0.4.0 - Implement proper version validation instead of auto-updating #15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: [ main ] | |
| # Only trigger on commits with version numbers in the message | |
| # Version is extracted EXACTLY as specified - no automatic bumping | |
| # Example: "1.2.3" or "Release 1.2.3" creates v1.2.3 | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| create-release: | |
| name: Create Release | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && contains(github.event.head_commit.message, '.') | |
| outputs: | |
| version: ${{ steps.version.outputs.version }} | |
| release_created: ${{ steps.release.outputs.release_created }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Validate version consistency and extract | |
| id: version | |
| run: | | |
| COMMIT_MSG="${{ github.event.head_commit.message }}" | |
| COMMIT_VERSION=$(echo "$COMMIT_MSG" | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -1) | |
| echo "Version in commit message: $COMMIT_VERSION" | |
| if [ -z "$COMMIT_VERSION" ]; then | |
| echo "No version found in commit message" | |
| echo "To create a release, include version number in commit message (e.g., '1.2.3')" | |
| exit 1 | |
| fi | |
| # Check that Cargo.toml version matches commit message | |
| CARGO_VERSION=$(grep '^version = ' Cargo.toml | head -1 | cut -d '"' -f 2) | |
| echo "Version in Cargo.toml: $CARGO_VERSION" | |
| if [ "$CARGO_VERSION" != "$COMMIT_VERSION" ]; then | |
| echo "ERROR: Version mismatch!" | |
| echo " Commit message version: $COMMIT_VERSION" | |
| echo " Cargo.toml version: $CARGO_VERSION" | |
| echo "Please update Cargo.toml version to match commit message before releasing." | |
| echo "Release process requires manual version update in Cargo.toml." | |
| exit 1 | |
| fi | |
| echo "✓ Version consistency validated: $COMMIT_VERSION" | |
| echo "Using developer-specified version (no automatic bumping)" | |
| echo "version=$COMMIT_VERSION" >> $GITHUB_OUTPUT | |
| - name: Create Versioned GitHub Release | |
| id: release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }} | |
| with: | |
| tag_name: v${{ steps.version.outputs.version }} | |
| release_name: "Digstore v${{ steps.version.outputs.version }}" | |
| body: | | |
| ## Digstore v${{ steps.version.outputs.version }} | |
| ### Downloads | |
| - **Windows**: [digstore-windows-x64.msi](https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/digstore-windows-x64.msi) | |
| - **macOS**: [digstore-macos.dmg](https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/digstore-macos.dmg) | |
| - **Linux**: [digstore-linux-x86_64.AppImage](https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/digstore-linux-x86_64.AppImage) | |
| - **Checksums**: [checksums.txt](https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/checksums.txt) | |
| ### Verification | |
| **Always verify checksums before installation:** | |
| ```bash | |
| # Download checksums | |
| curl -L -o checksums.txt "https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/checksums.txt" | |
| # Verify Windows MSI | |
| sha256sum digstore-windows-x64.msi | grep -f checksums.txt | |
| # Verify macOS DMG | |
| sha256sum digstore-macos.dmg | grep -f checksums.txt | |
| # Verify Linux AppImage | |
| sha256sum digstore-linux-x86_64.AppImage | grep -f checksums.txt | |
| ``` | |
| ### Installation | |
| #### Windows | |
| ```powershell | |
| # Download and verify | |
| Invoke-WebRequest -Uri "https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/digstore-windows-x64.msi" -OutFile "digstore.msi" | |
| Invoke-WebRequest -Uri "https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/checksums.txt" -OutFile "checksums.txt" | |
| # Verify checksum (PowerShell) | |
| $hash = Get-FileHash digstore.msi -Algorithm SHA256 | |
| $expected = (Get-Content checksums.txt | Select-String "digstore-windows-x64.msi").ToString().Split(":")[1].Trim() | |
| if ($hash.Hash.ToLower() -eq $expected.ToLower()) { Write-Host "✓ Checksum verified" } else { Write-Host "✗ Checksum mismatch"; exit 1 } | |
| # Install silently | |
| msiexec /i digstore.msi /quiet /norestart | |
| ``` | |
| #### macOS | |
| ```bash | |
| # Download and verify | |
| curl -L -o digstore.dmg "https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/digstore-macos.dmg" | |
| curl -L -o checksums.txt "https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/checksums.txt" | |
| # Verify checksum | |
| echo "$(grep 'digstore-macos.dmg' checksums.txt | cut -d':' -f2 | tr -d ' ') digstore.dmg" | shasum -a 256 -c | |
| # Install | |
| hdiutil attach digstore.dmg | |
| cp -r "/Volumes/DIG Network Digstore/DIG Network Digstore.app" /Applications/ | |
| hdiutil detach "/Volumes/DIG Network Digstore" | |
| ``` | |
| #### Linux | |
| ```bash | |
| # Download and verify | |
| curl -L -o digstore "https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/digstore-linux-x86_64.AppImage" | |
| curl -L -o checksums.txt "https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/checksums.txt" | |
| # Verify checksum | |
| echo "$(grep 'digstore-linux-x86_64.AppImage' checksums.txt | cut -d':' -f2 | tr -d ' ') digstore" | sha256sum -c | |
| # Install | |
| chmod +x digstore | |
| sudo mv digstore /usr/local/bin/ | |
| ``` | |
| ### Auto-Update | |
| If you have Digstore installed, you can update using: | |
| ```bash | |
| digstore update | |
| ``` | |
| ### Non-Interactive Installation | |
| For CI/CD and automation: | |
| ```bash | |
