From now on, we will instead just make another patch version bump. That
has the advantage that tags will actually always only be applied to the
version bump and not some random change as well as us being able to
prohibit updates of tag refs for the Zed Zippy identity as well.
Release Notes:
- N/A
This changes our approach for creating Zed version bumps with the Zed
Zippy identity:
With these changes, the Zippy version bumps as well as the tag creations
will be verified as per
https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification#signature-verification-for-bots.
This adds an extra layer of security for version bumps and release
triggers done by the Zippy identity.
Eventually, we can move code more around for this so it happens in the
bot itself, but for now, I think its a good and solid interim solution
to have this here.
Release Notes:
- N/A
The workflow run at
https://github.com/zed-industries/zed/actions/runs/23557683707 succeeded
but threw some warnings for a rather-soon Node.js 20 deprecation (June
2nd).
Hence, this PR updates in that context mentioned workflows to newer
versions from which on the actions will use Node.js 24.
Namely, this updates
- `actions/checkout`
- `actions/create-github-app-token` and
- `peter-evans/create-pull-request`
to their latest version which includes said updates. As for their most
recent versions, all of these actions just updated their versions to
account for said deprecation.
Release Notes:
- N/A
This will allow us to test changes against just a subset of extensions.
Another advantage is that extension workflows will be pinned, which
allows for easier debugging and better predictability.
Release Notes:
- N/A
We need more fetch depth here for the check, hence bumping this.
Also does a drive-by cleanup of the checkout step within xtask to make
this (hopefully) more intuitive to use.
Release Notes:
- N/A
GitHub allows defining a default shell for all jobs on the workflow
level, which we did not use before, yet practically did when it comes
down to our usage of `named::bash`. Since this makes stuff quite
verbose, I decided on using the defaults instead so the workflows become
somewhat easier to audit when reading the generated files.
Powershell steps continue to use Powershell, only the default for bash
scripts was modified.
Release Notes:
- N/A
This PR updates the `bump_patch_version.yml` to also be generated by
`cargo xtask workflows` and updates this to use the `zed-zippy` identity
instead of the `ConradIrwin` identity.
Release Notes:
- N/A
In response to an ongoing BuildJet outage, consider migrating CI to
GitHub hosted runners.
Also includes revert of (causing flaky tests):
- https://github.com/zed-industries/zed/pull/35741
Downsides:
- Cost (2x)
- Force migration to Ubuntu 22.04 from 20.04 will bump our glibc minimum
from 2.31 to 2.35. Which would break RHEL 9.x (glibc 2.34), Ubuntu 20.04
(EOL) and derivatives.
Release Notes:
- N/A
Added [rhysd/actionlint](https://github.com/rhysd/actionlint/) a static
checker for GitHub Actions workflow files.
Install locally with `brew install actionlint` the run with
`actionlint`.
Inspired by: https://github.com/zed-industries/zed/pull/34704 which
yielded this observation:
> In github actions:
> 1. strings are truthy
> 2. `${{ }}` will become a string if it doesn't wrap the whole value.
>
> So `if: false && true` becomes `false`
> and `if: ${{ false && true }}` becomes `false`
> but `if: false && ${{ true }}` becomes `"false && true"` which
evaluates true
> The reason you sometimes need `${{ }}` is because YAML doesn't like
`!`
> so `if: !false` is invalid yaml
> and `if: ${{ !false }}` works just fine.
Changes:
- Add `actionlint` job
- Refactor `job_spec` job to be more readable
- Fix all `actionlint` and `shellcheck` errors in Actions workflows (62
in all)
- Add `self-mini-macos` and `self-32vcpu-windows-2022` labels to
self-hosted runners. Not strictly related, but useful if you need to
take a runner out of the rotation (since `macOS`, `self-hosted`, and
`ARM64` are auto-set and cannot be added/removed).
- Change ci.yml macos_relase to target `self-mini-macos` instead of
`bundle` which was previously deprecated.
This would've caught the error fixed in
https://github.com/zed-industries/zed/pull/34704. Here's what that [job
failure](https://github.com/zed-industries/zed/actions/runs/16376993944/job/46279281842?pr=34729)
would've looked like.
Release Notes:
- N/A
This PR updates the GitHub Action definitions to restrict more CI jobs
to only run in the `zed-industries` organization (and thus, not on
forks).
Release Notes:
- N/A
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://redirect.github.com/actions/checkout) |
action | digest | `eef6144` -> `11bd719` |
---
### Configuration
📅 **Schedule**: Branch creation - "after 3pm on Wednesday" in timezone
America/New_York, Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMjAuMSIsInVwZGF0ZWRJblZlciI6IjM4LjEyMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://redirect.github.com/actions/checkout) |
action | digest | `692973e` -> `eef6144` |
---
### Configuration
📅 **Schedule**: Branch creation - "after 3pm on Wednesday" in timezone
America/New_York, Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMTQuMCIsInVwZGF0ZWRJblZlciI6IjM4LjExNC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Add `./script/trigger-release {nightly|stable|preview}`
This command can be run regardless of the state of your local git
repository, and it
either triggers a workflow run of `bump_patch_version.yml` (for
stable/preview) or
it force pushes the nightly tag.
Also add some docs on releases to explain all of this.
Release Notes:
- N/A
