diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml new file mode 100644 index 0000000..be1bfdc --- /dev/null +++ b/.github/actionlint.yaml @@ -0,0 +1,3 @@ +self-hosted-runner: + labels: + - builder diff --git a/.github/release-please/config.json b/.github/release-please/config.json new file mode 100644 index 0000000..abb15b4 --- /dev/null +++ b/.github/release-please/config.json @@ -0,0 +1,11 @@ +{ + "bootstrap-sha": "b66707fdaac5afcfc3374f8b3cf6c76be8cc34fd", + "release-type": "simple", + "bump-minor-pre-major": true, + "bump-patch-for-minor-pre-major": true, + "packages": { + ".": { + "component": "marine-rs-sdk-test" + } + } +} diff --git a/.github/release-please/manifest.json b/.github/release-please/manifest.json new file mode 100644 index 0000000..02f17d9 --- /dev/null +++ b/.github/release-please/manifest.json @@ -0,0 +1,3 @@ +{ + ".": "0.8.1" +} diff --git a/.github/renovate.json b/.github/renovate.json index 5fec988..d797aec 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -4,9 +4,25 @@ "config:base", ":semanticCommitTypeAll(chore)" ], - "enabledManagers": ["cargo", "npm", "github-actions"], + "enabledManagers": ["cargo", "github-actions"], "schedule": "every weekend", "packageRules": [ + { + "matchManagers": ["cargo"], + "matchPackagePatterns": [ + "fluence-.*", + "avm-server", + "air-intepreter-wasm", + "marine-.*" + ], + "semanticCommitType": "fix", + "semanticCommitScope": "deps", + "schedule": "at any time" + }, + { + "matchPackagePatterns": ["^@wasmer", "^wasmer", "^wasm-bindgen"], + "enabled": false + }, { "matchDepTypes": ["devDependencies"], "prPriority": -1 @@ -16,14 +32,8 @@ "prConcurrentLimit": 1 }, { - "matchManagers": [ "github-actions" ], - "automerge": true, - "automergeType": "branch", + "matchManagers": ["github-actions"], "prPriority": 1 - }, - { - "matchPackagePatterns": ["^@wasmer", "^wasmer", "^wasm-bindgen"], - "enabled": false } ] } diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index e1f23bf..9811392 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -4,9 +4,17 @@ on: pull_request: paths-ignore: - "**.md" + - ".github/**" + - "!.github/workflows/e2e.yml" + - "!.github/workflows/tests.yml" push: branches: - "master" + paths-ignore: + - "**.md" + - ".github/**" + - "!.github/workflows/e2e.yml" + - "!.github/workflows/tests.yml" concurrency: group: "${{ github.workflow }}-${{ github.ref }}" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..b3374a5 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,35 @@ +name: lint + +on: + pull_request: + types: + - opened + - edited + - synchronize + +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: true + +jobs: + pr: + name: Validate PR title + runs-on: ubuntu-latest + steps: + - uses: amannn/action-semantic-pull-request@v5 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + reviewdog: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Lint actions + uses: reviewdog/action-actionlint@v1 + env: + SHELLCHECK_OPTS: "-e SC2086 -e SC2207 -e SC2128" + with: + reporter: github-pr-check + fail_on_error: true diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml deleted file mode 100644 index bb7ae8a..0000000 --- a/.github/workflows/publish_release.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: "publish-release" - -on: - workflow_dispatch: - -jobs: - npm-publish: - name: "Publish release" - runs-on: ubuntu-latest - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - - name: Setup rust toolchain - uses: actions-rust-lang/setup-rust-toolchain@v1 - - - name: Install jq - run: sudo apt-get update && sudo apt-get --yes --force-yes install jq - - - name: Install cargo-workspaces - run: cargo install cargo-workspaces || true - - - name: Login to crates.io - run: cargo login ${{ secrets.CRATES_IO_TOKEN }} - - - name: Save marine-rs-sdk-test's crate version to env - run: | - set -x - PKG_NAME=marine-rs-sdk-test - VERSION=$(cargo ws list -l | grep "$PKG_NAME\s" | head -n1 | awk '{ print $2 }') - echo "VERSION=$VERSION" | tee -a $GITHUB_ENV - echo "PKG_NAME=$PKG_NAME" | tee -a $GITHUB_ENV - - - name: Publish to crates.io - run: cargo ws publish --no-git-commit --from-git --skip-published --yes - - - name: Create Release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ env.VERSION }} - release_name: Marine Test Rust SDK ${{ env.VERSION }} - body: | - - [${{ env.VERSION }} @ crates.io](https://crates.io/crates/${{ env.PKG_NAME }}/${{ env.VERSION }}) - draft: false - prerelease: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..72c0014 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,173 @@ +name: "release-please" + +on: + push: + branches: + - "master" + +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + +jobs: + release-please: + runs-on: ubuntu-latest + + outputs: + release-created: ${{ steps.release.outputs.release_created }} + pr: ${{ steps.release.outputs.pr }} + + steps: + - name: Run release-please + id: release + uses: google-github-actions/release-please-action@v3 + with: + token: ${{ secrets.FLUENCEBOT_RELEASE_PLEASE_PAT }} + command: manifest + config-file: .github/release-please/config.json + manifest-file: .github/release-please/manifest.json + + - name: Show output from release-please + if: steps.release.outputs.releases_created + env: + RELEASE_PLEASE_OUTPUT: ${{ toJSON(steps.release.outputs) }} + run: echo "${RELEASE_PLEASE_OUTPUT}" | jq + + bump-version: + if: needs.release-please.outputs.pr != null + runs-on: builder + needs: + - release-please + + permissions: + contents: write + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ fromJson(needs.release-please.outputs.pr).headBranchName }} + token: ${{ secrets.FLUENCEBOT_RELEASE_PLEASE_PAT }} + + - name: Setup Rust toolchain + uses: actions-rust-lang/setup-rust-toolchain@v1 + + - name: Get version + id: version + run: | + version="$(jq -r '.[]' .github/release-please/manifest.json)" + echo "version=${version}" >> $GITHUB_OUTPUT + + - name: Install cargo-workspaces + uses: baptiste0928/cargo-install@v1.3.0 + with: + crate: cargo-workspaces + + - name: Set version + run: | + cargo ws version \ + --force '*' \ + --no-git-commit \ + --all \ + --exact \ + --yes \ + custom ${{ steps.version.outputs.version }} + + - name: Commit version bump + uses: stefanzweifel/git-auto-commit-action@v4 + with: + commit_message: "chore: Bump version to ${{ steps.version.outputs.version }}" + branch: ${{ fromJson(needs.release-please.outputs.pr).headBranchName }} + commit_user_name: fluencebot + commit_user_email: devops@fluence.one + commit_author: fluencebot + + crates: + if: needs.release-please.outputs.release-created + runs-on: builder + needs: + - release-please + + permissions: + contents: write + id-token: write + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Import secrets + uses: hashicorp/vault-action@v2.4.3 + with: + url: https://vault.fluence.dev + path: jwt/github + role: ci + method: jwt + jwtGithubAudience: "https://github.com/fluencelabs" + jwtTtl: 300 + exportToken: false + secrets: | + kv/crates.io/fluencebot token | CARGO_REGISTRY_TOKEN + + - name: Setup Rust toolchain + uses: actions-rust-lang/setup-rust-toolchain@v1 + + - name: Install cargo-workspaces + uses: baptiste0928/cargo-install@v1.3.0 + with: + crate: cargo-workspaces + + - name: Publish to crates.io + run: | + cargo ws publish \ + --no-git-commit \ + --allow-dirty \ + --from-git \ + --skip-published \ + --yes + + slack: + if: always() + name: "Notify" + runs-on: ubuntu-latest + + needs: + - release-please + - crates + + permissions: + contents: read + id-token: write + + steps: + - uses: lwhiteley/dependent-jobs-result-check@v1 + id: status + with: + statuses: failure + dependencies: ${{ toJSON(needs) }} + + - name: Log output + run: | + echo "statuses:" "${{ steps.status.outputs.statuses }}" + echo "jobs:" "${{ steps.status.outputs.jobs }}" + echo "found any?:" "${{ steps.status.outputs.found }}" + + - name: Import secrets + uses: hashicorp/vault-action@v2.4.3 + with: + url: https://vault.fluence.dev + path: jwt/github + role: ci + method: jwt + jwtGithubAudience: "https://github.com/fluencelabs" + jwtTtl: 300 + exportToken: false + secrets: | + kv/slack/release-please webhook | SLACK_WEBHOOK_URL + + - uses: ravsamhq/notify-slack-action@v2 + if: steps.status.outputs.found == 'true' + with: + status: "failure" + notification_title: "*{workflow}* has {status_message}" + message_format: "${{ steps.status.outputs.jobs }} {status_message} in <{repo_url}|{repo}>" + footer: "<{run_url}>"