From c9b89a994a619ae1ed799fb6d899dab50a2b9ce3 Mon Sep 17 00:00:00 2001
From: Quentin Gliech <quenting@element.io>
Date: Mon, 27 Jan 2025 10:34:21 +0100
Subject: [PATCH 1/2] Fix reporting of version in prebuilt binaries & docker
 image

---
 .github/workflows/build.yaml | 34 ++++++++++++++++++++++++++++++++++
 Dockerfile                   |  4 ++++
 crates/cli/build.rs          | 15 +++++++++++++--
 docker-bake.hcl              | 10 +++++++++-
 4 files changed, 60 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index acb224707..d130c5ac2 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -31,10 +31,37 @@ env:
   DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
 
 jobs:
+  compute-version:
+    name: Compute version using git describe
+    runs-on: ubuntu-24.04
+    outputs:
+      describe: ${{ steps.git.outputs.describe }}
+      timestamp: ${{ steps.git.outputs.timestamp }}
+    steps:
+      - name: Checkout the code
+        uses: actions/checkout@v4.2.2
+        with:
+          # Need a full clone so that `git describe` reports the right version
+          fetch-depth: 0
+
+      - name: Compute version and timestamp out of git history
+        id: git
+        run: |
+          echo "describe=$(git describe --tags --match 'v*.*.*' --always)" >> $GITHUB_OUTPUT
+          echo "timestamp=$(git log -1 --format=%ct)" >> $GITHUB_OUTPUT
+
+
   build-binaries:
     name: Build binaries
     runs-on: ubuntu-22.04
 
+    needs:
+      - compute-version
+
+    env:
+      VERGEN_GIT_DESCRIBE: ${{ needs.compute-version.outputs.describe }}
+      SOURCE_DATE_EPOCH: ${{ needs.compute-version.outputs.timestamp }}
+
     permissions:
       contents: read
 
@@ -136,6 +163,13 @@ jobs:
       packages: write
       id-token: write
 
+    needs:
+      - compute-version
+
+    env:
+      VERGEN_GIT_DESCRIBE: ${{ needs.compute-version.outputs.describe }}
+      SOURCE_DATE_EPOCH: ${{ needs.compute-version.outputs.timestamp }}
+
     steps:
       - name: Docker meta
         id: meta
diff --git a/Dockerfile b/Dockerfile
index b7d5fc0a8..269e7946a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -142,6 +142,10 @@ RUN --network=default \
 # Build the rest
 COPY ./ /app
 ENV SQLX_OFFLINE=true
+
+ARG VERGEN_GIT_DESCRIBE
+ENV VERGEN_GIT_DESCRIBE=${VERGEN_GIT_DESCRIBE}
+
 # Network access: cargo auditable needs it
 RUN --network=default \
   cargo auditable build \
diff --git a/crates/cli/build.rs b/crates/cli/build.rs
index 9ae5f0674..18e64cc21 100644
--- a/crates/cli/build.rs
+++ b/crates/cli/build.rs
@@ -1,4 +1,4 @@
-// Copyright 2024 New Vector Ltd.
+// Copyright 2024, 2025 New Vector Ltd.
 //
 // SPDX-License-Identifier: AGPL-3.0-only
 // Please see LICENSE in the repository root for full details.
@@ -6,7 +6,18 @@
 use vergen_gitcl::{Emitter, GitclBuilder, RustcBuilder};
 
 fn main() -> anyhow::Result<()> {
-    let gitcl = GitclBuilder::default().describe(true, true, None).build()?;
+    // At build time, we override the version through the environment variable
+    // VERGEN_GIT_DESCRIBE. In some contexts, it means this variable is set but
+    // empty, so we unset it here.
+    if let Ok(ver) = std::env::var("VERGEN_GIT_DESCRIBE") {
+        if ver.is_empty() {
+            std::env::remove_var("VERGEN_GIT_DESCRIBE");
+        }
+    }
+
+    let gitcl = GitclBuilder::default()
+        .describe(true, false, Some("v*.*.*"))
+        .build()?;
     let rustc = RustcBuilder::default().semver(true).build()?;
 
     Emitter::default()
diff --git a/docker-bake.hcl b/docker-bake.hcl
index 1c3e94d9c..0df1c848f 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -1,3 +1,8 @@
+// This is used to set the version reported by the binary through an environment
+// variable. This is mainly useful when building out of a git context, like in
+// CI, where we don't have the full commit history available
+variable "VERGEN_GIT_DESCRIBE" {}
+
 // This is what is baked by GitHub Actions
 group "default" { targets = ["regular", "debug", "syn2mas"] }
 
@@ -11,8 +16,11 @@ target "docker-metadata-action-syn2mas" {}
 target "base" {
   args = {
     // This is set so that when we use a git context, the .git directory is
-    // present, as we infer the version at build time out of it
+    // present, as we may be infering the version at build time out of it
     BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1
+
+    // Pass down the version from an external git describe source
+    VERGEN_GIT_DESCRIBE = "${VERGEN_GIT_DESCRIBE}"
   }
 
   platforms = [

From 101635701053a04e786ea95ef4e168d97580e9ab Mon Sep 17 00:00:00 2001
From: Quentin Gliech <quenting@element.io>
Date: Mon, 27 Jan 2025 10:57:09 +0100
Subject: [PATCH 2/2] Also run the build workflow on PRs to a release branch

---
 .github/workflows/build.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index d130c5ac2..2a25d3f0b 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -10,7 +10,9 @@ on:
 
   # Only run for pull requests if relevant files were changed
   pull_request:
-    branches: [main]
+    branches:
+      - main
+      - 'release/**'
     paths:
       - Dockerfile
       - docker-bake.hcl