name: Release-plz
on:
push:
branches: [main]
permissions: {}
jobs:
release-plz:
name: Release-plz
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with:
fetch-depth: 0
- uses: actions-rust-lang/setup-rust-toolchain@166cdcfd11aee3cb47222f9ddb555ce30ddb9659 - uses: MarcoIeni/release-plz-action@e8792575c7f2366cf6ff3ccc33ead9ace5b691c7 env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
checksums:
name: Attach SHA-256 checksums to the GitHub Release
needs: release-plz
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 - uses: actions-rust-lang/setup-rust-toolchain@166cdcfd11aee3cb47222f9ddb555ce30ddb9659 - name: Build a release-mode source distribution and checksum it
run: |
set -euo pipefail
cargo package --allow-dirty
cd target/package
sha256sum ./*.crate > SHA256SUMS.txt
cat SHA256SUMS.txt
- name: Attach checksums to the matching GitHub Release, if one exists
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -euo pipefail
version="$(cargo metadata --no-deps --format-version 1 | jq -r '.packages[0].version')"
tag="v${version}"
if gh release view "$tag" >/dev/null 2>&1; then
gh release upload "$tag" target/package/SHA256SUMS.txt --clobber
else
echo "No GitHub Release found for tag $tag yet; skipping checksum upload."
fi