Release smithy-rs 0.57.0 (53dcff3ff058835322bba59c3e4d1e529aeabd60) - Dry run #127
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # This workflow performs a release of smithy-rs. It is manually | |
| # kicked off via GitHub Actions workflow dispatch. | |
| # Allow only one release to run at a time | |
| concurrency: | |
| group: release-smithy-rs-${{ inputs.dry_run }} | |
| cancel-in-progress: true | |
| env: | |
| rust_version: 1.70.0 | |
| name: Release smithy-rs | |
| run-name: ${{ github.workflow }} ${{ inputs.semantic_version }} (${{ inputs.commit_sha }}) - ${{ inputs.dry_run && 'Dry run' || 'Production run' }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| commit_sha: | |
| description: | | |
| The SHA of the git commit that you want to release. | |
| You must use the non-abbreviated SHA (e.g. b2318b0 won't work!). | |
| required: true | |
| type: string | |
| semantic_version: | |
| description: The semver tag that you want to release (e.g. 0.52.1) | |
| required: true | |
| type: string | |
| dry_run: | |
| description: Dry runs will only produce release artifacts, but they will not cut a release tag in GitHub nor publish to crates.io | |
| required: true | |
| type: boolean | |
| default: true | |
| jobs: | |
| # We'll need to build a base image to work against if: | |
| # - a release was kicked off before the image build step triggered by a push to the release branch/main completed | |
| # - a dry-run release was kicked off against a feature branch to test automation changes | |
| # This job will be a no-op if an image had already been built. | |
| acquire-base-image: | |
| name: Acquire Base Image | |
| runs-on: smithy_ubuntu-latest_16-core | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| path: smithy-rs | |
| ref: ${{ inputs.commit_sha }} | |
| fetch-depth: 0 | |
| - name: Acquire base image | |
| id: acquire | |
| run: ./smithy-rs/.github/scripts/acquire-build-image | |
| - name: Upload base image | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: smithy-rs-base-image | |
| path: smithy-rs-base-image | |
| retention-days: 1 | |
| release-ci: | |
| name: Prerelease checks | |
| if: inputs.dry_run == false | |
| needs: | |
| - acquire-base-image | |
| uses: ./.github/workflows/ci.yml | |
| with: | |
| run_sdk_examples: false | |
| git_ref: ${{ inputs.commit_sha }} | |
| get-or-create-release-branch: | |
| name: Get or create a release branch | |
| needs: | |
| - release-ci | |
| - acquire-base-image | |
| # We need `always` here otherwise this job won't run if the previous job has been skipped | |
| # See https://samanpavel.medium.com/github-actions-conditional-job-execution-e6aa363d2867 | |
| if: | | |
| always() && | |
| needs.acquire-base-image.result == 'success' && | |
| (needs.release-ci.result == 'success' || needs.release-ci.result == 'skipped') | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release_branch: ${{ steps.branch-push.outputs.release_branch }} | |
| new_release_series: ${{ steps.branch-push.outputs.new_release_series }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ inputs.commit_sha }} | |
| token: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }} | |
| fetch-depth: 0 | |
| - name: Get or create release branch | |
| id: branch-push | |
| shell: bash | |
| env: | |
| SEMANTIC_VERSION: ${{ inputs.semantic_version }} | |
| DRY_RUN: ${{ inputs.dry_run }} | |
| run: | | |
| set -e | |
| ./.github/scripts/get-or-create-release-branch.sh output | |
| cat output > $GITHUB_OUTPUT | |
| upgrade-gradle-properties: | |
| name: Upgrade gradle.properties | |
| needs: | |
| - get-or-create-release-branch | |
| # See https://github.com/actions/runner/issues/2205#issuecomment-1381988186 for an explanation as to why | |
| # we need this here _even though_ the job we depend on is never skipped. | |
| if: | | |
| always() && | |
| !contains(needs.*.result, 'failure') && | |
| !contains(needs.*.result, 'cancelled') | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release_branch: ${{ needs.get-or-create-release-branch.outputs.release_branch }} | |
| commit_sha: ${{ steps.gradle-push.outputs.commit_sha }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ inputs.commit_sha }} | |
| path: smithy-rs | |
| fetch-depth: 0 | |
| token: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }} | |
| - name: Upgrade gradle.properties | |
| uses: ./smithy-rs/.github/actions/docker-build | |
| with: | |
| action: upgrade-gradle-properties | |
| action-arguments: ${{ inputs.semantic_version }} | |
| - name: Download all artifacts | |
| uses: ./smithy-rs/.github/actions/download-all-artifacts | |
| - name: Push gradle.properties changes | |
| id: gradle-push | |
| working-directory: upgrade-gradle-properties/smithy-rs | |
| shell: bash | |
| env: | |
| SEMANTIC_VERSION: ${{ inputs.semantic_version }} | |
| RELEASE_COMMIT_SHA: ${{ inputs.commit_sha }} | |
| RELEASE_BRANCH_NAME: ${{ needs.get-or-create-release-branch.outputs.release_branch }} | |
| DRY_RUN: ${{ inputs.dry_run }} | |
| run: | | |
| set -x | |
| # For debugging purposes | |
| git status | |
| if ! git diff-index --quiet HEAD; then | |
| # gradle.properties was changed, we need to commit and push the diff | |
| git -c 'user.name=AWS SDK Rust Bot' -c '[email protected]' commit gradle.properties --message "Upgrade the smithy-rs runtime crates version to ${SEMANTIC_VERSION}" | |
