diff --git a/.github/workflows/release-recipe.yml b/.github/workflows/release-recipe.yml index acf3eb1..7a892cb 100644 --- a/.github/workflows/release-recipe.yml +++ b/.github/workflows/release-recipe.yml @@ -4,13 +4,9 @@ on: push: tags: - "rust-v*" - - "rust-latest" - "motoko-v*" - - "motoko-latest" - "asset-canister-v*" - - "asset-canister-latest" - "prebuilt-v*" - - "prebuilt-latest" permissions: contents: write @@ -31,16 +27,9 @@ jobs: RECIPE=$(echo "$TAG" | sed 's/-[^-]*$//') VERSION=$(echo "$TAG" | sed 's/^.*-//') - # Handle latest tags specially - if [ "$VERSION" = "latest" ]; then - echo "recipe=$RECIPE" >> "$GITHUB_OUTPUT" - echo "version=latest" >> "$GITHUB_OUTPUT" - echo "is_latest=true" >> "$GITHUB_OUTPUT" - else - echo "recipe=$RECIPE" >> "$GITHUB_OUTPUT" - echo "version=$VERSION" >> "$GITHUB_OUTPUT" - echo "is_latest=false" >> "$GITHUB_OUTPUT" - fi + # Pass the recipe name and version along + echo "recipe=$RECIPE" >> "$GITHUB_OUTPUT" + echo "version=$VERSION" >> "$GITHUB_OUTPUT" - name: Package Recipe run: | @@ -63,41 +52,18 @@ jobs: run: | RECIPE="${{ steps.tag_info.outputs.recipe }}" CURRENT_TAG="${GITHUB_REF#refs/tags/}" - IS_LATEST="${{ steps.tag_info.outputs.is_latest }}" - - if [ "$IS_LATEST" = "true" ]; then - # For -latest tags: find the versioned tag pointing to the same commit - CURRENT_COMMIT=$(git rev-parse HEAD) - CURRENT_VERSION_TAG=$(git tag --sort=-version:refname -l "${RECIPE}-v*" | while read -r tag; do - if [ "$(git rev-parse "$tag")" = "$CURRENT_COMMIT" ]; then - echo "$tag" - break - fi - done) - - if [ -z "$CURRENT_VERSION_TAG" ]; then - echo "::error::No versioned tag found for this commit. A -latest tag must have a corresponding versioned tag (e.g., ${RECIPE}-v1.0.0) on the same commit." - exit 1 - else - echo "Found versioned tag for this commit: ${CURRENT_VERSION_TAG}" - # Find the previous version before the current versioned tag - PREV_TAG=$(git tag --sort=-version:refname -l "${RECIPE}-v*" | grep -v "${CURRENT_VERSION_TAG}" | head -n 1) - echo "previous_tag=${PREV_TAG}" >> "$GITHUB_OUTPUT" - echo "compare_tag=${CURRENT_VERSION_TAG}" >> "$GITHUB_OUTPUT" - fi - else - # For versioned tags: find the previous version tag - PREV_TAG=$(git tag --sort=-version:refname -l "${RECIPE}-v*" | grep -v "${CURRENT_TAG}" | head -n 1) - if [ -z "$PREV_TAG" ]; then - echo "No previous version found for ${RECIPE}" - echo "previous_tag=" >> "$GITHUB_OUTPUT" - else - echo "Found previous tag: ${PREV_TAG}" - echo "previous_tag=${PREV_TAG}" >> "$GITHUB_OUTPUT" - fi - echo "compare_tag=${CURRENT_TAG}" >> "$GITHUB_OUTPUT" + # For versioned tags: find the previous version tag + PREV_TAG=$(git tag --sort=-version:refname -l "${RECIPE}-v*" | grep -v "${CURRENT_TAG}" | head -n 1) + + if [ -z "$PREV_TAG" ]; then + echo "No previous version found for ${RECIPE}" + echo "previous_tag=" >> "$GITHUB_OUTPUT" + else + echo "Found previous tag: ${PREV_TAG}" + echo "previous_tag=${PREV_TAG}" >> "$GITHUB_OUTPUT" fi + echo "compare_tag=${CURRENT_TAG}" >> "$GITHUB_OUTPUT" - name: Generate Release Notes Body id: release_notes @@ -141,22 +107,3 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Update latest tag - if: steps.tag_info.outputs.is_latest == 'false' - run: | - RECIPE="${{ steps.tag_info.outputs.recipe }}" - CURRENT_TAG="${GITHUB_REF#refs/tags/}" - - echo "Updating ${RECIPE}-latest to point to ${CURRENT_TAG}" - - # Delete the old latest tag locally and remotely - git tag -d ${RECIPE}-latest 2>/dev/null || true - git push origin :refs/tags/${RECIPE}-latest 2>/dev/null || true - - # Create new latest tag pointing to current commit - git tag ${RECIPE}-latest - - # Push the new latest tag - git push origin ${RECIPE}-latest - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/README.md b/README.md index 5d5092b..d36ac26 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Reference a recipe in your `icp.yaml` file: canisters: - name: backend recipe: - type: "@dfinity/rust" + type: "@dfinity/rust@v3.0.0" configuration: package: my-canister shrink: true @@ -31,7 +31,7 @@ canisters: ### Recipe Naming Convention -Recipes follow the `@dfinity/` naming pattern: +Recipes follow the `@dfinity/@` naming pattern: - `@dfinity/rust` - Rust canister recipe - `@dfinity/motoko` - Motoko canister recipe - `@dfinity/pre-built` - Pre-built WASM recipe @@ -39,7 +39,7 @@ Recipes follow the `@dfinity/` naming pattern: ### Using Specific Versions -To pin to a specific recipe version, append `@` to the recipe type: +After release 0.1.1 of `icp-cli` you are required to append `@` to the recipe type: ```yaml canisters: @@ -50,7 +50,17 @@ canisters: package: my-canister ``` -Without a version specified, the latest stable version is used. View available versions in the [releases page](https://github.com/dfinity/icp-cli-recipes/releases). +For security reasons, you can also add a sha256 to verify the integrity of the template: + +```yaml +canisters: + - name: backend + recipe: + type: "@dfinity/rust@v3.0.0" + sha256: 620151f0c07efc1e8a986f73b85406b78bea09a92fc899f299a431431a6a6819 + configuration: + package: my-canister +``` ## Releases