Release baf035e693b7ea6474529b98abfc230fc070cf10 #2492
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| run-name: Release ${{ github.event.inputs.version || github.sha }} | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: Version to release | |
| required: true | |
| force: | |
| description: Force a release even when there are release-blockers (optional) | |
| required: false | |
| merge_target: | |
| description: Target branch to merge into. Uses the default branch as a fallback (optional) | |
| required: false | |
| # Concurrency configuration: | |
| # - We use workflow-specific concurrency groups to prevent multiple release builds from running | |
| # simultaneously, which could lead to race conditions in artifact generation and storage. | |
| # - For pull requests, we cancel in-progress runs when testing release workflow changes since | |
| # only the latest version needs validation before merging. | |
| # - For main branch pushes (actual releases), we never cancel runs to ensure every release | |
| # process completes fully, as partial releases could corrupt our distribution pipeline. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
| jobs: | |
| files-changed: | |
| name: Detect File Changes | |
| runs-on: ubuntu-latest | |
| outputs: | |
| run_release_for_prs: ${{ steps.changes.outputs.run_release_for_prs }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - name: Get changed files | |
| id: changes | |
| uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
| with: | |
| token: ${{ github.token }} | |
| filters: .github/file-filters.yml | |
| setup-matrix: | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| needs: files-changed | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - name: Setup matrix combinations | |
| id: setup-matrix-combinations | |
| run: | | |
| ./scripts/generate_release_matrix.sh | |
| env: | |
| EVENT_NAME: ${{ github.event_name }} | |
| outputs: | |
| slices: ${{ steps.setup-matrix-combinations.outputs.slices }} | |
| variants: ${{ steps.setup-matrix-combinations.outputs.variants }} | |
| sdk-list-array: ${{ steps.setup-matrix-combinations.outputs.sdk-list-array }} | |
| sdk-list-string: ${{ steps.setup-matrix-combinations.outputs.sdk-list-string }} | |
| build-xcframework-variant-slices: | |
| name: Build XCFramework Slices | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| needs: [files-changed, setup-matrix] | |
| uses: ./.github/workflows/build-xcframework-variant-slices.yml | |
| with: | |
| name: ${{matrix.variant.name}} | |
| suffix: ${{matrix.variant.suffix}} | |
| macho-type: ${{matrix.variant.macho-type}} | |
| configuration-suffix: ${{matrix.variant.configuration-suffix}} | |
| variant-id: ${{matrix.variant.id}} | |
| release-version: ${{ github.event.inputs.version }} | |
| sdk-list: ${{ needs.setup-matrix.outputs.sdk-list-array }} | |
| strategy: | |
| matrix: | |
| variant: ${{ fromJson(needs.setup-matrix.outputs.slices) }} | |
| assemble-xcframework-variant: | |
| needs: [files-changed, build-xcframework-variant-slices, setup-matrix] | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| name: Assemble XCFramework Variant | |
| uses: ./.github/workflows/assemble-xcframework-variant.yml | |
| secrets: inherit | |
| with: | |
| scheme: ${{matrix.variant.scheme}} | |
| suffix: ${{matrix.variant.suffix}} | |
| configuration-suffix: ${{matrix.variant.configuration-suffix}} | |
| variant-id: ${{matrix.variant.id}} | |
| signed: true | |
| release-version: ${{ github.event.inputs.version }} | |
| excluded-archs: ${{matrix.variant.excluded-archs}} | |
| override-name: ${{matrix.variant.override-name}} | |
| sdks: ${{ needs.setup-matrix.outputs.sdk-list-string }} | |
| strategy: | |
| matrix: | |
| variant: ${{ fromJson(needs.setup-matrix.outputs.variants) }} | |
| validate-xcframework: | |
| name: Validate XCFramework | |
| runs-on: macos-14 | |
| needs: [files-changed, assemble-xcframework-variant] | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| pattern: xcframework-${{github.sha}}-sentry-static | |
| path: Carthage/ | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| pattern: xcframework-${{github.sha}}-sentry-swiftui | |
| path: Carthage/ | |
| - run: ./scripts/ci-select-xcode.sh 15.4 | |
