name: Check & publish on: push: branches: ['main'] tags: ['*'] pull_request: branches: ['main'] env: CARGO_TERM_COLOR: always RUSTFLAGS: '-Dwarnings' jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - name: Setup Node.js environment uses: actions/setup-node@v6.3.0 with: node-version: '22.x' check-latest: true - name: Install uv uses: astral-sh/setup-uv@v7 - name: Cache Rust dependencies uses: actions/cache@v5 with: path: | ~/.cargo/bin/ ~/.cargo/registry/index/ ~/.cargo/registry/cache/ ~/.cargo/git/db/ target/ key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-cargo- - name: Lint run: scripts/lint.sh - name: Test run: scripts/test.sh publish-crate: needs: build runs-on: ubuntu-latest if: startsWith(github.ref, 'refs/tags/') steps: - uses: actions/checkout@v6 - name: Cache Rust dependencies uses: actions/cache@v5 with: path: | ~/.cargo/bin/ ~/.cargo/registry/index/ ~/.cargo/registry/cache/ ~/.cargo/git/db/ target/ key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-cargo- - name: Publish to crates.io run: cargo publish --token ${{ secrets.CRATES_IO_TOKEN }} publish-npm: needs: build runs-on: ubuntu-latest if: startsWith(github.ref, 'refs/tags/') permissions: contents: read id-token: write steps: - uses: actions/checkout@v6 - name: Setup Node.js environment uses: actions/setup-node@v6.3.0 with: node-version: '22.x' check-latest: true registry-url: 'https://registry.npmjs.org' - name: Cache Rust dependencies uses: actions/cache@v5 with: path: | ~/.cargo/bin/ ~/.cargo/registry/index/ ~/.cargo/registry/cache/ ~/.cargo/git/db/ target/ key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-cargo- - name: Cache npm dependencies uses: actions/cache@v5 with: path: | reconcile-js/node_modules ~/.npm key: ${{ runner.os }}-npm-${{ hashFiles('reconcile-js/package-lock.json') }} restore-keys: | ${{ runner.os }}-npm- - name: Build website run: scripts/build-website.sh - name: Publish reconcile-js to NPM run: | cd reconcile-js cp ../README.md . npm publish --provenance --access public build-python-wheels: needs: build if: startsWith(github.ref, 'refs/tags/') strategy: matrix: include: - os: ubuntu-latest target: x86_64 - os: ubuntu-latest target: aarch64 - os: macos-latest target: x86_64 - os: macos-latest target: aarch64 - os: windows-latest target: x86_64 runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v6 - uses: actions/setup-python@v6 with: python-version: '3.x' - name: Copy README run: cp README.md reconcile-python/ - uses: PyO3/maturin-action@v1 with: target: ${{ matrix.target }} args: --release --out dist --find-interpreter manylinux: auto working-directory: reconcile-python - uses: actions/upload-artifact@v7 with: name: wheels-${{ matrix.os }}-${{ matrix.target }} path: reconcile-python/dist/*.whl build-python-sdist: needs: build if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - name: Copy README run: cp README.md reconcile-python/ - uses: PyO3/maturin-action@v1 with: command: sdist args: --out dist working-directory: reconcile-python - uses: actions/upload-artifact@v7 with: name: sdist path: reconcile-python/dist/*.tar.gz publish-pypi: needs: [build-python-wheels, build-python-sdist] runs-on: ubuntu-latest permissions: id-token: write steps: - uses: actions/download-artifact@v4 with: pattern: '{wheels-*,sdist}' merge-multiple: true path: dist - uses: pypa/gh-action-pypi-publish@release/v1