Automate more of Wasmtime's release process (#3422)

* Automate more of Wasmtime's release process This change revamps the release process for Wasmtime and intends to make it nearly 100% automated for major release and hopefully still pretty simple for patch releases. New workflows are introduced as part of this commit: * Once a month a PR is created with major version bumps * Specifically hinted commit messages to the `main` branch will get tagged and pushed to the main repository. * On tags we'll now not only build releases after running CI but additionally crates will be published to crates.io. In conjunction with other changes this means that the release process for a new major version of Wasmtime is simply merging a PR. Patch releases will involve running some steps locally but most of the nitty-gritty should be simply merging the PR that's generated. * Use an anchor in a regex
2021-10-26 10:25:40 -05:00
parent 7962fe3f43
commit 807b528bfb
6 changed files with 292 additions and 42 deletions
--- a/.github/workflows/bump-version.yml
+++ b/.github/workflows/bump-version.yml
@@ -0,0 +1,86 @@
+# The purpose of this workflow is to, once a month, trigger Wasmtime's release
+# process. All that actually happens here is that whenever this is triggered it
+# will send a PR to the main repository with the version numbers automatically
+# bumped. The next stage of the process is to simply merge the PR, and the
+# `push-tag.yml` process takes over from there.
+#
+# Note that this creates a commit and a PR with a personal access token to
+# ensure that the PR gets CI triggered on it. Additionally the commit message
+# is specifically worded to get recognized by `push-tag.yml`.
+
+name: "Bump version number"
+on:
+  schedule:
+    # “At 00:00 on every day-of-month from 8 through 14 and on Monday.”
+    #
+    # https://crontab.guru/#0_0_8-14_*_1
+    - cron: '0 0 8-14 * 1'
+
+jobs:
+  bump_version:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: true
+      - run: rustup update stable && rustup default stable
+      - name: Bump versions locally
+        id: bump
+        run: |
+          rustc scripts/publish.rs
+          ./publish bump
+          version=$(grep '^version =' Cargo.toml | head -n 1 | sed 's/.*"\(.*\)"/\1/')
+          echo "::set-output name=version::$version"
+
+      - name: Commit version changes
+        run: |
+          git config user.name 'Wasmtime Releases'
+          git config user.email 'wasmtime-releases@users.noreply.github.com'
+          git commit -a -F-<<EOF
+          Bump Wasmtime to $version
+
+          [automatically-tag-and-release-this-commit]
+          EOF
+
+      - name: Push to remote
+        run: |
+          git remote set-url origin https://git:${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/${{ github.repository }}
+          git push origin main:ci/bump-version -f
+
+      - name: Make a PR
+        # Note that the syntax here is kinda funky, and the general gist is that
+        # I couldn't figure out a good way to have a multiline string-literal
+        # become a json-encoded string literal to send to GitHub. This
+        # represents my best attempt.
+        run: |
+          cat > pr-body <<-EOF
+          This is an automated pull request from CI which is intended to
+          notify maintainers that it's time to release Wasmtime version
+          ${{ steps.bump.outputs.version }}. Version numbers have been bumped
+          in this PR automatically and the release process will automatically
+          enter the next stages once this PR is merged.
+
+          It's recommended that maintainers double-check that [RELEASES.md]
+          is up-to-date. If not please feel free to push to this PR any
+          modifications to the release notes. Additionally before merging it's
+          probably best to double-check the [release process] and make sure that
+          everything is ship-shape.
+
+          [RELEASES.md]: https://github.com/bytecodealliance/wasmtime/blob/main/RELEASES.md
+          [release process]: https://docs.wasmtime.dev/contributing-release-process.html
+          EOF
+          body=$(jq -sR < ./pr-body)
+
+          curl --include --request POST \
+            https://api.github.com/repos/${{ github.repository }}/pulls \
+            --header "Authorization: token ${{ secrets.PERSONAL_ACCESS_TOKEN }}" \
+            --data @- << EOF
+          {
+            "head": "ci/bump-version",
+            "base": "main",
+            "title": "Release Wasmtime ${{ steps.bump.outputs.version }}",
+            "body": $body,
+            "maintainer_can_modify": true
+
+          }
+          EOF
--- a/.github/workflows/publish-to-cratesio.yml
+++ b/.github/workflows/publish-to-cratesio.yml
@@ -0,0 +1,24 @@
+# The purpose of this workflow is to publish the wasmtime workspace of crates
+# whenever a wasmtime tag is created. This baiscally boils down to running
+# `scripts/publish.rs` at the right time.
+
+name: "Publish to crates.io"
+
+on:
+  push:
+    tags:
+    - 'v*'
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        submodules: true
+    - run: rustup update stable && rustup default stable
+    - run: |
+        rustc scripts/publish.rs
+        ./publish publish
+      env:
+        CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
--- a/.github/workflows/push-tag.yml
+++ b/.github/workflows/push-tag.yml
@@ -0,0 +1,49 @@
+# The purpose of this workflow is to watch for changes on the `main` branch of
+# this repository and look for the term
+# "automatically-tag-and-release-this-commit" within merged PRs/commits. Once
+# that term is found the current version of `Cargo.toml`, the `wasmtime-cli`
+# Cargo.toml, is created as a tag and the tag is pushed to the repo. Currently
+# the tag is created through the GitHub API with an access token to ensure that
+# CI is further triggered for the tag itself which performs the full release
+# process.
+
+name: "Push tagged release"
+on:
+  push:
+    branches: [main]
+
+jobs:
+  push_tag:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: true
+          fetch-depth: 0
+      - name: Test if tag is needed
+        run: |
+          git log ${{ github.event.before }}...${{ github.event.after }} | tee main.log
+          version=$(grep 'version =' Cargo.toml | head -n 1 | sed 's/.*"\(.*\)"/\1/')
+          echo "version: $version"
+          echo "::set-output name=version::$version"
+          echo "::set-output name=sha::$(git rev-parse HEAD)"
+          if grep -q "automatically-tag-and-release-this-commit" main.log; then
+            echo push-tag
+            echo "::set-output name=push_tag::yes"
+          else
+            echo no-push-tag
+            echo "::set-output name=push_tag::no"
+          fi
+        id: tag
+      - name: Push the tag
+        run: |
+          git_refs_url=$(jq .repository.git_refs_url $GITHUB_EVENT_PATH | tr -d '"' | sed 's/{\/sha}//g')
+          curl -iX POST $git_refs_url \
+            -H "Authorization: token ${{ secrets.PERSONAL_ACCESS_TOKEN }}" \
+            -d @- << EOF
+          {
+            "ref": "refs/tags/v${{ steps.tag.outputs.version }}",
+            "sha": "${{ steps.tag.outputs.sha }}"
+          }
+          EOF
+        if: steps.tag.outputs.push_tag == 'yes'