-
Notifications
You must be signed in to change notification settings - Fork 0
fix: update release and rust workflows #12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,9 @@ | ||
| name: Cargo Release | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| push: | ||
| tags: | ||
| - 'v*.*.*' | ||
|
|
||
| jobs: | ||
| release: | ||
|
|
@@ -11,16 +13,28 @@ jobs: | |
| contents: write | ||
| id-token: write | ||
| steps: | ||
| - uses: actions/checkout@v5 | ||
| - run: | | ||
| git config --local user.name "GitHub Actions" | ||
| git config --local user.email "actions@github.com" | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| ref: main | ||
|
|
||
| - name: Install cargo release | ||
| run: cargo install cargo-release | ||
| - name: Extract version from tag | ||
| run: echo "VERSION=${GITHUB_REF_NAME#v}" >> "$GITHUB_ENV" | ||
|
|
||
| - name: Update Cargo.toml version | ||
| run: sed -i "s/^version = \".*\"/version = \"$VERSION\"/" Cargo.toml | ||
|
|
||
| - name: Commit version bump | ||
| run: | | ||
| git config user.name "github-actions[bot]" | ||
| git config user.email "github-actions[bot]@users.noreply.github.com" | ||
| git add Cargo.toml | ||
| git commit -m "chore: bump version to $VERSION" | ||
| git push origin main | ||
|
|
||
| - uses: rust-lang/crates-io-auth-action@v1 | ||
| id: auth | ||
| - run: cargo release patch --execute --no-confirm | ||
|
|
||
| - name: Publish to crates.io | ||
| run: cargo publish | ||
|
Comment on lines
+37
to
+38
|
||
| env: | ||
| CARGO_REGISTRY_TOKEN: ${{ steps.auth.outputs.token }} | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -15,7 +15,7 @@ jobs: | |
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v5 | ||
| - uses: actions/checkout@v4 | ||
|
|
||
|
Comment on lines
17
to
19
|
||
| - name: Cache | ||
| uses: actions/cache@v4 | ||
|
|
@@ -25,6 +25,8 @@ jobs: | |
| ~/.cargo/git | ||
| target | ||
| key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-cargo- | ||
|
|
||
| - name: Build | ||
| run: cargo build --verbose | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This workflow is triggered by pushing a tag, but it checks out
mainand then publishes from whatever is currently onmain. That can publish code that does not correspond to the tagged commit (e.g., if the tag was created from an older commit ormainadvanced), which breaks the expectation that a tag identifies the exact source being released. Consider checking out the tag ref/sha that triggered the workflow for the publish step, and avoid mutatingmainas part of the tag-triggered release (or at least fail the job if the tag commit is notmainHEAD).