surrealpatch/.github/workflows/patch.yml

82 lines
2.6 KiB
YAML

# Use this workflow to create a patch branch and use the release workflow to release the patch once ready
name: Patch release
run-name: "Patch release '${{ inputs.git-tag }}'"
on:
workflow_dispatch:
inputs:
git-tag:
required: true
type: string
description: "The github tag of the release you want to patch (i.e. v1.0.0)."
defaults:
run:
shell: bash
permissions:
contents: write
jobs:
tag-check:
name: Tag check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Verify that the provided git_tag is a tag
run: git tag -l | grep -w ${{ inputs.git-tag }} || (echo "The provided git_tag '${{ inputs.git-tag }}' is not a tag" && exit 1)
patch-branch:
name: Create security patch branch
needs: [tag-check]
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
ref: ${{ inputs.git-tag }}
- name: Install a TOML parser
run: |
curl -L https://github.com/tamasfe/taplo/releases/download/0.8.1/taplo-full-linux-x86_64.gz | gunzip - > taplo
chmod +x taplo
sudo mv taplo /usr/bin/taplo
- name: Prepare patch branch
run: |
set -x
# Configure git
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config user.name "github-actions[bot]"
git config --add --bool push.autoSetupRemote true
# Calculate new version
currentVersion=$(taplo get -f Cargo.toml "package.version")
major=$(echo $currentVersion | tr "." "\n" | sed -n 1p)
minor=$(echo $currentVersion | tr "." "\n" | sed -n 2p)
patch=$(echo $currentVersion | tr "." "\n" | sed -n 3p)
version=${major}.${minor}.$(($patch + 1))
# Bump the crate version
sed -i "s#^version = \".*\"#version = \"${version}\"#" Cargo.toml
sed -i "s#^version = \".*\"#version = \"${version}\"#" lib/Cargo.toml
sed -i "s#^version = \".*\"#version = \"2.0.0-${version}\"#" core/Cargo.toml
# Update dependency versions
sed -i "s#surrealdb-core = { version = \"=2.0.0-${currentVersion}\"#surrealdb-core = { version = \"=2.0.0-${version}\"#" lib/Cargo.toml
# Update Cargo.lock without updating dependency versions
cargo check --no-default-features --features storage-mem
# Commit changes
git checkout -b patches/${major}.${minor}
git commit -am "Bump version to v${version}"
- name: Push the new branch
run: git push