From 40c5419a752d4dd851878b0af56014a0b75abc85 Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Sat, 8 Jul 2023 15:33:05 +0200
Subject: [PATCH 1/5] push-release: rename `TAG_NAME` -> `releaseVersion`

More precise name.
---
 helper/push-release.sh | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/helper/push-release.sh b/helper/push-release.sh
index 91407f5..9cee236 100755
--- a/helper/push-release.sh
+++ b/helper/push-release.sh
@@ -6,7 +6,7 @@ BRANCH=master
 GIT_REMOTE=origin
 OAUTH_TOKEN=
 DRY_RUN=
-TAG_NAME=
+releaseVersion=
 
 trap 'echo "Error at ${BASH_SOURCE[0]}:$LINENO"' ERR
 
@@ -16,12 +16,12 @@ for arg in "$@"; do
             DRY_RUN=1
             ;;
         *)
-            TAG_NAME="$arg"
+            releaseVersion="$arg"
             ;;
     esac
 done
 
-if [[ ! $TAG_NAME ]]; then
+if [[ ! $releaseVersion ]]; then
     echo "$0 [--dry-run|-n] <tag_name>"
     exit
 fi
@@ -41,7 +41,7 @@ echo "Latest release" "$(echo "$RESPONSE" | jq -r '.tag_name' | tail -c +2)"
 
 if [[ ! $DRY_RUN ]]; then
    while true; do
-       read -rp "Create release ${TAG_NAME}? [yn] " yn
+       read -rp "Create release ${releaseVersion}? [yn] " yn
        case $yn in
            [Yy]* ) break;;
            [Nn]* ) exit;;
@@ -52,7 +52,7 @@ fi
 
 TMPDIR=$(mktemp -d)
 if [[ ! $DRY_RUN ]]; then trap 'rm -rf $TMPDIR' EXIT; fi
-ARCHIVE_NAME=nix-bitcoin-$TAG_NAME.tar.gz
+ARCHIVE_NAME=nix-bitcoin-$releaseVersion.tar.gz
 ARCHIVE=$TMPDIR/$ARCHIVE_NAME
 
 # Need to be in the repo root directory for archiving
@@ -70,11 +70,11 @@ nix hash to-sri --type sha256 "$(nix-prefetch-url --unpack "file://$ARCHIVE" 2>
 gpg -o nar-hash.txt.asc -a --detach-sig nar-hash.txt
 
 if [[ $DRY_RUN ]]; then
-    echo "Created v$TAG_NAME in $TMPDIR"
+    echo "Created v$releaseVersion in $TMPDIR"
     exit 0
 fi
 
-POST_DATA="{ \"tag_name\": \"v$TAG_NAME\", \"name\": \"nix-bitcoin-$TAG_NAME\", \"body\": \"nix-bitcoin-$TAG_NAME\", \"target_comitish\": \"$BRANCH\" }"
+POST_DATA="{ \"tag_name\": \"v$releaseVersion\", \"name\": \"nix-bitcoin-$releaseVersion\", \"body\": \"nix-bitcoin-$releaseVersion\", \"target_comitish\": \"$BRANCH\" }"
 RESPONSE=$(curl -H "Authorization: token $OAUTH_TOKEN" -d "$POST_DATA" https://api.github.com/repos/$REPO/releases 2> /dev/null)
 ID=$(echo "$RESPONSE" | jq -r '.id')
 if [[ $ID == null ]]; then

From 0ce3fb1c942b317209205699e8e99049547020f0 Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Sat, 8 Jul 2023 15:33:06 +0200
Subject: [PATCH 2/5] push-release: use `curl -fSs`

Best practice when using curl in scripts.
---
 helper/push-release.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/helper/push-release.sh b/helper/push-release.sh
index 9cee236..773b50d 100755
--- a/helper/push-release.sh
+++ b/helper/push-release.sh
@@ -36,7 +36,7 @@ fi
 
 cd "${BASH_SOURCE[0]%/*}"
 
