migrate update manifest job to publish workflow

2026-04-15 09:01:15 +00:00 · 2026-03-26 09:11:13 -04:00 · 2026-03-26 09:11:13 -04:00 · 47047e9064
commit 47047e9064
parent deaffff45a
2 changed files with 43 additions and 86 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -52,32 +52,13 @@ jobs:
            echo "rust=${{ steps.filter.outputs.rust }}" >> "$GITHUB_OUTPUT"
          fi

-      - name: Calculate next version
+      - name: Read current version
        id: version
        if: github.event_name != 'pull_request' && steps.check.outputs.rust == 'true'
        run: |
-          BASE=$(grep '^version' Cargo.toml | head -1 | sed 's/.*"\(.*\)"/\1/')
-          IFS='.' read -r MAJOR MINOR PATCH <<< "$BASE"
-
-          LATEST=$(git tag -l "v${MAJOR}.${MINOR}.*" | sort -V | tail -1)
-
-          if [ -z "$LATEST" ]; then
-            NEW="$BASE"
-          else
-            LATEST_VER="${LATEST#v}"
-            IFS='.' read -r _ _ LATEST_PATCH <<< "$LATEST_VER"
-            NEW_PATCH=$((LATEST_PATCH + 1))
-            NEW="${MAJOR}.${MINOR}.${NEW_PATCH}"
-          fi
-
-          # Ensure the computed version does not already have a tag
-          while git rev-parse "v${NEW}" >/dev/null 2>&1; do
-            IFS='.' read -r MAJOR MINOR PATCH <<< "$NEW"
-            NEW="${MAJOR}.${MINOR}.$((PATCH + 1))"
-          done
-
-          echo "version=${NEW}" >> "$GITHUB_OUTPUT"
-          echo "tag=v${NEW}" >> "$GITHUB_OUTPUT"
+          VERSION=$(grep '^version' Cargo.toml | head -1 | sed 's/.*"\(.*\)"/\1/')
+          echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
+          echo "tag=v${VERSION}" >> "$GITHUB_OUTPUT"

  validate:
    name: Validate
@ -167,57 +148,13 @@ jobs:
      - name: Distribution validation
        run: make dist-validate

-  update-manifests:
-    name: Update Manifests
-    needs: [changes, validate, integration, distribution]
-    if: github.event_name != 'pull_request'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - uses: dtolnay/rust-toolchain@stable
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 22
-
-      - name: Update version in Cargo.toml
-        run: |
-          CURRENT=$(grep '^version' Cargo.toml | head -1 | sed 's/.*"\(.*\)"/\1/')
-          NEW="${{ needs.changes.outputs.version }}"
-          if [ "$CURRENT" != "$NEW" ]; then
-            sed -i "0,/^version = \"${CURRENT}\"/s//version = \"${NEW}\"/" Cargo.toml
-            node -e 'const fs=require("node:fs"); const path="npm/deskctl/package.json"; const pkg=JSON.parse(fs.readFileSync(path,"utf8")); pkg.version=process.argv[1]; fs.writeFileSync(path, JSON.stringify(pkg, null, 2)+"\n");' "$NEW"
-            cargo generate-lockfile
-          fi
-
-      - name: Commit, tag, and push
-        run: |
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-
-          if ! git diff --quiet; then
-            git add Cargo.toml Cargo.lock npm/deskctl/package.json
-            git commit -m "release: ${{ needs.changes.outputs.tag }} [skip ci]"
-          fi
-
-          if ! git rev-parse "${{ needs.changes.outputs.tag }}" >/dev/null 2>&1; then
-            git tag "${{ needs.changes.outputs.tag }}"
-          fi
-          git push origin main --tags
-
  build:
    name: Build Release Asset
-    needs: [changes, update-manifests]
+    needs: [changes, validate, integration, distribution]
    if: github.event_name != 'pull_request' && needs.changes.outputs.rust == 'true'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
-        with:
-          ref: ${{ needs.changes.outputs.tag }}
-          fetch-depth: 0

