chore: release v0.29.15 (#269) #25
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release-cli | |
| on: | |
| push: | |
| tags: | |
| - 's2-cli-v*' | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| packages: write | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: s2-streamstore/s2 | |
| jobs: | |
| update_helm_chart: | |
| needs: create_manifest | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Generate GitHub token | |
| uses: actions/create-github-app-token@v2 | |
| id: generate-token | |
| with: | |
| app-id: ${{ secrets.RELEASE_PLZ_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_PLZ_APP_PRIVATE_KEY }} | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: main | |
| token: ${{ steps.generate-token.outputs.token }} | |
| - name: Get version from tag | |
| id: version | |
| run: | | |
| VERSION="${GITHUB_REF_NAME#s2-cli-v}" | |
| if [ -z "$VERSION" ] || [ "$VERSION" = "$GITHUB_REF_NAME" ]; then | |
| echo "ERROR: Could not extract version from tag (GITHUB_REF_NAME=$GITHUB_REF_NAME)" | |
| exit 1 | |
| fi | |
| echo "CLI version: $VERSION" | |
| echo "value=$VERSION" >> "$GITHUB_OUTPUT" | |
| - name: Update Helm chart version and appVersion | |
| run: | | |
| # Get current chart version | |
| CURRENT_VERSION=$(grep '^version:' charts/s2-lite-helm/Chart.yaml | awk '{print $2}') | |
| if [ -z "$CURRENT_VERSION" ]; then | |
| echo "ERROR: Could not read current chart version" | |
| exit 1 | |
| fi | |
| echo "Current chart version: $CURRENT_VERSION" | |
| # Increment patch version (e.g., 0.1.0 -> 0.1.1) | |
| NEW_VERSION=$(echo "$CURRENT_VERSION" | awk -F. '{$NF = $NF + 1; print}' OFS=.) | |
| echo "New chart version: $NEW_VERSION" | |
| # Update both version and appVersion in Chart.yaml | |
| sed -i "s/^version: .*/version: $NEW_VERSION/" charts/s2-lite-helm/Chart.yaml | |
| sed -i 's/^appVersion: ".*"$/appVersion: "${{ steps.version.outputs.value }}"/' charts/s2-lite-helm/Chart.yaml | |
| - name: Commit and push | |
| run: | | |
| git config user.name "$GITHUB_ACTOR" | |
| git config user.email "$GITHUB_ACTOR@users.noreply.github.com" | |
| git add charts/s2-lite-helm/Chart.yaml | |
| if git diff --staged --quiet; then | |
| echo "No changes to commit" | |
| else | |
| git commit -m "Bump s2-lite-helm chart to appVersion ${{ steps.version.outputs.value }}" | |
| git pull --rebase | |
| git push | |
| fi | |
| build_binaries: | |
| name: ${{ matrix.target }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-22.04 | |
| target: aarch64-unknown-linux-gnu | |
| deps: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu | |
| - os: ubuntu-22.04 | |
| target: x86_64-unknown-linux-gnu | |
| - os: ubuntu-22.04 | |
| target: x86_64-unknown-linux-musl | |
| # for static bin | |
| deps: | | |
| sudo apt-get update | |
| sudo apt-get install -y musl-tools | |
| - os: ubuntu-24.04-arm | |
| target: aarch64-unknown-linux-musl | |
| deps: | | |
| sudo apt-get update | |
| sudo apt-get install -y musl-tools | |
| - os: macos-latest | |
| target: x86_64-apple-darwin | |
| - os: macos-latest | |
| target: aarch64-apple-darwin | |
| - os: windows-latest | |
| target: x86_64-pc-windows-msvc | |
| - os: windows-latest | |
| target: aarch64-pc-windows-msvc | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| with: | |
| rustflags: "" | |
| target: ${{ matrix.target }} | |
| - name: Install dependencies | |
| if: matrix.deps != '' | |
| run: ${{ matrix.deps }} | |
| shell: bash | |
| - name: Set CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER | |
| if: matrix.target == 'aarch64-unknown-linux-gnu' | |
| run: echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=aarch64-linux-gnu-gcc" >> $GITHUB_ENV | |
| - name: Build | |
| run: cargo build --release --package s2-cli --target ${{ matrix.target }} | |
| - name: Create pem and certificate.der files | |
| if: matrix.os == 'macos-latest' | |
| run: | | |
| echo "${{ secrets.MACOS_PEM }}" | base64 -d -o macos.pem | |
| echo "${{ secrets.MACOS_CERTIFICATE_DER }}" | base64 -d -o certificate.der | |
| - name: Sign macos binary | |
| if: matrix.os == 'macos-latest' | |
| uses: indygreg/apple-code-sign-action@v1 | |
| with: | |
| input_path: target/${{ matrix.target }}/release/s2 | |
| pem_file: macos.pem | |
| certificate_der_file: certificate.der | |
| sign: true | |
| sign_args: "--code-signature-flags=runtime" | |
| - name: Prepare artifacts | |
| shell: bash | |
| run: | | |
| cd target/${{ matrix.target }}/release | |
| if [ "${{ matrix.os }}" = "windows-latest" ]; then | |
| 7z a ../../../s2-${{ matrix.target }}.zip s2.exe | |
| else | |
| zip -r ../../../s2-${{ matrix.target }}.zip s2 | |
| fi | |
| - name: App store connect api key | |
| if: matrix.os == 'macos-latest' | |
