Add GH_TOKEN env to release workflow (#449) #264
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json | |
name: Create a Release | |
on: | |
workflow_dispatch: | |
push: | |
branches: [main] | |
permissions: | |
contents: write | |
id-token: write | |
jobs: | |
build-rust-ubuntu: | |
# see https://github.com/orgs/community/discussions/26286#discussioncomment-3251208 for why we need to check the ref | |
if: ${{ contains(github.ref, 'refs/heads/release/') }} || ${{ github.ref=='refs/heads/main' }} | |
runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: hyperlight-dev/[email protected] | |
with: | |
rust-toolchain: "1.81.0" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build Debug | |
run: cargo build --verbose | |
- name: Build Release | |
run: cargo build --verbose --release | |
build-rust-windows: | |
# see https://github.com/orgs/community/discussions/26286#discussioncomment-3251208 for why we need to check the ref | |
if: ${{ contains(github.ref, 'refs/heads/release/') }} || ${{ github.ref=='refs/heads/main' }} | |
runs-on: windows-2022 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: hyperlight-dev/[email protected] | |
with: | |
rust-toolchain: "1.81.0" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build Debug | |
run: cargo build --verbose | |
- name: Build Release | |
run: cargo build --verbose --release | |
build-guest-binaries: | |
uses: ./.github/workflows/dep_build_guest_binaries.yml | |
secrets: inherit | |
benchmarks: | |
needs: [build-guest-binaries] | |
uses: ./.github/workflows/Benchmarks.yml | |
secrets: inherit | |
permissions: | |
id-token: write | |
contents: read | |
cargo-publish: | |
needs: [publish] | |
uses: ./.github/workflows/CargoPublish.yml | |
with: | |
dry_run: false | |
secrets: inherit | |
permissions: | |
id-token: write | |
contents: read | |
publish: | |
# see https://github.com/orgs/community/discussions/26286#discussioncomment-3251208 for why we need to check the ref | |
if: ${{ contains(github.ref, 'refs/heads/release/') }} || ${{ github.ref=='refs/heads/main' }} | |
runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] | |
needs: | |
[ | |
build-rust-ubuntu, | |
build-rust-windows, | |
benchmarks, | |
] | |
steps: | |
- name: Set Debug Configuration | |
if: ${{ github.ref=='refs/heads/main' }} | |
run: echo "CONFIG=debug" >> $GITHUB_ENV | |
- name: Set Release Configuration | |
if: ${{ contains(github.ref, 'refs/heads/release/') }} | |
run: echo "CONFIG=release" >> $GITHUB_ENV | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
fetch-tags: true | |
- uses: hyperlight-dev/[email protected] | |
with: | |
rust-toolchain: "1.81.0" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# HYPERLIGHT_VERSION does not include the v prefix | |
- name: Set HYPERLIGHT_VERSION | |
if: ${{ contains(github.ref, 'refs/heads/release/') }} | |
id: set_hyperlight_version | |
run: | | |
git fetch --tags | |
version=$(echo "${{ github.ref }}" | sed -E 's#refs/heads/release/v##') | |
echo "HYPERLIGHT_VERSION=$version" >> $GITHUB_ENV | |
echo "HYPERLIGHT_VERSION=$version" | |
- name: Build and archive guest library + header files | |
run: | | |
just tar-headers | |
just tar-static-lib | |
- name: Download all benchmarks | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: benchmarks_* | |
- name: Archive benchmarks | |
run: | | |
# windows | |
tar -zcvf benchmarks_Windows_hyperv_amd.tar.gz benchmarks_Windows_hyperv_amd | |
tar -zcvf benchmarks_Windows_hyperv_intel.tar.gz benchmarks_Windows_hyperv_intel | |
# kvm | |
tar -zcvf benchmarks_Linux_kvm_amd.tar.gz benchmarks_Linux_kvm_amd | |
tar -zcvf benchmarks_Linux_kvm_intel.tar.gz benchmarks_Linux_kvm_intel | |
# mshv2 | |
tar -zcvf benchmarks_Linux_mshv_intel.tar.gz benchmarks_Linux_mshv_intel | |
tar -zcvf benchmarks_Linux_mshv_amd.tar.gz benchmarks_Linux_mshv_amd | |
# mshv3 | |
tar -zcvf benchmarks_Linux_mshv3_amd.tar.gz benchmarks_Linux_mshv3_amd | |
tar -zcvf benchmarks_Linux_mshv3_intel.tar.gz benchmarks_Linux_mshv3_intel | |
- name: Extract release notes from changelog | |
if: ${{ contains(github.ref, 'refs/heads/release/') }} | |
run: just create-release-notes v${{ env.HYPERLIGHT_VERSION }} > RELEASE_NOTES.md | |
env: | |
GH_TOKEN: ${{ github.token }} | |
- name: Extract prerelease notes from changelog | |
if: ${{ github.ref=='refs/heads/main' }} | |
run: just create-release-notes dev-latest > RELEASE_NOTES.md | |
env: | |
GH_TOKEN: ${{ github.token }} | |
- name: Create release | |
if: ${{ contains(github.ref, 'refs/heads/release/') }} | |
run: | | |
gh release create v${{ env.HYPERLIGHT_VERSION }} -t "Release v${{ env.HYPERLIGHT_VERSION }}" --notes-file RELEASE_NOTES.md \ | |
benchmarks_Windows_hyperv_amd.tar.gz \ | |
benchmarks_Windows_hyperv_intel.tar.gz \ | |
benchmarks_Linux_kvm_amd.tar.gz \ | |
benchmarks_Linux_kvm_intel.tar.gz \ | |
benchmarks_Linux_mshv_intel.tar.gz \ | |
benchmarks_Linux_mshv_amd.tar.gz \ | |
benchmarks_Linux_mshv3_amd.tar.gz \ | |
benchmarks_Linux_mshv3_intel.tar.gz \ | |
hyperlight-guest-c-api-linux.tar.gz \ | |
hyperlight-guest-c-api-windows.tar.gz \ | |
include.tar.gz | |
env: | |
GH_TOKEN: ${{ github.token }} | |
- name: Create prerelease | |
if: ${{ github.ref=='refs/heads/main' }} | |
run: | | |
gh release delete dev-latest -y --cleanup-tag || true | |
gh release create dev-latest -t "Latest prerelease from main branch" --notes-file RELEASE_NOTES.md --latest=false -p \ | |
benchmarks_Windows_hyperv_amd.tar.gz \ | |
benchmarks_Windows_hyperv_intel.tar.gz \ | |
benchmarks_Linux_kvm_amd.tar.gz \ | |
benchmarks_Linux_kvm_intel.tar.gz \ | |
benchmarks_Linux_mshv_intel.tar.gz \ | |
benchmarks_Linux_mshv_amd.tar.gz \ | |
benchmarks_Linux_mshv3_amd.tar.gz \ | |
benchmarks_Linux_mshv3_intel.tar.gz \ | |
hyperlight-guest-c-api-linux.tar.gz \ | |
hyperlight-guest-c-api-windows.tar.gz \ | |
include.tar.gz | |
env: | |
GH_TOKEN: ${{ github.token }} |