1use gh_workflow::{Event, Expression, Push, Run, Step, Use, Workflow, ctx::Context};
2use indoc::formatdoc;
3
4use crate::tasks::workflows::{
5 run_bundling::{bundle_linux, bundle_mac, bundle_windows, upload_artifact},
6 run_tests,
7 runners::{self, Arch, Platform},
8 steps::{self, FluentBuilder, NamedJob, dependant_job, named, release_job},
9 vars::{self, StepOutput, assets},
10};
11
12const CURRENT_ACTION_RUN_URL: &str =
13 "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}";
14
15pub(crate) fn release() -> Workflow {
16 let macos_tests = run_tests::run_platform_tests_no_filter(Platform::Mac);
17 let linux_tests = run_tests::run_platform_tests_no_filter(Platform::Linux);
18 let windows_tests = run_tests::run_platform_tests_no_filter(Platform::Windows);
19 let macos_clippy = run_tests::clippy(Platform::Mac, None);
20 let linux_clippy = run_tests::clippy(Platform::Linux, None);
21 let windows_clippy = run_tests::clippy(Platform::Windows, None);
22 let check_scripts = run_tests::check_scripts();
23
24 let create_draft_release = create_draft_release();
25 let compliance = compliance_check();
26
27 let bundle = ReleaseBundleJobs {
28 linux_aarch64: bundle_linux(
29 Arch::AARCH64,
30 None,
31 &[&linux_tests, &linux_clippy, &check_scripts],
32 ),
33 linux_x86_64: bundle_linux(
34 Arch::X86_64,
35 None,
36 &[&linux_tests, &linux_clippy, &check_scripts],
37 ),
38 mac_aarch64: bundle_mac(
39 Arch::AARCH64,
40 None,
41 &[&macos_tests, &macos_clippy, &check_scripts],
42 ),
43 mac_x86_64: bundle_mac(
44 Arch::X86_64,
45 None,
46 &[&macos_tests, &macos_clippy, &check_scripts],
47 ),
48 windows_aarch64: bundle_windows(
49 Arch::AARCH64,
50 None,
51 &[&windows_tests, &windows_clippy, &check_scripts],
52 ),
53 windows_x86_64: bundle_windows(
54 Arch::X86_64,
55 None,
56 &[&windows_tests, &windows_clippy, &check_scripts],
57 ),
58 };
59
60 let upload_release_assets = upload_release_assets(&[&create_draft_release], &bundle);
61 let validate_release_assets = validate_release_assets(&[&upload_release_assets]);
62
63 let auto_release_preview = auto_release_preview(&[&validate_release_assets]);
64
65 let test_jobs = [
66 &macos_tests,
67 &linux_tests,
68 &windows_tests,
69 &macos_clippy,
70 &linux_clippy,
71 &windows_clippy,
72 &check_scripts,
73 ];
74 let push_slack_notification = push_release_update_notification(
75 &create_draft_release,
76 &upload_release_assets,
77 &validate_release_assets,
78 &auto_release_preview,
79 &test_jobs,
80 &bundle,
81 );
82
83 named::workflow()
84 .on(Event::default().push(Push::default().tags(vec!["v*".to_string()])))
85 .concurrency(vars::one_workflow_per_non_main_branch())
86 .add_env(("CARGO_TERM_COLOR", "always"))
87 .add_env(("RUST_BACKTRACE", "1"))
88 .add_job(macos_tests.name, macos_tests.job)
89 .add_job(linux_tests.name, linux_tests.job)
90 .add_job(windows_tests.name, windows_tests.job)
91 .add_job(macos_clippy.name, macos_clippy.job)
92 .add_job(linux_clippy.name, linux_clippy.job)
93 .add_job(windows_clippy.name, windows_clippy.job)
94 .add_job(check_scripts.name, check_scripts.job)
95 .add_job(create_draft_release.name, create_draft_release.job)
96 .add_job(compliance.name, compliance.job)
97 .map(|mut workflow| {
98 for job in bundle.into_jobs() {
99 workflow = workflow.add_job(job.name, job.job);
100 }
101 workflow
102 })
103 .add_job(upload_release_assets.name, upload_release_assets.job)
104 .add_job(validate_release_assets.name, validate_release_assets.job)
105 .add_job(auto_release_preview.name, auto_release_preview.job)
106 .add_job(push_slack_notification.name, push_slack_notification.job)
