Skip to content

chore(deps): lock file maintenance #1424

chore(deps): lock file maintenance

chore(deps): lock file maintenance #1424

Workflow file for this run

name: build
on:
push:
branches: [main]
tags: [v*.*.*]
pull_request:
workflow_call:
inputs:
tag-name:
required: true
type: string
outputs:
image_tags:
value: ${{ jobs.image.outputs.image_tags }}
image_url:
value: https://ghcr.io/${{ github.repository }}
env:
# const
IMAGE_REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
# env
RUSTFLAGS: "-Dwarnings"
jobs:
env:
if: ${{ !( github.workflow == 'build' && startsWith(github.event.head_commit.message, 'release:') && github.event.head_commit.author.name == 'mazi-release[bot]' ) }}
runs-on: ubuntu-latest
outputs:
BINARY_NAME: ${{ steps.meta.outputs.BINARY_NAME }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- id: meta
run: |
echo "BINARY_NAME=$(cargo metadata --offline --no-deps --format-version=1 | jq -r '.packages[].targets[] | select(.kind | map(. == "bin") | any ) | .name')" >> $GITHUB_OUTPUT
build:
needs: [env]
permissions:
contents: write
strategy:
fail-fast: false
matrix:
profile: ${{ github.ref_name == github.event.repository.default_branch && fromJson('["dev", "release"]') || fromJson('["dev"]') }}
platform:
- target: aarch64-unknown-linux-gnu
os: ubuntu-latest
command: cross
- target: aarch64-unknown-linux-musl
os: ubuntu-latest
command: cross
- target: x86_64-unknown-linux-gnu
os: ubuntu-latest
command: cargo
- target: x86_64-unknown-linux-musl
os: ubuntu-latest
command: cargo
- target: aarch64-apple-darwin
os: macos-latest
command: cargo
- target: x86_64-apple-darwin
os: macos-latest
command: cargo
runs-on: ${{ matrix.platform.os }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: ${{ github.repository }}
defaults:
run:
shell: bash -xe {0}
steps:
- name: Install musl tools
if: matrix.platform.target == 'x86_64-unknown-linux-musl'
run: |
sudo apt-get install -y musl-tools --no-install-recommends
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
target: ${{ matrix.platform.target }}
- uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 # v2.7.7
with:
key: ${{ matrix.profile }}-${{ matrix.platform.target }}
- name: Install cross
if: ${{ matrix.platform.command == 'cross' }}
uses: taiki-e/install-action@a7adeb15af2926b0ac7478ad165047cd2d8ba350 # v2.47.18
with:
tool: cross
- run: mkdir dist
- run: ${{ matrix.platform.command }} rustc --locked ${{ matrix.profile == 'release' && '--release' || '' }} --no-default-features --target=${{ matrix.platform.target }} -- --emit=link=dist/${{ needs.env.outputs.BINARY_NAME }}
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: ${{ matrix.profile }}-${{ matrix.platform.target }}
path: |
dist/${{ needs.env.outputs.BINARY_NAME }}
dist/${{ needs.env.outputs.BINARY_NAME }}.exe
- name: Upload to release
if: ${{ inputs.tag-name && matrix.profile == 'release' }}
working-directory: dist/
run: |
if [ -e ${{ needs.env.outputs.BINARY_NAME }}.exe ]; then
filename="${{ needs.env.outputs.BINARY_NAME }}-${{ inputs.tag-name }}-${{ matrix.platform.target }}.exe"
mv ${{ needs.env.outputs.BINARY_NAME }}.exe "$filename"
gh release upload ${{ inputs.tag-name }} "$filename"#${{ matrix.platform.target }} --clobber
else
filename="${{ needs.env.outputs.BINARY_NAME }}-${{ inputs.tag-name }}-${{ matrix.platform.target }}"
mv ${{ needs.env.outputs.BINARY_NAME }} "$filename"
gh release upload ${{ inputs.tag-name }} "$filename"#${{ matrix.platform.target }} --clobber
fi
image:
needs: [env, build]
if: ${{ github.event_name != 'pull_request' }}
permissions:
packages: write
runs-on: "ubuntu-latest"
outputs:
image_tags: ${{ steps.meta.outputs.tags }}
steps:
- name: Download build artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
path: artifact
pattern: release-*-unknown-linux-musl
- name: Log in to the Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ${{ env.IMAGE_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
with:
images: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=semver,pattern={{version}},value=${{ inputs.tag-name }}
type=semver,pattern={{major}}.{{minor}},value=${{ inputs.tag-name }}
type=semver,pattern={{major}},value=${{ inputs.tag-name }},enable=${{ !(startsWith(github.ref, 'refs/tags/v0.') || startsWith(inputs.tag-name, 'v0.')) }}
type=edge
type=ref,event=branch
- name: Build Images
run: |
build() {
newcontainer=$(buildah from --platform="$1" scratch)
buildah copy --chmod=0755 $newcontainer ./artifact/release-"$2"/${{ needs.env.outputs.BINARY_NAME }} /${{ needs.env.outputs.BINARY_NAME }}
buildah config --entrypoint='["./${{ needs.env.outputs.BINARY_NAME }}"]' $newcontainer
buildah config --author="Mogyuchi" $(awk '{print "--label=" $0}' <<< "${{ steps.meta.outputs.labels }}") $newcontainer
buildah inspect $newcontainer
buildah commit --manifest=localhost/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} $newcontainer
buildah rm $newcontainer
}
build linux/amd64 x86_64-unknown-linux-musl
build linux/arm64 aarch64-unknown-linux-musl
- id: push
name: Push To GHCR
run: |
buildah manifest inspect localhost/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}
tac <<< '${{ steps.meta.outputs.tags }}' | parallel --halt=now,fail=1 --jobs=1 'buildah manifest push --creds=${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} --all --digestfile="$RUNNER_TEMP/image-digest" localhost/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} docker://{} && printf "\`\`\`\n%s@$(cat "$RUNNER_TEMP/image-digest")\n\`\`\`\n" {} >> "$GITHUB_STEP_SUMMARY"'