| name: Release Binaries All |
| |
| permissions: |
| contents: read # Default everything to read-only |
| |
| on: |
| workflow_dispatch: |
| inputs: |
| release-version: |
| description: 'Release Version' |
| required: true |
| type: string |
| upload: |
| description: 'Upload binaries to the release page' |
| required: true |
| default: false |
| type: boolean |
| |
| workflow_call: |
| inputs: |
| release-version: |
| description: 'Release Version' |
| required: true |
| type: string |
| upload: |
| description: 'Upload binaries to the release page' |
| required: true |
| default: false |
| type: boolean |
| |
| pull_request: |
| types: |
| - opened |
| - synchronize |
| - reopened |
| # When a PR is closed, we still start this workflow, but then skip |
| # all the jobs, which makes it effectively a no-op. The reason to |
| # do this is that it allows us to take advantage of concurrency groups |
| # to cancel in progress CI jobs whenever the PR is closed. |
| - closed |
| paths: |
| - '.github/workflows/release-binaries-all.yml' |
| - '.github/workflows/release-binaries.yml' |
| - '.github/workflows/release-binaries-setup-stage/*' |
| - '.github/workflows/release-binaries-save-stage/*' |
| |
| concurrency: |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || 'dispatch' }} |
| cancel-in-progress: True |
| |
| jobs: |
| setup-variables: |
| if: >- |
| (github.event_name != 'pull_request' || github.event.action != 'closed') |
| runs-on: ubuntu-22.04 |
| outputs: |
| release-version: ${{ steps.vars.outputs.release-version }} |
| upload: ${{ steps.vars.outputs.upload }} |
| steps: |
| - shell: bash |
| id: vars |
| run: | |
| upload="${{ inputs.upload }}" |
| release_version="${{ inputs.release-version }}" |
| if [ "${{ github.event_name }}" = "pull_request" ]; then |
| upload="false" |
| release_version="" |
| fi |
| echo "release-version=$release_version" >> "$GITHUB_OUTPUT" |
| echo "upload=$upload" >> "$GITHUB_OUTPUT" |
| |
| release-binaries-all: |
| name: Build Release Binaries |
| needs: |
| - setup-variables |
| permissions: |
| contents: write # For release uploads |
| id-token: write # For artifact attestations |
| attestations: write # For artifact attestations |
| strategy: |
| fail-fast: false |
| matrix: |
| runs-on: |
| - ubuntu-22.04 |
| - windows-2022 |
| - macos-13 |
| - macos-14 |
| |
| uses: ./.github/workflows/release-binaries.yml |
| with: |
| release-version: "${{ needs.setup-variables.outputs.release-version }}" |
| upload: ${{ needs.setup-variables.outputs.upload == 'true'}} |
| runs-on: "${{ matrix.runs-on }}" |
| secrets: |
| # This will be empty for pull_request events, but that's fine, because |
| # the release-binaries workflow does not use this secret for the |
| # pull_request event. |
| RELEASE_TASKS_USER_TOKEN: ${{ secrets.RELEASE_TASKS_USER_TOKEN }} |