-RESPONSE=$(curl https://api.github.com/repos/$REPO/releases/latest 2> /dev/null)
+RESPONSE=$(curl -fsS https://api.github.com/repos/$REPO/releases/latest)
 echo "Latest release" "$(echo "$RESPONSE" | jq -r '.tag_name' | tail -c +2)"
 
 if [[ ! $DRY_RUN ]]; then
@@ -75,7 +75,7 @@ if [[ $DRY_RUN ]]; then
 fi
 
 POST_DATA="{ \"tag_name\": \"v$releaseVersion\", \"name\": \"nix-bitcoin-$releaseVersion\", \"body\": \"nix-bitcoin-$releaseVersion\", \"target_comitish\": \"$BRANCH\" }"
-RESPONSE=$(curl -H "Authorization: token $OAUTH_TOKEN" -d "$POST_DATA" https://api.github.com/repos/$REPO/releases 2> /dev/null)
+RESPONSE=$(curl -fsS -H "Authorization: token $OAUTH_TOKEN" -d "$POST_DATA" https://api.github.com/repos/$REPO/releases)
 ID=$(echo "$RESPONSE" | jq -r '.id')
 if [[ $ID == null ]]; then
     echo "Failed to create release with $POST_DATA"
@@ -84,8 +84,8 @@ fi
 
 post_asset() {
     GH_ASSET="https://uploads.github.com/repos/$REPO/releases/$ID/assets?name="
-    curl -H "Authorization: token $OAUTH_TOKEN" --data-binary "@$1" -H "Content-Type: application/octet-stream" \
-         "$GH_ASSET/$(basename "$1")" &> /dev/null
+    curl -fsS -H "Authorization: token $OAUTH_TOKEN" --data-binary "@$1" -H "Content-Type: application/octet-stream" \
+         "$GH_ASSET/$(basename "$1")"
 }
 post_asset nar-hash.txt
 post_asset nar-hash.txt.asc

From a2b45e00c7979f8df62c725f786fd1ec679495b9 Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Sat, 8 Jul 2023 15:33:07 +0200
Subject: [PATCH 3/5] push-release: auto-create release version number

---
 helper/push-release.sh | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/helper/push-release.sh b/helper/push-release.sh
index 773b50d..1d65fc3 100755
--- a/helper/push-release.sh
+++ b/helper/push-release.sh
@@ -10,6 +10,8 @@ releaseVersion=
 
 trap 'echo "Error at ${BASH_SOURCE[0]}:$LINENO"' ERR
 
+cd "${BASH_SOURCE[0]%/*}"
+
 for arg in "$@"; do
     case $arg in
         --dry-run|-n)
@@ -21,10 +23,13 @@ for arg in "$@"; do
     esac
 done
 
+latestVersion=$(curl -fsS https://api.github.com/repos/$REPO/releases/latest | jq -r '.tag_name' | tail -c +2)
+
 if [[ ! $releaseVersion ]]; then
-    echo "$0 [--dry-run|-n] <tag_name>"
-    exit
+    # Increment the lowest/last part of `latestVersion`
+    releaseVersion=$(echo "$latestVersion" | awk -F. '/[0-9]+\./{$NF++;print}' OFS=.)
 fi
+
 if [[ $DRY_RUN ]]; then
     echo "Dry run"
 else
@@ -34,10 +39,7 @@ else
     fi
 fi
 
-cd "${BASH_SOURCE[0]%/*}"
-
-RESPONSE=$(curl -fsS https://api.github.com/repos/$REPO/releases/latest)
-echo "Latest release" "$(echo "$RESPONSE" | jq -r '.tag_name' | tail -c +2)"
+echo "Latest release: $latestVersion"
 
 if [[ ! $DRY_RUN ]]; then
    while true; do

From dd532d4738230b3fec541650fa60ffb75403d939 Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Sat, 8 Jul 2023 15:33:08 +0200
Subject: [PATCH 4/5] push-release: fix `OAUTH_TOKEN` error handling

