From e347f3e2c25b4555507a5f9d73f315b2220f3d7a Mon Sep 17 00:00:00 2001 From: Lindsay Holmwood Date: Mon, 21 Oct 2024 16:43:04 +1100 Subject: [PATCH 1/7] Ignore release artifacts --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 32632401..09870ec3 100644 --- a/.gitignore +++ b/.gitignore @@ -180,3 +180,6 @@ cipherstash-proxy.toml # turbo repo .turbo + +# build artifacts +release/ From 8e5e934e5d54aad52115d0822b36046b68604f93 Mon Sep 17 00:00:00 2001 From: Lindsay Holmwood Date: Mon, 21 Oct 2024 16:43:12 +1100 Subject: [PATCH 2/7] Ensure just is installed --- .tool-versions | 1 + 1 file changed, 1 insertion(+) create mode 100644 .tool-versions diff --git a/.tool-versions b/.tool-versions new file mode 100644 index 00000000..185ff653 --- /dev/null +++ b/.tool-versions @@ -0,0 +1 @@ +just 1.36.0 From 369622dbd3626549d0e544f691443ef6c98dd6ca Mon Sep 17 00:00:00 2001 From: Lindsay Holmwood Date: Tue, 22 Oct 2024 01:10:02 +1100 Subject: [PATCH 3/7] Add configuration for automatically generating release notes --- .github/release.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .github/release.yml diff --git a/.github/release.yml b/.github/release.yml new file mode 100644 index 00000000..ec475e66 --- /dev/null +++ b/.github/release.yml @@ -0,0 +1,5 @@ +changelog: + categories: + - title: Changes since the last release + labels: + - "*" From 23631a183ad16dbe0f20ba9c2c03c3d13fa894de Mon Sep 17 00:00:00 2001 From: Lindsay Holmwood Date: Tue, 22 Oct 2024 01:11:59 +1100 Subject: [PATCH 4/7] Add a workflow for cutting an EQL release --- .github/workflows/release-eql.yml | 45 +++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/release-eql.yml diff --git a/.github/workflows/release-eql.yml b/.github/workflows/release-eql.yml new file mode 100644 index 00000000..a7bf554d --- /dev/null +++ b/.github/workflows/release-eql.yml @@ -0,0 +1,45 @@ +name: "Release EQL" + +on: + release: + types: + - published + pull_request: + branches: + - main + paths: + - .github/workflows/release-eql.yml + # Useful for debugging + workflow_dispatch: + +defaults: + run: + shell: bash -l {0} + +permissions: + contents: write + +jobs: + build-and-publish: + runs-on: ubuntu-latest + name: Build EQL + if: ${{ github.event_name != 'release' || contains(github.event.release.tag_name, 'eql') }} + timeout-minutes: 5 + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install asdf & tools + uses: asdf-vm/actions/install@v3 + + - name: Build EQL release + run: | + just build + mv release/cipherstash-encrypt-dsl.sql release/cipherstash-eql.sql + + - name: Release + uses: softprops/action-gh-release@v2 + if: startsWith(github.ref, 'refs/tags/') + with: + files: release/cipherstash-eql.sql From 43193a84509d201e5c271d19e599efa0e1f7a0b8 Mon Sep 17 00:00:00 2001 From: Lindsay Holmwood Date: Tue, 22 Oct 2024 01:23:17 +1100 Subject: [PATCH 5/7] More accurately name the step --- .github/workflows/release-eql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-eql.yml b/.github/workflows/release-eql.yml index a7bf554d..dee4b86c 100644 --- a/.github/workflows/release-eql.yml +++ b/.github/workflows/release-eql.yml @@ -38,7 +38,7 @@ jobs: just build mv release/cipherstash-encrypt-dsl.sql release/cipherstash-eql.sql - - name: Release + - name: Publish EQL release artifacts uses: softprops/action-gh-release@v2 if: startsWith(github.ref, 'refs/tags/') with: From de2a41857d525ce2460b64d4ff2d0df8ad65aab3 Mon Sep 17 00:00:00 2001 From: Lindsay Holmwood Date: Tue, 22 Oct 2024 01:23:35 +1100 Subject: [PATCH 6/7] Document how the release process works --- README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/README.md b/README.md index c25475d4..8de3f98f 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,7 @@ EQL provides a data format for transmitting and storing encrypted data & indexes - [Managing indexes with EQL](#managing-indexes-with-eql) - [Data Format](#data-format) - [Helper packages](#helper-packages) +- [Releasing](#releasing) --- @@ -609,3 +610,15 @@ We have created a few langague specific packages to help you interact with the p - [@cipherstash/eql](https://github.com/cipherstash/encrypt-query-language/tree/main/languages/javascript/packages/eql): This is a TypeScript implementation of EQL. - [github.com/encrypt-query-language/go/goeql](https://github.com/cipherstash/encrypt-query-language/tree/main/languages/go/goeql): This is a Go implementation of EQL. + +## Releasing + +To cut a [release](https://github.com/cipherstash/encrypt-query-language/releases) of EQL: + +1. Draft a [new release](https://github.com/cipherstash/encrypt-query-language/releases/new) on GitHub +1. Choose a tag, and create a new one with the prefix `eql-` followed by a [semver](https://semver.org/) (for example, `eql-1.2.3`) +1. Generate the release notes +1. Optionally set the release to be the latest (you can set a release to be latest later on if you are testing out a release first) +1. Click the `Publish release` button + +This will trigger a run of the [Release EQL](https://github.com/cipherstash/encrypt-query-language/actions/workflows/release-eql.yml) workflow, which will build and attach artifacts to the release. From 955a6489cdfcc6cc8b853c433652b350e2d65854 Mon Sep 17 00:00:00 2001 From: Lindsay Holmwood Date: Tue, 22 Oct 2024 01:25:12 +1100 Subject: [PATCH 7/7] Explain what's different about how this workflow runs on pull requests --- .github/workflows/release-eql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-eql.yml b/.github/workflows/release-eql.yml index dee4b86c..c962e79e 100644 --- a/.github/workflows/release-eql.yml +++ b/.github/workflows/release-eql.yml @@ -4,7 +4,7 @@ on: release: types: - published - pull_request: + pull_request: # runs everything but the last step branches: - main paths: