Publish crates to crates.io #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json | |
| name: Publish crates to crates.io | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| dry_run: | |
| description: "Run the release without actually releasing bits" | |
| type: boolean | |
| default: true | |
| workflow_call: | |
| inputs: | |
| dry_run: | |
| description: "Run the release without actually releasing bits" | |
| type: boolean | |
| default: true | |
| permissions: | |
| contents: read | |
| id-token: write | |
| jobs: | |
| publish-hyperlight-packages: | |
| runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] | |
| if: ${{ startsWith(github.ref, 'refs/heads/release/v') || inputs.dry_run }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - uses: hyperlight-dev/[email protected] | |
| with: | |
| rust-toolchain: "1.85" | |
| - name: Check crate versions | |
| shell: bash | |
| run: | | |
| if ${{ inputs.dry_run }}; then | |
| VERSION="" | |
| else | |
| VERSION="${{ github.ref }}" | |
| VERSION="${VERSION#refs/heads/release/v}" | |
| echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| fi | |
| ./dev/verify-version.sh "$VERSION" hyperlight-common hyperlight-guest hyperlight-guest-bin hyperlight-host hyperlight-component-util hyperlight-component-macro | |
| - name: Determine which crates need publishing | |
| run: | | |
| needs_publish() { | |
| local crate=$1 | |
| local crate_env_var=$(echo "$crate" | tr '[:lower:]' '[:upper:]' | tr '-' '_') | |
| if [ -z "$VERSION" ]; then | |
| echo "No version set (dry run?), skipping crates.io existence checks." | |
| echo "PUBLISH_${crate_env_var}=true" >> "$GITHUB_ENV" | |
| return | |
| fi | |
| if curl -s "https://crates.io/api/v1/crates/$crate/$VERSION" | jq -e .version > /dev/null; then | |
| echo "PUBLISH_${crate_env_var}=false" >> "$GITHUB_ENV" | |
| echo "✅ $crate@$VERSION already exists." | |
| else | |
| echo "PUBLISH_${crate_env_var}=true" >> "$GITHUB_ENV" | |
| echo "🚀 $crate@$VERSION will be published." | |
| fi | |
| } | |
| needs_publish hyperlight-common | |
| needs_publish hyperlight-guest | |
| needs_publish hyperlight-guest-bin | |
| needs_publish hyperlight-component-util | |
| needs_publish hyperlight-component-macro | |
| needs_publish hyperlight-host | |
| - name: Publish hyperlight-common | |
| continue-on-error: ${{ inputs.dry_run }} | |
| run: cargo publish --manifest-path ./src/hyperlight_common/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }} | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }} | |
| if: env.PUBLISH_HYPERLIGHT_COMMON != 'false' | |
| - name: Publish hyperlight-guest | |
| continue-on-error: ${{ inputs.dry_run }} | |
| run: cargo publish --manifest-path ./src/hyperlight_guest/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }} | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }} | |
| if: env.PUBLISH_HYPERLIGHT_GUEST != 'false' | |
| - name: Publish hyperlight-guest-bin | |
| continue-on-error: ${{ inputs.dry_run }} | |
| run: cargo publish --manifest-path ./src/hyperlight_guest_bin/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }} | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }} | |
| if: env.PUBLISH_HYPERLIGHT_GUEST_BIN != 'false' | |
| - name: Publish hyperlight-component-util | |
| continue-on-error: ${{ inputs.dry_run }} | |
| run: cargo publish --manifest-path ./src/hyperlight_component_util/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }} | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }} | |
| if: env.PUBLISH_HYPERLIGHT_COMPONENT_UTIL != 'false' | |
| - name: Publish hyperlight-component-macro | |
| continue-on-error: ${{ inputs.dry_run }} | |
| run: cargo publish --manifest-path ./src/hyperlight_component_macro/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }} | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }} | |
| if: env.PUBLISH_HYPERLIGHT_COMPONENT_MACRO != 'false' | |
| - name: Publish hyperlight-host | |
| continue-on-error: ${{ inputs.dry_run }} | |
| run: cargo publish --manifest-path ./src/hyperlight_host/Cargo.toml ${{ inputs.dry_run && '--dry-run' || '' }} | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }} | |
| if: env.PUBLISH_HYPERLIGHT_HOST != 'false' | |
| # TODO: Do we want to publish hyperlight-guest-capi to crates.io given that it's not for Rust consumption? | |
| # - name: Publish hyperlight-guest-capi | |
| # # `--no-verify` is needed because build.rs writes to "include/hyperlight_guest.h", but since we exclude that directory in Cargo.toml, it should be fine. | |
| # # Cargo does not want you to modify files outside of OUT_DIR | |
| # run: cd ./src/hyperlight_guest_capi && cargo publish --no-verify ${{ inputs.dry_run && '--dry-run' || '' }} # cd is required because of https://github.com/rust-lang/cargo/issues/10302 | |
| # env: | |
| # CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_PUBLISH_TOKEN }} |