1use std::cell::RefCell;
2
3use gh_workflow::{Concurrency, Env, Expression, Step, WorkflowDispatchInput};
4
5use crate::tasks::workflows::{runners::Platform, steps::NamedJob};
6
7macro_rules! secret {
8 ($secret_name:ident) => {
9 pub const $secret_name: &str = concat!("${{ secrets.", stringify!($secret_name), " }}");
10 };
11}
12
13macro_rules! var {
14 ($secret_name:ident) => {
15 pub const $secret_name: &str = concat!("${{ vars.", stringify!($secret_name), " }}");
16 };
17}
18
19secret!(ANTHROPIC_API_KEY);
20secret!(APPLE_NOTARIZATION_ISSUER_ID);
21secret!(APPLE_NOTARIZATION_KEY);
22secret!(APPLE_NOTARIZATION_KEY_ID);
23secret!(AZURE_SIGNING_CLIENT_ID);
24secret!(AZURE_SIGNING_CLIENT_SECRET);
25secret!(AZURE_SIGNING_TENANT_ID);
26secret!(CACHIX_AUTH_TOKEN);
27secret!(DIGITALOCEAN_SPACES_ACCESS_KEY);
28secret!(DIGITALOCEAN_SPACES_SECRET_KEY);
29secret!(GITHUB_TOKEN);
30secret!(MACOS_CERTIFICATE);
31secret!(MACOS_CERTIFICATE_PASSWORD);
32secret!(SENTRY_AUTH_TOKEN);
33secret!(ZED_CLIENT_CHECKSUM_SEED);
34secret!(ZED_CLOUD_PROVIDER_ADDITIONAL_MODELS_JSON);
35secret!(ZED_SENTRY_MINIDUMP_ENDPOINT);
36secret!(SLACK_APP_ZED_UNIT_EVALS_BOT_TOKEN);
37secret!(ZED_ZIPPY_APP_ID);
38secret!(ZED_ZIPPY_APP_PRIVATE_KEY);
39
40// todo(ci) make these secrets too...
41var!(AZURE_SIGNING_ACCOUNT_NAME);
42var!(AZURE_SIGNING_CERT_PROFILE_NAME);
43var!(AZURE_SIGNING_ENDPOINT);
44
45pub fn bundle_envs(platform: Platform) -> Env {
46 let env = Env::default()
47 .add("CARGO_INCREMENTAL", 0)
48 .add("ZED_CLIENT_CHECKSUM_SEED", ZED_CLIENT_CHECKSUM_SEED)
49 .add("ZED_MINIDUMP_ENDPOINT", ZED_SENTRY_MINIDUMP_ENDPOINT);
50
51 match platform {
52 Platform::Linux => env,
53 Platform::Mac => env
54 .add("MACOS_CERTIFICATE", MACOS_CERTIFICATE)
55 .add("MACOS_CERTIFICATE_PASSWORD", MACOS_CERTIFICATE_PASSWORD)
56 .add("APPLE_NOTARIZATION_KEY", APPLE_NOTARIZATION_KEY)
57 .add("APPLE_NOTARIZATION_KEY_ID", APPLE_NOTARIZATION_KEY_ID)
58 .add("APPLE_NOTARIZATION_ISSUER_ID", APPLE_NOTARIZATION_ISSUER_ID),
59 Platform::Windows => env
60 .add("AZURE_TENANT_ID", AZURE_SIGNING_TENANT_ID)
61 .add("AZURE_CLIENT_ID", AZURE_SIGNING_CLIENT_ID)
62 .add("AZURE_CLIENT_SECRET", AZURE_SIGNING_CLIENT_SECRET)
63 .add("ACCOUNT_NAME", AZURE_SIGNING_ACCOUNT_NAME)
64 .add("CERT_PROFILE_NAME", AZURE_SIGNING_CERT_PROFILE_NAME)
65 .add("ENDPOINT", AZURE_SIGNING_ENDPOINT)
66 .add("FILE_DIGEST", "SHA256")
67 .add("TIMESTAMP_DIGEST", "SHA256")
68 .add("TIMESTAMP_SERVER", "http://timestamp.acs.microsoft.com"),
69 }
70}
71
72pub(crate) fn one_workflow_per_non_main_branch() -> Concurrency {
73 Concurrency::default()
74 .group("${{ github.workflow }}-${{ github.ref_name }}-${{ github.ref_name == 'main' && github.sha || 'anysha' }}")
75 .cancel_in_progress(true)
76}
77
78// Represents a pattern to check for changed files and corresponding output variable
79pub(crate) struct PathCondition {
80 pub name: &'static str,
81 pub pattern: &'static str,
82 pub invert: bool,
83 pub set_by_step: RefCell<Option<String>>,
84}
85impl PathCondition {