| digstore --non-interactive init --name "My Project" | |
| digstore --non-interactive update --force | |
| ``` | |
| --- | |
| **🔒 Security**: Always verify checksums before installation | |
| **📁 Checksums**: [Download checksums.txt](https://github.com/DIG-Network/digstore/releases/download/v${{ steps.version.outputs.version }}/checksums.txt) | |
| **📋 Full Changelog**: https://github.com/DIG-Network/digstore/compare/v${{ steps.version.outputs.version }}...main | |
| draft: false | |
| prerelease: false | |
| - name: Update Latest Build Release | |
| run: | | |
| VERSION="${{ steps.version.outputs.version }}" | |
| # Delete existing latest-build tag and release if it exists | |
| gh release delete latest-build --yes || echo "No existing latest-build release" | |
| git push --delete origin latest-build || echo "No existing latest-build tag" | |
| # Create new latest-build release | |
| gh release create latest-build \ | |
| --title "Latest Build (Development)" \ | |
| --notes "## Latest Development Build | |
| This is the latest development build of Digstore. | |
| **Current Version**: $VERSION | |
| **Build Date**: $(date -u '+%Y-%m-%d %H:%M:%S UTC') | |
| **Commit**: ${{ github.sha }} | |
| ### Downloads | |
| - **Windows**: [digstore-windows-x64.msi](https://github.com/DIG-Network/digstore/releases/download/latest-build/digstore-windows-x64.msi) | |
| - **macOS**: [digstore-macos.dmg](https://github.com/DIG-Network/digstore/releases/download/latest-build/digstore-macos.dmg) | |
| - **Linux**: [digstore-linux-x86_64.AppImage](https://github.com/DIG-Network/digstore/releases/download/latest-build/digstore-linux-x86_64.AppImage) | |
| - **Checksums**: [checksums.txt](https://github.com/DIG-Network/digstore/releases/download/latest-build/checksums.txt) | |
| ### Verification | |
| **Always verify checksums before installation:** | |
| \`\`\`bash | |
| curl -L -o checksums.txt https://github.com/DIG-Network/digstore/releases/download/latest-build/checksums.txt | |
| sha256sum <installer-file> | grep -f checksums.txt | |
| \`\`\` | |
| ### Auto-Update | |
| \`\`\`bash | |
| digstore update | |
| \`\`\` | |
| ### Non-Interactive Mode | |
| \`\`\`bash | |
| digstore --non-interactive update --force | |
| \`\`\` | |
| --- | |
| **⚠️ Development Build**: This build may contain experimental features and should be used for testing only. | |
| **🔒 Security**: Always verify checksums before installation." \ | |
| --prerelease | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }} | |
| wait-for-installers: | |
| name: Wait for Installers | |
| runs-on: ubuntu-latest | |
| needs: create-release | |
| if: needs.create-release.outputs.release_created | |
| steps: | |
| - name: Wait for installer workflows | |
| run: | | |
| echo "Waiting for installer builds to complete..." | |
| sleep 300 # Wait 5 minutes for installers to build | |
| echo "Installer builds should be complete" | |
| upload-release-assets: | |
| name: Upload Release Assets | |
| runs-on: ubuntu-latest | |
| needs: [create-release, wait-for-installers] | |
| if: needs.create-release.outputs.release_created | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download Windows Installer | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: digstore-windows-installer | |
| path: ./installers/ | |
| - name: Download macOS Installer | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: digstore-macos-installer | |
| path: ./installers/ | |
| - name: Download Linux Packages | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: digstore-linux-packages | |
| path: ./installers/ | |
| - name: Generate Checksums and Upload Assets | |
| run: | | |
| # Upload all installer files to both versioned and latest-build releases | |
| VERSION="${{ needs.create-release.outputs.version }}" | |
| # Create checksums file | |
| echo "# Digstore v$VERSION - SHA256 Checksums" > checksums.txt | |
| echo "" >> checksums.txt | |
| # Upload Windows MSI | |
| if [ -f "./installers/digstore-windows-x64.msi" ]; then | |
| CHECKSUM=$(sha256sum "./installers/digstore-windows-x64.msi" | cut -d' ' -f1) | |
| echo "digstore-windows-x64.msi: $CHECKSUM" >> checksums.txt | |
| gh release upload "v$VERSION" "./installers/digstore-windows-x64.msi" --clobber | |
| gh release upload "latest-build" "./installers/digstore-windows-x64.msi" --clobber | |
| fi | |
| # Upload macOS DMG | |
| if [ -f "./installers/digstore-macos.dmg" ]; then | |
| CHECKSUM=$(sha256sum "./installers/digstore-macos.dmg" | cut -d' ' -f1) | |
| echo "digstore-macos.dmg: $CHECKSUM" >> checksums.txt | |
| gh release upload "v$VERSION" "./installers/digstore-macos.dmg" --clobber | |
| gh release upload "latest-build" "./installers/digstore-macos.dmg" --clobber | |
| fi | |
| # Upload Linux packages | |
| for file in ./installers/*.{deb,rpm,AppImage}; do | |
| if [ -f "$file" ]; then | |
| FILENAME=$(basename "$file") | |
| CHECKSUM=$(sha256sum "$file" | cut -d' ' -f1) | |
| echo "$FILENAME: $CHECKSUM" >> checksums.txt | |
| gh release upload "v$VERSION" "$file" --clobber | |
| gh release upload "latest-build" "$file" --clobber | |
| fi | |
| done | |
| # Upload checksums file to both releases | |
| if [ -f "checksums.txt" ]; then | |
| gh release upload "v$VERSION" "checksums.txt" --clobber | |
| gh release upload "latest-build" "checksums.txt" --clobber | |
| fi | |
| echo "✓ Uploaded assets and checksums to both v$VERSION and latest-build releases" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }} |