chore(deps): lock file maintenance (#36) #77
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
push: | |
branches: [main] | |
tags: [v*.*.*] | |
pull_request: | |
workflow_call: | |
inputs: | |
tag-name: | |
required: true | |
type: string | |
outputs: | |
image_tags: | |
value: ${{ jobs.docker.outputs.image_tags }} | |
image_url: | |
value: https://ghcr.io/${{ github.repository }} | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
BINARY_NAME: ${{ github.event.repository.name }} | |
jobs: | |
build: | |
if: ${{ !( github.workflow == 'build' && startsWith(github.event.head_commit.message, 'release:') && github.event.head_commit.author.name == 'github-actions[bot]' ) }} | |
permissions: | |
contents: write | |
strategy: | |
fail-fast: false | |
matrix: | |
target: [aarch64-unknown-linux-gnu, aarch64-unknown-linux-musl] | |
use-cross: [true] | |
include: | |
- target: x86_64-unknown-linux-gnu | |
use-cross: false | |
- target: x86_64-unknown-linux-musl | |
use-cross: false | |
- os: macos-latest | |
target: aarch64-apple-darwin | |
- os: macos-latest | |
target: x86_64-apple-darwin | |
runs-on: ${{ matrix.os || 'ubuntu-latest'}} | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GH_REPO: ${{ github.repository }} | |
defaults: | |
run: | |
shell: bash -xe {0} | |
steps: | |
- name: Install musl tools | |
if: matrix.target == 'x86_64-unknown-linux-musl' | |
run: | | |
sudo apt-get install -y musl-tools --no-install-recommends | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: stable | |
target: ${{ matrix.target }} | |
- uses: Swatinem/rust-cache@3cf7f8cc28d1b4e7d01e3783be10a97d55d483c8 # v2.7.1 | |
with: | |
key: ${{ matrix.target }} | |
- name: Install cross | |
if: ${{ !matrix.os && matrix.use-cross }} | |
uses: taiki-e/install-action@f34807f1324b6e701523b6a44e40e4c6e604654e # v2.24.0 | |
with: | |
tool: cross | |
- run: mkdir dist | |
- run: ${{ (!matrix.os && matrix.use-cross) && 'cross' || 'cargo' }} rustc --locked --release --features=webpki --no-default-features --target=${{ matrix.target }} -- --emit=link=dist/binary | |
- uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 | |
with: | |
name: ${{ matrix.target }} | |
path: | | |
dist/binary | |
dist/binary.exe | |
- name: Upload to release | |
if: ${{ inputs.tag-name }} | |
working-directory: dist/ | |
run: | | |
if [ -e binary.exe ]; then | |
filename="${{ env.BINARY_NAME }}-${{ inputs.tag-name }}-${{ matrix.target }}.exe" | |
mv binary.exe "$filename" | |
gh release upload ${{ inputs.tag-name }} "$filename"#${{ matrix.target }} --clobber | |
else | |
filename="${{ env.BINARY_NAME }}-${{ inputs.tag-name }}-${{ matrix.target }}" | |
mv binary "$filename" | |
gh release upload ${{ inputs.tag-name }} "$filename"#${{ matrix.target }} --clobber | |
fi | |
docker: | |
needs: build | |
permissions: | |
packages: write | |
runs-on: "ubuntu-latest" | |
outputs: | |
image_tags: ${{ steps.meta.outputs.tags }} | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GH_REPO: ${{ github.repository }} | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
sparse-checkout: | | |
.github/files/build/Dockerfile | |
sparse-checkout-cone-mode: false | |
- name: Download build artifact | |
uses: actions/download-artifact@f44cd7b40bfd40b6aa1cc1b9b5b7bf03d3c67110 # v4.1.0 | |
with: | |
path: artifact | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 | |
- name: Log in to the Container registry | |
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@dbef88086f6cef02e264edb7dbf63250c17cef6c # v5.5.0 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
tags: | | |
type=semver,pattern={{version}},value=${{ inputs.tag-name }} | |
type=semver,pattern={{major}}.{{minor}},value=${{ inputs.tag-name }} | |
type=semver,pattern={{major}},value=${{ inputs.tag-name }},enable=${{ !(startsWith(github.ref, 'refs/tags/v0.') || startsWith(inputs.tag-name, 'v0.')) }} | |
type=edge | |
type=ref,event=branch | |
- name: Build and push Docker image | |
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 | |
with: | |
context: . | |
file: .github/files/build/Dockerfile | |
platforms: linux/amd64,linux/arm64 | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max |