Release #80
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Release | |
| on: | |
| workflow_dispatch: | |
| env: | |
| CARGO_TERM_COLOR: always | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| github_release: | |
| name: GitHub Release | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: write | |
| issues: write | |
| pull-requests: write | |
| outputs: | |
| new_release_version: ${{ steps.semantic.outputs.new_release_version }} | |
| new_release_published: ${{ steps.semantic.outputs.new_release_published }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Configure Git signing | |
| run: | | |
| echo "${{ secrets.BOT_GPG_PRIVATE_KEY }}" | gpg --import | |
| git config --global user.signingkey ${{ secrets.BOT_GPG_KEY_ID }} | |
| git config --global commit.gpgsign true | |
| git config --global commit.signoff true | |
| git config --global user.name 'GitHub Actions Bot' | |
| git config --global user.email '[email protected]' | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "lts/*" | |
| - name: Install semantic release and plugins | |
| run: | | |
| npm install -g [email protected] \ | |
| conventional-changelog-cli \ | |
| conventional-changelog-conventionalcommits \ | |
| @semantic-release/changelog \ | |
| @semantic-release/exec \ | |
| @semantic-release/git \ | |
| @semantic-release/github | |
| - name: Create a release if needed | |
| id: semantic | |
| env: | |
| CI: true | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GIT_AUTHOR_NAME: "GitHub Actions Bot" | |
| GIT_AUTHOR_EMAIL: "[email protected]" | |
| GIT_COMMITTER_NAME: "GitHub Actions Bot" | |
| GIT_COMMITTER_EMAIL: "[email protected]" | |
| run: | | |
| # Create first release if not exists using gh cli - Initial Release Version 0.1.0 | |
| # This is an HACK because semantic release doesn't support versions under 1.0.0 | |
| # But if we already have a release then it respects it and start to increment from there | |
| if ! gh release view 0.1.0 >/dev/null 2>&1; then | |
| gh release create 0.1.0 --title "Initial Release" --notes "Initial Release" --target main | |
| exit 0 | |
| fi | |
| # Run semantic-release in dry-run first to capture version | |
| DRY_OUTPUT=$(semantic-release --dry-run 2>&1 || true) | |
| # Check if there are no changes | |
| if $(echo "$DRY_OUTPUT" | grep -q "no new version is released"); then | |
| echo "No new release needed" | |
| echo "new_release_published=false" >> $GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| # Extract version from dry run output | |
| VERSION=$(echo "$DRY_OUTPUT" | grep -o "The next release version is [0-9]\+\.[0-9]\+\.[0-9]\+\(-rc\.[0-9]\+\)\?" | cut -d ' ' -f6) | |
| if [ -z "$VERSION" ]; then | |
| echo "Error: Could not determine version" | |
| exit 1 | |
| fi | |
| echo "new_release_version=$VERSION" >> $GITHUB_OUTPUT | |
| # Run actual release | |
| if semantic-release; then | |
| echo "Successfully released version $VERSION" | |
| echo "new_release_published=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "Release failed" | |
| exit 1 | |
| fi | |
| # build_binaries: | |
| # name: Build static binaries | |
| # needs: github_release | |
| # if: needs.github_release.outputs.new_release_published == 'true' | |
| # timeout-minutes: 15 | |
| # permissions: | |
| # contents: write | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # include: | |
| # - os: ubuntu-24.04 | |
| # target: x86_64-unknown-linux-musl | |
| # - os: | |
| # - self-hosted | |
| # - k8s | |
| # - ubuntu-22.04-arm64 | |
| # target: aarch64-unknown-linux-musl | |
| # - os: macos-latest | |
| # target: x86_64-apple-darwin | |
| # - os: macos-latest | |
| # target: aarch64-apple-darwin | |
| # runs-on: ${{ matrix.os }} | |
| # steps: | |
| # - name: Checkout repository | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # ref: ${{ github.ref }} | |
| # persist-credentials: false | |
| # - name: Update Cargo.toml version | |
| # run: | | |
| # echo "Updating to version ${{ needs.github_release.outputs.new_release_version }}" | |
| # if [[ "$RUNNER_OS" == "macOS" ]]; then | |
| # sed -i '' "s/^version = .*/version = \"${{ needs.github_release.outputs.new_release_version }}\"/" Cargo.toml | |
| # else | |
| # sed -i "s/^version = .*/version = \"${{ needs.github_release.outputs.new_release_version }}\"/" Cargo.toml | |
| # fi | |
| # - name: Install Rust | |
| # uses: actions-rust-lang/[email protected] | |
| # with: | |
| # toolchain: stable | |
| # override: true | |
| # - name: Cache Rust dependencies | |
| # uses: actions/cache@v4 | |
| # with: | |
| # path: | | |
| # ~/.cargo/bin/ | |
| # ~/.cargo/registry/index/ | |
| # ~/.cargo/registry/cache/ | |
| # ~/.cargo/git/db/ | |
| # target/ | |
| # key: ${{ runner.os }}-${{ matrix.target }}-cargo-${{ hashFiles('**/Cargo.lock') }} | |
| # restore-keys: | | |
