From b3300446b2456a392b93e3daf66b5eb6e3c689fd Mon Sep 17 00:00:00 2001 From: Maxwell Elliott Date: Mon, 9 Mar 2026 12:47:58 -0400 Subject: [PATCH] Use bazel contrib release rules Use upstream release rules for bcr usage --- .github/workflows/publish.yaml | 28 ---------------------- .github/workflows/release.yaml | 29 +++++++++++++++++++++++ .github/workflows/release_prep.sh | 39 +++++++++++++++++++++++++++++++ 3 files changed, 68 insertions(+), 28 deletions(-) delete mode 100644 .github/workflows/publish.yaml create mode 100644 .github/workflows/release.yaml create mode 100644 .github/workflows/release_prep.sh diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml deleted file mode 100644 index 638b6ef..0000000 --- a/.github/workflows/publish.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Publish new releases to Bazel Central Registry. -name: Publish to BCR -on: - workflow_dispatch: - inputs: - tag_name: - description: git tag being released - required: true - type: string -jobs: - publish: - uses: bazel-contrib/publish-to-bcr/.github/workflows/publish.yaml@v1.0.0 - with: - tag_name: ${{ inputs.tag_name }} - # GitHub repository which is a fork of the upstream where the Pull Request will be opened. - registry_fork: maxwellE/bazel-central-registry - attest: false - author_name: Maxwell Elliott - author_email: maxwell@elliott.now - committer_name: Maxwell Elliott - committer_email: maxwell@elliott.now - permissions: - contents: write - id-token: write - attestations: write - secrets: - # Necessary to push to the BCR fork, and to open a pull request against a registry - publish_token: ${{ secrets.BCR_PUBLISH_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..3874c4a --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,29 @@ +# Cut a release whenever a new tag is pushed or via workflow_dispatch. +# Uses bazel-contrib release ruleset: build, attest, and publish to GitHub Releases. +name: Release +on: + workflow_dispatch: + inputs: + tag_name: + description: Git tag being released + required: true + type: string + push: + tags: + - "v*.*.*" +permissions: + id-token: write + attestations: write + contents: write +jobs: + release: + uses: bazel-contrib/.github/.github/workflows/release_ruleset.yaml@v7.2.2 + with: + release_files: archives/release.tar.gz + prerelease: false + tag_name: ${{ inputs.tag_name || github.ref_name }} + permissions: + id-token: write # Needed to attest provenance + attestations: write # Needed to attest provenance + contents: write # Needed to upload release files + secrets: {} diff --git a/.github/workflows/release_prep.sh b/.github/workflows/release_prep.sh new file mode 100644 index 0000000..bc555c1 --- /dev/null +++ b/.github/workflows/release_prep.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +set -o errexit -o nounset -o pipefail + +# Argument provided by reusable workflow caller, see +# https://github.com/bazel-contrib/.github/blob/master/.github/workflows/release_ruleset.yaml +TAG=$1 + +mkdir -p archives +tar --exclude-vcs \ + --exclude=bazel-* \ + --exclude=.github \ + --exclude=archives \ + --exclude=cli/src/test \ + -zcf "archives/release.tar.gz" . + +SHA=$(shasum -a 256 archives/release.tar.gz | awk '{print $1}') + +cat << EOF +## Using Bzlmod (MODULE.bazel) + +Add to your \`MODULE.bazel\` file: + +\`\`\`starlark +bazel_dep(name = "bazel-diff", version = "${TAG#v}") +\`\`\` + +## Using WORKSPACE + +\`\`\`starlark +load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") +http_archive( + name = "bazel-diff", + sha256 = "${SHA}", + strip_prefix = "", + url = "https://github.com/Tinder/bazel-diff/releases/download/${TAG}/release.tar.gz", +) +\`\`\` +EOF