Cleanup/miscellaneous #389
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Reference: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions | |
| name: TMQ | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| workflow_dispatch: | |
| inputs: | |
| release-version: | |
| description: Set this to create a draft release, e.g. '0.0.1'. Do not include the 'v' prefix. | |
| required: false | |
| enable-macOS: | |
| type: boolean | |
| description: Enable building for macOS. This is always true for release builds. | |
| required: false | |
| enable-windows: | |
| type: boolean | |
| description: Enable building for Windows. This is always true for release builds. | |
| required: false | |
| jobs: | |
| tmq-format: | |
| name: Format | |
| runs-on: tashi-actions-runner | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Install/Update rust | |
| run: | | |
| rustup update stable | |
| rustup component add rustfmt | |
| - name: Check rust code formatting | |
| run: cargo fmt --check --all | |
| tmq-check: | |
| name: Check | |
| runs-on: tashi-actions-runner | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| - name: Add TCE Deploy Key | |
| run: | | |
| mkdir -p ~/.ssh | |
| eval $(ssh-agent -s) | |
| ssh-add - <<< "${{ secrets.TASHIBOT_SSH_KEY }}" | |
| echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $GITHUB_ENV | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| bash docker-util/test-ssh.sh | |
| - name: Rust cache | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Install/Update Rust | |
| run: | | |
| rustup update stable | |
| rustup component add clippy | |
| - name: Check | |
| run: cargo check --workspace --all-targets | |
| # Deny warnings but don't break `main` when new ones are added | |
| - name: Lint | |
| if: ${{ github.ref_name != 'main' }} | |
| run: cargo clippy --workspace --all-targets -- -D warnings | |
| tmq-tests-unit: | |
| name: Unit Tests | |
| runs-on: tashi-actions-runner | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Add TCE Deploy Key | |
| run: | | |
| mkdir -p ~/.ssh | |
| eval $(ssh-agent -s) | |
| ssh-add - <<< "${{ secrets.TASHIBOT_SSH_KEY }}" | |
| echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $GITHUB_ENV | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| bash docker-util/test-ssh.sh | |
| - name: Rust cache | |
| uses: Swatinem/rust-cache@v2 | |
| - name: Install/Update Rust | |
| run: rustup update stable | |
| - name: Unit Tests | |
| run: cargo test --lib | |
| # Future note: add integration tests as their own pass. | |
| tmq-tests-e2e: | |
| name: End-to-End Tests | |
| timeout-minutes: 10 | |
| runs-on: ghcr.io/cirruslabs/ubuntu-runner-amd64:22.04-md | |
| env: | |
| NODE_VERSION: v20.11.0 | |
| defaults: | |
| run: | |
| working-directory: tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Add TCE Deploy Key | |
| run: | | |
| mkdir -p ~/.ssh | |
| eval $(ssh-agent -s) | |
| ssh-add - <<< "${{ secrets.TASHIBOT_SSH_KEY }}" | |
| echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $GITHUB_ENV | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| bash ../docker-util/test-ssh.sh | |
| - name: Build and run the message queue brokers | |
| run: docker compose up --build -d | |
| # actions/setup-node@v4 doesn't seem to work, I didn't investigate. | |
| - name: Install Node and NPM | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y curl | |
| curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash | |
| . ~/.nvm/nvm.sh | |
| nvm install ${NODE_VERSION} | |
| - name: System tests | |
| run: | | |
| . ~/.nvm/nvm.sh | |
| nvm use ${NODE_VERSION} | |
| npm i | |
| npm test distribution | |
| - name: Get Service Logs | |
| if: ${{ failure () }} | |
| run: docker compose logs | |
| # Run this after our own tests to not pollute the logs. | |
| - name: Smoke test | |
| # May stall on some checks; keep trucking with the rest of the tests. | |
| timeout-minutes: 5 | |
| # Run all tests on both versions | |
| run: docker run --net=host hivemq/mqtt-cli test -a | |
| - name: Stop the message queue | |
| if: ${{ always() }} | |
| run: docker compose down | |
| - name: Run TLS Root Certificates configuration | |
| working-directory: tests/foxmq-root-ca.d | |
| run: docker compose up --build -d | |
| - name: Run TLS Root Certificates test | |
| run: | | |
| . ~/.nvm/nvm.sh | |
