-
Notifications
You must be signed in to change notification settings - Fork 267
199 lines (185 loc) · 8.11 KB
/
build.yml
File metadata and controls
199 lines (185 loc) · 8.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
name: Build
on:
push:
branches:
- main
paths:
- .github/workflows/build.yml
- qlty-*
- Cargo.*
pull_request:
paths:
- .github/workflows/build.yml
- qlty-*
- Cargo.*
workflow_dispatch:
permissions:
contents: read
jobs:
compile:
permissions:
contents: read
attestations: write
id-token: write
if: github.event.commits && github.event.commits[0] && github.event.commits[0].author.name == 'qlty-releases[bot]' && startsWith(github.event.commits[0].message, 'Release ')
strategy:
fail-fast: false
matrix:
include:
# Linux with glibc
- target: x86_64-unknown-linux-gnu
runner: ubuntu-22.04
archive_format: tar.xz
- target: aarch64-unknown-linux-gnu
runner: ubuntu-22.04-arm
archive_format: tar.xz
# Linux with musl
- target: x86_64-unknown-linux-musl
runner: ubuntu-22.04
packages_install: sudo apt-get update && sudo apt-get install musl-tools
archive_format: tar.xz
- target: aarch64-unknown-linux-musl
runner: ubuntu-22.04-arm
packages_install: sudo apt-get update && sudo apt-get install musl-tools
archive_format: tar.xz
# macOS
- target: x86_64-apple-darwin
runner: macos-15
archive_format: tar.xz
- target: aarch64-apple-darwin
runner: macos-15
archive_format: tar.xz
# Windows
- target: x86_64-pc-windows-msvc
runner: windows-latest
archive_format: zip
name: ${{ matrix.target }}
runs-on: ${{ matrix.runner }}
env:
BINARY_NAME: qlty
steps:
- name: Git config
run: |
git config --global core.longpaths true
git config --global core.autocrlf false
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
with:
fetch-depth: 0
persist-credentials: false
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9
with:
toolchain: stable
targets: ${{ matrix.target }}
- name: Cache Rust
uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0
with:
shared-key: ${{ matrix.runner }}
cache-on-failure: true
cache-all-crates: true
- name: Install dependencies
run: |
${{ matrix.packages_install }}
- name: Build
env:
SEGMENT_WRITE_KEY: ${{ secrets.SEGMENT_WRITE_KEY }}
run: |
cargo build --target ${{ matrix.target }} --all-features --release
cargo test --target ${{ matrix.target }} --all-features --release
- name: Package artifacts
shell: bash
run: |
mkdir -p ${{ env.BINARY_NAME }}-${{ matrix.target }}
cp target/${{ matrix.target }}/release/${{ env.BINARY_NAME }} ${{ env.BINARY_NAME }}-${{ matrix.target }}/
cp README.md ${{ env.BINARY_NAME }}-${{ matrix.target }}/
cp LICENSE.md ${{ env.BINARY_NAME }}-${{ matrix.target }}/
cp CHANGELOG.md ${{ env.BINARY_NAME }}-${{ matrix.target }}/
if [ "${{ matrix.archive_format }}" = "zip" ]; then
if [ "$RUNNER_OS" = "Windows" ]; then
cd ${{ env.BINARY_NAME }}-${{ matrix.target }}
powershell -Command "Compress-Archive -Path '*' -DestinationPath '../${{ env.BINARY_NAME }}-${{ matrix.target }}.${{ matrix.archive_format }}'"
else
zip -r ${{ env.BINARY_NAME }}-${{ matrix.target }}.${{ matrix.archive_format }} ${{ env.BINARY_NAME }}-${{ matrix.target }}
fi
else
tar -cJf ${{ env.BINARY_NAME }}-${{ matrix.target }}.${{ matrix.archive_format }} ${{ env.BINARY_NAME }}-${{ matrix.target }}
fi
- name: Generate SHA256 signature
run: sha256sum ${{ env.BINARY_NAME }}-${{ matrix.target }}.${{ matrix.archive_format }} > ${{ env.BINARY_NAME }}-${{ matrix.target }}.${{ matrix.archive_format }}.sha256
