Browse Source
* Automate more of Wasmtime's release process This change revamps the release process for Wasmtime and intends to make it nearly 100% automated for major release and hopefully still pretty simple for patch releases. New workflows are introduced as part of this commit: * Once a month a PR is created with major version bumps * Specifically hinted commit messages to the `main` branch will get tagged and pushed to the main repository. * On tags we'll now not only build releases after running CI but additionally crates will be published to crates.io. In conjunction with other changes this means that the release process for a new major version of Wasmtime is simply merging a PR. Patch releases will involve running some steps locally but most of the nitty-gritty should be simply merging the PR that's generated. * Use an anchor in a regexpull/3475/head
Alex Crichton
3 years ago
committed by
GitHub
6 changed files with 294 additions and 44 deletions
@ -0,0 +1,86 @@ |
|||
# The purpose of this workflow is to, once a month, trigger Wasmtime's release |
|||
# process. All that actually happens here is that whenever this is triggered it |
|||
# will send a PR to the main repository with the version numbers automatically |
|||
# bumped. The next stage of the process is to simply merge the PR, and the |
|||
# `push-tag.yml` process takes over from there. |
|||
# |
|||
# Note that this creates a commit and a PR with a personal access token to |
|||
# ensure that the PR gets CI triggered on it. Additionally the commit message |
|||
# is specifically worded to get recognized by `push-tag.yml`. |
|||
|
|||
name: "Bump version number" |
|||
on: |
|||
schedule: |
|||
# “At 00:00 on every day-of-month from 8 through 14 and on Monday.” |
|||
# |
|||
# https://crontab.guru/#0_0_8-14_*_1 |
|||
- cron: '0 0 8-14 * 1' |
|||
|
|||
jobs: |
|||
bump_version: |
|||
runs-on: ubuntu-latest |
|||
steps: |
|||
- uses: actions/checkout@v2 |
|||
with: |
|||
submodules: true |
|||
- run: rustup update stable && rustup default stable |
|||
- name: Bump versions locally |
|||
id: bump |
|||
run: | |
|||
rustc scripts/publish.rs |
|||
./publish bump |
|||
version=$(grep '^version =' Cargo.toml | head -n 1 | sed 's/.*"\(.*\)"/\1/') |
|||
echo "::set-output name=version::$version" |
|||
|
|||
- name: Commit version changes |
|||
run: | |
|||
git config user.name 'Wasmtime Releases' |
|||
git config user.email 'wasmtime-releases@users.noreply.github.com' |
|||
git commit -a -F-<<EOF |
|||
Bump Wasmtime to $version |
|||
|
|||
[automatically-tag-and-release-this-commit] |
|||
EOF |
|||
|
|||
- name: Push to remote |
|||
run: | |
|||
git remote set-url origin https://git:${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/${{ github.repository }} |
|||
git push origin main:ci/bump-version -f |
|||
|
|||
- name: Make a PR |
|||
# Note that the syntax here is kinda funky, and the general gist is that |
|||
# I couldn't figure out a good way to have a multiline string-literal |
|||
# become a json-encoded string literal to send to GitHub. This |
|||
# represents my best attempt. |
|||
run: | |
|||
cat > pr-body <<-EOF |
|||
This is an automated pull request from CI which is intended to |
|||
notify maintainers that it's time to release Wasmtime version |
|||
${{ steps.bump.outputs.version }}. Version numbers have been bumped |
|||
in this PR automatically and the release process will automatically |
|||
enter the next stages once this PR is merged. |
|||
|
|||
It's recommended that maintainers double-check that [RELEASES.md] |
|||
is up-to-date. If not please feel free to push to this PR any |
|||
modifications to the release notes. Additionally before merging it's |
|||
probably best to double-check the [release process] and make sure that |
|||
everything is ship-shape. |
|||
|
|||
[RELEASES.md]: https://github.com/bytecodealliance/wasmtime/blob/main/RELEASES.md |
|||
[release process]: https://docs.wasmtime.dev/contributing-release-process.html |
|||
EOF |
|||
body=$(jq -sR < ./pr-body) |
|||
|
|||
curl --include --request POST \ |
|||
https://api.github.com/repos/${{ github.repository }}/pulls \ |
|||
--header "Authorization: token ${{ secrets.PERSONAL_ACCESS_TOKEN }}" \ |
|||
--data @- << EOF |
|||
{ |
|||
"head": "ci/bump-version", |
|||
"base": "main", |
|||
"title": "Release Wasmtime ${{ steps.bump.outputs.version }}", |
|||
"body": $body, |
|||
"maintainer_can_modify": true |
|||
|
|||
} |
|||
EOF |
@ -0,0 +1,24 @@ |
|||
# The purpose of this workflow is to publish the wasmtime workspace of crates |
|||
# whenever a wasmtime tag is created. This baiscally boils down to running |
|||
# `scripts/publish.rs` at the right time. |
|||
|
|||
name: "Publish to crates.io" |
|||
|
|||
on: |
|||
push: |
|||
tags: |
|||
- 'v*' |
|||
|
|||
jobs: |
|||
publish: |
|||
runs-on: ubuntu-latest |
|||
steps: |
|||
- uses: actions/checkout@v2 |
|||
with: |
|||
submodules: true |
|||
- run: rustup update stable && rustup default stable |
|||
- run: | |
|||
rustc scripts/publish.rs |
|||
./publish publish |
|||
env: |
|||
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }} |
@ -0,0 +1,49 @@ |
