth-action@v1
id: crates-io-auth
- name: Publish hyperlight-common
continue-on-error: ${{ inputs.dry_run }}
run: cargo publish --manifest-path ./src/hyperlight_common/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }}
env:
CARGO_REGISTRY_TOKEN: ${{ steps.crates-io-auth.outputs.token }}
if: env.PUBLISH_HYPERLIGHT_COMMON != 'false'
- name: Publish hyperlight-guest-tracing
continue-on-error: ${{ inputs.dry_run }}
run: cargo publish --manifest-path ./src/hyperlight_guest_tracing/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }}
env:
CARGO_REGISTRY_TOKEN: ${{ steps.crates-io-auth.outputs.token }}
if: env.PUBLISH_HYPERLIGHT_GUEST_TRACING != 'false'
- name: Publish hyperlight-guest
continue-on-error: ${{ inputs.dry_run }}
run: cargo publish --manifest-path ./src/hyperlight_guest/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }}
env:
CARGO_REGISTRY_TOKEN: ${{ steps.crates-io-auth.outputs.token }}
if: env.PUBLISH_HYPERLIGHT_GUEST != 'false'
- name: Publish hyperlight-guest-macro
continue-on-error: ${{ inputs.dry_run }}
run: cargo publish --manifest-path ./src/hyperlight_guest_macro/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }}
env:
CARGO_REGISTRY_TOKEN: ${{ steps.crates-io-auth.outputs.token }}
if: env.PUBLISH_HYPERLIGHT_GUEST_MACRO != 'false'
- name: Publish hyperlight-guest-bin
continue-on-error: ${{ inputs.dry_run }}
run: cargo publish --manifest-path ./src/hyperlight_guest_bin/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }}
env:
CARGO_REGISTRY_TOKEN: ${{ steps.crates-io-auth.outputs.token }}
if: env.PUBLISH_HYPERLIGHT_GUEST_BIN != 'false'
- name: Publish hyperlight-component-util
continue-on-error: ${{ inputs.dry_run }}
run: cargo publish --manifest-path ./src/hyperlight_component_util/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }}
env:
CARGO_REGISTRY_TOKEN: ${{ steps.crates-io-auth.outputs.token }}
if: env.PUBLISH_HYPERLIGHT_COMPONENT_UTIL != 'false'
- name: Publish hyperlight-component-macro
continue-on-error: ${{ inputs.dry_run }}
run: cargo publish --manifest-path ./src/hyperlight_component_macro/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }}
env:
CARGO_REGISTRY_TOKEN: ${{ steps.crates-io-auth.outputs.token }}
if: env.PUBLISH_HYPERLIGHT_COMPONENT_MACRO != 'false'
- name: Publish hyperlight-host
continue-on-error: ${{ inputs.dry_run }}
run: cargo publish --manifest-path ./src/hyperlight_host/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }}
env:
CARGO_REGISTRY_TOKEN: ${{ steps.crates-io-auth.outputs.token }}
if: env.PUBLISH_HYPERLIGHT_HOST != 'false'
# TODO: Do we want to publish hyperlight-guest-capi to crates.io given that it's not for Rust consumption?
# - name: Publish hyperlight-guest-capi
# # `--no-verify` is needed because build.rs writes to "include/hyperlight_guest.h", but since we exclude that directory in Cargo.toml, it should be fine.
# # Cargo does not want you to modify files outside of OUT_DIR
# run: cd ./src/hyperlight_guest_capi && cargo publish --no-verify ${{ inputs.dry_run && '--dry-run' || '' }} # cd is required because of https://github.com/rust-lang/cargo/issues/10302
# env:
# CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }}