2023-12-11 13:58:43 +00:00
|
|
|
# Use this workflow to create a patch branch and use the release workflow to release the patch once ready
|
|
|
|
|
|
|
|
name: Patch release
|
|
|
|
|
|
|
|
run-name: "Patch release '${{ inputs.git-tag }}'"
|
|
|
|
|
|
|
|
on:
|
|
|
|
workflow_dispatch:
|
|
|
|
inputs:
|
|
|
|
git-tag:
|
|
|
|
required: true
|
|
|
|
type: string
|
|
|
|
description: "The github tag of the release you want to patch (i.e. v1.0.0)."
|
|
|
|
|
|
|
|
defaults:
|
|
|
|
run:
|
|
|
|
shell: bash
|
|
|
|
|
|
|
|
permissions:
|
|
|
|
contents: write
|
|
|
|
|
|
|
|
jobs:
|
|
|
|
tag-check:
|
|
|
|
name: Tag check
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- uses: actions/checkout@v4
|
|
|
|
with:
|
|
|
|
fetch-depth: 0
|
|
|
|
|
|
|
|
- name: Verify that the provided git_tag is a tag
|
|
|
|
run: git tag -l | grep -w ${{ inputs.git-tag }} || (echo "The provided git_tag '${{ inputs.git-tag }}' is not a tag" && exit 1)
|
|
|
|
|
|
|
|
patch-branch:
|
|
|
|
name: Create security patch branch
|
|
|
|
needs: [tag-check]
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout sources
|
|
|
|
uses: actions/checkout@v4
|
|
|
|
with:
|
|
|
|
ref: ${{ inputs.git-tag }}
|
|
|
|
|
|
|
|
- name: Install a TOML parser
|
2024-02-19 14:41:26 +00:00
|
|
|
run: |
|
|
|
|
curl -L https://github.com/tamasfe/taplo/releases/download/0.8.1/taplo-full-linux-x86_64.gz | gunzip - > taplo
|
|
|
|
chmod +x taplo
|
|
|
|
sudo mv taplo /usr/bin/taplo
|
2023-12-11 13:58:43 +00:00
|
|
|
|
|
|
|
- name: Prepare patch branch
|
|
|
|
run: |
|
|
|
|
set -x
|
|
|
|
|
|
|
|
# Configure git
|
|
|
|
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
|
|
|
git config user.name "github-actions[bot]"
|
|
|
|
git config --add --bool push.autoSetupRemote true
|
|
|
|
|
|
|
|
# Calculate new version
|
2024-02-19 15:38:13 +00:00
|
|
|
currentVersion=$(taplo get -f Cargo.toml "package.version")
|
2023-12-11 13:58:43 +00:00
|
|
|
major=$(echo $currentVersion | tr "." "\n" | sed -n 1p)
|
|
|
|
minor=$(echo $currentVersion | tr "." "\n" | sed -n 2p)
|
|
|
|
patch=$(echo $currentVersion | tr "." "\n" | sed -n 3p)
|
|
|
|
version=${major}.${minor}.$(($patch + 1))
|
|
|
|
|
|
|
|
# Bump the crate version
|
|
|
|
sed -i "s#^version = \".*\"#version = \"${version}\"#" Cargo.toml
|
|
|
|
|
|
|
|
# Update Cargo.lock without updating dependency versions
|
|
|
|
cargo check --no-default-features --features storage-mem
|
|
|
|
|
|
|
|
# Commit changes
|
|
|
|
git checkout -b patches/${major}.${minor}
|
2023-12-15 21:53:25 +00:00
|
|
|
git commit -am "Bump version to v${version}"
|
2023-12-11 13:58:43 +00:00
|
|
|
|
|
|
|
- name: Push the new branch
|
|
|
|
run: git push
|