Skip to content
Release

chore(release): fake release candidate 0.7.10-rc.1 #50

Sign in to view logs

chore(release): fake release candidate 0.7.10-rc.1

chore(release): fake release candidate 0.7.10-rc.1 #50

Workflow file for this run

.github/workflows/release.yml at ddae43d
name: Release
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
version:
description: 'Version to release (e.g., v0.4.0)'
required: true
dry_run:
description: 'Dry run (no actual publish or release)'
type: boolean
default: false
env:
CARGO_TERM_COLOR: always
RUSTFLAGS: "-D warnings"
permissions:
contents: write
jobs:
validate:
name: Validate Release
runs-on: ubuntu-latest
outputs:
version: ${{ steps.version.outputs.version }}
version_number: ${{ steps.version.outputs.version_number }}
is_prerelease: ${{ steps.version.outputs.is_prerelease }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Extract version
id: version
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
VERSION="${{ github.event.inputs.version }}"
else
VERSION="${GITHUB_REF#refs/tags/}"
fi
echo "version=$VERSION" >> $GITHUB_OUTPUT
VERSION_NUMBER="${VERSION#v}"
echo "version_number=$VERSION_NUMBER" >> $GITHUB_OUTPUT
if [[ "$VERSION" =~ -(alpha|beta|rc) ]]; then
echo "is_prerelease=true" >> $GITHUB_OUTPUT
else
echo "is_prerelease=false" >> $GITHUB_OUTPUT
fi
echo "Version: $VERSION (number: $VERSION_NUMBER)"
- name: Validate version format
run: |
VERSION="${{ steps.version.outputs.version }}"
VERSION_REGEX="^v[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9]+(\.[0-9]+)?)?$"
if ! [[ "$VERSION" =~ $VERSION_REGEX ]]; then
echo "::error::Invalid version format: $VERSION"
exit 1
fi
- name: Check Cargo.toml version
run: |
CARGO_VERSION=$(grep "^version" Cargo.toml | head -1 | cut -d'"' -f2)
EXPECTED="${{ steps.version.outputs.version_number }}"
if [[ "$CARGO_VERSION" != "$EXPECTED" ]]; then
echo "::error::Cargo.toml version mismatch"
echo "::error::Expected $EXPECTED but found $CARGO_VERSION"
exit 1
fi
test:
name: Test Suite
needs: validate
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt, clippy
- uses: Swatinem/rust-cache@v2
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly
- name: Check formatting
run: cargo fmt --all -- --check
- name: Run clippy
run: cargo clippy --all-targets --all-features -- -D warnings
- name: Run tests
run: cargo test
build:
name: Build ${{ matrix.target }}
needs: [validate, test]
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
# Use ubuntu-22.04 for GLIBC 2.35 compatibility with server deployments
- target: x86_64-unknown-linux-gnu
os: ubuntu-22.04
binary: ant-node
archive: tar.gz
friendly_name: linux-x64
- target: aarch64-unknown-linux-gnu
os: ubuntu-22.04
binary: ant-node
archive: tar.gz
cross: true
friendly_name: linux-arm64
- target: x86_64-apple-darwin
os: macos-latest
binary: ant-node
archive: tar.gz
friendly_name: macos-x64
- target: aarch64-apple-darwin
os: macos-latest
binary: ant-node
archive: tar.gz
friendly_name: macos-arm64
- target: x86_64-pc-windows-msvc
os: windows-latest
binary: ant-node.exe
archive: zip
friendly_name: windows-x64
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}
- uses: Swatinem/rust-cache@v2
with:
key: ${{ matrix.target }}
- name: Install cross (Linux ARM64)
if: matrix.cross
run: cargo install cross --git https://github.com/cross-rs/cross
- name: Build (cross)
if: matrix.cross
run: cross build --release --target ${{ matrix.target }}
- name: Build (native)
if: ${{ !matrix.cross }}
run: cargo build --release --target ${{ matrix.target }}
- name: Create archive (Unix)
if: matrix.archive == 'tar.gz'
run: |
cd target/${{ matrix.target }}/release
tar -czvf ../../../ant-node-cli-${{ matrix.friendly_name }}.tar.gz ${{ matrix.binary }} ant-keygen
cd ../../..
