iks 0.7.0 - Docs.rs

name: Release

on:
  workflow_dispatch:
    inputs:
      operation:
        description: "Operation"
        required: true
        type: choice
        default: dryrun
        options:
          - dryrun
          - publish

concurrency:
  group: release
  cancel-in-progress: true

env:
  RUST_BACKTRACE: 1
  CARGO_TERM_COLOR: always
  CARGO_TERM_VERBOSE: "true"
  CARGO_INCREMENTAL: 0
  CARGO_PROFILE_TEST_DEBUG: 0

jobs:
  release:
    name: Publish Release
    permissions:
      contents: write
      id-token: write
    runs-on: ubuntu-latest
    if: ${{ always() }}
    needs:
      - check-version
      - run-ci
      - run-heavy
    steps:
      - if: ${{ github.repository_owner != 'meduketto' }}
        run: exit 1
        name: Check repository owner
      - if: ${{ github.ref != 'refs/heads/main' }}
        run: exit 1
        name: Check branch
      - if: ${{ needs.check-version.result != 'success' }}
        run: exit 1
        name: Check version result
      - if: ${{ inputs.operation == 'publish' && needs.run-ci.result != 'success' }}
        run: exit 1
        name: Check CI result
      - if: ${{ inputs.operation == 'publish' && needs.run-heavy.result != 'success' }}
        run: exit 1
        name: Check heavy result
      - name: Checkout code
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: true
      - name: Cargo oauth
        uses: rust-lang/crates-io-auth-action@bbd81622f20ce9e2dd9622e3218b975523e45bbe # v1.0.4
        id: auth
      - name: Publish Crate
        env:
          CARGO_REGISTRY_TOKEN: ${{ steps.auth.outputs.token }}
        run: |
          set -euxo pipefail
          export DRYRUN=--dry-run
          if [ "${{ inputs.operation }}" = "publish" ]; then
              export DRYRUN=""
          fi
          cargo package --list
          cargo publish $DRYRUN
          export TAG_NAME=v${{ needs.check-version.outputs.version }}
          [ $(expr "x$TAG_NAME" : "x[0-9\.v]*$") -eq 0 ] && exit 1
          git config --global user.email "github-actions[bot]@users.noreply.github.com"
          git config --global user.name "Release Action"
          git tag -a $TAG_NAME -m "Release $TAG_NAME"
          git push $DRYRUN origin $TAG_NAME

  run-ci:
    name: CI
    permissions:
      contents: read
    uses: ./.github/workflows/ci.yml
    if: inputs.operation == 'publish' && github.repository_owner == 'meduketto' && github.ref == 'refs/heads/main'
    needs:
      - check-version

  run-heavy:
    name: Heavy Tests
    permissions:
      contents: read
    uses: ./.github/workflows/heavy.yml
    if: inputs.operation == 'publish' && github.repository_owner == 'meduketto' && github.ref == 'refs/heads/main'
    needs:
      - check-version

  check-version:
    name: Version Checks
    permissions:
      contents: read
    runs-on: ubuntu-latest
    if: github.repository_owner == 'meduketto' && github.ref == 'refs/heads/main'
    outputs:
      version: "${{ steps.version.outputs.version }}"
    steps:
      - name: Checkout code
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - name: Check version
        id: version
        run: |
          set -euxo pipefail
          ./.github/workflows/check_version.py