Release #29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| part: | |
| description: "Version part to bump" | |
| required: false | |
| type: choice | |
| default: patch | |
| options: | |
| - patch | |
| - minor | |
| - major | |
| skip_bump: | |
| description: "Skip version bump (build/publish current version)" | |
| required: false | |
| type: boolean | |
| default: false | |
| permissions: | |
| contents: write | |
| packages: write | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| bump: | |
| name: Bump version | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.out.outputs.version }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.PAT_TOKEN || secrets.GITHUB_TOKEN }} | |
| - name: Setup workspace dependencies | |
| run: | | |
| chmod +x scripts/setup-workspace.sh | |
| ./scripts/setup-workspace.sh | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.13" | |
| - name: Install bump2version | |
| run: pip install --upgrade bump2version | |
| - name: Configure git user | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| - name: Bump or reuse version | |
| env: | |
| PART: ${{ inputs.part }} | |
| SKIP_BUMP: ${{ inputs.skip_bump }} | |
| run: | | |
| if [ "$SKIP_BUMP" = "true" ]; then | |
| echo "Skipping bump; using current version" | |
| else | |
| bump2version "$PART" | |
| fi | |
| - name: Push changes | |
| run: git push origin HEAD | |
| - name: Output version | |
| id: out | |
| run: | | |
| VERSION=$(grep '^version = ' Cargo.toml | head -1 | cut -d'"' -f2) | |
| echo "version=$VERSION" >> "$GITHUB_OUTPUT" | |
| test: | |
| name: Tests | |
| needs: bump | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| fetch-depth: 0 | |
| - name: Setup workspace dependencies | |
| run: | | |
| chmod +x scripts/setup-workspace.sh | |
| ./scripts/setup-workspace.sh | |
| - name: Install protoc | |
| uses: arduino/setup-protoc@v2 | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: 1.91.0 | |
| components: rustfmt, clippy | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: ". -> target" | |
| - name: Check formatting | |
| run: cargo fmt --all -- --check | |
| - name: Run clippy | |
| run: cargo clippy --all-targets --all-features --no-deps -- -D warnings | |
| - name: Run tests | |
| run: cargo test --all-features --verbose | |
| build-wheels: | |
| name: Build Python wheels | |
| needs: bump | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| # Linux builds use manylinux Docker with parent directory mounted | |
| # for sibling dependencies (../syftbox-crypto, ../syftbox) | |
| # Must use explicit manylinux version (not auto) to force Docker usage | |
| - os: ubuntu-latest | |
| target: x86_64-unknown-linux-gnu | |
| manylinux: manylinux_2_28 | |
| py-interpreter: "python3.13" | |
| - os: ubuntu-24.04-arm | |
| target: aarch64-unknown-linux-gnu | |
| manylinux: manylinux_2_28 | |
| py-interpreter: "python3.13" | |
| # macOS and Windows build natively | |
| - os: macos-latest | |
| target: aarch64-apple-darwin | |
| manylinux: off | |
| py-interpreter: "python3.13" | |
| - os: macos-15-intel | |
| target: x86_64-apple-darwin | |
| manylinux: off | |
| py-interpreter: "python3.13" | |
| - os: windows-latest | |
| target: x86_64-pc-windows-msvc | |
| manylinux: off | |
| py-interpreter: "python3.13" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| fetch-depth: 0 | |
| - name: Setup workspace dependencies | |
| shell: bash | |
| run: | | |
| chmod +x scripts/setup-workspace.sh | |
| ./scripts/setup-workspace.sh | |
| - name: Install protoc | |
| uses: arduino/setup-protoc@v2 | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup Python 3.12 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.13" | |
| - name: Set up Rust | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: 1.91.0 | |
| targets: ${{ matrix.target }} | |
| - name: Build wheels | |
| uses: PyO3/maturin-action@v1 | |
| with: | |
| working-directory: python | |
| target: ${{ matrix.target }} | |
| args: --release --out dist --interpreter ${{ matrix.py-interpreter }} | |
| sccache: "true" | |
| manylinux: ${{ matrix.manylinux }} | |
| docker-options: -v ${{ github.workspace }}/../syftbox-crypto:${{ github.workspace }}/../syftbox-crypto:ro -v ${{ github.workspace }}/../syftbox:${{ github.workspace }}/../syftbox:ro | |
| before-script-linux: | | |
| # Install protoc in the manylinux container | |
| PROTOC_VERSION="28.3" | |
| ARCH="$(uname -m)" | |
| if [ "$ARCH" = "aarch64" ]; then | |
| PROTOC_ARCH="aarch_64" | |
| else | |
| PROTOC_ARCH="$ARCH" | |
| fi | |
| curl -LO "https://github.com/protocolbuffers/protobuf/releases/download/v${PROTOC_VERSION}/protoc-${PROTOC_VERSION}-linux-${PROTOC_ARCH}.zip" | |
| unzip -q protoc-${PROTOC_VERSION}-linux-${PROTOC_ARCH}.zip -d /usr/local | |
| rm protoc-${PROTOC_VERSION}-linux-${PROTOC_ARCH}.zip | |
| protoc --version | |
| - name: Upload wheels | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: wheels-${{ matrix.target }}-${{ github.run_attempt }} | |
| path: python/dist/*.whl | |
| build-sdist: | |
| name: Build sdist | |
| needs: bump | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| fetch-depth: 0 | |
| - name: Setup workspace dependencies | |
| run: | | |
| chmod +x scripts/setup-workspace.sh | |
| ./scripts/setup-workspace.sh | |
| - name: Install protoc | |
| uses: arduino/setup-protoc@v2 | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build sdist | |
| uses: PyO3/maturin-action@v1 | |
| with: | |
| working-directory: python | |
| command: sdist | |
| args: --out dist | |
| - name: Upload sdist | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: sdist-${{ github.run_attempt }} | |
| path: python/dist/*.tar.gz | |
| publish-crate: | |
| name: Publish crate | |
| needs: [bump, test] | |
| runs-on: ubuntu-latest | |
| # Skip until syftbox-rs is published to crates.io (required by embedded feature) | |
| if: false | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| fetch-depth: 0 | |
| - name: Setup workspace dependencies | |
| run: | | |
| chmod +x scripts/setup-workspace.sh | |
| ./scripts/setup-workspace.sh | |
| - name: Install protoc | |
| uses: arduino/setup-protoc@v2 | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Install Rust | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: 1.91.0 | |
| - name: Publish to crates.io | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }} | |
| run: cargo publish --package syftbox-sdk | |
| publish-pypi: | |
| name: Publish PyPI | |
| needs: [bump, build-wheels, build-sdist, test] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Download wheel artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: dist | |
| pattern: wheels-* | |
| merge-multiple: true | |
| - name: Download sdist | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: dist | |
| name: sdist-${{ github.run_attempt }} | |
| - name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| packages-dir: dist/ | |
| password: ${{ secrets.PYPI_API_TOKEN }} |