Skip to content

chore(ci): bump upload-artifact from v2 to v4 in build.yaml #158

chore(ci): bump upload-artifact from v2 to v4 in build.yaml

chore(ci): bump upload-artifact from v2 to v4 in build.yaml #158

Workflow file for this run

name: Test, Build and Deploy wasm-oidc-plugin
on:
push:
branches:
- main
env:
CARGO_TERM_COLOR: always
jobs:
cargo-deny:
runs-on: ubuntu-latest
container:
image: antonengelhardt/rust-docker-tools
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Rust version
run: rustc --version && cargo --version
- name: Cargo Deny
uses: EmbarkStudios/cargo-deny-action@v1
clippy:
runs-on: ubuntu-latest
container:
image: antonengelhardt/rust-docker-tools
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up cargo cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Rust version
run: rustc --version && cargo --version
- name: Clippy
run: cargo clippy --release --all-targets --target=wasm32-wasi -- -D warnings
fmt:
runs-on: ubuntu-latest
container:
image: antonengelhardt/rust-docker-tools
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Rust version
run: rustc --version && cargo --version
- name: Fmt
run: cargo fmt -- --check
test:
runs-on: ubuntu-latest
container:
image: antonengelhardt/rust-docker-tools
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up cargo cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Rust version
run: rustc --version && cargo --version
- name: Test
run: cargo test --workspace
build:
runs-on: ubuntu-latest
container:
image: ghcr.io/antonengelhardt/rust-docker-tools
needs: [cargo-deny, clippy, fmt, test]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up cargo cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Build wasm-oidc-plugin
run: |
cargo build --target wasm32-wasi --release
- name: Upload plugin as artifact
uses: actions/upload-artifact@v4
with:
name: plugin
path: target/wasm32-wasi/release/wasm_oidc_plugin.wasm
docker-image:
needs: [cargo-deny, clippy, fmt, test]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Login
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Pull previous image to cache
run: docker pull antonengelhardt/wasm-oidc-plugin:latest
- name: Push to Docker Hub
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: antonengelhardt/wasm-oidc-plugin:latest
ghcr-image:
runs-on: ubuntu-latest
needs: [cargo-deny, clippy, fmt, test]
permissions:
contents: read
packages: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Login
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push to GHCR
run: |
docker pull ghcr.io/antonengelhardt/wasm-oidc-plugin:latest # Pull the image to cache
docker build -t ghcr.io/antonengelhardt/wasm-oidc-plugin:latest .
docker push ghcr.io/antonengelhardt/wasm-oidc-plugin:latest
deploy-demo:
needs: ghcr-image
environment: demo
runs-on: ubuntu-latest
steps:
- uses: actions-hub/kubectl@master
env:
KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
with:
args: rollout restart deployment wasm-oidc-plugin -n wasm-oidc-plugin
# changelog-and-release:
# runs-on: ubuntu-latest
# permissions:
# contents: write
# steps:
# - name: Checkout code
# uses: actions/checkout@v4
# with:
# ssh-key: ${{ secrets.RELEASE_DEPLOY_KEY }}
# - name: Exit if latest commit is release commit (to avoid infinite loop)
# run: |
# if git log -1 --pretty=%B | grep -q "chore(release): prepare for"; then
# echo "Latest commit is a release commit, exiting..."
# echo "EXIT=1" >> $GITHUB_ENV
# exit 0
# fi
# - name: Get most recent merged PR and calculate the next tag
# if: env.EXIT != '1'
# id: get_pr
# run: |
# MOST_RECENTLY_MERGED_PR=$(curl -s -H 'Accept: application/vnd.github.v3+json' "https://api.github.com/repos/antonengelhardt/wasm-oidc-plugin/pulls?state=closed" | \
# jq '[.