opencode-cloud/.github/workflows/version-bump.yml at main · pRizz/opencode-cloud · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
name: Version Bump

on:
  workflow_dispatch:
    inputs:
      bump_type:
        description: 'Version bump type'
        required: true
        type: choice
        options:
          - patch
          - minor
          - major
        default: patch

concurrency:
  group: version-bump
  # Queue runs to avoid overlapping version bumps, tag collisions, and push races.
  cancel-in-progress: false

permissions:
  contents: write    # Required for pushing commits and tags
  packages: write    # Required for GHCR push (docker-publish)

jobs:
  bump-version:
    name: Bump Version
    runs-on: ubuntu-latest
    outputs:
      version: ${{ steps.new.outputs.version }}
      previous_version: ${{ steps.current.outputs.version }}
      ref: ${{ steps.tag.outputs.ref }}

    steps:
      - uses: actions/checkout@v6
        with:
          fetch-depth: 0  # Need full history for version detection
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: Configure Git
        run: |
          git config user.name "github-actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"

      - name: Get current version
        id: current
        run: |
          # Extract version from root Cargo.toml
          CURRENT=$(grep -m1 '^version = ' Cargo.toml | sed 's/version = "\(.*\)"/\1/')
          echo "version=${CURRENT}" >> "$GITHUB_OUTPUT"
          echo "Current version: ${CURRENT}"

      - name: Calculate new version
        id: new
        run: |
          CURRENT="${{ steps.current.outputs.version }}"
          BUMP_TYPE="${{ inputs.bump_type }}"

          # Parse version components
          IFS='.' read -r MAJOR MINOR PATCH <<< "${CURRENT}"

          case "${BUMP_TYPE}" in
            major)
              NEW_VERSION="$((MAJOR + 1)).0.0"
              ;;
            minor)
              NEW_VERSION="${MAJOR}.$((MINOR + 1)).0"
              ;;
            patch)
              NEW_VERSION="${MAJOR}.${MINOR}.$((PATCH + 1))"
              ;;
          esac

          echo "version=${NEW_VERSION}" >> "$GITHUB_OUTPUT"
          echo "New version: ${NEW_VERSION}"

      - name: Check if tag exists
        run: |
          TAG="release/v${{ steps.new.outputs.version }}"
          if git rev-parse "${TAG}" >/dev/null 2>&1; then
            echo "Error: Tag ${TAG} already exists"
            exit 1
          fi

      - name: Update version files
        run: |
          ./scripts/set-all-versions.sh "${{ steps.new.outputs.version }}"

      - name: Install Rust
        uses: dtolnay/rust-toolchain@master
        with:
          toolchain: "1.89"

      - name: Update Cargo.lock
        run: cargo check --workspace

      - name: Commit version bump
        run: |
          git add -A
          git commit -m "chore(release): v${{ steps.new.outputs.version }}"

      - name: Create release tag
        id: tag
        run: |
          TAG="release/v${{ steps.new.outputs.version }}"
          git tag "${TAG}"
          echo "ref=${TAG}" >> "$GITHUB_OUTPUT"

      - name: Push changes and tag
        run: |
          git push
          git push origin "release/v${{ steps.new.outputs.version }}"

      - name: Create GitHub Release
        uses: softprops/action-gh-release@v2
        with:
          tag_name: "release/v${{ steps.new.outputs.version }}"
          name: "v${{ steps.new.outputs.version }}"
          body: |
            ## What's Changed

            See [full changelog](https://github.com/pRizz/opencode-cloud/compare/release/v${{ steps.current.outputs.version }}...release/v${{ steps.new.outputs.version }})

            ## Installation

            ```bash
            # Via cargo (recommended)
            cargo install opencode-cloud

            # Via Docker (sandbox image)
            docker pull ghcr.io/prizz/opencode-cloud-sandbox:${{ steps.new.outputs.version }}
            # Or from Docker Hub:
            docker pull prizz/opencode-cloud-sandbox:${{ steps.new.outputs.version }}
            ```
          draft: false
          prerelease: false

      - name: Summary
        run: |
          echo "## 🎉 Version Bumped!" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "- **Previous:** ${{ steps.current.outputs.version }}" >> $GITHUB_STEP_SUMMARY
          echo "- **New:** ${{ steps.new.outputs.version }}" >> $GITHUB_STEP_SUMMARY
          echo "- **Bump type:** ${{ inputs.bump_type }}" >> $GITHUB_STEP_SUMMARY

  # Run CI checks before publishing
  ci-pre-publish:
    name: Pre-publish Checks
    needs: bump-version
    uses: ./.github/workflows/ci-pre-publish.yml
    with:
      version: ${{ needs.bump-version.outputs.version }}
      # Pass the release tag ref to ensure checkout uses the commit with the version bump,
      # not the original commit that triggered the workflow
      ref: ${{ needs.bump-version.outputs.ref }}

  # Publish to crates.io (after checks pass)
  publish-crates:
    name: Publish to crates.io
    needs: [bump-version, ci-pre-publish]
    uses: ./.github/workflows/publish-crates.yml
    with:
      version: ${{ needs.bump-version.outputs.version }}
      # Pass the release tag ref to ensure checkout uses the commit with the version bump,
      # not the original commit that triggered the workflow
      ref: ${{ needs.bump-version.outputs.ref }}
    secrets: inherit

  # Publish to npm (after checks pass)
  publish-npm:
    name: Publish to npm
    needs: [bump-version, ci-pre-publish]
    uses: ./.github/workflows/publish-npm.yml
    with:
      version: ${{ needs.bump-version.outputs.version }}
      ref: ${{ needs.bump-version.outputs.ref }}
    secrets: inherit

  # Publish sandbox Docker image (after checks pass)
  docker-publish:
    name: Publish sandbox Docker image
    needs: [bump-version, ci-pre-publish]
    uses: ./.github/workflows/docker-publish.yml
    with:
      version: ${{ needs.bump-version.outputs.version }}
      # Pass the release tag ref to ensure checkout uses the commit with the version bump,
      # not the original commit that triggered the workflow
      ref: ${{ needs.bump-version.outputs.ref }}
    secrets: inherit

  # Final summary with Docker Scout results
  publish-summary:
    name: Publish Summary
    needs: [bump-version, docker-publish]
    if: always() && needs.bump-version.result == 'success'
    runs-on: ubuntu-latest

    steps:
      - name: Release Summary
        env:
          VERSION: ${{ needs.bump-version.outputs.version }}
          SCOUT_STATUS: ${{ needs.docker-publish.outputs.scout_policy_status }}
          SCOUT_EXIT_CODE: ${{ needs.docker-publish.outputs.scout_policy_exit_code }}
        run: |
          set -euo pipefail
          {
            echo "## Publish Summary for v${VERSION}"
            echo ""
            echo "**Docker Scout policy (non-blocking):** \`${SCOUT_STATUS:-unknown}\` (exit \`${SCOUT_EXIT_CODE:-unknown}\`)"
          } >> "${GITHUB_STEP_SUMMARY}"