name: Release (date-based auto)
on:
push:
branches: [main]
permissions:
contents: write
id-token: write
attestations: write
concurrency:
group: release
cancel-in-progress: false
env:
CARGO_TERM_COLOR: always
jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Compute date-based version
id: v
run: |
version="1.$(date -u +%Y%m%d).${GITHUB_RUN_NUMBER}"
echo "version=$version" >> "$GITHUB_OUTPUT"
echo "tag=v$version" >> "$GITHUB_OUTPUT"
- name: Set version in Cargo.toml
run: |
sed -i -E "0,/^version = \"[^\"]*\"/ s//version = \"${{ steps.v.outputs.version }}\"/" Cargo.toml
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- run: cargo check --all-features
- name: Publish to crates.io
run: cargo publish --token ${{ secrets.CARGO_REGISTRY_TOKEN }} --allow-dirty
- name: Source archive
run: |
# restore original Cargo.toml so archive matches the repo state
git checkout -- Cargo.toml
git archive --format=tar.gz -o "sdk-rust-${{ steps.v.outputs.tag }}.tar.gz" HEAD
- name: Attest provenance
uses: actions/attest-build-provenance@v4
with:
subject-path: "sdk-rust-${{ steps.v.outputs.tag }}.tar.gz"
- name: Install cosign
uses: sigstore/cosign-installer@v4.1.1
- name: Sign archive
run: |
cosign sign-blob --yes \
--bundle "sdk-rust-${{ steps.v.outputs.tag }}.tar.gz.sigstore" \
"sdk-rust-${{ steps.v.outputs.tag }}.tar.gz"
- name: Create + push tag
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git tag "${{ steps.v.outputs.tag }}"
git push origin "${{ steps.v.outputs.tag }}"
- name: GitHub Release
uses: softprops/action-gh-release@v3
with:
tag_name: ${{ steps.v.outputs.tag }}
files: |
sdk-rust-${{ steps.v.outputs.tag }}.tar.gz
sdk-rust-${{ steps.v.outputs.tag }}.tar.gz.sigstore
generate_release_notes: true