| npm test root-ca | |
| - name: Get Service Logs | |
| if: ${{ failure () }} | |
| working-directory: tests/foxmq-root-ca.d | |
| run: docker compose logs | |
| - name: Stop the message queue | |
| if: ${{ always() }} | |
| working-directory: tests/foxmq-root-ca.d | |
| run: docker compose down | |
| tmq-build-macos: | |
| name: Release Build - macOS | |
| if: ${{ inputs.enable-macOS || inputs.release-version != '' }} | |
| needs: tmq-check | |
| runs-on: ghcr.io/cirruslabs/macos-runner:sonoma | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| - name: Add TCE Deploy Key | |
| run: | | |
| mkdir -p ~/.ssh | |
| eval $(ssh-agent -s) | |
| ssh-add - <<< "${{ secrets.TASHIBOT_SSH_KEY }}" | |
| echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $GITHUB_ENV | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| bash docker-util/test-ssh.sh | |
| - name: Rust cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: macOS-build | |
| - name: Install/Update Rust | |
| uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| with: | |
| target: x86_64-apple-darwin | |
| - name: Build | |
| run: | | |
| cargo build --release --target aarch64-apple-darwin | |
| cargo build --release --target x86_64-apple-darwin | |
| - name: Create Universal Binary | |
| run: | | |
| lipo \ | |
| target/aarch64-apple-darwin/release/foxmq \ | |
| target/x86_64-apple-darwin/release/foxmq \ | |
| -create \ | |
| -output foxmq | |
| - name: Upload native libraries | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: tmq-macos-universal | |
| retention-days: 1 | |
| if-no-files-found: error | |
| path: foxmq | |
| tmq-build-windows: | |
| name: Release Build - Windows | |
| if: ${{ inputs.enable-windows || inputs.release-version != '' }} | |
| needs: tmq-check | |
| runs-on: windows-2022 | |
| timeout-minutes: 45 | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| - name: Add TCE Deploy Key | |
| run: | | |
| mkdir -p ~/.ssh | |
| # Rewrite line endings in `TASHIBOT_SSH_KEY` to LF with trailing newline | |
| Set-Content -Path ~/.ssh/id_ed25519 -NoNewline -Value ((('${{ secrets.TASHIBOT_SSH_KEY }}' -split '\r?\n') -join "`n") + "`n") | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| - name: Test Github SSH | |
| run: | | |
| ssh -v git@github.com | |
| # Counterintuitively, the above command returns exit status 1 when it succeeds, | |
| # because github.com just immediately closes the connection, which counts as a failure. | |
| if($LastExitCode -ne 1) | |
| { | |
| throw "Failed to connect to github.com via SSH. See the command output for details." | |
| } | |
| exit 0 | |
| - name: Rust cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: windows-2022-build | |
| - name: Install/Update rust | |
| run: | | |
| rustup update stable | |
| - name: Build | |
| run: cargo build --release | |
| - name: Rename Executable | |
| run: cp target\release\foxmq.exe foxmq.exe | |
| - name: Upload native libraries | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: tmq-windows-amd64 | |
| retention-days: 1 | |
| if-no-files-found: error | |
| path: foxmq.exe | |
| tmq-build-linux: | |
| name: Release Build - Linux | |
| # This one doesn't cost us anything to run | |
| needs: tmq-check | |
| runs-on: tashi-actions-runner | |
| timeout-minutes: 15 | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| - name: Add TCE Deploy Key | |
| run: | | |
| mkdir -p ~/.ssh | |
| eval $(ssh-agent -s) | |
| ssh-add - <<< "${{ secrets.TASHIBOT_SSH_KEY }}" | |
| echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $GITHUB_ENV | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| bash docker-util/test-ssh.sh | |
| - name: Rust cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: linux-build | |
| - name: Install/Update Rust | |
| run: rustup update stable | |
| - name: Build | |
| run: cargo build --release | |
| - name: Move Executable | |
| run: cp target/release/foxmq . | |
| - name: Upload native libraries | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: tmq-linux-amd64 | |
| retention-days: 1 | |
| if-no-files-found: error | |
| path: foxmq | |
| tmq-draft-release: | |
| if: ${{ inputs.release-version != '' }} | |
| runs-on: tashi-actions-runner | |
| needs: | |
| - tmq-build-macos | |
| - tmq-build-windows | |
| - tmq-build-linux | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| with: | |