107}
108
109pub(crate) struct ReleaseBundleJobs {
110 pub linux_aarch64: NamedJob,
111 pub linux_x86_64: NamedJob,
112 pub mac_aarch64: NamedJob,
113 pub mac_x86_64: NamedJob,
114 pub windows_aarch64: NamedJob,
115 pub windows_x86_64: NamedJob,
116}
117
118impl ReleaseBundleJobs {
119 pub fn jobs(&self) -> Vec<&NamedJob> {
120 vec![
121 &self.linux_aarch64,
122 &self.linux_x86_64,
123 &self.mac_aarch64,
124 &self.mac_x86_64,
125 &self.windows_aarch64,
126 &self.windows_x86_64,
127 ]
128 }
129
130 pub fn into_jobs(self) -> Vec<NamedJob> {
131 vec![
132 self.linux_aarch64,
133 self.linux_x86_64,
134 self.mac_aarch64,
135 self.mac_x86_64,
136 self.windows_aarch64,
137 self.windows_x86_64,
138 ]
139 }
140}
141
142pub(crate) fn create_sentry_release() -> Step<Use> {
143 named::uses(
144 "getsentry",
145 "action-release",
146 "526942b68292201ac6bbb99b9a0747d4abee354c", // v3
147 )
148 .add_env(("SENTRY_ORG", "zed-dev"))
149 .add_env(("SENTRY_PROJECT", "zed"))
150 .add_env(("SENTRY_AUTH_TOKEN", vars::SENTRY_AUTH_TOKEN))
151 .add_with(("environment", "production"))
152}
153
154pub(crate) const COMPLIANCE_REPORT_PATH: &str = "compliance-report";
155const COMPLIANCE_REPORT_FILE: &str = "target/compliance-report.md";
156const NEEDS_REVIEW_PULLS_URL: &str = "https://github.com/zed-industries/zed/pulls?q=is%3Apr+is%3Aclosed+label%3A%22PR+state%3Aneeds+review%22";
157
158pub(crate) enum ComplianceContext {
159 Release,
160 ReleaseNonBlocking,
161 Scheduled { tag_source: StepOutput },
162}
163
164pub(crate) fn add_compliance_notification_steps(
165 job: gh_workflow::Job,
166 context: ComplianceContext,
167 compliance_step_id: &str,
168) -> gh_workflow::Job {
169 let upload_step = upload_artifact(COMPLIANCE_REPORT_FILE)
170 .if_condition(Expression::new("always()"))
171 .when(matches!(context, ComplianceContext::Release), |step| {
172 step.add_with(("overwrite", true))
173 });
174
175 let (success_prefix, failure_prefix) = match context {
176 ComplianceContext::Release | ComplianceContext::ReleaseNonBlocking => {
177 ("✅ Compliance check passed", "❌ Compliance check failed")
178 }
179 ComplianceContext::Scheduled { .. } => (
180 "✅ Scheduled compliance check passed",
181 "⚠️ Scheduled compliance check failed",
182 ),
183 };
184
185 let script = formatdoc! {r#"
186 if [ "$COMPLIANCE_OUTCOME" == "success" ]; then
187 STATUS="{success_prefix} for $COMPLIANCE_TAG"
188 else
189 STATUS="{failure_prefix} for $COMPLIANCE_TAG"
190 fi
191
192 MESSAGE=$(printf "%s\n\nReport: %s\nPRs needing review: %s" "$STATUS" "$ARTIFACT_URL" "{NEEDS_REVIEW_PULLS_URL}")
193
194 curl -X POST -H 'Content-type: application/json' \
195 --data "$(jq -n --arg text "$MESSAGE" '{{"text": $text}}')" \
196 "$SLACK_WEBHOOK"
197 "#,
198 };
199
200 let notification_step = Step::new("send_compliance_slack_notification")
201 .run(&script)
202 .if_condition(Expression::new("always()"))
203 .add_env(("SLACK_WEBHOOK", vars::SLACK_WEBHOOK_WORKFLOW_FAILURES))
204 .add_env((
205 "COMPLIANCE_OUTCOME",
206 format!("${{{{ steps.{compliance_step_id}.outcome }}}}"),
207 ))
208 .add_env((
209 "COMPLIANCE_TAG",
210 match context {
211 ComplianceContext::Release | ComplianceContext::ReleaseNonBlocking => {
212 Context::github().ref_name().to_string()
213 }
214 ComplianceContext::Scheduled { tag_source } => tag_source.to_string(),
215 },
216 ))
217 .add_env((
218 "ARTIFACT_URL",
219 format!("{CURRENT_ACTION_RUN_URL}#artifacts"),
220 ));
221
222 job.add_step(upload_step).add_step(notification_step)
223}
224
225fn compliance_check() -> NamedJob {
