Skip to content
publish event-scanner

build: bump version to 0.5.0-alpha (#166) #11

Sign in to view logs

build: bump version to 0.5.0-alpha (#166)

build: bump version to 0.5.0-alpha (#166) #11

Workflow file for this run

.github/workflows/publish.yml at a44fc87
name: publish event-scanner
# This workflow publishes event-scanner on crates.io.
permissions:
contents: read
on:
push:
tags:
- v*
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
jobs:
check-publish:
name: Publish event-scanner on crates.io
runs-on: ubuntu-latest
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
with:
egress-policy: audit
- uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493
- name: Install rust
uses: actions-rust-lang/setup-rust-toolchain@1780873c7b576612439a134613cc4cc74ce5538c # v1.15.2
- name: Verify tag matches crate version
id: version-check
run: |
PKG_VERSION=$(cargo metadata --no-deps --format-version 1 \
| jq -r '.packages[] | select(.name=="event-scanner") | .version')
TAG_VERSION="${GITHUB_REF_NAME#v}"
echo "Package: ${PKG_VERSION}"
echo "Tag: ${TAG_VERSION}"
if [ -z "$PKG_VERSION" ]; then
echo "Failed to determine package version via cargo metadata" >&2
exit 1
fi
if [ "$PKG_VERSION" != "$TAG_VERSION" ]; then
echo "Tag v${TAG_VERSION} does not match package version ${PKG_VERSION}" >&2
exit 1
fi
- name: Check event-scanner
run: cargo publish -p event-scanner --locked --dry-run
# cargo automatically picks up CARGO_REGISTRY_TOKEN from environment variables
- name: Publish event-scanner
env:
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
run: |
if [ -z "${CARGO_REGISTRY_TOKEN:-}" ]; then
echo "CARGO_REGISTRY_TOKEN is not set in repository secrets" >&2
exit 1
fi
cargo publish -p event-scanner --locked