Skip to content

Commit 599ea3f

Browse files
andersonlealandersonleal
committed
Add initial project structure with Cargo configuration, README, and GitHub workflows
- Created .gitignore to exclude build artifacts and IDE files. - Added Cargo.toml and Cargo.lock for project dependencies and configuration. - Included README.md with project description and usage instructions. - Set up GitHub Actions workflows for version tagging, release management, and validation. - Implemented advisory fetching and checking functionality in src/advisory.rs for security advisories.
0 parents  commit 599ea3f

File tree

19 files changed

+6376
-0
lines changed

19 files changed

+6376
-0
lines changed

.github/workflows/create-tag.yml

Lines changed: 182 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,182 @@
1+
name: Create Tag
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
bump:
7+
description: 'Version bump type'
8+
required: true
9+
type: choice
10+
options:
11+
- patch
12+
- minor
13+
- major
14+
- custom
15+
prerelease:
16+
description: 'Pre-release identifier (none for stable, ignored when bump is custom)'
17+
required: false
18+
type: choice
19+
options:
20+
- none
21+
- alpha
22+
- beta
23+
- rc
24+
custom_version:
25+
description: 'Custom version (required when bump is custom, format: X.Y.Z or X.Y.Z-suffix)'
26+
required: false
27+
type: string
28+
dry_run:
29+
description: 'Dry run (no tag push)'
30+
required: false
31+
type: boolean
32+
default: false
33+
34+
jobs:
35+
create-tag:
36+
name: Bump Version & Create Tag
37+
runs-on: ubuntu-latest
38+
permissions:
39+
contents: write
40+
41+
steps:
42+
- name: Generate token
43+
id: generate_token
44+
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2
45+
with:
46+
app-id: ${{ secrets.III_CI_APP_ID }}
47+
private-key: ${{ secrets.III_CI_APP_PRIVATE_KEY }}
48+
49+
- name: Checkout code
50+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
51+
with:
52+
token: ${{ steps.generate_token.outputs.token }}
53+
fetch-depth: 0
54+
55+
- name: Pre-flight checks
56+
run: |
57+
BRANCH=$(git rev-parse --abbrev-ref HEAD)
58+
if [[ "$BRANCH" != "main" ]]; then
59+
echo "::error::Must be on main branch (currently on $BRANCH)"
60+
exit 1
61+
fi
62+
63+
if [[ ! -f Cargo.toml ]]; then
64+
echo "::error::Cargo.toml not found"
65+
exit 1
66+
fi
67+
68+
- name: Calculate new version
69+
id: version
70+
env:
71+
BUMP_TYPE: ${{ inputs.bump }}
72+
PRERELEASE_ID: ${{ inputs.prerelease }}
73+
CUSTOM_VERSION: ${{ inputs.custom_version }}
74+
run: |
75+
CARGO_TOML="Cargo.toml"
76+
CURRENT=$(sed -n '/^\[package\]/,/^\[/{/^version/p}' "$CARGO_TOML" | sed 's/version = "\(.*\)"/\1/')
77+
echo "current=$CURRENT" >> "$GITHUB_OUTPUT"
78+
79+
if [[ "$BUMP_TYPE" == "custom" ]]; then
80+
if [[ -z "$CUSTOM_VERSION" ]]; then
81+
echo "::error::custom_version is required when bump is custom"
82+
exit 1
83+
fi
84+
85+
NEW_VERSION="${CUSTOM_VERSION#v}"
86+
87+
if ! [[ "$NEW_VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$ ]]; then