226 fn run_compliance_check() -> Step<Run> {
227 named::bash(formatdoc! {r#"
228 cargo xtask compliance "$GITHUB_REF_NAME" --report-path {COMPLIANCE_REPORT_PATH}
229 "#,
230 })
231 .id("run-compliance-check")
232 .add_env(("GITHUB_APP_ID", vars::ZED_ZIPPY_APP_ID))
233 .add_env(("GITHUB_APP_KEY", vars::ZED_ZIPPY_APP_PRIVATE_KEY))
234 .continue_on_error(true)
235 }
236
237 let job = release_job(&[])
238 .runs_on(runners::LINUX_SMALL)
239 .add_step(
240 steps::checkout_repo()
241 .with_full_history()
242 .with_ref(Context::github().ref_()),
243 )
244 .add_step(steps::cache_rust_dependencies_namespace())
245 .add_step(run_compliance_check());
246
247 named::job(add_compliance_notification_steps(
248 job,
249 ComplianceContext::ReleaseNonBlocking,
250 "run-compliance-check",
251 ))
252}
253
254fn validate_release_assets(deps: &[&NamedJob]) -> NamedJob {
255 let expected_assets: Vec<String> = assets::all().iter().map(|a| format!("\"{a}\"")).collect();
256 let expected_assets_json = format!("[{}]", expected_assets.join(", "));
257
258 let validation_script = formatdoc! {r#"
259 EXPECTED_ASSETS='{expected_assets_json}'
260 TAG="$GITHUB_REF_NAME"
261
262 ACTUAL_ASSETS=$(gh release view "$TAG" --repo=zed-industries/zed --json assets -q '[.assets[].name]')
263
264 MISSING_ASSETS=$(echo "$EXPECTED_ASSETS" | jq -r --argjson actual "$ACTUAL_ASSETS" '. - $actual | .[]')
265
266 if [ -n "$MISSING_ASSETS" ]; then
267 echo "Error: The following assets are missing from the release:"
268 echo "$MISSING_ASSETS"
269 exit 1
270 fi
271
272 echo "All expected assets are present in the release."
273 "#,
274 };
275
276 fn run_post_upload_compliance_check() -> Step<Run> {
277 named::bash(formatdoc! {r#"
278 cargo xtask compliance "$GITHUB_REF_NAME" --report-path {COMPLIANCE_REPORT_PATH}
279 "#,
280 })
281 .id("run-post-upload-compliance-check")
282 .add_env(("GITHUB_APP_ID", vars::ZED_ZIPPY_APP_ID))
283 .add_env(("GITHUB_APP_KEY", vars::ZED_ZIPPY_APP_PRIVATE_KEY))
284 }
285
286 let job = dependant_job(deps)
287 .runs_on(runners::LINUX_SMALL)
288 .add_step(named::bash(&validation_script).add_env(("GITHUB_TOKEN", vars::GITHUB_TOKEN)))
289 .add_step(
290 steps::checkout_repo()
291 .with_full_history()
292 .with_ref("${{ github.ref }}"),
293 )
294 .add_step(steps::cache_rust_dependencies_namespace())
295 .add_step(run_post_upload_compliance_check());
296
297 named::job(add_compliance_notification_steps(
298 job,
299 ComplianceContext::Release,
300 "run-post-upload-compliance-check",
301 ))
302}
303
304fn auto_release_preview(deps: &[&NamedJob]) -> NamedJob {
305 let (authenticate, token) = steps::authenticate_as_zippy().into();
306
307 named::job(
308 dependant_job(deps)
309 .runs_on(runners::LINUX_SMALL)
310 .cond(Expression::new(indoc::indoc!(
311 r#"startsWith(github.ref, 'refs/tags/v') && endsWith(github.ref, '-pre') && !endsWith(github.ref, '.0-pre')"#
312 )))
313 .add_step(authenticate)
314 .add_step(
315 steps::script(
316 r#"gh release edit "$GITHUB_REF_NAME" --repo=zed-industries/zed --draft=false"#,
317 )
318 .add_env(("GITHUB_TOKEN", &token)),
319 )
320 )
321}
322
323pub(crate) fn download_workflow_artifacts() -> Step<Use> {
324 named::uses(
325 "actions",
326 "download-artifact",
327 "018cc2cf5baa6db3ef3c5f8a56943fffe632ef53", // v6.0.0
328 )
329 .add_with(("path", "./artifacts/"))
330}
331
332pub(crate) fn prep_release_artifacts() -> Step<Run> {
333 let mut script_lines = vec!["mkdir -p release-artifacts/\n".to_string()];
334 for asset in assets::all() {
335 let mv_command = format!("mv ./artifacts/{asset}/{asset} release-artifacts/{asset}");
