-
Notifications
You must be signed in to change notification settings - Fork 738
98 lines (90 loc) · 2.94 KB
/
release-binaries-all.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
name: Release Binaries All
permissions:
contents: read # Default everything to read-only
on:
workflow_dispatch:
inputs:
release-version:
description: 'Release Version'
required: true
type: string
upload:
description: 'Upload binaries to the release page'
required: true
default: false
type: boolean
workflow_call:
inputs:
release-version:
description: 'Release Version'
required: true
type: string
upload:
description: 'Upload binaries to the release page'
required: true
default: false
type: boolean
pull_request:
types:
- opened
- synchronize
- reopened
# When a PR is closed, we still start this workflow, but then skip
# all the jobs, which makes it effectively a no-op. The reason to
# do this is that it allows us to take advantage of concurrency groups
# to cancel in progress CI jobs whenever the PR is closed.
- closed
paths:
- '.github/workflows/release-binaries-all.yml'
- '.github/workflows/release-binaries.yml'
- '.github/workflows/release-binaries-setup-stage/*'
- '.github/workflows/release-binaries-save-stage/*'
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || 'dispatch' }}
cancel-in-progress: True
jobs:
setup-variables:
if: >-
(github.event_name != 'pull_request' || github.event.action != 'closed')
runs-on: ubuntu-22.04
outputs:
release-version: ${{ steps.vars.outputs.release-version }}
upload: ${{ steps.vars.outputs.upload }}
steps:
- shell: bash
id: vars
run: |
upload="${{ inputs.upload }}"
release_version="${{ inputs.release-version }}"
if [ "${{ github.event_name }}" = "pull_request" ]; then
upload="false"
release_version=""
fi
echo "release-version=$release_version" >> "$GITHUB_OUTPUT"
echo "upload=$upload" >> "$GITHUB_OUTPUT"
release-binaries-all:
name: Build Release Binaries
needs:
- setup-variables
permissions:
contents: write # For release uploads
id-token: write # For artifact attestations
attestations: write # For artifact attestations
strategy:
fail-fast: false
matrix:
runs-on:
- ubuntu-22.04
- windows-2022
- macos-13
- macos-14
uses: ./.github/workflows/release-binaries.yml
with:
release-version: "${{ needs.setup-variables.outputs.release-version }}"
upload: ${{ needs.setup-variables.outputs.upload == 'true'}}
runs-on: "${{ matrix.runs-on }}"
secrets:
# This will be empty for pull_request events, but that's fine, because
# the release-binaries workflow does not use this secret for the
# pull_request event.
RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }}