From 278bc1f9dbe624bedd6a0ff620f530bac1933a2d Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 16:18:47 -0700 Subject: [PATCH 01/12] ci: add build.yml This is purely an experiment to check whether cross is necessary to build the various targets --- .github/workflows/build.yml | 159 ++++++++++++++++++++++++++++++++++++ 1 file changed, 159 insertions(+) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000000..f288cb347c --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,159 @@ +name: Build Check + +on: + pull_request: + +jobs: + # checks that the build can run on all platforms + # This is a copy of the publish-binaries job in cd.yml without any publishing steps. + build-binaries: + name: Build binaries + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + include: + - name: linux-x64-glibc + os: ubuntu-latest + target: x86_64-unknown-linux-gnu + publish_npm: true + publish_pypi: true + - name: linux-x64-musl + os: ubuntu-latest + target: x86_64-unknown-linux-musl + publish_npm: false + publish_pypi: true + install_musl: true + - name: linux-x86-glibc + os: ubuntu-latest + target: i686-unknown-linux-gnu + publish_npm: false + publish_pypi: false + - name: linux-x86-musl + os: ubuntu-latest + target: i686-unknown-linux-musl + publish_npm: false + publish_pypi: true + install_musl: true + - name: linux-arm64-glibc + os: ubuntu-24.04-arm + target: aarch64-unknown-linux-gnu + publish_npm: true + publish_pypi: true + - name: linux-arm64-musl + os: ubuntu-24.04-arm + target: aarch64-unknown-linux-musl + publish_npm: false + publish_pypi: true + install_musl: true + - name: win32-x64-mingw + os: windows-latest + target: x86_64-pc-windows-gnu + publish_npm: false + publish_pypi: false + - name: win32-x64-msvc + os: windows-latest + target: x86_64-pc-windows-msvc + publish_npm: true + publish_pypi: true + - name: win32-x86-msvc + os: windows-latest + target: i686-pc-windows-msvc + publish_npm: false + publish_pypi: true + - name: win32-arm64-msvc + os: windows-11-arm + target: aarch64-pc-windows-msvc + publish_npm: true + publish_pypi: false + - name: darwin-x64 + os: macos-13 + target: x86_64-apple-darwin + publish_npm: true + publish_pypi: true + - name: darwin-arm64 + os: macos-latest + target: aarch64-apple-darwin + publish_npm: true + publish_pypi: true + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set the release version + shell: bash + run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV + - name: Install Musl tools + if: matrix.install_musl + shell: bash + run: | + sudo apt-get update + sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ + musl-tools + - name: Install Rust toolchain + uses: dtolnay/rust-toolchain@stable + with: + targets: ${{ matrix.target }} + - name: Build + run: cargo build --release --locked --target ${{ matrix.target }} + - name: Prepare release assets + shell: bash + run: | + mkdir -p release/{man,completions} + cp {LICENSE-MIT,LICENSE-APACHE,README.md,CHANGELOG.md} release/ + OUT_DIR=release/completions/ cargo run --release --bin git-cliff-completions + OUT_DIR=release/man/ cargo run --release --bin git-cliff-mangen + for bin in 'git-cliff' 'git-cliff-completions' 'git-cliff-mangen'; do + if [ "${{ contains(matrix.os, 'windows') }}" = "true" ]; then + bin="${bin}.exe" + fi + cp "target/${{ matrix.target }}/release/${bin}" release/ + done + mv release/ git-cliff-${{ env.RELEASE_VERSION }}/ + - name: Create release artifacts + shell: bash + run: | + if [ "${{ contains(matrix.os, 'windows') }}" = "true" ]; then + 7z a -tzip "git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.zip" \ + git-cliff-${{ env.RELEASE_VERSION }}/ + else + tar -czvf git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz \ + git-cliff-${{ env.RELEASE_VERSION }}/ + shasum -a 512 git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz \ + > git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz.sha512 + fi + - name: Sign the release + if: contains(matrix.os, 'ubuntu') || contains(matrix.os, 'macos') + run: | + echo "${{ secrets.GPG_RELEASE_KEY }}" | base64 --decode > private.key + echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ + --passphrase-fd 0 --import private.key + echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ + --passphrase-fd 0 --detach-sign \ + git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz + - name: Build Python wheels (linux) + if: matrix.publish_pypi && startsWith(matrix.name, 'linux') + uses: PyO3/maturin-action@v1 + with: + working-directory: pypi + target: ${{ matrix.target }} + args: --release --sdist --out wheels + sccache: "true" + # https://github.com/PyO3/maturin-action/issues/245 + manylinux: ${{ matrix.target == 'aarch64-unknown-linux-gnu' && '2_28' || 'auto' }} + - name: