cli/.github/workflows/release.yaml at main · tigrisdata/cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
name: Release

on:
  push:
    branches:
      - release
  workflow_dispatch:

permissions:
  contents: write
  issues: write
  pull-requests: write
  id-token: write

jobs:
  release:
    runs-on: ubuntu-latest
    outputs:
      new_release_published: ${{ steps.semantic.outputs.new_release_published }}
      new_release_version: ${{ steps.semantic.outputs.new_release_version }}

    steps:
      # Checkout code with full history to get tags
      - uses: actions/checkout@v5
        with:
          fetch-depth: 0

      # Set up Node.js
      - uses: actions/setup-node@v5
        with:
          node-version: '22'

      # Install dependencies, test, and build
      - run: npm ci
      - run: npm run lint
      - run: npm run build
      - run: npm run test
      - run: npm run test:integration
        env:
          TIGRIS_STORAGE_ACCESS_KEY_ID: ${{ secrets.TIGRIS_STORAGE_ACCESS_KEY_ID }}
          TIGRIS_STORAGE_SECRET_ACCESS_KEY: ${{ secrets.TIGRIS_STORAGE_SECRET_ACCESS_KEY }}
      - run: npm run publint
      - run: npm audit signatures

      # Release to GitHub and NPM
      - name: Release
        id: semantic
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          npm run semantic-release
          git fetch --tags
          TAG=$(git tag --points-at HEAD | grep "^v" | head -1 || true)
          echo "new_release_version=${TAG#v}" >> $GITHUB_OUTPUT
          echo "new_release_published=$( [ -n "$TAG" ] && echo true || echo false )" >> $GITHUB_OUTPUT

  build-binaries:
    needs: release
    if: needs.release.outputs.new_release_published == 'true'
    runs-on: ubuntu-latest

    steps:
      # Checkout the release tag
      - uses: actions/checkout@v5
        with:
          ref: v${{ needs.release.outputs.new_release_version }}

      - uses: actions/setup-node@v5
        with:
          node-version: '22'

      - uses: oven-sh/setup-bun@v2

      - run: npm ci

      - name: Set version in package.json
        run: npm version ${{ needs.release.outputs.new_release_version }} --no-git-tag-version

      - name: Build binaries for all platforms
        run: npm run build:binary

      - name: Verify binaries exist
        run: |
          cd bin
          MISSING=0
          for f in tigris-darwin-arm64 tigris-darwin-x64 tigris-linux-x64 tigris-linux-arm64; do
            if [ ! -f "$f" ]; then
              echo "ERROR: Missing binary: $f"
              MISSING=1
            fi
          done
          if [ ! -f "tigris-windows-x64.exe" ]; then
            echo "ERROR: Missing binary: tigris-windows-x64.exe"
            MISSING=1
          fi
          if [ "$MISSING" -eq 1 ]; then
            echo "Binary build incomplete. Contents:"
            ls -la
            exit 1
          fi
          echo "All binaries present:"
          ls -la

      - name: Package archives
        run: |
          cd bin
          for f in tigris-darwin-arm64 tigris-darwin-x64 tigris-linux-x64 tigris-linux-arm64; do
            tar czf "${f}.tar.gz" "$f"
          done
          zip tigris-windows-x64.zip tigris-windows-x64.exe

      - name: Upload to GitHub release
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          TAG="v${{ needs.release.outputs.new_release_version }}"

          # Verify release exists
          if ! gh release view "$TAG" > /dev/null 2>&1; then
            echo "ERROR: Release $TAG does not exist"
            exit 1
          fi

          # Upload with retry
          for asset in \
            bin/tigris-darwin-arm64.tar.gz \
            bin/tigris-darwin-x64.tar.gz \
            bin/tigris-linux-x64.tar.gz \
            bin/tigris-linux-arm64.tar.gz \
            bin/tigris-windows-x64.zip \
            scripts/install.sh \
            scripts/install.ps1
          do
            echo "Uploading $asset..."
            for attempt in 1 2 3; do
              if gh release upload "$TAG" "$asset" --clobber; then
                echo "  Uploaded successfully"
                break
              fi
              if [ "$attempt" -eq 3 ]; then
                echo "  ERROR: Failed to upload after 3 attempts"
                exit 1
              fi
              echo "  Retry $((attempt + 1))..."
              sleep 5
            done
          done

          echo "All assets uploaded to $TAG"

  update-homebrew:
    needs: [release, build-binaries]
    if: needs.release.outputs.new_release_published == 'true' && github.ref == 'refs/heads/release'
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v5
        with:
          ref: v${{ needs.release.outputs.new_release_version }}

      - name: Update Homebrew formula
        env:
          HOMEBREW_TAP_TOKEN: ${{ secrets.HOMEBREW_TAP_TOKEN }}
        run: scripts/update-homebrew.sh ${{ needs.release.outputs.new_release_version }}