Update the release process and use GitHub Attestations

[dunxen]

Fixes #38.

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 0.00%. Comparing base (23fe019) to head (0144925).

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #127 +/- ## ====================================== Coverage 0.00% 0.00% ====================================== Files 1 1 Lines 96 96 ====================================== Misses 96 96 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[dunxen]

cargo-dist v0.17.0 was just released so I ran the updates and generation again.

git diff-tree -U1 23df6b5 0144925

```diff diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dda22ed..6e3c4e5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -66,3 +66,8 @@ jobs: shell: bash - run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.16.0/cargo-dist-installer.sh | sh" + run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.17.0/cargo-dist-installer.sh | sh" + - name: Cache cargo-dist + uses: actions/upload-artifact@v4 + with: + name: cargo-dist-cache + path: ~/.cargo/bin/cargo-dist # sure would be cool if github gave us proper conditionals... @@ -174,5 +179,8 @@ jobs: submodules: recursive - - name: Install cargo-dist - shell: bash - run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.16.0/cargo-dist-installer.sh | sh" + - name: Install cached cargo-dist + uses: actions/download-artifact@v4 + with: + name: cargo-dist-cache + path: ~/.cargo/bin/ + - run: chmod +x ~/.cargo/bin/cargo-dist # Get all the local artifacts for the global tasks to use (for e.g. checksums) @@ -220,4 +228,8 @@ jobs: submodules: recursive - - name: Install cargo-dist - run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.16.0/cargo-dist-installer.sh | sh" + - name: Install cached cargo-dist + uses: actions/download-artifact@v4 + with: + name: cargo-dist-cache + path: ~/.cargo/bin/ + - run: chmod +x ~/.cargo/bin/cargo-dist # Fetch artifacts from scratch-storage @@ -229,3 +241,2 @@ jobs: merge-multiple: true - # This is a harmless no-op for GitHub Releases, hosting for that happens in "announce" - id: host @@ -243,19 +254,3 @@ jobs: path: dist-manifest.json - - # Create a GitHub Release while uploading all files to it - announce: - needs: - - plan - - host - # use "always() && ..." to allow us to wait for all publish jobs while - # still allowing individual publish jobs to skip themselves (for prereleases). - # "host" however must run to completion, no skipping allowed! - if: ${{ always() && needs.host.result == 'success' }} - runs-on: "ubuntu-20.04" - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v4 - with: - submodules: recursive + # Create a GitHub Release while uploading all files to it - name: "Download GitHub Artifacts" @@ -272,5 +267,6 @@ jobs: env: - PRERELEASE_FLAG: "${{ fromJson(needs.host.outputs.val).announcement_is_prerelease && '--prerelease' || '' }}" - ANNOUNCEMENT_TITLE: "${{ fromJson(needs.host.outputs.val).announcement_title }}" - ANNOUNCEMENT_BODY: "${{ fromJson(needs.host.outputs.val).announcement_github_body }}" + PRERELEASE_FLAG: "${{ fromJson(steps.host.outputs.manifest).announcement_is_prerelease && '--prerelease' || '' }}" + ANNOUNCEMENT_TITLE: "${{ fromJson(steps.host.outputs.manifest).announcement_title }}" + ANNOUNCEMENT_BODY: "${{ fromJson(steps.host.outputs.manifest).announcement_github_body }}" + RELEASE_COMMIT: "${{ github.sha }}" run: | @@ -279,3 +275,18 @@ jobs: - gh release create "${{ needs.plan.outputs.tag }}" --title "$ANNOUNCEMENT_TITLE" --notes-file "$RUNNER_TEMP/notes.txt" $PRERELEASE_FLAG - gh release upload "${{ needs.plan.outputs.tag }}" artifacts/* + gh release create "${{ needs.plan.outputs.tag }}" --target "$RELEASE_COMMIT" $PRERELEASE_FLAG --title "$ANNOUNCEMENT_TITLE" --notes-file "$RUNNER_TEMP/notes.txt" artifacts/* + + announce: + needs: + - plan + - host + # use "always() && ..." to allow us to wait for all publish jobs while + # still allowing individual publish jobs to skip themselves (for