diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 561533b..53052b2 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -10,7 +10,7 @@ jobs: name: Check ABI files are up-to-date runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: ensure `./wit/deps` are in sync run: | curl -Lo 'wit-deps' https://github.com/bytecodealliance/wit-deps/releases/download/v0.5.0/wit-deps-x86_64-unknown-linux-musl diff --git a/.github/workflows/publish-0.3.yml b/.github/workflows/publish-0.3.yml new file mode 100644 index 0000000..e65ffc2 --- /dev/null +++ b/.github/workflows/publish-0.3.yml @@ -0,0 +1,72 @@ +name: Publish 0.3.0 WIT Definitions + +on: + push: + tags: + - v0.3.0-rc-* + workflow_dispatch: # Allow manual triggering + +env: + IMAGE_NAME: ${{ github.repository }} + +jobs: + publish: + runs-on: ubuntu-latest + permissions: + id-token: write + packages: write + contents: write + + steps: + # Checkout the repo and install dependencies + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Install cargo-binstall + uses: cargo-bins/cargo-binstall@8aac5aa2bf0dfaa2863eccad9f43c68fe40e5ec8 # v1.14.1 + + # TODO: we don't pin the versions here. It's not great but this will simplify our iteration + # while we rapidly iterate on these tools. Pin when we're stable. + - name: Install wkg + shell: bash + run: cargo binstall wkg + + - name: Install cosign + uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 + + # To version our image we want to obtain the version from the tag + - name: Get version + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/webassembly/wasi/cli + tags: | + type=semver,pattern={{version}} + + - name: Login to the GitHub registry + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.ORG_PAT }} + + - name: Build + shell: bash + run: wkg wit build -o "${{ github.event.repository.name }}-0.3.0.wasm" --wit-dir wit-0.3.0-draft + + # Upload the Wasm binary to the GitHub registry + - name: Publish to GitHub Container Registry + id: publish + uses: bytecodealliance/wkg-github-action@v5 + with: + oci-reference-without-tag: "ghcr.io/webassembly/wasi/cli" + file: "${{ github.event.repository.name }}-0.3.0.wasm" + description: "A WASI API for Command-Line Interface environments." + source: 'https://github.com/webassembly/wasi' + homepage: 'https://wasi.dev' + version: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} + licenses: 'Apache-2.0 WITH LLVM-exception' + + # Sign the output component + - name: Sign the wasm component + run: cosign sign --yes ghcr.io/webassembly/wasi/cli@${{ steps.publish.outputs.digest }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index af5bd06..7341830 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -4,7 +4,7 @@ name: Publish a Wasm Component package to GitHub Artifacts on: push: tags: - - v* + - v0.2.* workflow_dispatch: env: @@ -23,12 +23,12 @@ jobs: - name: Checkout repository uses: actions/checkout@v2 - name: Install cargo-binstall - uses: cargo-bins/cargo-binstall@v1.10.15 + uses: cargo-bins/cargo-binstall@8aac5aa2bf0dfaa2863eccad9f43c68fe40e5ec8 # v1.14.1 - name: Install wkg shell: bash run: cargo binstall wkg - name: Install cosign - uses: sigstore/cosign-installer@v3.7.0 + uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 # To version our image we want to obtain the version from the tag - name: Get version @@ -41,7 +41,7 @@ jobs: # To upload our image to the GitHub registry, we first have to login - name: Login to the GitHub registry - uses: docker/login-action@v3 + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/update-0.3.yml b/.github/workflows/update-0.3.yml new file mode 100644 index 0000000..7bceb94 --- /dev/null +++ b/.github/workflows/update-0.3.yml @@ -0,0 +1,80 @@ +name: Update 0.3.0 WIT Definitions + +# Manually dispatch this action from the Actions page +on: + workflow_dispatch: + +permissions: + pull-requests: write + contents: write + +jobs: + update-versions: + runs-on: ubuntu-latest + steps: + # Checkout the repo and install dependencies + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Install cargo-binstall + uses: cargo-bins/cargo-binstall@8aac5aa2bf0dfaa2863eccad9f43c68fe40e5ec8 # v1.14.1 + + # TODO: we don't pin the versions here. It's not great but this will simplify our iteration + # while we rapidly iterate on these tools. Pin when we're stable. + - name: Install wit-bindgen + shell: bash + run: cargo binstall wit-bindgen-cli + + - name: Install wit-deps + shell: bash + run: cargo binstall wit-deps-cli + + - name: Set version with RC timestamp + id: version + run: | + DATE=$(date +'%Y-%m-%d') + BASE_VERSION="0.3.0-rc-${DATE}" + COUNTER=1 + VERSION="${BASE_VERSION}" + + # Check if the tag already exists + while git ls-remote --tags origin | grep -q "refs/tags/v${VERSION}$"; do + VERSION="${BASE_VERSION}-${COUNTER}" + COUNTER=$((COUNTER + 1)) + done + + echo "value=${VERSION}" >> $GITHUB_OUTPUT + echo "Version will be: ${VERSION}" + + # Update version in WIT definitions + - name: Update version in WIT files + run: | + # Update @since version annotations + find wit-0.3.0-draft -name "*.wit" -exec sed -i "s/\(@since(version = \)[0-9]\+\.[0-9]\+\.[0-9]\+\(-rc-[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}\(-[0-9]\+\)\?\)\?\()\)/\1${{ steps.version.outputs.value }}\4/g" {} + + # Update all wasi package references (package, use, import, export, from) + find wit-0.3.0-draft -name "*.wit" -exec sed -i "s/\( wasi:[a-zA-Z0-9_/-]\+@\)[0-9]\+\.[0-9]\+\.[0-9]\+\(-rc-[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}\(-[0-9]\+\)\?\)\?/\1${{ steps.version.outputs.value }}/g" {} + + + - name: Update wit deps + run: | + wit-deps -m wit-0.3.0-draft/deps.toml -l wit-0.3.0-draft/deps.lock -d wit-0.3.0-draft/deps update + + # Create PR with changes using create-pull-request action + - name: Create Pull Request + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: "Update 0.3.0 WIT definitions to ${{ steps.version.outputs.value }}" + committer: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> + author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> + branch: update-wit-${{ steps.version.outputs.value }} + title: "Update 0.3.0 WIT definitions to ${{ steps.version.outputs.value }}" + body: | + Updates the 0.3.0 WIT definitions with version ${{ steps.version.outputs.value }}. + + This is an automated update to rev the RC timestamp. + + ## Changes + - Updated package and since version in WIT files + - Updated WIT dependencies if applicable + draft: false + delete-branch: true diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index e6ba2cd..793ee90 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -23,9 +23,9 @@ jobs: steps: # Checkout the repo and install dependencies - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install cargo-binstall - uses: cargo-bins/cargo-binstall@v1.10.15 + uses: cargo-bins/cargo-binstall@8aac5aa2bf0dfaa2863eccad9f43c68fe40e5ec8 # v1.14.1 - name: Install wit-bindgen shell: bash run: cargo binstall wit-bindgen-cli