internal: add -31-32 to default deny warn (#437) #334
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # moon: The build system and package manager for MoonBit. | |
| # Copyright (C) 2024 International Digital Economy Academy | |
| # | |
| # This program is free software: you can redistribute it and/or modify | |
| # it under the terms of the GNU Affero General Public License as published by | |
| # the Free Software Foundation, either version 3 of the License, or | |
| # (at your option) any later version. | |
| # | |
| # This program is distributed in the hope that it will be useful, | |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| # GNU Affero General Public License for more details. | |
| # | |
| # You should have received a copy of the GNU Affero General Public License | |
| # along with this program. If not, see <https://www.gnu.org/licenses/>. | |
| # | |
| # For inquiries, you can contact us via e-mail at [email protected]. | |
| name: CD | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build: | |
| strategy: | |
| matrix: | |
| os: [macos-latest, macos-13, windows-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dtolnay/[email protected] | |
| - name: Cargo cache | |
| uses: actions/cache@v4 | |
| with: | |
| key: ${{ runner.os }}-cargo-${{ hashFiles('Cargo.lock') }} | |
| path: ~/.cargo/registry | |
| - name: Build | |
| run: cargo build --release | |
| - name: Upload(Unix) | |
| if: ${{ matrix.os != 'windows-latest' }} | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
| run: | | |
| version=$(echo "$GITHUB_SHA" | cut -c 1-9) | |
| aws s3 cp target/release/moon "s3://${{ secrets.AWS_BUCKET_NAME }}/bleeding-moon/$version/$(uname -s)-$(uname -m)/" | |
| aws s3 cp target/release/moonrun "s3://${{ secrets.AWS_BUCKET_NAME }}/bleeding-moonrun/$version/$(uname -s)-$(uname -m)/" | |
| aws s3 cp target/release/moonrun "s3://cli.moonbitlang.com/moon-ci/$(uname -s)-$(uname -m)/" | |
| - name: Upload(Windows) | |
| if: ${{ matrix.os == 'windows-latest' }} | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
| run: | | |
| $version = "$env:GITHUB_SHA".Substring(0, 9) | |
| aws s3 cp .\target\release\moon.exe "s3://${{ secrets.AWS_BUCKET_NAME }}/bleeding-moon/$version/Windows-x86_64/" | |
| aws s3 cp .\target\release\moonrun.exe "s3://${{ secrets.AWS_BUCKET_NAME }}/bleeding-moonrun/$version/Windows-x86_64/" | |
| aws s3 cp .\target\release\moonrun.exe "s3://cli.moonbitlang.com/moon-ci/Windows-x86_64/" | |
| - name: Bleeding Release (macos-latest) | |
| if: ${{ matrix.os == 'macos-latest' }} | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
| run: | | |
| rm -rf tmp-bins | |
| mkdir tmp-bins | |
| curl https://cli.moonbitlang.com/moon-ci/$(uname -s)-$(uname -m).tar.gz --output moonbit.tar.gz | |
| curl https://cli.moonbitlang.com/moon-ci/$(uname -s)-$(uname -m)/mooncake --output mooncake | |
| tar xf moonbit.tar.gz --directory ./tmp-bins/ | |
| cp -L ./target/release/moonrun ./tmp-bins/ | |
| cp -L ./target/release/moon ./tmp-bins/ | |
| cp -L ./mooncake ./tmp-bins/ | |
| pushd tmp-bins && shasum -a 256 -- * >../moonbit-darwin-aarch64.sha256 && popd | |
| tar czf ./moonbit-darwin-aarch64.tar.gz --directory=./tmp-bins . | |
| aws s3 cp ./moonbit-darwin-aarch64.tar.gz s3://cli.moonbitlang.com/binaries/bleeding/moonbit-darwin-aarch64.tar.gz | |
| aws s3 cp ./moonbit-darwin-aarch64.sha256 s3://cli.moonbitlang.com/binaries/bleeding/moonbit-darwin-aarch64.sha256 | |
| aws cloudfront create-invalidation --distribution-id E1KQYZEVEB0TAY --paths "/*" | |
| ubuntu-build: | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ubuntu:16.04 | |
| steps: | |
| - name: Install dependencies | |
| run: | | |
| apt update && apt install -y software-properties-common curl unzip build-essential git sudo coreutils | |
| - name: Checkout | |
| run: | | |
| git clone --depth 1 "https://${{ secrets.MOON_CLONE_PAT }}@github.com/moonbitlang/moon.git" "$GITHUB_WORKSPACE" | |
| - name: Install Rustup | |
| run: | | |
| curl --proto '=https' --tlsv1.2 -sSf "https://sh.rustup.rs" | sh -s -- --default-toolchain none -y | |
| echo ~/.cargo/bin >> $GITHUB_PATH | |
| - name: Install Rust | |
| run: | | |
| rustup toolchain install ${{ env.toolchain }} --profile minimal --no-self-update | |
| env: | |
| toolchain: 1.80.0 | |
| - name: Rust Version | |
| run: | | |
| cargo version | |
| rustc --version | |
| - run: | | |
| git config --global --add safe.directory "$(pwd)" | |
| git status | |
| - name: Build | |
| run: cargo build --release | |
| - name: Setup AWS | |
| run: | | |
| curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" | |
| unzip awscliv2.zip | |
| bash ./aws/install | |
| - name: Upload | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
| run: | | |
| version=$(echo "$GITHUB_SHA" | cut -c 1-9) | |
| aws s3 cp target/release/moon "s3://${{ secrets.AWS_BUCKET_NAME }}/bleeding-moon/$version/$(uname -s)-$(uname -m)/" | |
| aws s3 cp target/release/moonrun "s3://${{ secrets.AWS_BUCKET_NAME }}/bleeding-moonrun/$version/$(uname -s)-$(uname -m)/" | |
| aws s3 cp target/release/moonrun "s3://cli.moonbitlang.com/moon-ci/$(uname -s)-$(uname -m)/" | |
| - name: Bleeding Release | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
| run: | | |
| rm -rf tmp-bins | |
| mkdir tmp-bins | |
| curl https://cli.moonbitlang.com/moon-ci/$(uname -s)-$(uname -m).tar.gz --output moonbit.tar.gz | |
| curl https://cli.moonbitlang.com/moon-ci/$(uname -s)-$(uname -m)/mooncake --output mooncake | |
| tar xf moonbit.tar.gz --directory ./tmp-bins/ | |
| cp -L ./target/release/moonrun ./tmp-bins/ | |
| cp -L ./target/release/moon ./tmp-bins/ | |
| cp -L ./mooncake ./tmp-bins/ | |
| cd tmp-bins && sha256sum -- * >../moonbit-linux-x86_64.sha256 && cd .. | |
| tar czf ./moonbit-linux-x86_64.tar.gz --directory=./tmp-bins . | |
| aws s3 cp ./moonbit-linux-x86_64.tar.gz s3://cli.moonbitlang.com/binaries/bleeding/moonbit-linux-x86_64.tar.gz | |
| aws s3 cp ./moonbit-linux-x86_64.sha256 s3://cli.moonbitlang.com/binaries/bleeding/moonbit-linux-x86_64.sha256 | |
| aws cloudfront create-invalidation --distribution-id E1KQYZEVEB0TAY --paths "/*" |