# Part of the Carbon Language project, under the Apache License v2.0 with LLVM # Exceptions. See /LICENSE for license information. # SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception # # This workflow creates a GitHub "release" of a nightly build of the project. # # Note: This is just an initial rough attempt, there is a lot of future work # needed here. A brief summary of TODOs: # # - Configure a nice release notes template and switch to generating the title # and notes instead of hard coding them. # # - Do some amount of testing prior to building and uploading the release. # - Tempting to try to examine existing testing workflow, but maybe better to # allow re-using any complex parts and do our own testing. That would, for # example, allow us to narrow or expand the set of tests uses for # pre-release testing to potentially be different from continuous testing. # - Some questions around what to do in the event of a failure... error? Where # does the error go? Create a draft, unpublished release instead? # # - Build artifacts for all the different OSes we have GitHub runners for rather # than just x86 Linux. name: Nightly Release on: schedule: - cron: '0 2 * * *' # Enable manual runs for testing or manually (re-)creating a nightly release. workflow_dispatch: permissions: contents: write # For creating and uploading to releases. jobs: release: runs-on: ubuntu-22.04 steps: - name: Harden Runner uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: block # When adding endpoints, see README.md. # prettier-ignore allowed-endpoints: > *.dl.sourceforge.net:443 api.github.com:443 bcr.bazel.build:443 downloads.sourceforge.net:443 github.com:443 oauth2.googleapis.com:443 objects.githubusercontent.com:443 releases.bazel.build:443 sourceforge.net:443 storage.googleapis.com:443 uploads.github.com:443 - name: Checkout branch uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up remote cache access env: REMOTE_CACHE_KEY: ${{ secrets.CARBON_BUILDS_GITHUB }} run: | echo "$REMOTE_CACHE_KEY" | base64 -d > $HOME/remote_cache_key.json echo "remote_cache_upload=--google_credentials=$HOME/remote_cache_key.json" \ >> $GITHUB_ENV - uses: ./.github/actions/build-setup-common with: matrix_runner: ubuntu-22.04 remote_cache_upload: ${{ env.remote_cache_upload }} - name: Get nightly date run: | echo "nightly_date=$(date '+%Y.%m.%d')" >> $GITHUB_ENV - name: Build release run: | ./scripts/run_bazel.py \ --attempts=5 --jobs-on-last-attempt=4 \ test -c opt --remote_download_toplevel \ --pre_release=nightly --nightly_date=${{ env.nightly_date }} \ //toolchain \ //toolchain/install:carbon_toolchain_tar_gz_rule \ //toolchain/install:carbon_toolchain_tar_gz_test - name: Extract the release version run: | # Make sure we can run the toolchain to get the version. ./bazel-bin/toolchain/carbon version # Now stash it in a variable and export it. VERSION=$( \ ./bazel-bin/toolchain/carbon version \ | cut -d' ' -f5 | cut -d'+' -f1) echo "release_version=$VERSION" >> $GITHUB_ENV - name: Create the release env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh release create \ --title "Nightly build ${{ env.nightly_date }}" \ --generate-notes \ --prerelease \ v${{ env.release_version }} \ "bazel-bin/toolchain/install/carbon_toolchain-${{ env.release_version }}.tar.gz"