1# The purpose of this workflow is to orchestrate Wasmtime's release process as
2# much as possible. This specific workflow is responsible for a few timed parts
3# of the process:
4#
5# * On the 5th of every month a new release branch is automatically created and
6#   the version number of the `main` branch is increased
7# * On the 20th of every month the previous release branch is published.
8#
9# This automation is all done through PRs except for the creation of the release
10# branch itself which is an write-action performed by this script. Otherwise
11# humans are ideally reviewing and rubber-stamping the output of the script all
12# other steps of the way.
13#
14# Note that this script also helps manage patch releases by sending a PR to the
15# release branch with a bumped version number for all crates with a patch-bump.
16
17name: "Automated Release Process"
18on:
19  schedule:
20    # “At 00:00 on day-of-month 5.”
21    #
22    # https://crontab.guru/#0_0_5_*_*
23    - cron: '0 0 5 * *'
24    - cron: '0 0 20 * *'
25
26  # Allow manually triggering this request via the button at
27  # https://github.com/bytecodealliance/wasmtime/actions/workflows/release-process.yml
28  workflow_dispatch:
29    inputs:
30      action:
31        description: 'Publish script argument: "cut", "release-latest", or "release-patch"'
32        required: false
33        default: 'cut'
34
35permissions:
36  contents: write
37
38jobs:
39  release_process:
40    if: "github.repository == 'bytecodealliance/wasmtime' || !github.event.schedule"
41    name: Run the release process
42    runs-on: ubuntu-latest
43    steps:
44      - uses: actions/checkout@v6
45        with:
46          submodules: true
47      - name: Setup
48        run: |
49          rustc scripts/publish.rs
50          git config user.name 'Wasmtime Publish'
51          git config user.email '[email protected]'
52          git remote set-url origin https://git:${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/${{ github.repository }}
53
54      - uses: ./.github/actions/install-rust
55      - uses: ./.github/actions/install-cargo-vet
56
57      - name: Bump major version number
58        run: |
59          set -ex
60          # Push the current contents of `main` to a new release branch
61          cur=$(./ci/print-current-version.sh)
62          git push origin HEAD:release-$cur
63
64          # Update version numbers and make a commit indicating that. Note that
65          # on merge this will not trigger a publish.
66          ./publish bump
67          num=$(./ci/print-current-version.sh)
68
69          # Remove all release notes for the current version now that the
70          # release branch has been created. Additionally add an entry in the
71          # list of all versions pointing to the release notes on the newly
72          # created branch.
73          sed -i '0,/-----------/d' RELEASES.md
74          version_with_trailing_x=$(echo $cur | sed 's/.$/x/')
75          sed -i "/ARCHIVE_START/a * [$version_with_trailing_x](https://github.com/${{ github.repository }}/blob/release-$cur/RELEASES.md)" RELEASES.md
76
77          # Use `RELEASES-template.md` as the new release notes and then append
78          # the archive of all historical releases to the end of it.
79          cp RELEASES.md backup-releases
80          sed "s/VERSION/$num/" ci/RELEASES-template.md > RELEASES.md
81          cat backup-releases >> RELEASES.md
82          rm backup-releases
83
84          # Update `cargo vet` entries for all the new crate versions
85          cargo vet
86
87          # Commit all of the above changes.
88          git commit -am "Bump Wasmtime to $num"
89
90          # Push the result to a branch and setup metadata for the step below
91          # that creates a PR
92          git push origin HEAD:ci/bump-to-$num
93          echo "PR_HEAD=ci/bump-to-$num" >> $GITHUB_ENV
94          echo "PR_TITLE=Bump Wasmtime to $num" >> $GITHUB_ENV
95          echo "PR_BASE=main" >> $GITHUB_ENV
96          cat > pr-body <<-EOF
97          This is an [automated pull request][process] from CI which indicates that the next [\`release-$cur\` branch][branch] has been created and the \`main\` branch is getting its version number bumped from $cur to $num.
98
99          Maintainers should take a moment to review the [release notes][RELEASES.md] for $cur and any updates should be made directly to the [release branch][branch].
100
101          Another automated PR will be made in roughly 2 weeks time when for the actual release itself.
102
103          If any issues arise on the \`main\` branch before the release is made then the issue should first be fixed on \`main\` and then backport to the \`release-$cur\` branch.