[] | select(.merged_at != null)] | max_by(.merged_at)')
# PR_NUMBER=$(echo $MOST_RECENTLY_MERGED_PR | jq -r '.number')
# LABELS=$(curl -s -H 'Accept: application/vnd.github.v3+json' "https://api.github.com/repos/antonengelhardt/wasm-oidc-plugin/issues/$PR_NUMBER" | jq -r '.labels[].name')
# # Set SEMVER_BUMP based on the presence of labels
# if [[ $LABELS == *"major"* ]]; then
# SEMVER_BUMP="major"
# elif [[ $LABELS == *"minor"* ]]; then
# SEMVER_BUMP="minor"
# elif [[ $LABELS == *"bug"* ]]; then
# SEMVER_BUMP="patch"
# elif [[ $LABELS == *"patch"* ]]; then
# SEMVER_BUMP="patch"
# else
# SEMVER_BUMP="none"
# echo "EXIT=1" >> $GITHUB_ENV
# exit 0 # exit if no labels are found, which means no version bump is required
# fi
# # Output the SEMVER_BUMP value
# echo "SEMVER_BUMP is set to: $SEMVER_BUMP"
# # LATEST_TAG=$(git describe --tags --abbrev=0)
# LATEST_TAG=$(curl "https://api.github.com/repos/antonengelhardt/wasm-oidc-plugin/tags" | jq -r '.[0].name')
# # Function to bump version numbers
# bump_version() {
# local IFS=.
# local -a parts=($1)
# case "$2" in
# major)
# ((parts[0]++))
# parts[1]=0
# parts[2]=0
# ;;
# minor)
# ((parts[1]++))
# parts[2]=0
# ;;
# patch)
# ((parts[2]++))
# ;;
# *)
# echo "Error: Unknown version bump type '$2'"
# exit 1
# ;;
# esac
# echo "${parts[0]}.${parts[1]}.${parts[2]}"
# }
# current_version=${LATEST_TAG:1}
# # Bump the version based on the SEMVER_BUMP
# new_version=$(bump_version "$current_version" "$SEMVER_BUMP")
# echo "VERSION=$new_version" >> $GITHUB_ENV
# # Append 'v' prefix if required to maintain the same version format
# NEW_TAG="v$new_version"
# echo "New tag after bump is: $NEW_TAG"
# echo "NEW_TAG=$NEW_TAG" >> $GITHUB_ENV
# - name: Bump Version on Cargo.toml
# if: env.EXIT != '1'
# run: sed -i "s/^version = \".*\"/version = \"${{ env.VERSION }}\"/" Cargo.toml
# - name: Git Cliff
# if: env.EXIT != '1'
# id: generate_changelog
# uses: orhun/git-cliff-action@v3
# with:
# config: cliff.toml
# args: -l --prepend CHANGELOG.md --strip header
# env:
# GITHUB_REPO: ${{ github.repository }}
# - name: sed [unreleased] with new version in CHANGELOG.md
# if: env.EXIT != '1'
# run: sed -i "s/\[unreleased\]/${{ env.NEW_TAG }}/" CHANGELOG.md
# - name: sed [unreleased] with new version in RELEASE_NOTES.md
# if: env.EXIT != '1'
# run: |
# cat ${{ steps.generate_changelog.outputs.changelog }} > RELEASE_NOTES.md
# sed -i "s/\[unreleased\]/${{ env.NEW_TAG }}/" RELEASE_NOTES.md
# - name: Print Changelog
# if: env.EXIT != '1'
# run: cat ${{ steps.generate_changelog.outputs.changelog }} && echo "##" && cat CHANGELOG.md
# - name: Commit Version and CHANGELOG.md
# if: env.EXIT != '1'
# run: |
# git checkout origin/main
# git config user.name "github-actions[bot]"
# git config user.email "github-actions[bot]@users.noreply.github.com"
# set +e
# git add Cargo.toml CHANGELOG.md
# cargo check
# git add Cargo.lock
# git commit -m "chore(release): prepare for ${{ env.NEW_TAG }}"
# git push origin HEAD:main
# - name: Create a tag on main
# if: env.EXIT != '1'
# run: |
# git checkout origin/main
# git config user.email "github-actions[bot]@users.noreply.github.com"
# git config user.name "github-actions[bot]"
# git tag ${{ env.NEW_TAG }}
# git push origin ${{ env.NEW_TAG }}
# - name: Create Release
# uses: actions/create-release@v1
# if: env.EXIT != '1'
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# with:
# tag_name: ${{ env.NEW_TAG }}
# release_name: ${{ env.NEW_TAG }}
# body_path: RELEASE_NOTES.md
# draft: false
# prerelease: false