prereleases). + # "host" however must run to completion, no skipping allowed! + if: ${{ always() && needs.host.result == 'success' }} + runs-on: "ubuntu-20.04" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v4 + with: + submodules: recursive diff --git a/Cargo.toml b/Cargo.toml index 0bcefb8..ccf0486 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -55,3 +55,3 @@ lto = "thin" # The preferred cargo-dist version to use in CI (Cargo.toml SemVer syntax) -cargo-dist-version = "0.16.0" +cargo-dist-version = "0.17.0" # CI backends to support @@ -66,3 +66,3 @@ pr-run-mode = "plan" install-updater = true -# Enable GitHub Artifact Attestations +# Whether to enable GitHub Attestations github-attestations = true diff --git a/src/cli.rs b/src/cli.rs index 0f5eecf..afeb1ce 100644 --- a/src/cli.rs +++ b/src/cli.rs @@ -9,2 +9,3 @@ use std::io::Read; use std::path::PathBuf; +use std::process::exit; use tonic::transport::{Certificate, Channel, ClientTlsConfig}; @@ -77,3 +78,3 @@ enum Commands { #[tokio::main] -async fn main() -> Result<(), ()> { +async fn main() { let args = Cli::parse(); @@ -84,4 +85,3 @@ async fn main() -> Result<(), ()> { Ok(offer) => { - println!("Decoded offer: {:?}.", offer); - Ok(()) + println!("Decoded offer: {:?}.", offer) } @@ -93,3 +93,3 @@ async fn main() -> Result<(), ()> { ); - Err(()) + exit(1) } @@ -107,4 +107,6 @@ async fn main() -> Result<(), ()> { // default location. - std::fs::read_to_string(data_dir.join(TLS_CERT_FILENAME)) - .map_err(|e| println!("ERROR reading cert: {e:?}"))? + std::fs::read_to_string(data_dir.join(TLS_CERT_FILENAME)).unwrap_or_else(|e| { + println!("ERROR reading cert: {e:?}"); + exit(1) + }) } @@ -119,8 +121,17 @@ async fn main() -> Result<(), ()> { let channel = Channel::from_shared(format!("{grpc_host}:{grpc_port}")) // - .map_err(|e| println!("ERROR creating endpoint: {e:?}"))? + .unwrap_or_else(|e| { + println!("ERROR creating endpoint: {e:?}"); + exit(1) + }) .tls_config(tls) - .map_err(|e| println!("ERROR tls config: {e:?}"))? + .unwrap_or_else(|e| { + println!("ERROR tls config: {e:?}"); + exit(1) + }) .connect() .await - .map_err(|e| println!("ERROR connecting: {e:?}"))?; + .unwrap_or_else(|e| { + println!("ERROR connecting: {e:?}"); + exit(1) + }); @@ -136,3 +147,3 @@ async fn main() -> Result<(), ()> { ); - return Err(()); + exit(1) } @@ -143,3 +154,3 @@ async fn main() -> Result<(), ()> { println!("ERROR: Only one of `macaroon_path` or `macaroon_hex` should be set."); - return Err(()); + exit(1) } @@ -149,4 +160,6 @@ async fn main() -> Result<(), ()> { let macaroon = match args.macaroon_path { - Some(path) => read_macaroon_from_file(path) - .map_err(|e| println!("ERROR reading macaroon from file {e:?}"))?, + Some(path) => read_macaroon_from_file(path).unwrap_or_else(|e| { + println!("ERROR reading macaroon from file {e:?}"); + exit(1) + }), None => match args.macaroon_hex { @@ -155,4 +168,6 @@ async fn main() -> Result<(), ()> { let path = get_macaroon_path_default(&args.network); - read_macaroon_from_file(path) - .map_err(|e| println!("ERROR reading macaroon from file {e:?}"))? + read_macaroon_from_file(path).unwrap_or_else(|e| { + println!("ERROR reading macaroon from file {e:?}"); + exit(1) + }) } @@ -165,3 +180,3 @@ async fn main() -> Result<(), ()> { }); - add_metadata(&mut request, macaroon).map_err(|_| ())?; + add_metadata(&mut request, macaroon).unwrap_or_else(|_| exit(1)); @@ -169,6 +184,7 @@ async fn main() -> Result<(), ()> { Ok(_) => println!("Successfully paid for offer!"), - Err(err) => println!("Error paying for offer: {err:?}"), + Err(err) => { + println!("Error paying for offer: {err:?}"); + exit(1) + } }; - - Ok(()) } ```

[dunxen]

@orbitalturtle :wave: Just letting you have a chance to look over the more streamlined release process and give any feedback :) I believe it's all in order and should make releases a breeze.

[orbitalturtle]

@dunxen Amazing! 🎊 Sorry I've been slow to take a look. I'll plan to do a run through this week :)