From 99a052507721dd880f121195826c739ba13072ec Mon Sep 17 00:00:00 2001 From: synchwire Date: Wed, 8 Apr 2026 22:48:21 +0100 Subject: [PATCH] feat: add setup_script hook to prepare-release reusable workflow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The `prepare-release.yml` reusable workflow installs a fixed set of release tools and then invokes `holochain_release_util prepare`, which in turn runs `cargo-semver-checks` against the workspace. Workspaces that contain crates with native build dependencies (an LLVM toolchain for `llvm-sys`, system libraries pulled in via `bindgen`, etc.) cannot use this workflow today: the prepare step fails before semver checks can run because the runner has no LLVM / no libfoo / no whatever installed, and there is no way to inject a setup step from the call site of a reusable workflow. The motivating case is `holochain/holochain-wasmer`, whose host crate has a `wasmer-sys-llvm` cargo feature that pulls in `llvm-sys = "211"`. Today the only options for that repo are (a) fork the entire reusable workflow locally and add an LLVM install step, taking on permanent drift risk against this upstream, or (b) pass `--i-am-so-sorry-but-my-features-clash` via `extra_release_util_args`, which downgrades semver coverage to default-features-only. Both are workarounds for a missing extension point in the reusable workflow itself. Add an optional `setup_script` input. When set, it runs as a bash step on the runner immediately after checkout and before any of the release tooling is installed. The script can install system tools, download toolchains, and write to `$GITHUB_ENV` to set environment variables that subsequent steps (including the `Prepare release` step) will see. Placement is "after checkout, before tool installs" so that the script can affect the environment that the cargo tool installs see, and so that callers get a clean repo state to work with. The step is gated on `inputs.setup_script != ''` so the workflow's behaviour for callers that don't set it is byte-identical to the previous version — no risk of regressing existing consumers. After this lands and a new release of `holochain/actions` is cut, `holochain/holochain-wasmer` can replace its `extra_release_util_args` workaround with: setup_script: | LLVM_DIR=$PWD/.llvm mkdir -p "$LLVM_DIR" curl --proto '=https' --tlsv1.2 -sSf \ "https://github.com/wasmerio/llvm-custom-builds/releases/download/21.x/llvm-linux-amd64.tar.xz" \ -L -o - | tar xJ -C "$LLVM_DIR" echo "LLVM_SYS_211_PREFIX=$LLVM_DIR" >> "$GITHUB_ENV" and recover full `--all-features` semver coverage. --- .github/workflows/prepare-release.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 0b27824..b433002 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -22,6 +22,23 @@ on: description: "Additional arguments to pass to the holochain_release_util prepare command" default: "" required: false + setup_script: + type: string + description: | + Optional bash script run on the runner after checkout and before + any of the release tooling is installed or invoked. Use this hook + to install system tools (compilers, toolchains, libraries) or + export environment variables that crates being prepared need at + build time. For example, a workspace containing a crate that + links against `llvm-sys` can use this to download an LLVM + toolchain and export `LLVM_SYS_*_PREFIX` so that + `cargo-semver-checks` can build all features successfully. + + Anything written to `$GITHUB_ENV` from this script is available + to subsequent steps in the job, including the `Prepare release` + step. + default: "" + required: false secrets: HRA2_GITHUB_TOKEN: description: "GitHub token for Holochain Release Automation" @@ -35,6 +52,11 @@ jobs: with: fetch-depth: 0 + - name: Run setup script + if: ${{ inputs.setup_script != '' }} + shell: bash + run: ${{ inputs.setup_script }} + - name: Install git-cliff uses: taiki-e/install-action@v2 with: