1use std::cell::RefCell;
2
3use gh_workflow::{
4 Concurrency, Env, Expression, Step, WorkflowCallInput, WorkflowCallSecret,
5 WorkflowDispatchInput,
6};
7
8use crate::tasks::workflows::{runners::Platform, steps::NamedJob};
9
10macro_rules! secret {
11 ($secret_name:ident) => {
12 pub const $secret_name: &str = concat!("${{ secrets.", stringify!($secret_name), " }}");
13 };
14}
15
16macro_rules! var {
17 ($var_name:ident) => {
18 pub const $var_name: &str = concat!("${{ vars.", stringify!($var_name), " }}");
19 };
20}
21
22secret!(ANTHROPIC_API_KEY);
23secret!(OPENAI_API_KEY);
24secret!(GOOGLE_AI_API_KEY);
25secret!(GOOGLE_CLOUD_PROJECT);
26secret!(APPLE_NOTARIZATION_ISSUER_ID);
27secret!(APPLE_NOTARIZATION_KEY);
28secret!(APPLE_NOTARIZATION_KEY_ID);
29secret!(AZURE_SIGNING_CLIENT_ID);
30secret!(AZURE_SIGNING_CLIENT_SECRET);
31secret!(AZURE_SIGNING_TENANT_ID);
32secret!(CACHIX_AUTH_TOKEN);
33secret!(DIGITALOCEAN_SPACES_ACCESS_KEY);
34secret!(DIGITALOCEAN_SPACES_SECRET_KEY);
35secret!(GITHUB_TOKEN);
36secret!(MACOS_CERTIFICATE);
37secret!(MACOS_CERTIFICATE_PASSWORD);
38secret!(SENTRY_AUTH_TOKEN);
39secret!(ZED_CLIENT_CHECKSUM_SEED);
40secret!(ZED_CLOUD_PROVIDER_ADDITIONAL_MODELS_JSON);
41secret!(ZED_SENTRY_MINIDUMP_ENDPOINT);
42secret!(SLACK_APP_ZED_UNIT_EVALS_BOT_TOKEN);
43secret!(ZED_ZIPPY_APP_ID);
44secret!(ZED_ZIPPY_APP_PRIVATE_KEY);
45secret!(DISCORD_WEBHOOK_RELEASE_NOTES);
46secret!(WINGET_TOKEN);
47secret!(VERCEL_TOKEN);
48secret!(SLACK_WEBHOOK_WORKFLOW_FAILURES);
49
50// todo(ci) make these secrets too...
51var!(AZURE_SIGNING_ACCOUNT_NAME);
52var!(AZURE_SIGNING_CERT_PROFILE_NAME);
53var!(AZURE_SIGNING_ENDPOINT);
54
55pub fn bundle_envs(platform: Platform) -> Env {
56 let env = Env::default()
57 .add("CARGO_INCREMENTAL", 0)
58 .add("ZED_CLIENT_CHECKSUM_SEED", ZED_CLIENT_CHECKSUM_SEED)
59 .add("ZED_MINIDUMP_ENDPOINT", ZED_SENTRY_MINIDUMP_ENDPOINT);
60
61 match platform {
62 Platform::Linux => env,
63 Platform::Mac => env
64 .add("MACOS_CERTIFICATE", MACOS_CERTIFICATE)
65 .add("MACOS_CERTIFICATE_PASSWORD", MACOS_CERTIFICATE_PASSWORD)
66 .add("APPLE_NOTARIZATION_KEY", APPLE_NOTARIZATION_KEY)
67 .add("APPLE_NOTARIZATION_KEY_ID", APPLE_NOTARIZATION_KEY_ID)
68 .add("APPLE_NOTARIZATION_ISSUER_ID", APPLE_NOTARIZATION_ISSUER_ID),
69 Platform::Windows => env
70 .add("AZURE_TENANT_ID", AZURE_SIGNING_TENANT_ID)
71 .add("AZURE_CLIENT_ID", AZURE_SIGNING_CLIENT_ID)
72 .add("AZURE_CLIENT_SECRET", AZURE_SIGNING_CLIENT_SECRET)
73 .add("ACCOUNT_NAME", AZURE_SIGNING_ACCOUNT_NAME)
74 .add("CERT_PROFILE_NAME", AZURE_SIGNING_CERT_PROFILE_NAME)
75 .add("ENDPOINT", AZURE_SIGNING_ENDPOINT)
76 .add("FILE_DIGEST", "SHA256")
77 .add("TIMESTAMP_DIGEST", "SHA256")
78 .add("TIMESTAMP_SERVER", "http://timestamp.acs.microsoft.com"),
79 }
80}
81
82pub fn one_workflow_per_non_main_branch() -> Concurrency {
83 Concurrency::default()
84 .group("${{ github.workflow }}-${{ github.ref_name }}-${{ github.ref_name == 'main' && github.sha || 'anysha' }}")
85 .cancel_in_progress(true)
86}
87
88pub(crate) fn allow_concurrent_runs() -> Concurrency {
89 Concurrency::default()
90 .group("${{ github.workflow }}-${{ github.ref_name }}-${{ github.run_id }}")
91 .cancel_in_progress(true)
92}
93
94// Represents a pattern to check for changed files and corresponding output variable
95pub struct PathCondition {
96 pub name: &'static str,
97 pub pattern: &'static str,
98 pub invert: bool,
99 pub set_by_step: RefCell<Option<String>>,
100}
101impl PathCondition {
102 pub fn new(name: &'static str, pattern: &'static str) -> Self {
103 Self {
104 name,
105 pattern,
106 invert: false,
107 set_by_step: Default::default(),
108 }
109 }
110 pub fn inverted(name: &'static str, pattern: &'static str) -> Self {
111 Self {
112 name,
113 pattern,
114 invert: true,
115 set_by_step: Default::default(),
116 }
117 }
118 pub fn guard(&self, job: NamedJob) -> NamedJob {
119 let set_by_step = self
120 .set_by_step
121 .borrow()
122 .clone()
123 .unwrap_or_else(|| panic!("condition {},is never set", self.name));
124 NamedJob {
125 name: job.name,
126 job: job
127 .job
128 .add_need(set_by_step.clone())
129 .cond(Expression::new(format!(
130 "needs.{}.outputs.{} == 'true'",
131 &set_by_step, self.name
132 ))),
133 }
134 }
135}
136
137pub(crate) struct StepOutput {
138 pub name: &'static str,
139 step_id: String,
140}
141
142impl StepOutput {
143 pub fn new<T>(step: &Step<T>, name: &'static str) -> Self {
144 Self {
145 name,
146 step_id: step
147 .value
148 .id
149 .clone()
150 .expect("Steps that produce outputs must have an ID"),
151 }
152 }
153
154 pub fn expr(&self) -> String {
155 format!("steps.{}.outputs.{}", self.step_id, self.name)
156 }
157
158 pub fn as_job_output(self, job: &NamedJob) -> JobOutput {
159 JobOutput {
160 job_name: job.name.clone(),
161 name: self.name,
162 }
163 }
164}
165
166impl serde::Serialize for StepOutput {
167 fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
168 where
169 S: serde::Serializer,
170 {
171 serializer.serialize_str(&self.to_string())
172 }
173}
174
175impl std::fmt::Display for StepOutput {
176 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
177 write!(f, "${{{{ {} }}}}", self.expr())
178 }
179}
180
181pub(crate) struct JobOutput {
182 job_name: String,
183 name: &'static str,
184}
185
186impl JobOutput {
187 pub fn expr(&self) -> String {
188 format!("needs.{}.outputs.{}", self.job_name, self.name)
189 }
190}
191
192impl serde::Serialize for JobOutput {
193 fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
194 where
195 S: serde::Serializer,
196 {
197 serializer.serialize_str(&self.to_string())
198 }
199}
200
201impl std::fmt::Display for JobOutput {
202 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
203 write!(f, "${{{{ {} }}}}", self.expr())
204 }
205}
206
207pub struct WorkflowInput {
208 pub input_type: &'static str,
209 pub name: &'static str,
210 pub default: Option<String>,
211}
212
213impl WorkflowInput {
214 pub fn string(name: &'static str, default: Option<String>) -> Self {
215 Self {
216 input_type: "string",
217 name,
218 default,
219 }
220 }
221
222 pub fn bool(name: &'static str, default: Option<bool>) -> Self {