- name: Create archive (Windows)
if: matrix.archive == 'zip'
shell: pwsh
run: |
Compress-Archive -Path "target/${{ matrix.target }}/release/${{ matrix.binary }}", "target/${{ matrix.target }}/release/ant-keygen.exe" -DestinationPath "ant-node-cli-${{ matrix.friendly_name }}.zip"
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: cli-${{ matrix.friendly_name }}
path: ant-node-cli-${{ matrix.friendly_name }}.${{ matrix.archive }}
retention-days: 1
installers-linux:
name: Build Linux Installers
needs: build
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: Install cargo-deb
run: cargo install cargo-deb
- name: Install cargo-generate-rpm
run: cargo install cargo-generate-rpm
- name: Build release binaries
run: cargo build --release
- name: Build .deb package
run: cargo deb --no-build --output ant-node.deb
- name: Build .rpm package
run: cargo generate-rpm --output ant-node.rpm
- name: Upload .deb
uses: actions/upload-artifact@v4
with:
name: installer-deb
path: ant-node.deb
retention-days: 1
- name: Upload .rpm
uses: actions/upload-artifact@v4
with:
name: installer-rpm
path: ant-node.rpm
retention-days: 1
installers-windows:
name: Build Windows Installer
needs: [validate, build]
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: Build release binaries
run: cargo build --release --target x86_64-pc-windows-msvc
- name: Install WiX Toolset
run: |
choco install wixtoolset -y
echo "C:\Program Files (x86)\WiX Toolset v3.14\bin" >> $env:GITHUB_PATH
- name: Extract version from tag
id: version
shell: pwsh
run: |
$tag = "${{ needs.validate.outputs.version }}"
# Remove 'v' prefix and strip any pre-release suffix (e.g., -rc.1, -beta.2)
$version = $tag -replace '^v', '' -replace '-.*$', ''
# Ensure 4-part version for MSI (add .0 if needed)
$parts = $version.Split('.')
while ($parts.Length -lt 4) {
$version = "$version.0"
$parts = $version.Split('.')
}
echo "version=$version" >> $env:GITHUB_OUTPUT
echo "MSI Version: $version"
- name: Build MSI installer
shell: pwsh
run: |
# Create placeholder images if they don't exist
if (-not (Test-Path "wix\banner.bmp")) {
# Create a simple 493x58 banner
Add-Type -AssemblyName System.Drawing
$bmp = New-Object System.Drawing.Bitmap(493, 58)
$g = [System.Drawing.Graphics]::FromImage($bmp)
$g.Clear([System.Drawing.Color]::FromArgb(0, 120, 212))
$bmp.Save("wix\banner.bmp")
}
if (-not (Test-Path "wix\dialog.bmp")) {
# Create a simple 493x312 dialog
Add-Type -AssemblyName System.Drawing
$bmp = New-Object System.Drawing.Bitmap(493, 312)
$g = [System.Drawing.Graphics]::FromImage($bmp)
$g.Clear([System.Drawing.Color]::FromArgb(0, 120, 212))
$bmp.Save("wix\dialog.bmp")
}
if (-not (Test-Path "wix\ant.ico")) {
# Use a default icon
Copy-Item "C:\Windows\System32\shell32.dll" -Destination "wix\temp.dll"
Add-Type -AssemblyName System.Drawing
$icon = [System.Drawing.Icon]::ExtractAssociatedIcon("C:\Windows\System32\cmd.exe")
$stream = [System.IO.File]::Create("wix\ant.ico")
$icon.Save($stream)
$stream.Close()
}
# Create license.rtf if it doesn't exist
if (-not (Test-Path "wix\license.rtf")) {
$licenseText = Get-Content "LICENSE-MIT" -Raw
$rtfContent = "{\rtf1\ansi\deff0{\fonttbl{\f0 Consolas;}}\f0\fs20 " + ($licenseText -replace '\n', '\par ') + "}"
Set-Content -Path "wix\license.rtf" -Value $rtfContent
}
$version = "${{ steps.version.outputs.version }}"
candle.exe wix\main.wxs -o wix\main.wixobj -ext WixUIExtension -dProductVersion="$version"
light.exe wix\main.wixobj -o ant-node.msi -ext WixUIExtension
- name: Upload MSI
uses: actions/upload-artifact@v4
with:
name: installer-msi
path: ant-node.msi
retention-days: 1
sign:
name: Sign Releases
needs: [build, installers-linux, installers-windows]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: Download all artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