      - uses: dtolnay/rust-toolchain@stable
        with:
@ -242,7 +179,7 @@ jobs:

  release:
    name: Release
-    needs: [changes, build, update-manifests]
+    needs: [changes, build]
    if: github.event_name != 'pull_request'
    runs-on: ubuntu-latest
    steps:
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@ -28,10 +28,12 @@ permissions:
 jobs:
  publish:
    runs-on: ubuntu-latest
+    permissions:
+      contents: write
    steps:
      - uses: actions/checkout@v4
        with:
-          ref: ${{ inputs.tag }}
+          fetch-depth: 0

      - uses: dtolnay/rust-toolchain@stable

@ -43,29 +45,46 @@ jobs:
      - name: Install system dependencies
        run: sudo apt-get update && sudo apt-get install -y libx11-dev libxtst-dev

-      - name: Verify release exists and contains canonical assets
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Compute next version
+        id: version
        run: |
-          gh release view "${{ inputs.tag }}" --json assets --jq '.assets[].name' > /tmp/release-assets.txt
-          grep -Fx "deskctl-linux-x86_64" /tmp/release-assets.txt >/dev/null
-          grep -Fx "checksums.txt" /tmp/release-assets.txt >/dev/null
+          CURRENT=$(grep '^version' Cargo.toml | head -1 | sed 's/.*"\(.*\)"/\1/')
+          IFS='.' read -r MAJOR MINOR PATCH <<< "$CURRENT"

-      - name: Verify versions align with tag
+          case "${{ inputs.bump }}" in
+            major) MAJOR=$((MAJOR + 1)); MINOR=0; PATCH=0 ;;
+            minor) MINOR=$((MINOR + 1)); PATCH=0 ;;
+            patch) PATCH=$((PATCH + 1)) ;;
+          esac
+
+          NEW="${MAJOR}.${MINOR}.${PATCH}"
+          TAG="v${NEW}"
+
+          echo "version=${NEW}" >> "$GITHUB_OUTPUT"
+          echo "tag=${TAG}" >> "$GITHUB_OUTPUT"
+          echo "Bumping ${CURRENT} -> ${NEW} (${TAG})"
+
+      - name: Bump versions
        run: |
-          TAG="${{ inputs.tag }}"
-          VERSION="${TAG#v}"
-          CARGO_VERSION=$(grep '^version' Cargo.toml | head -1 | sed 's/.*"\(.*\)"/\1/')
-          NPM_VERSION=$(node -p 'require("./npm/deskctl/package.json").version')
+          NEW="${{ steps.version.outputs.version }}"
+          CURRENT=$(grep '^version' Cargo.toml | head -1 | sed 's/.*"\(.*\)"/\1/')
+          sed -i "0,/^version = \"${CURRENT}\"/s//version = \"${NEW}\"/" Cargo.toml
+          node -e 'const fs=require("node:fs"); const p="npm/deskctl/package.json"; const pkg=JSON.parse(fs.readFileSync(p,"utf8")); pkg.version=process.argv[1]; fs.writeFileSync(p, JSON.stringify(pkg, null, 2)+"\n");' "$NEW"
+          cargo generate-lockfile

-          test "$VERSION" = "$CARGO_VERSION"
-          test "$VERSION" = "$NPM_VERSION"
+      - name: Commit, tag, and push
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add Cargo.toml Cargo.lock npm/deskctl/package.json
+          git commit -m "release: ${{ steps.version.outputs.tag }} [skip ci]"
+          git tag "${{ steps.version.outputs.tag }}"
+          git push origin main --tags

      - name: Check current published state
        id: published
        run: |
-          VERSION="${{ inputs.tag }}"
-          VERSION="${VERSION#v}"
+          VERSION="${{ steps.version.outputs.version }}"

          if npm view "deskctl@${VERSION}" version >/dev/null 2>&1; then
            echo "npm=true" >> "$GITHUB_OUTPUT"
@ -102,6 +121,7 @@ jobs:

      - name: Summary
        run: |
-          echo "tag=${{ inputs.tag }}"
+          echo "tag=${{ steps.version.outputs.tag }}"
+          echo "bump=${{ inputs.bump }}"
          echo "npm_already_published=${{ steps.published.outputs.npm }}"
          echo "crates_already_published=${{ steps.published.outputs.crates }}"