| - run: make build-xcframework-sample | |
| - name: Run CI Diagnostics | |
| if: failure() | |
| run: ./scripts/ci-diagnostics.sh | |
| # Use github.event.pull_request.head.sha instead of github.sha when available as | |
| # the github.sha is be the pre merge commit id for PRs. | |
| # See https://github.community/t/github-sha-isnt-the-value-expected/17903/17906. | |
| validate-spm: | |
| name: Validate SPM Static | |
| runs-on: macos-14 | |
| needs: [files-changed, assemble-xcframework-variant] | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| pattern: xcframework-${{github.sha}}-* | |
| merge-multiple: true | |
| - name: Prepare Package.swift | |
| uses: ./.github/actions/prepare-package.swift | |
| with: | |
| is-pr: ${{ github.event_name == 'pull_request' }} | |
| - run: swift build | |
| working-directory: Samples/macOS-SPM-CommandLine | |
| - name: Run CI Diagnostics | |
| if: failure() | |
| run: ./scripts/ci-diagnostics.sh | |
| validate-spm-dynamic: | |
| name: Validate SPM Dynamic | |
| runs-on: macos-14 | |
| needs: [files-changed, assemble-xcframework-variant] | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| pattern: xcframework-${{github.sha}}-* | |
| merge-multiple: true | |
| - name: Prepare Package.swift | |
| uses: ./.github/actions/prepare-package.swift | |
| with: | |
| is-pr: ${{ github.event_name == 'pull_request' }} | |
| - run: swift build | |
| working-directory: Samples/SPM-Dynamic | |
| - name: Run CI Diagnostics | |
| if: failure() | |
| run: ./scripts/ci-diagnostics.sh | |
| swift-build: | |
| name: Build Swift Static | |
| runs-on: macos-14 | |
| needs: [files-changed, assemble-xcframework-variant] | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| pattern: xcframework-${{github.sha}}-* | |
| merge-multiple: true | |
| - name: Prepare Package.swift | |
| uses: ./.github/actions/prepare-package.swift | |
| with: | |
| is-pr: ${{ github.event_name == 'pull_request' }} | |
| - run: swift build | |
| - name: Run CI Diagnostics | |
| if: failure() | |
| run: ./scripts/ci-diagnostics.sh | |
| validate-spm-visionos: | |
| name: Validate SPM Static visionOS | |
| runs-on: macos-14 | |
| needs: [files-changed, assemble-xcframework-variant] | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| pattern: xcframework-${{github.sha}}-* | |
| merge-multiple: true | |
| - name: Prepare Package.swift | |
| uses: ./.github/actions/prepare-package.swift | |
| with: | |
| is-pr: ${{ github.event_name == 'pull_request' }} | |
| - run: set -o pipefail &&xcodebuild build -scheme visionOS-SPM -sdk xros -destination 'generic/platform=xros' | tee raw-build-output-spm-visionOS.log | xcbeautify | |
| working-directory: Samples/visionOS-SPM | |
| - name: Run CI Diagnostics | |
| if: failure() | |
| run: ./scripts/ci-diagnostics.sh | |
| duplication-tests: | |
| name: Test Sentry Duplication V4 # Up the version with every change to keep track of flaky tests | |
| uses: ./.github/workflows/ui-tests-common.yml | |
| needs: [files-changed, assemble-xcframework-variant] | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| secrets: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| with: | |
| fastlane_command: duplication_test | |
| xcode_version: 16.4 | |
| macos_version: macos-15 | |
| needs_xcframework: true | |
| app-metrics: | |
| name: Collect App Metrics | |
| runs-on: macos-15 | |
| needs: [files-changed, assemble-xcframework-variant] | |
| # Run the job only for PRs with related changes or non-PR events. | |
| if: github.event_name != 'pull_request' || needs.files-changed.outputs.run_release_for_prs == 'true' | |
| timeout-minutes: 20 | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v5 | |
| - run: ./scripts/ci-select-xcode.sh 16.4 | |
| - uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| - uses: actions/cache@v4 | |
| id: app-plain-cache | |
| with: | |
| path: Tests/Perf/test-app-plain.ipa | |
| key: ${{ github.workflow }}-${{ github.job }}-appplain-${{ hashFiles('fastlane/Fastfile', 'Tests/Perf/test-app-plain/**') }} | |
| - name: Build test app plain | |
| if: steps.app-plain-cache.outputs['cache-hit'] != 'true' | |
| run: bundle exec fastlane build_perf_test_app_plain | |
| env: | |
