Merge pull request #369 from thomastaylor312/chore/update_crate_vulns #172
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- "v*" | |
jobs: | |
build: | |
name: build release assets | |
runs-on: ${{ matrix.config.os }} | |
env: ${{ matrix.config.env }} | |
strategy: | |
matrix: | |
config: | |
# NOTE: We are building on an older version of ubuntu because of libc compatibility | |
# issues. Namely, if we build on a new version of libc, it isn't backwards compatible with | |
# old versions. But if we build on the old version, it is compatible with the newer | |
# versions running in ubuntu 22 and its ilk | |
- { | |
os: "ubuntu-20.04", | |
arch: "amd64", | |
extension: "", | |
env: {}, | |
targetPath: "target/release/", | |
} | |
- { | |
os: "ubuntu-20.04", | |
arch: "aarch64", | |
extension: "", | |
env: { OPENSSL_DIR: "/usr/local/openssl-aarch64" }, | |
targetPath: "target/aarch64-unknown-linux-gnu/release/", | |
} | |
- { | |
os: "macos-latest", | |
arch: "amd64", | |
extension: "", | |
env: {}, | |
targetPath: "target/release/", | |
} | |
- { | |
os: "windows-latest", | |
arch: "amd64", | |
extension: ".exe", | |
env: {}, | |
targetPath: "target/release/", | |
} | |
- { | |
os: "macos-latest", | |
arch: "aarch64", | |
extension: "", | |
env: {}, | |
targetPath: "target/aarch64-apple-darwin/release/", | |
} | |
steps: | |
- uses: actions/checkout@v2 | |
- name: set the release version (tag) | |
if: startsWith(github.ref, 'refs/tags/v') | |
shell: bash | |
run: echo "RELEASE_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV | |
- name: set the release version (main) | |
if: github.ref == 'refs/heads/main' | |
shell: bash | |
run: echo "RELEASE_VERSION=canary" >> $GITHUB_ENV | |
- name: lowercase the runner OS name | |
shell: bash | |
run: | | |
OS=$(echo "${{ runner.os }}" | tr '[:upper:]' '[:lower:]') | |
echo "RUNNER_OS=$OS" >> $GITHUB_ENV | |
- name: Install latest Rust stable toolchain | |
uses: actions-rs/toolchain@v1 | |
if: matrix.config.arch != 'aarch64' | |
with: | |
toolchain: stable | |
default: true | |
components: clippy, rustfmt | |
- name: setup for cross-compile builds | |
if: matrix.config.arch == 'aarch64' && matrix.config.os == 'ubuntu-20.04' | |
run: | | |
sudo apt-get update | |
sudo apt install gcc-aarch64-linux-gnu g++-aarch64-linux-gnu | |
cd /tmp | |
git clone https://github.com/openssl/openssl | |
cd openssl | |
git checkout OpenSSL_1_1_1l | |
sudo mkdir -p $OPENSSL_DIR | |
./Configure linux-aarch64 --prefix=$OPENSSL_DIR --openssldir=$OPENSSL_DIR shared | |
make CC=aarch64-linux-gnu-gcc | |
sudo make install | |
rustup target add aarch64-unknown-linux-gnu | |
- name: Install latest Rust stable toolchain | |
uses: actions-rs/toolchain@v1 | |
if: matrix.config.arch == 'aarch64' && matrix.config.os == 'macos-latest' | |
with: | |
toolchain: stable | |
default: true | |
components: clippy, rustfmt | |
target: aarch64-apple-darwin | |
- name: Install latest Rust stable toolchain | |
uses: actions-rs/toolchain@v1 | |
if: matrix.config.arch == 'aarch64' && matrix.config.os == 'ubuntu-20.04' | |
with: | |
toolchain: stable | |
default: true | |
components: clippy, rustfmt | |
target: aarch64-unknown-linux-gnu | |
- name: build release | |
uses: actions-rs/cargo@v1 | |
if: matrix.config.arch != 'aarch64' | |
with: | |
command: build | |
args: "--release --no-default-features --features rustls-tls,cli,server,client,caching" | |
