name: Release
on:
push:
tags:
- "[0-9]+.[0-9]+.[0-9]+"
- "[0-9]+.[0-9]+.[0-9]+-*"
permissions:
contents: write
id-token: write
concurrency:
group: release-${{ github.ref }}
cancel-in-progress: false
jobs:
publish:
runs-on: ubuntu-latest
environment: release
timeout-minutes: 15
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
- name: Verify tag matches Cargo.toml version
run: |
VERSION="${GITHUB_REF_NAME}"
if ! grep -qxF "version = \"${VERSION}\"" Cargo.toml; then
echo "Tag ${VERSION} does not match Cargo.toml version:" >&2
grep "^version =" Cargo.toml >&2
exit 1
fi
- name: Extract CHANGELOG section for this version
run: |
VERSION="${GITHUB_REF_NAME}"
awk -v ver="$VERSION" '
$0 ~ "^## \\[" ver "\\]" { flag=1; next }
flag && /^## \[/ { exit }
flag { print }
' CHANGELOG.md > "${RUNNER_TEMP}/release_notes.md"
if [ ! -s "${RUNNER_TEMP}/release_notes.md" ]; then
echo "No CHANGELOG.md section found for [${VERSION}]" >&2
exit 1
fi
echo "---- release notes ----"
cat "${RUNNER_TEMP}/release_notes.md"
- run: cargo test -p yada
- uses: rust-lang/crates-io-auth-action@v1
id: auth
- run: cargo publish -p yada
env:
CARGO_REGISTRY_TOKEN: ${{ steps.auth.outputs.token }}
- name: Create GitHub Release
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release create "${GITHUB_REF_NAME}" \
--title "${GITHUB_REF_NAME}" \
--notes-file "${RUNNER_TEMP}/release_notes.md" \
--verify-tag