merge-multiple: true
- name: List artifacts
run: ls -la artifacts/
- name: Decode signing key
run: |
echo "${{ secrets.ANT_NODE_SIGNING_KEY }}" | xxd -r -p > /tmp/signing-key.secret
chmod 600 /tmp/signing-key.secret
- name: Build signing tool
run: cargo build --release --bin ant-keygen
- name: Sign all release files
run: |
for file in artifacts/ant-node-cli-*.tar.gz artifacts/ant-node-cli-*.zip artifacts/*.deb artifacts/*.rpm artifacts/*.msi; do
if [ -f "$file" ]; then
echo "Signing $file..."
./target/release/ant-keygen sign \
--key /tmp/signing-key.secret \
--input "$file" \
--output "${file}.sig"
fi
done
- name: Clean up signing key
if: always()
run: rm -f /tmp/signing-key.secret
- name: Generate checksums
run: |
cd artifacts
sha256sum ant-node-cli-* *.deb *.rpm *.msi 2>/dev/null > SHA256SUMS.txt || true
cat SHA256SUMS.txt
- name: Upload signed artifacts
uses: actions/upload-artifact@v4
with:
name: signed-releases
path: |
artifacts/*
retention-days: 1
publish-crate:
name: Publish to crates.io
needs: [validate, test]
runs-on: ubuntu-latest
if: github.event.inputs.dry_run != 'true' && needs.validate.outputs.is_prerelease != 'true'
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- name: Verify crate
run: cargo publish --dry-run --allow-dirty
- name: Publish to crates.io
run: cargo publish --no-verify --allow-dirty
env:
CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_TOKEN }}
release:
name: Create GitHub Release
needs: [validate, sign]
runs-on: ubuntu-latest
if: github.event.inputs.dry_run != 'true'
steps:
- uses: actions/checkout@v4
- name: Download signed artifacts
uses: actions/download-artifact@v4
with:
name: signed-releases
path: release
- name: List release files
run: ls -la release/
- name: Create GitHub Release
uses: softprops/action-gh-release@v2
with:
name: Autonomi Node ${{ needs.validate.outputs.version }}
body: |
## Autonomi Node ${{ needs.validate.outputs.version }}
### CLI Downloads (Manual Installation)
Download, extract, and run directly from command line:
| Platform | Download |
|----------|----------|
| Linux x64 | `ant-node-cli-linux-x64.tar.gz` |
| Linux ARM64 | `ant-node-cli-linux-arm64.tar.gz` |
| macOS x64 | `ant-node-cli-macos-x64.tar.gz` |
| macOS ARM64 (Apple Silicon) | `ant-node-cli-macos-arm64.tar.gz` |
| Windows x64 | `ant-node-cli-windows-x64.zip` |
**CLI Usage:**
```bash
# Linux/macOS
tar -xzf ant-node-cli-linux-x64.tar.gz
./ant-node --testnet
# Windows (PowerShell)
Expand-Archive ant-node-cli-windows-x64.zip
.\ant-node.exe --testnet
```
### Service Installers (Automatic Startup)
Install as a system service with automatic startup:
| Platform | Download |
|----------|----------|
| Debian/Ubuntu | `ant-node.deb` |
| RHEL/Fedora | `ant-node.rpm` |
| Windows | `ant-node.msi` |
**Service Installation:**
```bash
# Debian/Ubuntu
sudo dpkg -i ant-node.deb
sudo systemctl enable --now ant-node
# RHEL/Fedora
sudo rpm -i ant-node.rpm
sudo systemctl enable --now ant-node
# Windows: Run ant-node.msi installer
```
### Verification
All downloads are signed with ML-DSA-65 (FIPS 204) post-quantum signatures.
Download the corresponding `.sig` file and verify:
```bash
ant-keygen verify --key release-signing-key.pub --input <file> --signature <file>.sig
```
SHA256 checksums provided in `SHA256SUMS.txt`.
### Auto-Upgrade
Running nodes automatically detect and upgrade to this version
within a 24-hour staged rollout window.
files: |
release/ant-node-cli-*.tar.gz
release/ant-node-cli-*.zip
release/ant-node-cli-*.sig
release/*.deb
release/*.rpm
release/*.msi
release/*.deb.sig
release/*.rpm.sig
release/*.msi.sig
release/SHA256SUMS.txt
draft: false
prerelease: ${{ needs.validate.outputs.is_prerelease }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}