- name: build release | |
uses: actions-rs/cargo@v1 | |
if: matrix.config.arch == 'aarch64' && matrix.config.os == 'macos-latest' | |
with: | |
command: build | |
args: "--release --no-default-features --features rustls-tls,cli,server,client,caching --target aarch64-apple-darwin" | |
- name: build release | |
uses: actions-rs/cargo@v1 | |
if: matrix.config.arch == 'aarch64' && matrix.config.os == 'ubuntu-20.04' | |
with: | |
command: build | |
args: "--release --no-default-features --features rustls-tls,cli,server,client,caching --target aarch64-unknown-linux-gnu" | |
- name: package release assets | |
shell: bash | |
run: | | |
mkdir _dist | |
cp README.md LICENSE.txt ${{ matrix.config.targetPath }}bindle${{ matrix.config.extension }} ${{ matrix.config.targetPath }}bindle-server${{ matrix.config.extension }} _dist/ | |
cd _dist | |
tar czf bindle-${{ env.RELEASE_VERSION }}-${{ env.RUNNER_OS }}-${{ matrix.config.arch }}.tar.gz README.md LICENSE.txt bindle${{ matrix.config.extension }} bindle-server${{ matrix.config.extension }} | |
- uses: actions/upload-artifact@v1 | |
with: | |
name: bindle | |
path: _dist/bindle-${{ env.RELEASE_VERSION }}-${{ env.RUNNER_OS }}-${{ matrix.config.arch }}.tar.gz | |
publish: | |
name: publish release assets | |
runs-on: ubuntu-20.04 | |
needs: build | |
steps: | |
- name: set the release version (tag) | |
if: startsWith(github.ref, 'refs/tags/v') | |
shell: bash | |
run: echo "RELEASE_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV | |
- name: set the release version (main) | |
if: github.ref == 'refs/heads/main' | |
shell: bash | |
run: echo "RELEASE_VERSION=canary" >> $GITHUB_ENV | |
- name: download release assets | |
uses: actions/download-artifact@v1 | |
with: | |
name: bindle | |
- name: generate checksums | |
run: | | |
cd bindle | |
sha256sum * > checksums-${{ env.RELEASE_VERSION }}.txt | |
- name: upload to azure | |
uses: bacongobbler/[email protected] | |
with: | |
source_dir: bindle | |
container_name: releases | |
connection_string: ${{ secrets.AzureStorageConnectionString }} | |
overwrite: "true" | |
crate: | |
name: Publish crate | |
runs-on: ubuntu-latest | |
if: startsWith(github.ref, 'refs/tags/v') | |
needs: build | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Install latest Rust stable toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: stable | |
default: true | |
- name: Cargo login | |
env: | |
CRATES_TOKEN: ${{ secrets.cratesToken }} | |
run: cargo login ${{ env.CRATES_TOKEN }} | |
shell: bash | |
- name: Cargo publish | |
run: cargo publish | |
shell: bash | |
docker-image: | |
name: Build and push docker images | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: lowercase repository owner | |
run: | | |
echo "OWNER=${GITHUB_REPOSITORY_OWNER,,}" >>$GITHUB_ENV | |
- name: set the release version (tag) | |
if: startsWith(github.ref, 'refs/tags/v') | |
shell: bash | |
run: echo "RELEASE_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV | |
- name: Build and push (tag) | |
uses: docker/build-push-action@v3 | |
if: startsWith(github.ref, 'refs/tags/v') | |
with: | |
push: true | |
tags: ghcr.io/${{ env.OWNER }}/bindle:latest,ghcr.io/${{ env.OWNER }}/bindle:${{ env.RELEASE_VERSION }} | |
- name: Build and push (main) | |
uses: docker/build-push-action@v3 | |
if: github.ref == 'refs/heads/main' | |
with: | |
push: true | |
tags: ghcr.io/${{ env.OWNER }}/bindle:canary |