86 pub fn new(name: &'static str, pattern: &'static str) -> Self {
87 Self {
88 name,
89 pattern,
90 invert: false,
91 set_by_step: Default::default(),
92 }
93 }
94 pub fn inverted(name: &'static str, pattern: &'static str) -> Self {
95 Self {
96 name,
97 pattern,
98 invert: true,
99 set_by_step: Default::default(),
100 }
101 }
102 pub fn guard(&self, job: NamedJob) -> NamedJob {
103 let set_by_step = self
104 .set_by_step
105 .borrow()
106 .clone()
107 .unwrap_or_else(|| panic!("condition {},is never set", self.name));
108 NamedJob {
109 name: job.name,
110 job: job
111 .job
112 .add_need(set_by_step.clone())
113 .cond(Expression::new(format!(
114 "needs.{}.outputs.{} == 'true'",
115 &set_by_step, self.name
116 ))),
117 }
118 }
119}
120
121pub(crate) struct StepOutput {
122 name: &'static str,
123 step_id: String,
124}
125
126impl StepOutput {
127 pub fn new<T>(step: &Step<T>, name: &'static str) -> Self {
128 Self {
129 name,
130 step_id: step
131 .value
132 .id
133 .clone()
134 .expect("Steps that produce outputs must have an ID"),
135 }
136 }
137}
138
139impl std::fmt::Display for StepOutput {
140 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
141 write!(f, "${{{{ steps.{}.outputs.{} }}}}", self.step_id, self.name)
142 }
143}
144
145pub(crate) struct Input {
146 pub input_type: &'static str,
147 pub name: &'static str,
148 pub default: Option<String>,
149}
150
151impl Input {
152 pub fn string(name: &'static str, default: Option<String>) -> Self {
153 Self {
154 input_type: "string",
155 name,
156 default,
157 }
158 }
159
160 pub fn input(&self) -> WorkflowDispatchInput {
161 WorkflowDispatchInput {
162 description: self.name.to_owned(),
163 required: self.default.is_none(),
164 input_type: self.input_type.to_owned(),
165 default: self.default.clone(),
166 }
167 }
168}
169
170impl std::fmt::Display for Input {
171 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
172 write!(f, "${{{{ inputs.{} }}}}", self.name)
173 }
174}
175
176pub mod assets {
177 // NOTE: these asset names also exist in the zed.dev codebase.
178 pub const MAC_AARCH64: &str = "Zed-aarch64.dmg";
179 pub const MAC_X86_64: &str = "Zed-x86_64.dmg";
180 pub const LINUX_AARCH64: &str = "zed-linux-aarch64.tar.gz";
181 pub const LINUX_X86_64: &str = "zed-linux-x86_64.tar.gz";
182 pub const WINDOWS_X86_64: &str = "Zed-x86_64.exe";
183 pub const WINDOWS_AARCH64: &str = "Zed-aarch64.exe";
184
185 pub const REMOTE_SERVER_MAC_AARCH64: &str = "zed-remote-server-macos-aarch64.gz";
186 pub const REMOTE_SERVER_MAC_X86_64: &str = "zed-remote-server-macos-x86_64.gz";
187 pub const REMOTE_SERVER_LINUX_AARCH64: &str = "zed-remote-server-linux-aarch64.gz";
188 pub const REMOTE_SERVER_LINUX_X86_64: &str = "zed-remote-server-linux-x86_64.gz";
189
190 pub fn all() -> Vec<&'static str> {
191 vec![
192 MAC_AARCH64,
193 MAC_X86_64,
194 LINUX_AARCH64,
195 LINUX_X86_64,
196 WINDOWS_X86_64,
197 WINDOWS_AARCH64,
198 REMOTE_SERVER_MAC_AARCH64,
199 REMOTE_SERVER_MAC_X86_64,
200 REMOTE_SERVER_LINUX_AARCH64,
201 REMOTE_SERVER_LINUX_X86_64,
202 ]
203 }
204}