Publish Ice Release #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Publish Ice Release" | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| channel: | |
| description: "The release channel (e.g., 3.8, nightly)" | |
| required: false | |
| default: "nightly" | |
| run_id: | |
| description: "The GitHub run ID to use for artifacts" | |
| required: true | |
| workflow_call: | |
| inputs: | |
| channel: | |
| required: true | |
| type: string | |
| run_id: | |
| required: true | |
| type: string | |
| jobs: | |
| publish-deb-packages: | |
| uses: ./.github/workflows/publish-deb-packages.yml | |
| with: | |
| channel: ${{ inputs.channel }} | |
| run_id: ${{ inputs.run_id }} | |
| secrets: inherit | |
| publish-gem-packages: | |
| uses: ./.github/workflows/publish-gem-packages.yml | |
| with: | |
| channel: ${{ inputs.channel }} | |
| run_id: ${{ inputs.run_id }} | |
| secrets: inherit | |
| publish-maven-packages: | |
| uses: ./.github/workflows/publish-maven-packages.yml | |
| with: | |
| channel: ${{ inputs.channel }} | |
| run_id: ${{ inputs.run_id }} | |
| secrets: inherit | |
| publish-misc-packages: | |
| uses: ./.github/workflows/publish-misc-packages.yml | |
| with: | |
| channel: ${{ inputs.channel }} | |
| run_id: ${{ inputs.run_id }} | |
| secrets: inherit | |
| publish-npm-packages: | |
| uses: ./.github/workflows/publish-npm-packages.yml | |
| with: | |
| channel: ${{ inputs.channel }} | |
| run_id: ${{ inputs.run_id }} | |
| secrets: inherit | |
| publish-nuget-packages: | |
| uses: ./.github/workflows/publish-nuget-packages.yml | |
| with: | |
| channel: ${{ inputs.channel }} | |
| run_id: ${{ inputs.run_id }} | |
| secrets: inherit | |
| publish-pip-packages: | |
| uses: ./.github/workflows/publish-pip-packages.yml | |
| with: | |
| channel: ${{ inputs.channel }} | |
| run_id: ${{ inputs.run_id }} | |
| secrets: inherit | |
| publish-rpm-packages: | |
| uses: ./.github/workflows/publish-rpm-packages.yml | |
| with: | |
| channel: ${{ inputs.channel }} | |
| run_id: ${{ inputs.run_id }} | |
| secrets: inherit | |
| invalidate-cloudfront-cache: | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - publish-deb-packages | |
| - publish-gem-packages | |
| - publish-maven-packages | |
| - publish-misc-packages | |
| - publish-npm-packages | |
| - publish-nuget-packages | |
| - publish-pip-packages | |
| - publish-rpm-packages | |
| steps: | |
| - name: Invalidate CloudFront Cache | |
| run: | | |
| aws cloudfront create-invalidation \ | |
| --distribution-id E163NR6GH4QVNV \ | |
| --paths "/ice/${{ inputs.channel }}/*" | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| upload-release-assets: | |
| # For stable channels if running on a tag, we upload the release assets to the tag. | |
| if: ${{ inputs.channel != 'nightly' && startsWith(github.ref, 'refs/tags/') }} | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - publish-deb-packages | |
| - publish-gem-packages | |
| - publish-maven-packages | |
| - publish-misc-packages | |
| - publish-npm-packages | |
| - publish-nuget-packages | |
| - publish-pip-packages | |
| - publish-rpm-packages | |
| steps: | |
| - name: Ensure tag matches channel | |
| run: | | |
| case "${GITHUB_REF}" in | |
| refs/tags/v${{ inputs.channel }}*) | |
| echo "Tag matches channel" | |
| ;; | |
| *) | |
| echo "❌ Tag '${GITHUB_REF}' does not match channel '${{ inputs.channel }}'" | |
| exit 1 | |
| ;; | |
| esac | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Download artifacts | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| RUN_ID: ${{ inputs.run_id }} | |
| run: | | |
| set -euo pipefail | |
| mkdir -p staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "deb-packages-*" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "dotnet-nuget-packages" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "gem-packages" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "xcframework-packages" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "homebrew-bottle" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "matlab-packages-*" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "windows-msi" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "java-packages" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "js-npm-packages" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "pip-packages-*" --dir staging | |
| gh run download "$RUN_ID" --repo zeroc-ice/ice --pattern "rpm-packages-*" --dir staging | |
| - name: Prepare Release Assets | |
| run: ./packaging/release/create-release-assets.sh | |
| env: | |
| STAGING_DIR: ${{ github.workspace }}/staging | |
| - name: Upload Release Assets | |
| run: | | |
| set -euo pipefail | |
| TAG="${GITHUB_REF#refs/tags/}" | |
| TITLE="Ice ${TAG}" | |
| # Check if the release already exists | |
| if ! gh release view "$TAG" &>/dev/null; then | |
| echo "Creating draft release for $TAG..." | |
| gh release create "$TAG" --title "$TITLE" --notes "" --draft | |
| fi | |
| # Upload artifacts to the release | |
| echo "Uploading artifacts to release $TAG..." | |
| gh release upload "$TAG" release/* --clobber |