rustfs/.github/workflows/release.yml

# Copyright 2024 RustFS Team
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

name: Release

on:
  push:
    tags: ["*.*.*"]
  workflow_dispatch:
    inputs:
      tag:
        description: "Tag to create release for"
        required: true
        type: string

env:
  CARGO_TERM_COLOR: always

jobs:
  # Determine release type
  release-check:
    name: Release Type Check
    runs-on: ubuntu-latest
    outputs:
      tag: ${{ steps.check.outputs.tag }}
      version: ${{ steps.check.outputs.version }}
      is_prerelease: ${{ steps.check.outputs.is_prerelease }}
      release_type: ${{ steps.check.outputs.release_type }}
    steps:
      - name: Determine release type
        id: check
        run: |
          if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
            TAG="${{ github.event.inputs.tag }}"
          else
            TAG="${GITHUB_REF#refs/tags/}"
          fi

          VERSION="${TAG}"

          # Check if this is a prerelease
          IS_PRERELEASE=false
          RELEASE_TYPE="release"

          if [[ "$TAG" == *"alpha"* ]] || [[ "$TAG" == *"beta"* ]] || [[ "$TAG" == *"rc"* ]]; then
            IS_PRERELEASE=true
            if [[ "$TAG" == *"alpha"* ]]; then
              RELEASE_TYPE="alpha"
            elif [[ "$TAG" == *"beta"* ]]; then
              RELEASE_TYPE="beta"
            elif [[ "$TAG" == *"rc"* ]]; then
              RELEASE_TYPE="rc"
            fi
          fi

          echo "tag=$TAG" >> $GITHUB_OUTPUT
          echo "version=$VERSION" >> $GITHUB_OUTPUT
          echo "is_prerelease=$IS_PRERELEASE" >> $GITHUB_OUTPUT
          echo "release_type=$RELEASE_TYPE" >> $GITHUB_OUTPUT

          echo "📦 Release Type: $RELEASE_TYPE"
          echo "🏷️  Tag: $TAG"
          echo "🔢 Version: $VERSION"
          echo "🚀 Is Prerelease: $IS_PRERELEASE"

  # Create GitHub Release
  create-release:
    name: Create GitHub Release
    needs: release-check
    runs-on: ubuntu-latest
    permissions:
      contents: write
    outputs:
      release_id: ${{ steps.create.outputs.release_id }}
      release_url: ${{ steps.create.outputs.release_url }}
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Create GitHub Release
        id: create
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          TAG="${{ needs.release-check.outputs.tag }}"
          VERSION="${{ needs.release-check.outputs.version }}"
          IS_PRERELEASE="${{ needs.release-check.outputs.is_prerelease }}"
          RELEASE_TYPE="${{ needs.release-check.outputs.release_type }}"

          # Check if release already exists
          if gh release view "$TAG" >/dev/null 2>&1; then
            echo "Release $TAG already exists"
            RELEASE_ID=$(gh release view "$TAG" --json databaseId --jq '.databaseId')
            RELEASE_URL=$(gh release view "$TAG" --json url --jq '.url')
          else
            # Get release notes from tag message
            RELEASE_NOTES=$(git tag -l --format='%(contents)' "${TAG}")
            if [[ -z "$RELEASE_NOTES" || "$RELEASE_NOTES" =~ ^[[:space:]]*$ ]]; then
              if [[ "$IS_PRERELEASE" == "true" ]]; then
                RELEASE_NOTES="Pre-release ${VERSION} (${RELEASE_TYPE})"
              else
                RELEASE_NOTES="Release ${VERSION}"
              fi
            fi

            # Create release title
            if [[ "$IS_PRERELEASE" == "true" ]]; then
              TITLE="RustFS $VERSION (${RELEASE_TYPE})"
            else
              TITLE="RustFS $VERSION"
            fi

            # Create the release
            PRERELEASE_FLAG=""
            if [[ "$IS_PRERELEASE" == "true" ]]; then
              PRERELEASE_FLAG="--prerelease"
            fi

            gh release create "$TAG" \
              --title "$TITLE" \
              --notes "$RELEASE_NOTES" \
              $PRERELEASE_FLAG \
              --draft

            RELEASE_ID=$(gh release view "$TAG" --json databaseId --jq '.databaseId')
            RELEASE_URL=$(gh release view "$TAG" --json url --jq '.url')
          fi

          echo "release_id=$RELEASE_ID" >> $GITHUB_OUTPUT
          echo "release_url=$RELEASE_URL" >> $GITHUB_OUTPUT
          echo "Created release: $RELEASE_URL"

  # Wait for build artifacts from build.yml
  wait-for-artifacts:
    name: Wait for Build Artifacts
    needs: release-check
    runs-on: ubuntu-latest
    steps:
      - name: Wait for build workflow
        uses: lewagon/wait-on-check-action@v1.3.1
        with:
          ref: ${{ needs.release-check.outputs.tag }}
          check-name: "Build RustFS"
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          wait-interval: 30
          allowed-conclusions: success

  # Download and prepare release assets
  prepare-assets:
    name: Prepare Release Assets
    needs: [release-check, wait-for-artifacts]
    runs-on: ubuntu-latest
    outputs:
      assets_prepared: ${{ steps.prepare.outputs.assets_prepared }}
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Download artifacts from build workflow
        uses: actions/download-artifact@v4
        with:
          path: ./artifacts
          pattern: rustfs-*
          merge-multiple: true