- name: Generate binary attestation
uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a
with:
subject-path: ${{ env.BINARY_NAME }}-${{ matrix.target }}.${{ matrix.archive_format }}
- name: Upload artifacts
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: artifacts-${{ env.BINARY_NAME }}-${{ matrix.target }}
if-no-files-found: error
path: |
${{ env.BINARY_NAME }}-${{ matrix.target }}.${{ matrix.archive_format }}
${{ env.BINARY_NAME }}-${{ matrix.target }}.${{ matrix.archive_format }}.sha256
extra:
needs: compile
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
with:
fetch-depth: 0
persist-credentials: false
- name: Fetch local artifacts
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
with:
pattern: artifacts-*
path: target/distrib/
merge-multiple: true
- name: Retrieve version number and checksums
id: data
run: |
echo "version=$(cargo metadata --format-version 1 | jq -r ".workspace_members[0]" | cut -d# -f2)" >> "$GITHUB_OUTPUT"
echo "sha_aarch64_mac=$(cat target/distrib/qlty-aarch64-apple-darwin.tar.xz.sha256 | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
echo "sha_x86_64_mac=$(cat target/distrib/qlty-x86_64-apple-darwin.tar.xz.sha256 | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
echo "sha_aarch64_linux=$(cat target/distrib/qlty-aarch64-unknown-linux-gnu.tar.xz.sha256 | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
echo "sha_x86_64_linux=$(cat target/distrib/qlty-x86_64-unknown-linux-gnu.tar.xz.sha256 | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
- name: Create Homebrew formula
run: |
sed "s/{{VERSION}}/${STEPS_DATA_OUTPUTS_VERSION}/g" installer/qlty.rb.template > qlty.rb
sed -i "s/{{SHA_AARCH64_MAC}}/${STEPS_DATA_OUTPUTS_SHA_AARCH64_MAC}/g" qlty.rb
sed -i "s/{{SHA_X86_64_MAC}}/${STEPS_DATA_OUTPUTS_SHA_X86_64_MAC}/g" qlty.rb
sed -i "s/{{SHA_AARCH64_LINUX}}/${STEPS_DATA_OUTPUTS_SHA_AARCH64_LINUX}/g" qlty.rb
sed -i "s/{{SHA_X86_64_LINUX}}/${STEPS_DATA_OUTPUTS_SHA_X86_64_LINUX}/g" qlty.rb
env:
STEPS_DATA_OUTPUTS_VERSION: ${{ steps.data.outputs.version }}
STEPS_DATA_OUTPUTS_SHA_AARCH64_MAC: ${{ steps.data.outputs.sha_aarch64_mac }}
STEPS_DATA_OUTPUTS_SHA_X86_64_MAC: ${{ steps.data.outputs.sha_x86_64_mac }}
STEPS_DATA_OUTPUTS_SHA_AARCH64_LINUX: ${{ steps.data.outputs.sha_aarch64_linux }}
STEPS_DATA_OUTPUTS_SHA_X86_64_LINUX: ${{ steps.data.outputs.sha_x86_64_linux }}
- name: Upload Homebrew formula
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: artifacts-homebrew
if-no-files-found: error
path: qlty.rb
- name: Create dist-manifest.json
run: echo "{\"announcement_tag\":\"v${STEPS_DATA_OUTPUTS_VERSION}\"}" > dist-manifest.json
env:
STEPS_DATA_OUTPUTS_VERSION: ${{ steps.data.outputs.version }}
- name: Upload manifest
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: artifacts-manifest
if-no-files-found: error
path: dist-manifest.json
release:
needs: [compile, extra]
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && github.event.commits[0].author.name == 'qlty-releases[bot]' && startsWith(github.event.commits[0].message, 'Release ') }}
permissions:
contents: read
id-token: write
uses: ./.github/workflows/release.yml
with:
workflow_run_id: ${{ github.event.workflow_run.id }}
secrets:
QLTY_APP_PRIVATE_KEY: ${{ secrets.QLTY_APP_PRIVATE_KEY }}
QLTY_RELEASE_AWS_ROLE_ARN: ${{ secrets.QLTY_RELEASE_AWS_ROLE_ARN }}