| # ${{ runner.os }}-${{ matrix.target }}-cargo | |
| # - name: Add target ${{ matrix.target }} | |
| # run: rustup target add ${{ matrix.target }} | |
| # - name: Add build tools for musl target instead of glibc | |
| # if: ${{ !startsWith(matrix.os, 'macos') }} | |
| # run: | | |
| # sudo apt-get update && sudo apt-get install --no-install-recommends -y \ | |
| # curl \ | |
| # ca-certificates \ | |
| # build-essential \ | |
| # clang \ | |
| # llvm \ | |
| # pkg-config \ | |
| # wget \ | |
| # musl-tools \ | |
| # libssl-dev \ | |
| # && sudo rm -rf /var/lib/apt/lists/* \ | |
| # && cd /tmp \ | |
| # && wget https://musl.cc/x86_64-linux-musl-cross.tgz \ | |
| # && wget https://musl.cc/aarch64-linux-musl-cross.tgz \ | |
| # && tar -xzf x86_64-linux-musl-cross.tgz \ | |
| # && tar -xzf aarch64-linux-musl-cross.tgz \ | |
| # && sudo mv x86_64-linux-musl-cross aarch64-linux-musl-cross /opt/ \ | |
| # && rm -rf *.tgz | |
| # - name: Build binary for ${{ matrix.target }} | |
| # if: ${{ !startsWith(matrix.os, 'macos') }} | |
| # env: | |
| # PKG_CONFIG_ALLOW_CROSS: 1 | |
| # RUSTFLAGS: "-C target-feature=+crt-static -C linker=clang" | |
| # CC: clang | |
| # AR: llvm-ar | |
| # OPENSSL_DIR: /usr | |
| # OPENSSL_LIB_DIR: /usr/lib | |
| # OPENSSL_INCLUDE_DIR: /usr/include | |
| # OPENSSL_STATIC: 1 | |
| # run: | | |
| # cargo build --release --no-default-features --target ${{ matrix.target }} | |
| # - name: Build binary for ${{ matrix.target }} | |
| # if: ${{ startsWith(matrix.os, 'macos') }} | |
| # env: | |
| # RUSTFLAGS: "-C target-feature=+crt-static" | |
| # run: | | |
| # cargo build --release --no-default-features --target ${{ matrix.target }} | |
| # - name: Rename binary to the published name | |
| # run: | | |
| # mv target/${{ matrix.target }}/release/coder target/${{ matrix.target }}/release/coder_${{ matrix.target }} | |
| # - name: Upload to GitHub Release | |
| # uses: softprops/action-gh-release@v2 | |
| # with: | |
| # files: target/${{ matrix.target }}/release/coder_${{ matrix.target }} | |
| # tag_name: ${{ needs.github_release.outputs.new_release_version }} | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| build_containers: | |
| name: B&P Containers | |
| needs: github_release | |
| if: needs.github_release.outputs.new_release_published == 'true' | |
| timeout-minutes: 45 | |
| permissions: | |
| packages: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-24.04 | |
| target: x86_64-unknown-linux-musl | |
| - os: | |
| - self-hosted | |
| - k8s | |
| target: aarch64-unknown-linux-musl | |
| container: | |
| image: gcr.io/kaniko-project/executor:v1.23.2-debug | |
| options: --entrypoint="" --cpu-shares=4096 --memory=6g --cpus=4 | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Authenticate with GHCR | |
| run: | | |
| mkdir -p /kaniko/.docker | |
| cat << EOF > /kaniko/.docker/config.json | |
| { | |
| "auths": { | |
| "ghcr.io": { | |
| "auth": "$(echo -n ${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} | base64)" | |
| } | |
| } | |
| } | |
| EOF | |
| - name: Build and push | |
| env: | |
| REPOSITORY_NAME: coder | |
| REPOSITORY_OWNER: ${{ github.repository_owner }} | |
| CONTAINER_REGISTRY: ghcr.io | |
| VERSION: ${{ needs.github_release.outputs.new_release_version }} | |
| run: | | |
| /kaniko/executor \ | |
| --context="${{ github.repositoryUrl }}#${{ github.ref }}" \ | |
| --dockerfile=Dockerfile \ | |
| --target=minimal \ | |
| --destination=${{ env.CONTAINER_REGISTRY }}/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME }}:latest \ | |
| --destination=${{ env.CONTAINER_REGISTRY }}/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME }}:minimal \ | |
| --destination=${{ env.CONTAINER_REGISTRY }}/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME }}:minimal-${{ env.VERSION }} \ | |
| --build-arg=TARGET_ARCH=${{ matrix.target }} \ | |
| --label="org.opencontainers.image.created=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" \ | |
| --label="org.opencontainers.image.version=${{ env.VERSION }}" \ | |
| --label="org.opencontainers.image.revision=${{ github.sha }}" \ | |
| --label="org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}" \ | |
| --label="org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }}" \ | |
| --label="org.opencontainers.image.documentation=${{ github.server_url }}/${{ github.repository }}/blob/main/README.md" \ | |
| --label="org.opencontainers.image.title=Coder" \ | |
| --label="org.opencontainers.image.description=The AI-Powered Coder without tools" \ | |
| --label="org.opencontainers.image.licenses=MIT" \ | |
| --label="org.opencontainers.image.vendor=${{ github.repository_owner }}" \ | |
| --cache=true \ | |
| --cache-repo=${{ env.CONTAINER_REGISTRY }}/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME }}/cache-${{ matrix.target }} \ | |
| --cache-ttl=336h |