Add some basic CI and metadata

Turns out 3 years is awhile since this was last published. Let's try to
modernize things a bit

Author: alexcrichton

.github/dependabot.yml

@@ -0,0 +1,35 @@
+name: CI
+on:
+  pull_request:
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  test:
+    name: Test
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        include:
+        - os: ubuntu-latest
+        - os: macos-latest
+        - os: macos-latest
+        - os: windows-latest
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+    - run: cargo test
+
+  msrv:
+    name: MSRV
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+    - run: rustup update 1.60.0 && rustup default 1.60.0
+    - run: cargo test
+

.github/workflows/main.yml

@@ -0,0 +1,60 @@
+name: Build playground
+on:
+  push:
+    branches: [main]
+  pull_request:
+  merge_group:
+
+# Cancel any in-flight jobs for the same PR/branch so there's only one active
+# at a time
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  build:
+    name: Build playground deployment
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - uses: bytecodealliance/wasmtime/.github/actions/[email protected]
+      - uses: cargo-bins/[email protected]
+      - run: cargo binstall cargo-component -y
+      - run: rustup component add rustfmt # needed for cargo-component, apparently?
+      - run: rustup target add wasm32-wasip1
+      - run: npm ci
+        working-directory: playground
+      - run: npm run build
+        working-directory: playground
+
+      # also prepare to deploy GH pages on main
+      - if: github.ref == 'refs/heads/main'
+        uses: actions/configure-pages@v5
+      - if: github.ref == 'refs/heads/main'
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: "./playground/dist"
+
+  deploy:
+    name: Deploy playground
+    if: github.ref == 'refs/heads/main'
+    needs: build
+    permissions:
+      pages: write
+      id-token: write
+    runs-on: ubuntu-latest
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - id: deployment
+        uses: actions/deploy-pages@v4

.github/workflows/playground.yml

@@ -0,0 +1,89 @@
+# Publication half of the release process for this repository. This runs on
+# pushes to `main` and will detect a magical string in commit messages. When
+# found a tag will be created, pushed, and then everything is published.
+
+name: Publish Artifacts
+on:
+  push:
+    branches: [main]
+
+permissions:
+  contents: write
+
+jobs:
+  create_tag:
+    name: Publish artifacts of build
+    runs-on: ubuntu-latest
+    if: |
+      github.repository_owner == 'bytecodealliance'
+      && github.event_name == 'push'
+      && github.ref == 'refs/heads/main'
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+        fetch-depth: 0
+
+    - run: rustup update stable && rustup default stable
+
+    # If this is a push to `main` see if the push has an indicator saying that
+    # a tag should be made. If so create one and push it.
+    - name: Test if tag is needed
+      run: |
+        git log ${{ github.event.before }}...${{ github.event.after }} | tee main.log
+        version=$(./ci/print-current-version.sh)
+        echo "version: $version"
+        echo "version=$version" >> $GITHUB_OUTPUT
+        echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
+        if grep -q "automatically-tag-and-release-this-commit" main.log; then
+          echo push-tag
+          echo "push_tag=yes" >> $GITHUB_OUTPUT
+        else
+          echo no-push-tag
+          echo "push_tag=no" >> $GITHUB_OUTPUT
+        fi
+      id: tag
+
+    - name: Push the tag
+      run: |
+        git_refs_url=$(jq .repository.git_refs_url $GITHUB_EVENT_PATH | tr -d '"' | sed 's/{\/sha}//g')
+        curl -iX POST $git_refs_url \
+          -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+          -d @- << EOF
+        {
+          "ref": "refs/tags/v${{ steps.tag.outputs.version }}",
+          "sha": "${{ steps.tag.outputs.sha }}"
+        }
+        EOF
+      if: steps.tag.outputs.push_tag == 'yes'
+
+    - run: |
+        sha=${{ github.sha }}
+        run_id=$(
+          gh api -H 'Accept: application/vnd.github+json' \
+              /repos/${{ github.repository }}/actions/workflows/main.yml/runs\?exclude_pull_requests=true \
+              | jq '.workflow_runs' \
+              | jq "map(select(.head_commit.id == \"$sha\"))[0].id" \
+        )
+        gh run download $run_id
+        ls
+        find bins-*
+        mkdir dist
+        mv bins-*/* dist
+      env:
+        GH_TOKEN: ${{ github.token }}
+
+    - uses: softprops/action-gh-release@v1
+      if: steps.tag.outputs.push_tag == 'yes'
+      with:
+        files: "dist/*"
+        generate_release_notes: true
+        tag_name: v${{ steps.tag.outputs.version }}
+
+    - run: |
+        rm -rf dist main.log
+        rustc ci/publish.rs
+        ./publish publish
+      env:
+        CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
+      if: steps.tag.outputs.push_tag == 'yes'

.github/workflows/publish.yml

@@ -0,0 +1,74 @@
+# Initiation half of the release process for this repository.
+#
+# This is triggered manually through the github actions UI and will execute
+# `./publish bump` (or `bump-patch`). Afterwards the result will be pushed to a
+# branch in the main repository and a PR will be opened. This PR, when merged,
+# will trigger the second half in `publish.yml`.
+
+name: "Automated Release Process"
+on:
+  # Allow manually triggering this request via the button on the action
+  # workflow page.
+  workflow_dispatch:
+    inputs:
+      action:
+        description: 'Publish script argument: "bump", or "bump-patch"'
+        required: false
+        default: 'bump'
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  release_process:
+    name: Run the release process
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Setup
+        run: |
+          rustc ci/publish.rs
+          git config user.name 'Auto Release Process'
+          git config user.email '[email protected]'
+          git remote set-url origin https://git:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}
+
+      - name: Bump version number
+        run: ./publish ${{ github.event.inputs.action }}
+
+      - name: Prep PR metadata
+        run: |
+          set -ex
+          git fetch origin
+
+          cur=$(./ci/print-current-version.sh)
+
+          git commit --allow-empty -a -F-<<EOF
+          Release ${{ github.event.repository.name }} $cur
+
+          [automatically-tag-and-release-this-commit]
+          EOF
+
+          # Push the result to a branch and setup metadata for the step below
+          # that creates a PR
+          git push origin HEAD:ci/release-$cur
+          echo "PR_HEAD=ci/release-$cur" >> $GITHUB_ENV
+          echo "PR_TITLE=Release ${{ github.event.repository.name }} $cur" >> $GITHUB_ENV
+          echo "PR_BASE=main" >> $GITHUB_ENV
+          cat > pr-body <<-EOF
+          This is an automated pull request from CI to release
+          ${{ github.event.repository.name }} $cur when merged. The commit
+          message for this PR has a marker that is detected by CI to create
+          tags and publish crate artifacts.
+
+          When first opened this PR will not have CI run because it is generated
+          by a bot. A maintainer should close this PR and then reopen it to
+          trigger CI to execute which will then enable merging this PR.
+          EOF
+
+      - name: Make a PR
+        run: gh pr create -B "$PR_BASE" -H "$PR_HEAD" --title "$PR_TITLE" --body "$(cat ./pr-body)"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release-process.yml

@@ -9,3 +9,8 @@ description = """
 Tool for helping to find SSL certificate locations on the system for OpenSSL
 """
 readme = "README.md"
+edition = '2021'
+
+# This was arbitrarily chosen on 2025-01-23 as "pretty old" as previously
+# key didn't exist in `Cargo.toml` prior to that.
+rust-version = '1.60.0'