      - name: Prepare release assets
        id: prepare
        run: |
          VERSION="${{ needs.release-check.outputs.version }}"
          TAG="${{ needs.release-check.outputs.tag }}"

          mkdir -p ./release-assets

          # Copy and verify artifacts
          ASSETS_COUNT=0
          for file in ./artifacts/rustfs-*.zip; do
            if [[ -f "$file" ]]; then
              cp "$file" ./release-assets/
              ASSETS_COUNT=$((ASSETS_COUNT + 1))
            fi
          done

          if [[ $ASSETS_COUNT -eq 0 ]]; then
            echo "❌ No artifacts found!"
            exit 1
          fi

          cd ./release-assets

          # Generate checksums
          if ls *.zip >/dev/null 2>&1; then
            sha256sum *.zip > SHA256SUMS
            sha512sum *.zip > SHA512SUMS
          fi

          # TODO: Add GPG signing for signatures
          # For now, create placeholder signature files
          for file in *.zip; do
            echo "# Signature for $file" > "${file}.asc"
            echo "# GPG signature will be added in future versions" >> "${file}.asc"
          done

          echo "assets_prepared=true" >> $GITHUB_OUTPUT

          echo "📦 Prepared assets:"
          ls -la

          echo "🔢 Asset count: $ASSETS_COUNT"

      - name: Upload prepared assets
        uses: actions/upload-artifact@v4
        with:
          name: release-assets-${{ needs.release-check.outputs.tag }}
          path: ./release-assets/
          retention-days: 30

  # Upload assets to GitHub Release
  upload-assets:
    name: Upload Release Assets
    needs: [release-check, create-release, prepare-assets]
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
      - name: Download prepared assets
        uses: actions/download-artifact@v4
        with:
          name: release-assets-${{ needs.release-check.outputs.tag }}
          path: ./release-assets

      - name: Upload to GitHub Release
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          TAG="${{ needs.release-check.outputs.tag }}"

          cd ./release-assets

          # Upload all files
          for file in *; do
            if [[ -f "$file" ]]; then
              echo "📤 Uploading $file..."
              gh release upload "$TAG" "$file" --clobber
            fi
          done

          echo "✅ All assets uploaded successfully"

  # Update latest.json for stable releases only
  update-latest:
    name: Update Latest Version
    needs: [release-check, upload-assets]
    if: needs.release-check.outputs.is_prerelease == 'false'
    runs-on: ubuntu-latest
    steps:
      - name: Update latest.json
        env:
          OSS_ACCESS_KEY_ID: ${{ secrets.ALICLOUDOSS_KEY_ID }}
          OSS_ACCESS_KEY_SECRET: ${{ secrets.ALICLOUDOSS_KEY_SECRET }}
        run: |
          if [[ -z "$OSS_ACCESS_KEY_ID" ]]; then
            echo "⚠️ OSS credentials not available, skipping latest.json update"
            exit 0
          fi

          VERSION="${{ needs.release-check.outputs.version }}"
          TAG="${{ needs.release-check.outputs.tag }}"

          # Install ossutil
          OSSUTIL_VERSION="2.1.1"
          OSSUTIL_ZIP="ossutil-${OSSUTIL_VERSION}-linux-amd64.zip"
          OSSUTIL_DIR="ossutil-${OSSUTIL_VERSION}-linux-amd64"

          curl -o "$OSSUTIL_ZIP" "https://gosspublic.alicdn.com/ossutil/v2/${OSSUTIL_VERSION}/${OSSUTIL_ZIP}"
          unzip "$OSSUTIL_ZIP"
          chmod +x "${OSSUTIL_DIR}/ossutil"

          # Create latest.json
          cat > latest.json << EOF
          {
            "version": "${VERSION}",
            "tag": "${TAG}",
            "release_date": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
            "release_type": "stable",
            "download_url": "https://github.com/${{ github.repository }}/releases/tag/${TAG}"
          }
          EOF

          # Upload to OSS
          ./${OSSUTIL_DIR}/ossutil cp latest.json oss://rustfs-version/latest.json --force

          echo "✅ Updated latest.json for stable release $VERSION"

  # Publish release (remove draft status)
  publish-release:
    name: Publish Release
    needs: [release-check, create-release, upload-assets]
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Update release notes and publish
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          TAG="${{ needs.release-check.outputs.tag }}"
          VERSION="${{ needs.release-check.outputs.version }}"
          IS_PRERELEASE="${{ needs.release-check.outputs.is_prerelease }}"
          RELEASE_TYPE="${{ needs.release-check.outputs.release_type }}"

          # Get original release notes from tag
          ORIGINAL_NOTES=$(git tag -l --format='%(contents)' "${TAG}")
          if [[ -z "$ORIGINAL_NOTES" || "$ORIGINAL_NOTES" =~ ^[[:space:]]*$ ]]; then
            if [[ "$IS_PRERELEASE" == "true" ]]; then
              ORIGINAL_NOTES="Pre-release ${VERSION} (${RELEASE_TYPE})"
            else
              ORIGINAL_NOTES="Release ${VERSION}"
            fi
          fi

          # Use release notes template if available
          if [[ -f ".github/workflows/release-notes-template.md" ]]; then
            # Substitute variables in template
            sed -e "s/\${VERSION}/$TAG/g" \
                -e "s/\${VERSION_CLEAN}/$VERSION/g" \
                -e "s/\${ORIGINAL_NOTES}/$(echo "$ORIGINAL_NOTES" | sed 's/[[\.*^$()+?{|]/\\&/g')/g" \
                .github/workflows/release-notes-template.md > enhanced_notes.md

            # Update release notes
            gh release edit "$TAG" --notes-file enhanced_notes.md
          fi

          # Publish the release (remove draft status)
          gh release edit "$TAG" --draft=false

          echo "🎉 Released $TAG successfully!"
          echo "📄 Release URL: ${{ needs.create-release.outputs.release_url }}"