name: Release - Publish draft # This workflow runs in pezkuwichain-release and creates full release draft with: # - release notes # - info about the runtimes # - attached artifacts: # - runtimes # - binaries # - signatures on: workflow_dispatch: inputs: release_tag: description: Tag matching the actual release candidate with the format pezkuwi-stableYYMM(-X)-rcX or pezkuwi-stableYYMM(-X) required: true type: string build_run_id: description: Run ID of the current release workflow run to be used to download the artifacts required: true type: string runtimes: description: Runtimes to be published (⚠️ this needs to be provided in case of the complete release, for the crates only release or a patch release without runtimes it is not needed) no_runtimes: description: If true, release draft will be published without runtimes required: true type: boolean default: false crates_only: description: If true, release draft will contain only release notes and no artifacts will be published (needed for stable releases that are crates only) required: true type: boolean default: false workflow_call: inputs: release_tag: description: Tag matching the actual release candidate with the format pezkuwi-stableYYMM(-X)-rcY or pezkuwi-stableYYMM(-X) required: true type: string build_run_id: description: Run ID of the current release workflow run to be used to download the artifacts required: true type: string runtimes: description: Runtimes to be published type: string no_runtimes: description: If true, release draft will be published without runtimes required: true type: boolean default: false crates_only: description: If true, release draft will contain only release notes and no artifacts will be published (needed for stable releases that are crates only) required: true type: boolean default: false jobs: # DISABLED: Workflow synchronization check # check-synchronization: # uses: pezkuwichain-release/sync-workflows/.github/workflows/check-synchronization.yml@main # secrets: # fork_writer_app_key: ${{ secrets.UPSTREAM_CONTENT_SYNC_APP_KEY }} validate-inputs: runs-on: ubuntu-latest outputs: release_tag: ${{ steps.validate_inputs.outputs.release_tag }} steps: - name: Checkout sources uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Validate inputs id: validate_inputs run: | . ./.github/scripts/common/lib.sh RELEASE_TAG=$(validate_stable_tag ${{ inputs.release_tag }}) echo "release_tag=${RELEASE_TAG}" >> $GITHUB_OUTPUT publish-release-draft: runs-on: ubuntu-latest environment: release needs: [ validate-inputs ] outputs: release_url: ${{ steps.create-release.outputs.html_url }} asset_upload_url: ${{ steps.create-release.outputs.upload_url }} steps: - name: Checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Generate content write token for the release automation id: generate_write_token uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 with: app-id: ${{ vars.PEZKUWI_SDK_RELEASE_RW_APP_ID }} private-key: ${{ secrets.PEZKUWI_SDK_RELEASE_RW_APP_KEY }} owner: pezkuwichain repositories: pezkuwi-sdk - name: Download runtimes artifacts if: ${{ inputs.no_runtimes == false && inputs.crates_only == false }} env: GITHUB_TOKEN: ${{ steps.generate_write_token.outputs.token }} run: | mkdir -p ${{ github.workspace}}/runtimes/ gh run download ${{ inputs.build_run_id }} --dir ${{ github.workspace}}/runtimes ls -la ${{ github.workspace}}/runtimes - name: Prepare tooling run: | URL=https://github.com/chevdor/tera-cli/releases/download/v0.4.0/tera-cli_linux_amd64.deb