336 script_lines.push(mv_command)
337 }
338
339 named::bash(&script_lines.join("\n"))
340}
341
342fn upload_release_assets(deps: &[&NamedJob], bundle: &ReleaseBundleJobs) -> NamedJob {
343 let mut deps = deps.to_vec();
344 deps.extend(bundle.jobs());
345
346 named::job(
347 dependant_job(&deps)
348 .runs_on(runners::LINUX_MEDIUM)
349 .add_step(download_workflow_artifacts())
350 .add_step(steps::script("ls -lR ./artifacts"))
351 .add_step(prep_release_artifacts())
352 .add_step(
353 steps::script("gh release upload \"$GITHUB_REF_NAME\" --repo=zed-industries/zed release-artifacts/*")
354 .add_env(("GITHUB_TOKEN", vars::GITHUB_TOKEN)),
355 ),
356 )
357}
358
359fn create_draft_release() -> NamedJob {
360 fn generate_release_notes() -> Step<Run> {
361 named::bash(
362 r#"node --redirect-warnings=/dev/null ./script/draft-release-notes "$RELEASE_VERSION" "$RELEASE_CHANNEL" > target/release-notes.md"#,
363 )
364 }
365
366 fn create_release() -> Step<Run> {
367 named::bash("script/create-draft-release target/release-notes.md")
368 .add_env(("GITHUB_TOKEN", vars::GITHUB_TOKEN))
369 }
370
371 named::job(
372 release_job(&[])
373 .runs_on(runners::LINUX_SMALL)
374 // We need to fetch more than one commit so that `script/draft-release-notes`
375 // is able to diff between the current and previous tag.
376 //
377 // 25 was chosen arbitrarily.
378 .add_step(
379 steps::checkout_repo()
380 .with_custom_fetch_depth(25)
381 .with_ref(Context::github().ref_()),
382 )
383 .add_step(steps::script("script/determine-release-channel"))
384 .add_step(steps::script("mkdir -p target/"))
385 .add_step(generate_release_notes())
386 .add_step(create_release()),
387 )
388}
389
390pub(crate) fn push_release_update_notification(
391 create_draft_release_job: &NamedJob,
392 upload_assets_job: &NamedJob,
393 validate_assets_job: &NamedJob,
394 auto_release_preview: &NamedJob,
395 test_jobs: &[&NamedJob],
396 bundle_jobs: &ReleaseBundleJobs,
397) -> NamedJob {
398 fn env_name(name: &str) -> String {
399 format!("RESULT_{}", name.to_uppercase())
400 }
401
402 let all_job_names: Vec<&str> = test_jobs
403 .iter()
404 .map(|j| j.name.as_ref())
405 .chain(bundle_jobs.jobs().into_iter().map(|j| j.name.as_ref()))
406 .collect();
407
408 let env_entries = [
409 (
410 "DRAFT_RESULT".into(),
411 format!("${{{{ needs.{}.result }}}}", create_draft_release_job.name),
412 ),
413 (
414 "UPLOAD_RESULT".into(),
415 format!("${{{{ needs.{}.result }}}}", upload_assets_job.name),
416 ),
417 (
418 "VALIDATE_RESULT".into(),
419 format!("${{{{ needs.{}.result }}}}", validate_assets_job.name),
420 ),
421 (
422 "AUTO_RELEASE_RESULT".into(),
423 format!("${{{{ needs.{}.result }}}}", auto_release_preview.name),
424 ),
425 ("RUN_URL".into(), CURRENT_ACTION_RUN_URL.to_string()),
426 ]
427 .into_iter()
428 .chain(
429 all_job_names
430 .iter()
431 .map(|name| (env_name(name), format!("${{{{ needs.{name}.result }}}}"))),
432 );
433
434 let failure_checks = all_job_names
435 .iter()
436 .map(|name| {
437 format!(
438 "if [ \"${env_name}\" == \"failure\" ];then FAILED_JOBS=\"$FAILED_JOBS {name}\"; fi",
439 env_name = env_name(name)
440 )
441 })
442 .collect::<Vec<_>>()
443 .join("\n ");
444
445 let notification_script = formatdoc! {r#"
446 TAG="$GITHUB_REF_NAME"
447
448 if [ "$DRAFT_RESULT" == "failure" ]; then
449 echo "❌ Draft release creation failed for $TAG: $RUN_URL"
450 else
451 RELEASE_URL=$(gh release view "$TAG" --repo=zed-industries/zed --json url -q '.url')
452 if [ "$UPLOAD_RESULT" == "failure" ]; then
453 echo "❌ Release asset upload failed for $TAG: $RELEASE_URL"