88+
echo "::error::Invalid version format: $NEW_VERSION (expected X.Y.Z or X.Y.Z-suffix)"
89+
exit 1
90+
fi
91+
else
92+
BASE="${CURRENT%%-*}"
93+
IFS='.' read -r MAJOR MINOR PATCH <<< "$BASE"
94+
95+
case "$BUMP_TYPE" in
96+
major)
97+
MAJOR=$((MAJOR + 1))
98+
MINOR=0
99+
PATCH=0
100+
;;
101+
minor)
102+
MINOR=$((MINOR + 1))
103+
PATCH=0
104+
;;
105+
patch)
106+
PATCH=$((PATCH + 1))
107+
;;
108+
esac
109+
110+
NEW_VERSION="${MAJOR}.${MINOR}.${PATCH}"
111+
112+
if [[ "$PRERELEASE_ID" != "none" && -n "$PRERELEASE_ID" ]]; then
113+
NEW_VERSION="${NEW_VERSION}-${PRERELEASE_ID}"
114+
fi
115+
fi
116+
117+
echo "new=$NEW_VERSION" >> "$GITHUB_OUTPUT"
118+
echo "tag=v${NEW_VERSION}" >> "$GITHUB_OUTPUT"
119+
echo "::notice::Version bump: $CURRENT -> $NEW_VERSION"
120+
121+
- name: Update Cargo.toml version
122+
env:
123+
NEW_VERSION: ${{ steps.version.outputs.new }}
124+
run: |
125+
CARGO_TOML="Cargo.toml"
126+
sed -i '/^\[package\]/,/^\[/s/^version = ".*"/version = "'"${NEW_VERSION}"'"/' "$CARGO_TOML"
127+
128+
- name: Validate version update
129+
env:
130+
EXPECTED_VERSION: ${{ steps.version.outputs.new }}
131+
run: |
132+
CARGO_TOML="Cargo.toml"
133+
ACTUAL=$(sed -n '/^\[package\]/,/^\[/{/^version/p}' "$CARGO_TOML" | sed 's/version = "\(.*\)"/\1/')
134+
135+
if [[ "$ACTUAL" != "$EXPECTED_VERSION" ]]; then
136+
echo "::error::Version mismatch: expected $EXPECTED_VERSION, got $ACTUAL"
137+
exit 1
138+
fi
139+
echo "::notice::Cargo.toml version verified: $ACTUAL"
140+
141+
- name: Check tag does not exist
142+
if: inputs.dry_run != true
143+
env:
144+
TAG: ${{ steps.version.outputs.tag }}
145+
run: |
146+
if git rev-parse "$TAG" >/dev/null 2>&1; then
147+
echo "::error::Tag $TAG already exists"
148+
exit 1
149+
fi
150+
151+
- name: Commit and tag
152+
if: inputs.dry_run != true
153+
env:
154+
NEW_VERSION: ${{ steps.version.outputs.new }}
155+
TAG: ${{ steps.version.outputs.tag }}
156+
run: |
157+
git config user.name "iii-ci[bot]"
158+
git config user.email "iii-ci[bot]@users.noreply.github.com"
159+
160+
git add Cargo.toml Cargo.lock
161+
git commit -m "chore: bump version to ${NEW_VERSION}"
162+
git tag -a "$TAG" -m "Release ${TAG}"
163+
git push origin main --follow-tags
164+
165+
- name: Dry run summary
166+
if: inputs.dry_run == true
167+
env:
168+
TAG: ${{ steps.version.outputs.tag }}
169+
run: |
170+
echo "::notice::DRY RUN - would have created tag $TAG"
171+
echo "Changes that would be committed:"
172+
git diff Cargo.toml
173+
174+
- name: Notify Slack
175+
if: inputs.dry_run != true
176+
uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0
177+
with:
178+
method: chat.postMessage
179+
token: ${{ secrets.SLACK_BOT_TOKEN }}
180+
payload: |
181+
channel: ${{ secrets.SLACK_CHANNEL_ID }}
182+
text: ":label: *iii-cli Tag Created*\nVersion: `${{ steps.version.outputs.tag }}`\nBump: ${{ inputs.bump }}\nPre-release: ${{ inputs.prerelease }}\nTriggered by: ${{ github.actor }}"

0 commit comments

Comments
 (0)