Merge pull request #288 from friedemannsommer/dependabot/github_actio… #731
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Rust continuous integration | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- "v*.*.*" | |
pull_request: | |
branches: | |
- "*" | |
permissions: | |
actions: none | |
checks: none | |
contents: read | |
deployments: none | |
id-token: none | |
issues: none | |
packages: none | |
pages: none | |
pull-requests: none | |
repository-projects: none | |
security-events: none | |
statuses: none | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Rust latest stable | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: stable | |
- uses: Swatinem/rust-cache@v2 | |
- name: Run tests | |
run: cargo test | |
check: | |
name: Check | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Rust latest stable | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: stable | |
- uses: Swatinem/rust-cache@v2 | |
- name: Run checks | |
run: cargo check | |
fmt: | |
name: Rustfmt | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Rust latest stable | |
uses: dtolnay/rust-toolchain@master | |
with: | |
components: rustfmt | |
toolchain: stable | |
- uses: Swatinem/rust-cache@v2 | |
- name: Check formatting | |
run: cargo fmt --all -- --check | |
clippy: | |
name: Clippy | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Rust latest stable | |
uses: dtolnay/rust-toolchain@master | |
with: | |
components: clippy | |
toolchain: stable | |
- uses: Swatinem/rust-cache@v2 | |
- name: Run lints | |
run: cargo clippy -- -D warnings | |
clippy-analyze: | |
name: Run rust-clippy analyzing | |
runs-on: ubuntu-latest | |
continue-on-error: true | |
permissions: | |
contents: read | |
security-events: write | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Rust latest stable | |
uses: dtolnay/rust-toolchain@master | |
with: | |
components: clippy | |
toolchain: stable | |
- uses: Swatinem/rust-cache@v2 | |
- name: Install required cargo | |
run: cargo install clippy-sarif sarif-fmt | |
- name: Run rust-clippy | |
run: | |
cargo clippy | |
--all-features | |
--message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt | |
continue-on-error: true | |
- name: Upload analysis results to GitHub | |
uses: github/codeql-action/upload-sarif@v3 | |
with: | |
sarif_file: rust-clippy-results.sarif | |
wait-for-processing: true | |
build-release: | |
name: "Build release" | |
runs-on: ubuntu-latest | |
if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') | |
needs: | |
- test | |
- check | |
- fmt | |
- clippy | |
strategy: | |
matrix: | |
include: | |
- target: "aarch64-unknown-linux-musl" | |
binary: "email-view-tracker" | |
- target: "arm-unknown-linux-musleabihf" | |
binary: "email-view-tracker" | |
- target: "armv7-unknown-linux-musleabihf" | |
binary: "email-view-tracker" | |
- target: "x86_64-unknown-linux-musl" | |
binary: "email-view-tracker" | |
- target: "i686-unknown-linux-musl" | |
binary: "email-view-tracker" | |
- target: "x86_64-pc-windows-gnu" | |
binary: "email-view-tracker.exe" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Rust latest stable | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: stable | |
target: ${{ matrix.target }} | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
key: ${{ matrix.target }} | |
- name: install cross | |
run: cargo install cross --git https://github.com/cross-rs/cross | |
- name: compile with cross | |
run: cross build --target ${{ matrix.target }} --release | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: "EVT_${{ matrix.target }}" | |
path: "target/${{ matrix.target }}/release/${{ matrix.binary }}" | |
retention-days: 1 | |
if-no-files-found: error | |
build-containers: | |
name: "Build Docker containers" | |
runs-on: ubuntu-latest | |
needs: | |
- "build-release" | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
id: download | |
with: | |
path: artifact-binaries | |
- name: Set up QEMU | |
uses: docker/[email protected] | |
- name: Set up Docker Buildx | |
uses: docker/[email protected] | |
- name: Log in to the Container registry | |
uses: docker/[email protected] | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata | |
id: meta | |
uses: docker/[email protected] | |
with: | |
images: ghcr.io/${{ github.repository }} | |
- name: Copy binaries to Docker context | |
run: | | |
cp -r "${{ steps.download.outputs.download-path }}" ./packaging/docker | |
- name: Build and push Docker image | |
uses: docker/[email protected] | |
with: | |
context: packaging/docker | |
platforms: linux/arm64,linux/arm/v6,linux/arm/v7,linux/amd64,linux/386 | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
release: | |
name: "Create release" | |
runs-on: ubuntu-latest | |
needs: | |
- "build-release" | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
id: download | |
with: | |
path: artifact-binaries | |
- name: Rename files | |
run: | | |
TARGETS=( \ | |
'aarch64-unknown-linux-musl' 'arm-unknown-linux-musleabihf' \ | |
'armv7-unknown-linux-musleabihf' 'x86_64-unknown-linux-musl' \ | |
'i686-unknown-linux-musl' 'x86_64-pc-windows-gnu' \ | |
) | |
mkdir release-binaries | |
for target in "${TARGETS[@]}"; do | |
TARGET_PATH="${{steps.download.outputs.download-path}}/EVT_$target/" | |
TARGET_FILE=$(find "$TARGET_PATH" -maxdepth 1 -name "email-view-tracker*" -type f) | |
if [[ $target == "arm-unknown-linux-musleabihf" ]]; then | |
# rename "arm" to "armv6" to explicitly state ARM version | |
mv "$TARGET_FILE" "./release-binaries/email-view-tracker_armv6-unknown-linux-musleabihf" | |
elif [[ $target == "x86_64-pc-windows-gnu" ]]; then | |
mv "$TARGET_FILE" "./release-binaries/email-view-tracker_$target.exe" | |
else | |
mv "$TARGET_FILE" "./release-binaries/email-view-tracker_$target" | |
fi | |
done | |
- name: Create checksums | |
run: | | |
declare -A checksums | |
for filename in ./release-binaries/*; do | |
[ -e "$filename" ] || continue | |
checksums["$filename"]=$(sha256sum "$filename" | cut -d " " -f1) | |
done | |
for key in "${!checksums[@]}"; do | |
echo "${checksums[$key]} $(basename $key)" > "$key.sha256" | |
done | |
- name: Create release | |
uses: "softprops/action-gh-release@v2" | |
with: | |
generate_release_notes: true | |
draft: true | |
files: | | |
release-binaries/* |