---
 helper/push-release.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/helper/push-release.sh b/helper/push-release.sh
index 1d65fc3..56e02e0 100755
--- a/helper/push-release.sh
+++ b/helper/push-release.sh
@@ -35,7 +35,8 @@ if [[ $DRY_RUN ]]; then
 else
     OAUTH_TOKEN=$(pass show nix-bitcoin/github/oauth-token)
     if [[ ! $OAUTH_TOKEN ]]; then
-        echo "Please set OAUTH_TOKEN variable"
+        echo "Error fetching OAUTH_TOKEN"
+        exit 1
     fi
 fi
 

From 6510f269f6a4655e69d4d59e012462dca066a65a Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Sat, 8 Jul 2023 15:33:09 +0200
Subject: [PATCH 5/5] release: add `nixos-*` version branch

Best practice for flakes containing NixOS modules.

`push-release` now pushes to an extra branch named `nixos-<version>`,
alongside branch `release`.
This allows users to track a specific NixOS release, so that their
config doesn't break when nix-bitcoin switches to a new NixOS
release.
---
 examples/flakes/flake.nix |  2 ++
 helper/push-release.sh    | 14 +++++++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/examples/flakes/flake.nix b/examples/flakes/flake.nix
index 4b23845..31216d3 100644
--- a/examples/flakes/flake.nix
+++ b/examples/flakes/flake.nix
@@ -2,6 +2,8 @@
   description = "A basic nix-bitcoin node";
 
   inputs.nix-bitcoin.url = "github:fort-nix/nix-bitcoin/release";
+  # You can also use a version branch to track a specific NixOS release
+  # inputs.nix-bitcoin.url = "github:fort-nix/nix-bitcoin/nixos-23.05";
 
   outputs = { self, nix-bitcoin }: {
 
diff --git a/helper/push-release.sh b/helper/push-release.sh
index 56e02e0..38dde9c 100755
--- a/helper/push-release.sh
+++ b/helper/push-release.sh
@@ -53,6 +53,13 @@ if [[ ! $DRY_RUN ]]; then
    done
 fi
 
+nixosVersion=$(sed -nE 's|.*system.stateVersion = "(.*?)".*|\1|p' ../examples/configuration.nix)
+if [[ ! $nixosVersion ]]; then
+    echo "Error fetching NixOS version"
+    exit 1
+fi
+nixosVersionBranch=nixos-$nixosVersion
+
 TMPDIR=$(mktemp -d)
 if [[ ! $DRY_RUN ]]; then trap 'rm -rf $TMPDIR' EXIT; fi
 ARCHIVE_NAME=nix-bitcoin-$releaseVersion.tar.gz
@@ -74,9 +81,13 @@ gpg -o nar-hash.txt.asc -a --detach-sig nar-hash.txt
 
 if [[ $DRY_RUN ]]; then
     echo "Created v$releaseVersion in $TMPDIR"
+    echo "NixOS version branch: $nixosVersionBranch"
     exit 0
 fi
 
+#―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――
+# Create release
+
 POST_DATA="{ \"tag_name\": \"v$releaseVersion\", \"name\": \"nix-bitcoin-$releaseVersion\", \"body\": \"nix-bitcoin-$releaseVersion\", \"target_comitish\": \"$BRANCH\" }"
 RESPONSE=$(curl -fsS -H "Authorization: token $OAUTH_TOKEN" -d "$POST_DATA" https://api.github.com/repos/$REPO/releases)
 ID=$(echo "$RESPONSE" | jq -r '.id')
@@ -101,7 +112,8 @@ post_asset "$SHA256SUMS.asc"
 popd >/dev/null
 
 if [[ ! $DRY_RUN ]]; then
-    git push "$GIT_REMOTE" "${BRANCH}:release"
+    git push "$GIT_REMOTE" "$BRANCH:release"
+    git push "$GIT_REMOTE" "$BRANCH:$nixosVersionBranch"
 fi
 
 echo "Successfully created" "$(echo "$POST_DATA" | jq -r .tag_name)"