wget $URL -O tera.deb sudo dpkg -i tera.deb - name: Prepare draft id: draft env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} ASSET_HUB_ZAGROS_DIGEST: ${{ github.workspace}}/runtimes/asset-hub-zagros-runtime/asset-hub-zagros-srtool-digest.json BRIDGE_HUB_ZAGROS_DIGEST: ${{ github.workspace}}/runtimes/bridge-hub-zagros-runtime/bridge-hub-zagros-srtool-digest.json COLLECTIVES_ZAGROS_DIGEST: ${{ github.workspace}}/runtimes/collectives-zagros-runtime/collectives-zagros-srtool-digest.json CORETIME_ZAGROS_DIGEST: ${{ github.workspace}}/runtimes/coretime-zagros-runtime/coretime-zagros-srtool-digest.json GLUTTON_ZAGROS_DIGEST: ${{ github.workspace}}/runtimes/glutton-zagros-runtime/glutton-zagros-srtool-digest.json PEOPLE_ZAGROS_DIGEST: ${{ github.workspace}}/runtimes/people-zagros-runtime/people-zagros-srtool-digest.json ZAGROS_DIGEST: ${{ github.workspace}}/runtimes/zagros-runtime/zagros-srtool-digest.json RELEASE_TAG: ${{ needs.validate-inputs.outputs.release_tag }} NO_RUNTIMES: ${{ inputs.no_runtimes }} CRATES_ONLY: ${{ inputs.crates_only }} shell: bash run: | . ./.github/scripts/common/lib.sh export RUSTC_STABLE=$(grep -oP '(?<=-)[0-9]+\.[0-9]+\.[0-9]+(?=-)' .github/env) export REF1=$(get_latest_release_tag) if [[ -z "$RELEASE_TAG" ]]; then export REF2="${{ github.ref_name }}" echo "REF2: ${REF2}" else export REF2="$RELEASE_TAG" echo "REF2: ${REF2}" fi echo "REL_TAG=$REF2" >> $GITHUB_ENV export VERSION=$(echo "$REF2" | sed -E 's/.*(stable[0-9]{4}(-[0-9]+)?).*$/\1/') echo "Version: $VERSION" ./scripts/release/build-changelogs.sh - name: Archive artifact context.json uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: release-notes-context path: | scripts/release/context.json **/*-srtool-digest.json - name: Create draft release id: create-release env: GITHUB_TOKEN: ${{ steps.generate_write_token.outputs.token }} run: | gh release create ${{ env.REL_TAG }} \ --repo pezkuwichain/pezkuwi-sdk \ --draft \ --title "Pezkuwi ${{ env.REL_TAG }}" \ --notes-file ${{ github.workspace}}/scripts/release/RELEASE_DRAFT.md publish-runtimes: if: ${{ inputs.crates_only == false && inputs.no_runtimes == false }} needs: [ validate-inputs, publish-release-draft ] environment: release continue-on-error: true runs-on: ubuntu-latest strategy: matrix: ${{ fromJSON(inputs.runtimes) }} steps: - name: Checkout sources uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Download artifacts uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - name: Generate content write token for the release automation id: generate_write_token uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 with: app-id: ${{ vars.PEZKUWI_SDK_RELEASE_RW_APP_ID }} private-key: ${{ secrets.PEZKUWI_SDK_RELEASE_RW_APP_KEY }} owner: pezkuwichain repositories: pezkuwi-sdk - name: Download runtimes env: GITHUB_TOKEN: ${{ steps.generate_write_token.outputs.token }} run: | mkdir -p ${{ github.workspace}}/runtimes/ gh run download ${{ inputs.build_run_id }} --dir ${{ github.workspace}}/runtimes ls -la ${{ github.workspace}}/runtimes - name: Get runtime info env: JSON: ${{ github.workspace}}/release-notes-context/runtimes/${{ matrix.chain }}-runtime/${{ matrix.chain }}-srtool-digest.json run: | cd ${{ github.workspace}}/runtimes >>$GITHUB_ENV echo ASSET=$(find ${{ matrix.chain }}-runtime -name '*.compact.compressed.wasm') >>$GITHUB_ENV echo SPEC=$(<${JSON} jq -r .runtimes.compact.subwasm.core_version.specVersion) - name: Upload compressed ${{ matrix.chain }} v${{ env.SPEC }} wasm working-directory: ${{ github.workspace}}/runtimes env: GITHUB_TOKEN: ${{ steps.generate_write_token.outputs.token }} run: | VERSIONED_ASSET="${{ matrix.chain }}_runtime-v${{ env.SPEC }}.compact.compressed.wasm" mv "${{ env.ASSET }}" "$VERSIONED_ASSET" gh release upload ${{ needs.validate-inputs.outputs.release_tag }} \ --repo pezkuwichain/pezkuwi-sdk "$VERSIONED_ASSET" publish-release-artifacts: if: ${{ inputs.crates_only == false }} needs: [ validate-inputs, publish-release-draft ] environment: release continue-on-error: true runs-on: ubuntu-latest strategy: matrix: binary: [ pezkuwi, pezkuwi-execute-worker, pezkuwi-prepare-worker, pezkuwi-teyrchain, pezkuwi-omni-node, pezframe-omni-bencher, chain-spec-builder ] target: [ x86_64-unknown-linux-gnu, aarch64-apple-darwin ] steps: - name: Checkout sources uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Fetch binaries from s3 based on version run: | . ./.github/scripts/common/lib.sh VERSION="${{ needs.validate-inputs.outputs.release_tag }}" fetch_release_artifacts_from_s3 ${{ matrix.binary }} ${{ matrix.target }} - name: Rename aarch64-apple-darwin binaries if: ${{ matrix.target == 'aarch64-apple-darwin' }} working-directory: ${{ github.workspace}}/release-artifacts/${{ matrix.target }}/${{ matrix.binary }} run: | . ../../../.github/scripts/common/lib.sh mv ${{ matrix.binary }} ${{ matrix.binary }}-aarch64-apple-darwin mv ${{ matrix.binary }}.asc ${{ matrix.binary }}-aarch64-apple-darwin.asc sha256sum "${{ matrix.binary }}-aarch64-apple-darwin" | tee "${{ matrix.binary }}-aarch64-apple-darwin.sha256" check_sha256 "${{ matrix.binary }}-aarch64-apple-darwin" && echo "OK" || echo "ERR" - name: Generate content write token for the release automation id: generate_write_token uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 with: app-id: ${{ vars.PEZKUWI_SDK_RELEASE_RW_APP_ID }} private-key: ${{ secrets.PEZKUWI_SDK_RELEASE_RW_APP_KEY }} owner: pezkuwichain repositories: pezkuwi-sdk - name: Upload ${{ matrix.binary }} binary to release draft env: GITHUB_TOKEN: ${{ steps.generate_write_token.outputs.token }} working-directory: ${{ github.workspace}}/release-artifacts/${{ matrix.target }}/${{ matrix.binary }} run: | if [[ ${{ matrix.target }} == "aarch64-apple-darwin" ]]; then gh release upload ${{ needs.validate-inputs.outputs.release_tag }} \ --repo pezkuwichain/pezkuwi-sdk \ ${{ matrix.binary }}-aarch64-apple-darwin \ ${{ matrix.binary }}-aarch64-apple-darwin.asc \ ${{ matrix.binary }}-aarch64-apple-darwin.sha256 else gh release upload ${{ needs.validate-inputs.outputs.release_tag }} \ --repo pezkuwichain/pezkuwi-sdk \ ${{ matrix.binary }} \ ${{ matrix.binary }}.asc \ ${{ matrix.binary }}.sha256 fi post_to_matrix: runs-on: ubuntu-latest needs: [ validate-inputs, publish-release-draft ] environment: release strategy: matrix: channel: - name: "Team: RelEng Internal" room: '!GvAyzgCDgaVrvibaAF:pezkuwichain.io' steps: - name: Send Matrix message to ${{ matrix.channel.name }} uses: s3krit/matrix-message-action@70ad3fb812ee0e45ff8999d6af11cafad11a6ecf # v0.0.3 with: room_id: ${{ matrix.channel.room }} access_token: ${{ secrets.RELEASENOTES_MATRIX_V2_ACCESS_TOKEN }} server: m.pezkuwichain.io message: | **New version of pezkuwi tagged**: ${{ needs.validate-inputs.outputs.release_tag }}
And release draft is release created in [pezkuwi-sdk repo](https://github.com/pezkuwichain/pezkuwi-sdk/releases)