| path: tmq | |
| # Creates a token with which we can use to read to/write from `tashigg/foxmq`. | |
| - name: Create Deploy Token | |
| id: create-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| # required | |
| app-id: ${{ vars.FOXMQ_DEPLOY_APP_ID }} | |
| private-key: ${{ secrets.FOXMQ_DEPLOY_APP_KEY }} | |
| repositories: foxmq | |
| - name: Add TCE Deploy Key | |
| run: | | |
| mkdir -p ~/.ssh | |
| eval $(ssh-agent -s) | |
| ssh-add - <<< "${{ secrets.TASHIBOT_SSH_KEY }}" | |
| echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $GITHUB_ENV | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| bash tmq/docker-util/test-ssh.sh | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: tashigg/foxmq | |
| token: ${{ steps.create-token.outputs.token }} | |
| path: foxmq | |
| - name: Cache cargo installs | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cargo | |
| key: generate-licenses | |
| - name: Install/Update Rust | |
| run: rustup update stable | |
| - name: Install cargo-bundle-licenses | |
| run: cargo install cargo-bundle-licenses | |
| - name: Set the git user name and email | |
| run: | | |
| git config --global user.name "Tashi Automatic Builder" | |
| git config --global user.email "noreply@tashi.gg" | |
| - name: Generate third party licenses file | |
| working-directory: tmq | |
| run: | | |
| cargo-bundle-licenses --format toml --output ../foxmq/THIRDPARTY.toml | |
| - name: Create Release Branch | |
| working-directory: foxmq | |
| run: | | |
| git checkout -b releases/${{ inputs.release-version }} | |
| git add THIRDPARTY.toml | |
| git commit -m "chore(auto): generate THIRDPARTY.toml" | |
| git push origin releases/${{ inputs.release-version }} | |
| - name: Fetch macOS Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: tmq-macos-universal | |
| path: foxmq_${{ inputs.release-version }}_macos-universal | |
| - name: Fetch Windows Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: tmq-windows-amd64 | |
| path: foxmq_${{ inputs.release-version }}_windows-amd64 | |
| - name: Fetch Linux Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: tmq-linux-amd64 | |
| path: foxmq_${{ inputs.release-version }}_linux-amd64 | |
| - name: Re-package Artifacts | |
| run: | | |
| zip -j foxmq_${{ inputs.release-version }}_macos-universal.zip foxmq_${{ inputs.release-version }}_macos-universal/* | |
| zip -j foxmq_${{ inputs.release-version }}_windows-amd64.zip foxmq_${{ inputs.release-version }}_windows-amd64/* | |
| zip -j foxmq_${{ inputs.release-version }}_linux-amd64.zip foxmq_${{ inputs.release-version }}_linux-amd64/* | |
| - name: Create a tashigg/foxmq Draft Release | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| owner: tashigg | |
| repo: foxmq | |
| draft: true | |
| artifactErrorsFailBuild: true | |
| artifacts: "*.zip" | |
| commit: releases/${{ inputs.release-version }} | |
| tag: v${{ inputs.release-version }} | |
| updateOnlyUnreleased: true | |
| token: ${{ steps.create-token.outputs.token }} | |
| tmq-docker-publish: | |
| if: ${{ inputs.release-version != '' }} | |
| # Just use CI minutes for this job since it's only run manually. | |
| runs-on: ubuntu-latest | |
| # Just to make sure the rest of the release process went okay. | |
| needs: tmq-draft-release | |
| steps: | |
| - name: Log in to registry | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Fetch Linux Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: tmq-linux-amd64 | |
| path: foxmq_${{ inputs.release-version }}_linux-amd64 | |
| - name: Build Docker Image | |
| run: | # Since the image is so simple, we can just supply the Dockerfile inline and not have to check out. | |
| docker build -t ghcr.io/tashigg/foxmq:${{ inputs.release-version }} -f - . <<- EOF | |
| # Not exactly the same environment as our builders, but we just need glibc mostly. | |
| FROM debian:bookworm-slim | |
| LABEL org.opencontainers.image.source="https://github.com/tashigg/foxmq" | |
| COPY --chmod=555 foxmq_${{ inputs.release-version }}_linux-amd64/foxmq /usr/local/bin/foxmq | |
| ENTRYPOINT ["foxmq"] | |
| EOF | |
| - name: Push Docker Image | |
| run: | | |
| docker tag ghcr.io/tashigg/foxmq:${{ inputs.release-version }} ghcr.io/tashigg/foxmq:latest | |
| docker push ghcr.io/tashigg/foxmq:${{ inputs.release-version }} | |
| docker push ghcr.io/tashigg/foxmq:latest |