454 elif [ "$UPLOAD_RESULT" == "cancelled" ] || [ "$UPLOAD_RESULT" == "skipped" ]; then
455 FAILED_JOBS=""
456 {failure_checks}
457 FAILED_JOBS=$(echo "$FAILED_JOBS" | xargs)
458 if [ "$UPLOAD_RESULT" == "cancelled" ]; then
459 if [ -n "$FAILED_JOBS" ]; then
460 echo "❌ Release job for $TAG was cancelled, most likely because tests \`$FAILED_JOBS\` failed: $RUN_URL"
461 else
462 echo "❌ Release job for $TAG was cancelled: $RUN_URL"
463 fi
464 else
465 if [ -n "$FAILED_JOBS" ]; then
466 echo "❌ Tests \`$FAILED_JOBS\` for $TAG failed: $RUN_URL"
467 else
468 echo "❌ Tests for $TAG failed: $RUN_URL"
469 fi
470 fi
471 elif [ "$VALIDATE_RESULT" == "failure" ]; then
472 echo "❌ Release asset validation failed for $TAG (missing assets): $RUN_URL"
473 elif [ "$AUTO_RELEASE_RESULT" == "success" ]; then
474 echo "✅ Release $TAG was auto-released successfully: $RELEASE_URL"
475 elif [ "$AUTO_RELEASE_RESULT" == "failure" ]; then
476 echo "❌ Auto release failed for $TAG: $RUN_URL"
477 else
478 echo "👀 Release $TAG sitting freshly baked in the oven and waiting to be published: $RELEASE_URL"
479 fi
480 fi
481 "#,
482 };
483
484 let mut all_deps: Vec<&NamedJob> = vec![
485 create_draft_release_job,
486 upload_assets_job,
487 validate_assets_job,
488 auto_release_preview,
489 ];
490 all_deps.extend(test_jobs.iter().copied());
491 all_deps.extend(bundle_jobs.jobs());
492
493 let mut job = dependant_job(&all_deps)
494 .runs_on(runners::LINUX_SMALL)
495 .cond(Expression::new("always()"));
496
497 for step in notify_slack(MessageType::Evaluated {
498 script: notification_script,
499 env: env_entries.collect(),
500 }) {
501 job = job.add_step(step);
502 }
503 named::job(job)
504}
505
506pub(crate) fn notify_on_failure(deps: &[&NamedJob]) -> NamedJob {
507 let failure_message = format!("❌ ${{{{ github.workflow }}}} failed: {CURRENT_ACTION_RUN_URL}");
508
509 let mut job = dependant_job(deps)
510 .runs_on(runners::LINUX_SMALL)
511 .cond(Expression::new("failure()"));
512
513 for step in notify_slack(MessageType::Static(failure_message)) {
514 job = job.add_step(step);
515 }
516 named::job(job)
517}
518
519pub(crate) enum MessageType {
520 Static(String),
521 Evaluated {
522 script: String,
523 env: Vec<(String, String)>,
524 },
525}
526
527fn notify_slack(message: MessageType) -> Vec<Step<Run>> {
528 match message {
529 MessageType::Static(message) => vec![send_slack_message(message)],
530 MessageType::Evaluated { script, env } => {
531 let (generate_step, generated_message) = generate_slack_message(script, env);
532
533 vec![
534 generate_step,
535 send_slack_message(generated_message.to_string()),
536 ]
537 }
538 }
539}
540
541fn generate_slack_message(
542 expression: String,
543 env: Vec<(String, String)>,
544) -> (Step<Run>, StepOutput) {
545 let script = formatdoc! {r#"
546 MESSAGE=$({expression})
547 echo "message=$MESSAGE" >> "$GITHUB_OUTPUT"
548 "#
549 };
550 let mut generate_step = named::bash(&script)
551 .id("generate-webhook-message")
552 .add_env(("GH_TOKEN", Context::github().token()));
553
554 for (name, value) in env {
555 generate_step = generate_step.add_env((name, value));
556 }
557
558 let output = StepOutput::new(&generate_step, "message");
559
560 (generate_step, output)
561}
562
563fn send_slack_message(message: String) -> Step<Run> {
564 named::bash(
565 r#"curl -X POST -H 'Content-type: application/json' --data "$(jq -n --arg text "$SLACK_MESSAGE" '{"text": $text}')" "$SLACK_WEBHOOK""#
566 )
567 .add_env(("SLACK_WEBHOOK", vars::SLACK_WEBHOOK_WORKFLOW_FAILURES))
568 .add_env(("SLACK_MESSAGE", message))
569}