223 Self {
224 input_type: "boolean",
225 name,
226 default: default.as_ref().map(ToString::to_string),
227 }
228 }
229
230 pub fn input(&self) -> WorkflowDispatchInput {
231 WorkflowDispatchInput {
232 description: self.name.to_owned(),
233 required: self.default.is_none(),
234 input_type: self.input_type.to_owned(),
235 default: self.default.clone(),
236 }
237 }
238
239 pub fn call_input(&self) -> WorkflowCallInput {
240 WorkflowCallInput {
241 description: self.name.to_owned(),
242 required: self.default.is_none(),
243 input_type: self.input_type.to_owned(),
244 default: self.default.clone(),
245 }
246 }
247
248 pub(crate) fn expr(&self) -> String {
249 format!("inputs.{}", self.name)
250 }
251}
252
253impl std::fmt::Display for WorkflowInput {
254 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
255 write!(f, "${{{{ {} }}}}", self.expr())
256 }
257}
258
259impl serde::Serialize for WorkflowInput {
260 fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
261 where
262 S: serde::Serializer,
263 {
264 serializer.serialize_str(&self.to_string())
265 }
266}
267
268pub(crate) struct WorkflowSecret {
269 pub name: &'static str,
270 description: String,
271 required: bool,
272}
273
274impl WorkflowSecret {
275 pub fn new(name: &'static str, description: impl ToString) -> Self {
276 Self {
277 name,
278 description: description.to_string(),
279 required: true,
280 }
281 }
282
283 pub fn secret_configuration(&self) -> WorkflowCallSecret {
284 WorkflowCallSecret {
285 description: self.description.clone(),
286 required: self.required,
287 }
288 }
289}
290
291impl std::fmt::Display for WorkflowSecret {
292 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
293 write!(f, "${{{{ secrets.{} }}}}", self.name)
294 }
295}
296
297impl serde::Serialize for WorkflowSecret {
298 fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
299 where
300 S: serde::Serializer,
301 {
302 serializer.serialize_str(&self.to_string())
303 }
304}
305
306pub mod assets {
307 // NOTE: these asset names also exist in the zed.dev codebase.
308 pub const MAC_AARCH64: &str = "Zed-aarch64.dmg";
309 pub const MAC_X86_64: &str = "Zed-x86_64.dmg";
310 pub const LINUX_AARCH64: &str = "zed-linux-aarch64.tar.gz";
311 pub const LINUX_X86_64: &str = "zed-linux-x86_64.tar.gz";
312 pub const WINDOWS_X86_64: &str = "Zed-x86_64.exe";
313 pub const WINDOWS_AARCH64: &str = "Zed-aarch64.exe";
314
315 pub const REMOTE_SERVER_MAC_AARCH64: &str = "zed-remote-server-macos-aarch64.gz";
316 pub const REMOTE_SERVER_MAC_X86_64: &str = "zed-remote-server-macos-x86_64.gz";
317 pub const REMOTE_SERVER_LINUX_AARCH64: &str = "zed-remote-server-linux-aarch64.gz";
318 pub const REMOTE_SERVER_LINUX_X86_64: &str = "zed-remote-server-linux-x86_64.gz";
319
320 pub fn all() -> Vec<&'static str> {
321 vec![
322 MAC_AARCH64,
323 MAC_X86_64,
324 LINUX_AARCH64,
325 LINUX_X86_64,
326 WINDOWS_X86_64,
327 WINDOWS_AARCH64,
328 REMOTE_SERVER_MAC_AARCH64,
329 REMOTE_SERVER_MAC_X86_64,
330 REMOTE_SERVER_LINUX_AARCH64,
331 REMOTE_SERVER_LINUX_X86_64,
332 ]
333 }
334}