| APP_STORE_CONNECT_KEY_ID: ${{ secrets.APP_STORE_CONNECT_KEY_ID }} | |
| APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }} | |
| APP_STORE_CONNECT_KEY: ${{ secrets.APP_STORE_CONNECT_KEY }} | |
| FASTLANE_KEYCHAIN_PASSWORD: ${{ secrets.FASTLANE_KEYCHAIN_PASSWORD }} | |
| MATCH_GIT_PRIVATE_KEY: ${{ secrets.MATCH_GIT_PRIVATE_KEY }} | |
| MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} | |
| MATCH_USERNAME: ${{ secrets.MATCH_USERNAME }} | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| pattern: xcframework-${{github.sha}}-sentry-dynamic | |
| path: Carthage/ | |
| - run: find Carthage -name "Sentry-Dynamic.xcframework.zip" -print0 | xargs -t0I @ unzip @ -d Carthage | |
| - name: Build test app with sentry | |
| run: bundle exec fastlane build_perf_test_app_sentry | |
| env: | |
| APP_STORE_CONNECT_KEY_ID: ${{ secrets.APP_STORE_CONNECT_KEY_ID }} | |
| APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }} | |
| APP_STORE_CONNECT_KEY: ${{ secrets.APP_STORE_CONNECT_KEY }} | |
| FASTLANE_KEYCHAIN_PASSWORD: ${{ secrets.FASTLANE_KEYCHAIN_PASSWORD }} | |
| MATCH_GIT_PRIVATE_KEY: ${{ secrets.MATCH_GIT_PRIVATE_KEY }} | |
| MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} | |
| MATCH_USERNAME: ${{ secrets.MATCH_USERNAME }} | |
| - name: Collect app metrics | |
| uses: getsentry/action-app-sdk-overhead-metrics@c9eca50e02d180ee07a02952c062b2f3f545f735 | |
| with: | |
| config: Tests/Perf/metrics-test.yml | |
| sauce-user: ${{ secrets.SAUCE_USERNAME }} | |
| sauce-key: ${{ secrets.SAUCE_ACCESS_KEY }} | |
| - name: Debug Xcode environment | |
| if: ${{ failure() || cancelled() }} | |
| run: ./scripts/ci-diagnostics.sh | |
| job_release: | |
| runs-on: ubuntu-latest | |
| name: "Release New Version" | |
| needs: [ | |
| files-changed, | |
| validate-xcframework, | |
| validate-spm, | |
| validate-spm-dynamic, | |
| swift-build, | |
| duplication-tests, | |
| app-metrics, | |
| ] | |
| if: ${{ github.event_name == 'workflow_dispatch' }} | |
| steps: | |
| - name: Get auth token | |
| id: token | |
| uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1 | |
| with: | |
| app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }} | |
| private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }} | |
| - name: Check out current commit (${{ github.sha }}) | |
| uses: actions/checkout@v5 | |
| with: | |
| token: ${{ steps.token.outputs.token }} | |
| fetch-depth: 0 | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| pattern: xcframework-${{github.sha}}-* | |
| merge-multiple: true | |
| path: Carthage/ | |
| - name: Archive XCFrameworks for Craft | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: xcframeworks.zip | |
| if-no-files-found: error | |
| overwrite: true | |
| path: | | |
| ${{github.workspace}}/Carthage/*.zip | |
| # update-package-sha.sh uses this env variable to update Package.swift. | |
| # During release Craft calls bump.sh that uses update-package-sha.sh. | |
| - run: export GITHUB_RUN_ID="$GITHUB_RUN_ID" | |
| env: | |
| GITHUB_RUN_ID: ${{ github.run_id }} | |
| - name: Prepare release | |
| uses: getsentry/action-prepare-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ steps.token.outputs.token }} | |
| with: | |
| version: ${{ github.event.inputs.version }} | |
| force: ${{ github.event.inputs.force }} | |
| merge_target: ${{ github.event.inputs.merge_target }} | |
| - name: Run CI Diagnostics | |
| if: failure() | |
| run: ./scripts/ci-diagnostics.sh | |
| release-required-check: | |
| needs: | |
| [ | |
| files-changed, | |
| build-xcframework-variant-slices, | |
| assemble-xcframework-variant, | |
| validate-xcframework, | |
| validate-spm, | |
| validate-spm-dynamic, | |
| swift-build, | |
| duplication-tests, | |
| app-metrics, | |
| ] | |
| name: Release | |
| # This is necessary since a failed/skipped dependent job would cause this job to be skipped | |
| if: always() | |
| runs-on: ubuntu-latest | |
| steps: | |
| # If any jobs we depend on fails gets cancelled or times out, this job will fail. | |
| # Skipped jobs are not considered failures. | |
| - name: Check for failures | |
| if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') | |
| run: | | |
| echo "One of the release check jobs has failed." && exit 1 |