|||
# The purpose of this workflow is to watch for changes on the `main` branch of |
|||
# this repository and look for the term |
|||
# "automatically-tag-and-release-this-commit" within merged PRs/commits. Once |
|||
# that term is found the current version of `Cargo.toml`, the `wasmtime-cli` |
|||
# Cargo.toml, is created as a tag and the tag is pushed to the repo. Currently |
|||
# the tag is created through the GitHub API with an access token to ensure that |
|||
# CI is further triggered for the tag itself which performs the full release |
|||
# process. |
|||
|
|||
name: "Push tagged release" |
|||
on: |
|||
push: |
|||
branches: [main] |
|||
|
|||
jobs: |
|||
push_tag: |
|||
runs-on: ubuntu-latest |
|||
steps: |
|||
- uses: actions/checkout@v2 |
|||
with: |
|||
submodules: true |
|||
fetch-depth: 0 |
|||
- name: Test if tag is needed |
|||
run: | |
|||
git log ${{ github.event.before }}...${{ github.event.after }} | tee main.log |
|||
version=$(grep 'version =' Cargo.toml | head -n 1 | sed 's/.*"\(.*\)"/\1/') |
|||
echo "version: $version" |
|||
echo "::set-output name=version::$version" |
|||
echo "::set-output name=sha::$(git rev-parse HEAD)" |
|||
if grep -q "automatically-tag-and-release-this-commit" main.log; then |
|||
echo push-tag |
|||
echo "::set-output name=push_tag::yes" |
|||
else |
|||
echo no-push-tag |
|||
echo "::set-output name=push_tag::no" |
|||
fi |
|||
id: tag |
|||
- name: Push the tag |
|||
run: | |
|||
git_refs_url=$(jq .repository.git_refs_url $GITHUB_EVENT_PATH | tr -d '"' | sed 's/{\/sha}//g') |
|||
curl -iX POST $git_refs_url \ |
|||
-H "Authorization: token ${{ secrets.PERSONAL_ACCESS_TOKEN }}" \ |
|||
-d @- << EOF |
|||
{ |
|||
"ref": "refs/tags/v${{ steps.tag.outputs.version }}", |
|||
"sha": "${{ steps.tag.outputs.sha }}" |
|||
} |
|||
EOF |
|||
if: steps.tag.outputs.push_tag == 'yes' |
@ -1,3 +1,57 @@ |
|||
# Release Process |
|||
|
|||
... more coming soon |
|||
Wasmtime's release process was [originally designed in an RFC][rfc4] and this |
|||
page is intended to serve as documentation for the current process as-is today. |
|||
The high-level summary of Wasmtime's release process is: |
|||
|
|||
* A new major version of Wasmtime will be made available once a month. |
|||
* Security bugs and correctness fixes will be backported to the latest two |
|||
releases of Wasmtime and issued as patch releases. |
|||
|
|||
Once a month Wasmtime will issue a new major version. This will be issued with a |
|||
semver-major version update, such as 4.0.0 to 5.0.0. The precise schedule of |
|||
Wasmtime's release may fluctuate slightly depending on public holidays and |
|||
availability of release resources, but the general cadence will be once-a-month. |
|||
|
|||
Each major release of Wasmtime reserves the right to break both behavior and API |
|||
backwards-compatibility. This is not expected to happen frequently, however, and |
|||
any breaking change will follow these criteria: |
|||
|
|||
* Minor breaking changes, either behavior or with APIs, will be documented in |
|||
the `RELEASES.md` release notes. Minor changes will require some degree of |
|||
consensus but are not required to go through the entire RFC process. |
|||
|
|||
* Major breaking changes, such as major refactorings to the API, will be |
|||
required to go through the [RFC process]. These changes are intended to be |
|||
broadly communicated to those interested and provides an opportunity to give |
|||
feedback about embeddings. Release notes will clearly indicate if any major |
|||
breaking changes through accepted RFCs are included in a release. |
|||
|
|||
Patch releases of Wasmtime will only be issued for security and correctness |
|||
issues for on-by-default behavior in the previous releases. If Wasmtime is |
|||
currently at version 5.0.0 then 5.0.1 and 4.0.1 will be issued as patch releases |
|||
if a bug is found. Patch releases are guaranteed to maintain API and behavior |
|||
backwards-compatibility and are intended to be trivial for users to upgrade to. |
|||
|
|||
## What's released? |
|||
|
|||
At this time the release process of Wasmtime encompasses: |
|||
|
|||
* The `wasmtime` Rust crate |
|||
* The C API of Wasmtime |
|||
* The `wasmtime` CLI tool through the `wasmtime-cli` Rust crate |
|||
|
|||
Other projects maintained by the Bytecode Alliance will also likely be released, |
|||
with the same version numbers, with the main Wasmtime project soon after a |
|||
release is made, such as: |
|||
|
|||
* [`wasmtime-dotnet`](https://github.com/bytecodealliance/wasmtime-dotnet) |
|||
* [`wasmtime-py`](https://github.com/bytecodealliance/wasmtime-py) |
|||
* [`wasmtime-go`](https://github.com/bytecodealliance/wasmtime-go) |
|||
* [`wasmtime-cpp`](https://github.com/bytecodealliance/wasmtime-cpp) |
|||
|
|||
Note, though, that bugs and security issues in these projects do not at this |
|||
time warrant patch releases for Wasmtime. |
|||
|
|||
[rfc4]: https://github.com/bytecodealliance/rfcs/blob/main/accepted/wasmtime-one-dot-oh.md |
|||
[RFC process]: https://github.com/bytecodealliance/rfcs |
|||
|
Loading…
Reference in new issue