crate_seq_core/pipeline/

execute.rs

//! Live publish pipeline: idempotent checkout → rewrite → package → publish.

#[cfg(test)]
#[path = "execute_tests.rs"]
mod tests;

use std::path::{Path, PathBuf};
use std::process::Command;

use crate_seq_ledger::{load, save};
use crate_seq_registry::{backoff_publish, BackoffConfig, CratesIoClient, PublishOutcome};

use crate::auth::require_token;
use crate::pipeline::patch::inject_workspace_patches;
use crate::pipeline::source::resolve_source;
use crate::validate::{run_cargo_check, validate_no_path_deps};
use crate::Error;

/// Outcome of publishing a single version.
#[derive(Debug)]
pub enum VersionPublishOutcome {
    /// Published successfully in this run.
    Published,
    /// Already present on crates.io; skipped network publish.
    AlreadyPublished,
    /// Was already `Skipped` in the ledger.
    Skipped,
    /// Failed; contains the error message.
    Failed(String),
}

/// Result of publishing a single version.
#[derive(Debug)]
pub struct PublishVersionResult {
    /// The semantic version that was processed.
    pub version: semver::Version,
    /// The tag ref used for the checkout.
    pub tag_ref: String,
    /// The outcome for this version.
    pub outcome: VersionPublishOutcome,
}

/// Report from a live publish run.
#[derive(Debug)]
pub struct PublishReport {
    /// Crate name from the ledger.
    pub crate_name: String,
    /// Per-version results in ascending version order.
    pub results: Vec<PublishVersionResult>,
}

/// Runs `cargo package --allow-dirty` and returns stderr on failure.
fn run_package(manifest_path: &Path) -> Result<Option<String>, Error> {
    let output = Command::new("cargo")
        .args(["package", "--allow-dirty", "--manifest-path"])
        .arg(manifest_path)
        .output()
        .map_err(|e| Error::Subprocess(e.to_string()))?;

    if output.status.success() {
        Ok(None)
    } else {
        let stderr = String::from_utf8_lossy(&output.stderr).into_owned();
        Ok(Some(stderr))
    }
}

/// Saves the ledger, propagating I/O errors as [`Error::Ledger`].
fn persist(ledger_path: &Path, ledger: &crate_seq_ledger::CrateSeqLedger) -> Result<(), Error> {
    save(ledger_path, ledger)?;
    Ok(())
}

/// Validates the manifest: no path deps, then `cargo check`. Propagates all errors.
fn validate_manifest(manifest_path: &Path) -> Result<(), Error> {
    validate_no_path_deps(manifest_path)?;
    run_cargo_check(manifest_path)
}

/// Returns the default snapshot store adjacent to the ledger file.
fn default_snapshot_store(ledger_path: &Path) -> PathBuf {
    ledger_path
        .parent()
        .unwrap_or_else(|| Path::new("."))
        .join(".crate-seq-snapshots")
}

/// Returns the crate directory's path relative to `repo_path`.
///
/// Strips `repo_path` from `ledger_path.parent()`. Falls back to an empty
/// relative path when the ledger sits directly at the repo root (single-crate repos).
fn crate_rel_path(ledger_path: &Path, repo_path: &Path) -> PathBuf {
    let crate_dir = ledger_path.parent().unwrap_or(repo_path);
    crate_dir
        .strip_prefix(repo_path)
        .unwrap_or(std::path::Path::new(""))
        .to_owned()
}

/// Processes a single pending entry through the full live publish pipeline.
#[allow(clippy::too_many_arguments)]
fn process_entry(
    entry: &crate_seq_ledger::LedgerEntry,
    ledger_path: &Path,
    ledger: &mut crate_seq_ledger::CrateSeqLedger,
    repo_path: &Path,
    crate_rel_path: &Path,
    snapshot_store: &Path,
    client: &CratesIoClient,
    token: Option<&str>,
    backoff: &BackoffConfig,
    crate_name: &str,
    results: &mut Vec<PublishVersionResult>,
) -> Result<bool, Error> {
    let tag_ref = entry.ref_.clone();
    let version = entry.version.clone();

    if client.check_version_exists(crate_name, &version)? {
        ledger.mark_published(&version)?;
        persist(ledger_path, ledger)?;
        results.push(PublishVersionResult {
            version,
            tag_ref,
            outcome: VersionPublishOutcome::AlreadyPublished,
        });
        return Ok(true);
    }

    let checkout = resolve_source(entry, repo_path, snapshot_store)?;
    inject_workspace_patches(checkout.path())?; // inject before manifest ops
    let manifest_path = checkout.path().join(crate_rel_path).join("Cargo.toml");