| run: echo "${{ secrets.APP_STORE_CONNECT_API_KEY }}" | base64 -d -o app_store_connect_api_key.json | |
| - name: Notarize macos binary | |
| if: matrix.os == 'macos-latest' | |
| uses: indygreg/apple-code-sign-action@v1 | |
| with: | |
| input_path: s2-${{ matrix.target }}.zip | |
| sign: false | |
| notarize: true | |
| app_store_connect_api_key_json_file: app_store_connect_api_key.json | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.target }} | |
| path: | | |
| *.zip | |
| if-no-files-found: error | |
| build_images: | |
| name: Build ${{ matrix.arch }} Docker image | |
| runs-on: ${{ matrix.runner }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - arch: x86-64 | |
| runner: ubuntu-latest | |
| - arch: arm64 | |
| runner: ubuntu-24.04-arm | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Log in to Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Get version | |
| id: version | |
| uses: SebRollen/toml-action@v1.2.0 | |
| with: | |
| file: cli/Cargo.toml | |
| field: package.version | |
| - name: Build and push image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile | |
| target: runtime | |
| push: true | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.value }}-${{ matrix.arch }} | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-${{ matrix.arch }} | |
| create_manifest: | |
| name: Create multi-arch Docker manifest | |
| needs: build_images | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Log in to Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Get version | |
| id: version | |
| uses: SebRollen/toml-action@v1.2.0 | |
| with: | |
| file: cli/Cargo.toml | |
| field: package.version | |
| - name: Create and push versioned manifest | |
| run: | | |
| docker buildx imagetools create -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.value }} \ | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.value }}-x86-64 \ | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.value }}-arm64 | |
| - name: Create and push latest manifest | |
| run: | | |
| docker buildx imagetools create -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest \ | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-x86-64 \ | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-arm64 | |
| upload_release_artifacts: | |
| needs: build_binaries | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Get version | |
| id: version | |
| uses: SebRollen/toml-action@v1.2.0 | |
| with: | |
| file: cli/Cargo.toml | |
| field: package.version | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: '*-*-*' | |
| - name: Upload to release | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| TAG="s2-cli-v${{ steps.version.outputs.value }}" | |
| gh release upload "$TAG" */s2-*.zip --clobber || gh release create "$TAG" */s2-*.zip --title "$TAG" --notes "" | |
| update_homebrew: | |
| needs: upload_release_artifacts | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Get version | |
| id: version | |
| uses: SebRollen/toml-action@v1.2.0 | |
| with: | |
| file: cli/Cargo.toml | |
| field: package.version | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: '*-*-*' | |
| - name: Calculate checksums | |
| run: | | |
| LINUX_INTEL_SHA256=$(shasum -a 256 x86_64-unknown-linux-gnu/s2-x86_64-unknown-linux-gnu.zip | awk '{print $1}') | |
| echo "LINUX_INTEL_SHA256=$LINUX_INTEL_SHA256" >> $GITHUB_ENV | |
| LINUX_ARM_SHA256=$(shasum -a 256 aarch64-unknown-linux-gnu/s2-aarch64-unknown-linux-gnu.zip | awk '{print $1}') | |
| echo "LINUX_ARM_SHA256=$LINUX_ARM_SHA256" >> $GITHUB_ENV | |
| MAC_INTEL_SHA256=$(shasum -a 256 x86_64-apple-darwin/s2-x86_64-apple-darwin.zip | awk '{print $1}') | |
| echo "MAC_INTEL_SHA256=$MAC_INTEL_SHA256" >> $GITHUB_ENV | |
| MAC_ARM_SHA256=$(shasum -a 256 aarch64-apple-darwin/s2-aarch64-apple-darwin.zip | awk '{print $1}') | |
| echo "MAC_ARM_SHA256=$MAC_ARM_SHA256" >> $GITHUB_ENV | |
| - name: Checkout homebrew repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: 's2-streamstore/homebrew-s2' | |
| token: ${{ secrets.HOMEBREW_PAT }} | |
| - name: Update formula | |
| run: | | |
| sed -i.bak "s/^ version \".*\"$/ version \"${{ steps.version.outputs.value }}\"/" s2.rb | |
| sed -z -i -e 's/[0-9a-f]\{64\}/${{ env.MAC_INTEL_SHA256 }}/1' s2.rb | |
| sed -z -i -e 's/[0-9a-f]\{64\}/${{ env.MAC_ARM_SHA256 }}/2' s2.rb | |
| sed -z -i -e 's/[0-9a-f]\{64\}/${{ env.LINUX_INTEL_SHA256 }}/3' s2.rb | |
| sed -z -i -e 's/[0-9a-f]\{64\}/${{ env.LINUX_ARM_SHA256 }}/4' s2.rb | |
| - name: Push formula | |
| run: | | |
| git config --global user.email "mehul@s2.dev" | |
| git config --global user.name "Mehul Arora" | |
| git add s2.rb | |
| git commit -m "Update S2 to ${{ steps.version.outputs.value }}" | |
| git push |