name: Release
on:
pull_request:
branches:
- main
types:
- closed
paths:
- Cargo.toml
workflow_dispatch:
permissions:
contents: write
env:
CARGO_TERM_COLOR: always
jobs:
create-tag:
name: Create Release Tag
if: github.event.pull_request.merged == true || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.version.outputs.tag }}
version: ${{ steps.version.outputs.version }}
created: ${{ steps.create.outputs.created }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get version from Cargo.toml
id: version
run: |
VERSION=$(grep '^version = ' Cargo.toml | head -1 | sed 's/version = "\(.*\)"/\1/' | tr -d '\r' | xargs)
TAG="v${VERSION}"
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "tag=${TAG}" >> $GITHUB_OUTPUT
- name: Check if tag already exists
id: check_tag
run: |
TAG=${{ steps.version.outputs.tag }}
if git rev-parse "$TAG" >/dev/null 2>&1; then
echo "exists=true" >> $GITHUB_OUTPUT
echo "Tag $TAG already exists, skipping"
else
echo "exists=false" >> $GITHUB_OUTPUT
fi
- name: Create and push tag
id: create
run: |
if [ "${{ steps.check_tag.outputs.exists }}" = "true" ]; then
echo "created=false" >> $GITHUB_OUTPUT
echo "Tag already exists — skipping release"
exit 0
fi
TAG=${{ steps.version.outputs.tag }}
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git tag -a "$TAG" -m "Release $TAG"
git push origin "$TAG"
echo "created=true" >> $GITHUB_OUTPUT
echo "Tag $TAG created and pushed"
build:
name: Build ${{ matrix.target }}
needs: create-tag
if: needs.create-tag.outputs.created == 'true'
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- target: x86_64-unknown-linux-musl
os: ubuntu-latest
archive: tar.gz
- target: aarch64-apple-darwin
os: macos-latest
archive: tar.gz
- target: x86_64-apple-darwin
os: macos-latest
archive: tar.gz
- target: x86_64-pc-windows-msvc
os: windows-latest
archive: zip
steps:
- uses: actions/checkout@v4
with:
ref: ${{ needs.create-tag.outputs.tag }}
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}
- name: Install musl tools (Linux)
if: matrix.target == 'x86_64-unknown-linux-musl'
run: sudo apt-get update && sudo apt-get install -y musl-tools
- name: Build release binary
run: cargo build --release --target ${{ matrix.target }}
- name: Package (unix)
if: matrix.archive == 'tar.gz'
run: |
cd target/${{ matrix.target }}/release
tar czf "../../../texforge-${{ needs.create-tag.outputs.tag }}-${{ matrix.target }}.tar.gz" texforge
cd ../../..
- name: Package (windows)
if: matrix.archive == 'zip'
shell: pwsh
run: |
cd target/${{ matrix.target }}/release
Compress-Archive -Path texforge.exe -DestinationPath "../../../texforge-${{ needs.create-tag.outputs.tag }}-${{ matrix.target }}.zip"
cd ../../..
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: texforge-${{ matrix.target }}
path: texforge-${{ needs.create-tag.outputs.tag }}-${{ matrix.target }}.*
github-release:
name: Create GitHub Release
needs: [create-tag, build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Download all artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
merge-multiple: true
- name: Create release
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ needs.create-tag.outputs.tag }}
generate_release_notes: true
files: artifacts/*
approve:
name: Awaiting Manual Approval
needs: github-release
runs-on: ubuntu-latest
environment:
name: production
steps:
- name: Approval granted
run: echo "Release approved for publishing to crates.io"
ensure-owners:
name: Ensure crates.io owners
needs: create-tag
if: needs.create-tag.outputs.created == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ needs.create-tag.outputs.tag }}
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: Add crates.io owners (best-effort)
env:
TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
OWNERS: github:univerlab:owners
run: |
set -eu
if [ -z "$TOKEN" ]; then
echo "No cargo token found in CARGO_REGISTRY_TOKEN; skipping owners update"
exit 0
fi
CRATE_NAME=$(grep '^name = ' Cargo.toml | head -1 | sed 's/.*"\(.*\)".*/\1/' | tr -d '\r')
echo "crate=$CRATE_NAME"
for owner in $(echo "$OWNERS" | tr ',' ' '); do
echo "Adding owner: $owner"
cargo owner --token "$TOKEN" --add "$owner" || echo "cargo owner failed for $owner (continuing)"
done
publish:
name: Publish to crates.io
needs: [create-tag, approve, ensure-owners]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ needs.create-tag.outputs.tag }}
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: Check if stable release
id: version_check
run: |
VERSION=$(grep '^version = ' Cargo.toml | head -1 | sed 's/.*"\(.*\)".*/\1/' | xargs)
if [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "is_stable=true" >> $GITHUB_OUTPUT
echo "Version $VERSION is stable — will publish"
else
echo "is_stable=false" >> $GITHUB_OUTPUT
echo "Version $VERSION is prerelease/dev — skipping publish"
fi
- name: Cargo publish
if: steps.version_check.outputs.is_stable == 'true'
env:
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
run: cargo publish --allow-dirty
- name: Skipped prerelease
if: steps.version_check.outputs.is_stable == 'false'
run: echo "⏭️ Skipped crates.io publish for prerelease version"