    validate_manifest(&manifest_path)?;

    crate_seq_manifest::rewrite_version(&manifest_path, &version)?;

    if let Some(stderr) = run_package(&manifest_path)? {
        results.push(PublishVersionResult {
            version,
            tag_ref,
            outcome: VersionPublishOutcome::Failed(stderr),
        });
        persist(ledger_path, ledger)?;
        return Ok(false);
    }

    match backoff_publish(&checkout.path().join(crate_rel_path), token, backoff)? {
        PublishOutcome::Success | PublishOutcome::AlreadyPublished => {
            ledger.mark_published(&version)?;
            persist(ledger_path, ledger)?;
            results.push(PublishVersionResult {
                version,
                tag_ref,
                outcome: VersionPublishOutcome::Published,
            });
            Ok(true)
        }
        PublishOutcome::RateLimited => {
            results.push(PublishVersionResult {
                version,
                tag_ref,
                outcome: VersionPublishOutcome::Failed(
                    "rate limited — retries exhausted".to_owned(),
                ),
            });
            persist(ledger_path, ledger)?;
            Ok(false)
        }
        PublishOutcome::Failed(msg) => {
            results.push(PublishVersionResult {
                version,
                tag_ref,
                outcome: VersionPublishOutcome::Failed(msg),
            });
            persist(ledger_path, ledger)?;
            Ok(false)
        }
    }
}

/// Live publish: for each pending version, check idempotency, checkout, rewrite,
/// package, publish, update ledger.
///
/// `snapshot_store` overrides the default `.crate-seq-snapshots/` directory for
/// entries with `source = snapshot`. Git-tag entries ignore `snapshot_store`.
///
/// Performs a pre-flight token check before any version is processed. If the ledger
/// configures a token source (env var or command) and it fails, returns an actionable
/// error immediately. If no token source is configured and cargo credentials are
/// absent, passes `None` and lets cargo decide.
///
/// On success for each version: marks `Published` and saves ledger immediately
/// (crash-safe — ledger reflects exact progress). On first failure: saves current
/// ledger state and returns the partial report.
///
/// # Errors
///
/// Returns [`Error::TokenResolution`] on pre-flight token failure,
/// [`Error::Ledger`] on ledger I/O failure, [`Error::Git`] on checkout
/// failure, [`Error::SnapshotNotFound`] if a snapshot tarball is missing,
/// [`Error::Manifest`] on rewrite failure, [`Error::Registry`] on
/// registry HTTP failure, or [`Error::Subprocess`] if `cargo` cannot be spawned.
pub fn publish_execute(
    ledger_path: &Path,
    repo_path: &Path,
    token: Option<&str>,
    backoff_config: &BackoffConfig,
    crate_seq_version: &str,
    snapshot_store: Option<PathBuf>,
) -> Result<PublishReport, Error> {
    let client = CratesIoClient::new(crate_seq_version)?;
    publish_execute_with_client(
        ledger_path,
        repo_path,
        token,
        backoff_config,
        snapshot_store,
        &client,
    )
}

/// Inner implementation that accepts an injected [`CratesIoClient`].
///
/// Separated from [`publish_execute`] so tests can inject a mock registry
/// client without hitting the live crates.io API.
pub(crate) fn publish_execute_with_client(
    ledger_path: &Path,
    repo_path: &Path,
    token: Option<&str>,
    backoff_config: &BackoffConfig,
    snapshot_store: Option<PathBuf>,
    client: &CratesIoClient,
) -> Result<PublishReport, Error> {
    let mut ledger = load(ledger_path)?;
    let crate_name = ledger.crate_config.name.clone();

    let resolved_token = require_token(token, &ledger.auth)?;
    let token_ref = resolved_token.as_deref();

    let store = snapshot_store.unwrap_or_else(|| default_snapshot_store(ledger_path));
    let rel_path = crate_rel_path(ledger_path, repo_path);

    let pending: Vec<crate_seq_ledger::LedgerEntry> =
        ledger.pending_versions().into_iter().cloned().collect();

    let mut results = Vec::with_capacity(pending.len());

    for entry in &pending {
        let ok = process_entry(
            entry,
            ledger_path,
            &mut ledger,
            repo_path,
            &rel_path,
            &store,
            client,
            token_ref,
            backoff_config,
            &crate_name,
            &mut results,
        )?;
        if !ok {
            break;
        }
    }

    Ok(PublishReport {
        crate_name,
        results,
    })
}