104
105          [RELEASES.md]: https://github.com/${{ github.repository }}/blob/release-$cur/RELEASES.md
106          [branch]: https://github.com/${{ github.repository }}/tree/release-$cur
107          [process]: https://docs.wasmtime.dev/contributing-release-process.html
108          EOF
109        if: >-
110          github.event.schedule == '0 0 5 * *' ||
111          github.event.inputs.action == 'cut'
112
113      - name: Perform latest release
114        run: |
115          set -ex
116          git fetch origin
117
118          # Determine the latest release branch
119          rustc ci/find-latest-release.rs -o /tmp/find-latest-release
120          cur=`/tmp/find-latest-release`
121
122          # Move to the most recent release branch, update the release date and
123          # commit it, indicating that the commit is what will get tagged and
124          # released
125          git reset --hard origin/release-$cur
126          git submodule update --init --recursive
127          sed -i "s/^Unreleased/Released $(date +'%Y-%m-%d')/" RELEASES.md
128          git commit --allow-empty -a -F-<<EOF
129          Release Wasmtime $cur
130
131          [automatically-tag-and-release-this-commit]
132          EOF
133
134          # Push the result to a branch and setup metadata for the step below
135          # that creates a PR
136          git push origin HEAD:ci/release-$cur
137          echo "PR_HEAD=ci/release-$cur" >> $GITHUB_ENV
138          echo "PR_TITLE=Release Wasmtime $cur" >> $GITHUB_ENV
139          echo "PR_BASE=release-$cur" >> $GITHUB_ENV
140          cat > pr-body <<-EOF
141          This is an [automated pull request][process] from CI which is intended to notify maintainers that it's time to release Wasmtime $cur. The [release branch][branch] was created roughly two weeks ago and it's now time for it to be published and released.
142
143          It's recommended that maintainers double-check that [RELEASES.md] is up-to-date and that there are no known issues before merging this PR. When this PR is merged a release tag will automatically created, crates will be published, and CI artifacts will be produced.
144
145          [RELEASES.md]: https://github.com/${{ github.repository }}/blob/release-$cur/RELEASES.md
146          [process]: https://docs.wasmtime.dev/contributing-release-process.html
147          [branch]: https://github.com/${{ github.repository }}/tree/release-$cur
148          EOF
149        if: >-
150          github.event.schedule == '0 0 20 * *' ||
151          github.event.inputs.action == 'release-latest'
152
153      - name: Bump and release patch version number
154        run: |
155          set -ex
156          # Update version numbers on a patch basis and update RELEASES.md if a
157          # patch release marker is already in there. Note that this commit
158          # message indicates that on-merge a release will be made.
159          ./publish bump-patch
160          # Update `cargo vet` entries for all the new crate versions
161          cargo vet
162          sed -i "s/^Unreleased/Released $(date +'%Y-%m-%d')/" RELEASES.md
163          num=$(./ci/print-current-version.sh)
164          git commit -a -F-<<EOF
165          Release Wasmtime $num
166
167          [automatically-tag-and-release-this-commit]
168          EOF
169
170          # Push the result to a branch and setup metadata for the step below
171          # that creates a PR
172          git push origin HEAD:ci/bump-to-$num
173          echo "PR_HEAD=ci/bump-to-$num" >> $GITHUB_ENV
174          echo "PR_TITLE=Release Wasmtime $num" >> $GITHUB_ENV
175          echo "PR_BASE=${{ github.ref_name }}" >> $GITHUB_ENV
176          cat > pr-body <<-EOF
177          This is an [automated pull request][process] from CI to create a patch release for Wasmtime $num, requested by @${{ github.actor }}.
178
179          It's recommended that maintainers double-check that [RELEASES.md] is up-to-date and that there are no known issues before merging this PR. When this PR is merged a release tag will automatically be created, crates will be published, and CI artifacts will be produced.
180
181          [RELEASES.md]: https://github.com/${{ github.repository }}/blob/release-$num/RELEASES.md
182          [process]: https://docs.wasmtime.dev/contributing-release-process.html
183          EOF
184
185        if: github.event.inputs.action == 'release-patch'
186
187      - name: Make a PR
188        # Note that the syntax here is kinda funky, and the general gist is that
189        # I couldn't figure out a good way to have a multiline string-literal
190        # become a json-encoded string literal to send to GitHub. This
191        # represents my best attempt.
192        run: |
193          set -ex
194          body=$(jq -sR < ./pr-body)
195
196          curl --include --request POST \
197            https://api.github.com/repos/${{ github.repository }}/pulls \
198            --header "Authorization: token ${{ secrets.PERSONAL_ACCESS_TOKEN }}" \
199            --data @- << EOF
200          {
201            "head": "$PR_HEAD",
202            "base": "$PR_BASE",
203            "title": "$PR_TITLE",
204            "body": $body,
205            "maintainer_can_modify": true
206
207          }
208          EOF
209