| # This will fail if we tried to release from a non-HEAD commit on the release branch. | |
| # The only scenario where we would try to release a non-HEAD commit from the release branch is | |
| # to retry a release action execution that failed due to a transient issue. | |
| # In that case, we expect the commit to be releasable as-is, i.e. the runtime crate version in gradle.properties | |
| # should already be the expected one. | |
| git push origin "HEAD:refs/heads/${RELEASE_BRANCH_NAME}" | |
| echo "commit_sha=$(git rev-parse HEAD)" > $GITHUB_OUTPUT | |
| else | |
| echo "commit_sha=${RELEASE_COMMIT_SHA}" > $GITHUB_OUTPUT | |
| fi | |
| release: | |
| name: Release | |
| needs: | |
| - upgrade-gradle-properties | |
| # See https://github.com/actions/runner/issues/2205#issuecomment-1381988186 for an explanation as to why | |
| # we need this here _even though_ the job we depend on is never skipped. | |
| if: | | |
| always() && | |
| !contains(needs.*.result, 'failure') && | |
| !contains(needs.*.result, 'cancelled') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install Rust | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: ${{ env.rust_version }} | |
| - name: Checkout smithy-rs | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ needs.upgrade-gradle-properties.outputs.commit_sha }} | |
| path: smithy-rs | |
| token: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }} | |
| - name: Generate release artifacts | |
| uses: ./smithy-rs/.github/actions/docker-build | |
| with: | |
| action: generate-smithy-rs-release | |
| - name: Download all artifacts | |
| uses: ./smithy-rs/.github/actions/download-all-artifacts | |
| - name: Push smithy-rs changes | |
| shell: bash | |
| working-directory: smithy-rs-release/smithy-rs | |
| id: push-changelog | |
| env: | |
| RELEASE_BRANCH_NAME: ${{ needs.upgrade-gradle-properties.outputs.release_branch }} | |
| run: | | |
| if ! git diff-index --quiet HEAD; then | |
| echo "Pushing release commits..." | |
| # This will fail if we tried to release from a non-HEAD commit on the release branch. | |
| # The only scenario where we would try to release a non-HEAD commit from the release branch is | |
| # to retry a release action execution that failed due to a transient issue. | |
| # In that case, we expect the commit to be releasable as-is, i.e. the changelog should have already | |
| # been processed. | |
| git push origin "HEAD:refs/heads/${RELEASE_BRANCH_NAME}" | |
| fi | |
| echo "commit_sha=$(git rev-parse HEAD)" > $GITHUB_OUTPUT | |
| - name: Tag release | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }} | |
| script: | | |
| const createReleaseScript = require("./smithy-rs/.github/workflows/release-scripts/create-release.js"); | |
| await createReleaseScript({ | |
| github, | |
| isDryRun: ${{ inputs.dry_run }}, | |
| releaseManifestPath: "smithy-rs-release/smithy-rs-release-manifest.json", | |
| releaseCommitish: "${{ steps.push-changelog.outputs.commit_sha }}" | |
| }); | |
| - name: Publish to crates.io | |
| shell: bash | |
| working-directory: smithy-rs-release/crates-to-publish | |
| env: | |
| RELEASE_AUTOMATION_BOT_CRATESIO_TOKEN: ${{ secrets.RELEASE_AUTOMATION_BOT_CRATESIO_TOKEN }} | |
| run: | | |
| cargo login -- "${RELEASE_AUTOMATION_BOT_CRATESIO_TOKEN}" | |
| cargo install --path "$(realpath ../smithy-rs/tools/ci-build/publisher)" | |
| # Verify the publisher tool installed successfully | |
| publisher --version | |
| if [[ "${{ inputs.dry_run }}" == "true" ]]; then | |
| if [[ ! -f aws-smithy-types/Cargo.toml ]]; then | |
| echo "Crates to publish not found!" | |
| exit 1 | |
| fi | |
| # The following owner list command fails without a valid crates.io auth token | |
| echo "Checking cargo auth token..." | |
| cargo owner --list aws-smithy-types | |
| else | |
| publisher publish -y --location . | |
| fi | |
| trim-changelog-next-on-main: | |
| name: Remove released entries from CHANGELOG.next.toml on the main branch | |
| if: inputs.dry_run == false && needs.get-or-create-release-branch.outputs.new_release_series == true | |
| needs: | |
| - get-or-create-release-branch | |
| - release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout smithy-rs | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ inputs.commit_sha }} | |
| path: smithy-rs | |
| token: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }} | |
| - name: Empty CHANGELOG.next.toml | |
| uses: ./smithy-rs/.github/actions/docker-build | |
| with: | |
| action: generate-new-changelog-next-toml | |
| - name: Download all artifacts | |
| uses: ./smithy-rs/.github/actions/download-all-artifacts | |
| - name: Push smithy-rs changes | |
| working-directory: generate-new-changelog-next-toml/smithy-rs | |
| shell: bash | |
| run: | | |
| set -eux | |
| # This will fail if other commits have been pushed to `main` after `commit_sha` | |
| # In particular, this will ALWAYS fail if you are creating a new release series from | |
| # a commit that is not the current tip of `main`. | |
| # We can build more refined automation to handle this case in the future - until then, it'll require | |
| # a manual PR to edit the current CHANGELOG.next.toml file and remove the released entries. | |
| git -c 'user.name=AWS SDK Rust Bot' -c '[email protected]' commit CHANGELOG.next.toml --message "Remove released entries from \`CHANGELOG.next.toml\`" | |
| git push origin main |