name: Release
on:
release:
types: [published]
permissions:
contents: read
concurrency:
group: release-${{ github.event.release.tag_name }}
cancel-in-progress: false
jobs:
validate:
runs-on: ubuntu-latest
env:
RELEASE_TAG: ${{ github.event.release.tag_name }}
steps:
- name: Checkout release tag
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with:
ref: ${{ env.RELEASE_TAG }}
persist-credentials: false
- name: Validate tag and Cargo version
run: |
version="${RELEASE_TAG#v}"
if ! [[ "$RELEASE_TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "::error::'$RELEASE_TAG' is not a release tag like v0.2.0"
exit 1
fi
cargo_version="$(awk -F'"' '/^version = "/ { print $2; exit }' Cargo.toml)"
if [[ "$cargo_version" != "$version" ]]; then
echo "::error::Cargo.toml version '$cargo_version' does not match '$RELEASE_TAG'"
exit 1
fi
build:
needs: validate
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
target: x86_64-unknown-linux-gnu
- os: ubuntu-24.04-arm
target: aarch64-unknown-linux-gnu
- os: macos-latest
target: aarch64-apple-darwin
- os: macos-15-intel
target: x86_64-apple-darwin
runs-on: ${{ matrix.os }}
env:
RELEASE_TAG: ${{ github.event.release.tag_name }}
steps:
- name: Checkout release tag
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with:
ref: ${{ env.RELEASE_TAG }}
persist-credentials: false
- name: Install Rust
uses: dtolnay/rust-toolchain@4be7066ada62dd38de10e7b70166bc74ed198c30 with:
targets: ${{ matrix.target }}
- name: Cache cargo registry/build
uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 with:
key: ${{ matrix.target }}
- name: Build
run: cargo build --release --locked --target ${{ matrix.target }}
- name: Package
run: |
bin="target/${{ matrix.target }}/release/sofka"
strip "$bin"
out="sofka-${RELEASE_TAG}-${{ matrix.target }}.tar.gz"
tar -czf "$out" -C "$(dirname "$bin")" sofka
echo "ASSET=$out" >> "$GITHUB_ENV"
- name: Upload artifact
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 with:
name: ${{ matrix.target }}
path: ${{ env.ASSET }}
upload-assets:
needs: build
runs-on: ubuntu-latest
permissions:
contents: write env:
GH_TOKEN: ${{ github.token }}
GH_REPO: ${{ github.repository }}
RELEASE_TAG: ${{ github.event.release.tag_name }}
steps:
- name: Download all artifacts
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 with:
path: dist
merge-multiple: true
- name: Upload release assets
run: gh release upload "$RELEASE_TAG" dist/*.tar.gz --clobber
crates-publish:
needs: upload-assets
runs-on: ubuntu-latest
steps:
- name: Checkout release tag
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with:
ref: ${{ github.event.release.tag_name }}
persist-credentials: false
- name: Install Rust
uses: dtolnay/rust-toolchain@4be7066ada62dd38de10e7b70166bc74ed198c30
- name: Publish to crates.io
env:
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
run: cargo publish --locked
nix-cache:
needs: validate
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
- os: ubuntu-24.04-arm
- os: macos-latest
- os: macos-15-intel
runs-on: ${{ matrix.os }}
env:
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
steps:
- name: Checkout release tag
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 with:
ref: ${{ github.event.release.tag_name }}
persist-credentials: false
- name: Setup Nix
uses: ./.github/actions/setup-nix
- name: Build and cache
run: nix build .#sofka --print-build-logs