Build Python wheels (macos & windows) + if: matrix.publish_pypi && (contains(matrix.os, 'macos') || contains(matrix.os, 'windows')) + uses: PyO3/maturin-action@v1 + with: + working-directory: pypi + target: ${{ matrix.target }} + args: --release --sdist --out wheels + sccache: "true" + - name: Build Python wheels (musl) + if: matrix.publish_pypi && matrix.install_musl + uses: PyO3/maturin-action@v1 + with: + working-directory: pypi + target: ${{ matrix.target }} + args: --release --sdist --out wheels + sccache: "true" + manylinux: musllinux_1_2 From 26fa9e04a4b45e69d98980df49569f6938a42c4a Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 16:43:10 -0700 Subject: [PATCH 02/12] ci: add concurrency and fix directory --- .github/workflows/build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f288cb347c..47a0d2d321 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,6 +3,10 @@ name: Build Check on: pull_request: +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: # checks that the build can run on all platforms # This is a copy of the publish-binaries job in cd.yml without any publishing steps. @@ -108,6 +112,7 @@ jobs: fi cp "target/${{ matrix.target }}/release/${bin}" release/ done + mkdir -p git-cliff-${{ env.RELEASE_VERSION }} mv release/ git-cliff-${{ env.RELEASE_VERSION }}/ - name: Create release artifacts shell: bash From e689eee49336f5ac1f10f1552dfa7b425c08c352 Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 16:48:40 -0700 Subject: [PATCH 03/12] ci: use stable in build instead of nightly --- .github/workflows/build.yml | 3 ++- rust-toolchain.toml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 47a0d2d321..57f3c6a8f5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -94,8 +94,9 @@ jobs: sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ musl-tools - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable + uses: dtolnay/rust-toolchain@master with: + toolchain: stable targets: ${{ matrix.target }} - name: Build run: cargo build --release --locked --target ${{ matrix.target }} diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 5d56faf9ae..292fe499e3 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,2 +1,2 @@ [toolchain] -channel = "nightly" +channel = "stable" From a92db0a8fe4358b87be63c3ab8a81c3ebae24bfc Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 16:52:00 -0700 Subject: [PATCH 04/12] ci: remove other workflows to speed up ci cycle time --- .github/workflows/cd.yml | 490 ---------------------------- .github/workflows/check-semver.yml | 53 --- .github/workflows/ci.yml | 245 -------------- .github/workflows/docker.yml | 92 ------ .github/workflows/test-fixtures.yml | 146 --------- .github/workflows/website.yml | 77 ----- 6 files changed, 1103 deletions(-) delete mode 100644 .github/workflows/cd.yml delete mode 100644 .github/workflows/check-semver.yml delete mode 100644 .github/workflows/ci.yml delete mode 100644 .github/workflows/docker.yml delete mode 100644 .github/workflows/test-fixtures.yml delete mode 100644 .github/workflows/website.yml diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml deleted file mode 100644 index b5379035ae..0000000000 --- a/.github/workflows/cd.yml +++ /dev/null @@ -1,490 +0,0 @@ -name: Continuous Deployment - -on: - push: - tags: - - "v*.*.*" - -jobs: - generate-changelog: - name: Generate changelog - runs-on: ubuntu-22.04 - outputs: - release_body: ${{ steps.git-cliff.outputs.content }} - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Generate a changelog - uses: orhun/git-cliff-action@main - id: git-cliff - with: - config: cliff.toml - args: -vv --latest --no-exec --github-repo ${{ github.repository }} - - publish-binaries: - name: Publish binaries - needs: generate-changelog - runs-on: ${{ matrix.build.os }} - strategy: - fail-fast: false - matrix: - build: - - { - NAME: linux-x64-glibc, - OS: ubuntu-22.04, - TOOLCHAIN: stable, - TARGET: x86_64-unknown-linux-gnu, - NPM_PUBLISH: true, - PYPI_PUBLISH: true, - } - - { - NAME: linux-x64-musl, - OS: ubuntu-22.04, - TOOLCHAIN: stable, - TARGET: x86_64-unknown-linux-musl, - NPM_PUBLISH: false, - PYPI_PUBLISH: true, - } - - { - NAME: linux-x86-glibc, - OS: ubuntu-22.04, - TOOLCHAIN: stable, - TARGET: i686-unknown-linux-gnu, - NPM_PUBLISH: false, - PYPI_PUBLISH: false, - } - - { - NAME: linux-x86-musl, - OS: ubuntu-22.04, - TOOLCHAIN: stable, - TARGET: i686-unknown-linux-musl, - NPM_PUBLISH: false, - PYPI_PUBLISH: true, - } - - { - NAME: linux-arm64-glibc, - OS: ubuntu-22.04, - TOOLCHAIN: stable, - TARGET: aarch64-unknown-linux-gnu, - NPM_PUBLISH: true, - PYPI_PUBLISH: true, - } - - { - NAME: linux-arm64-musl, - OS: ubuntu-22.04, - TOOLCHAIN: stable, - TARGET: aarch64-unknown-linux-musl, - NPM_PUBLISH: false, - PYPI_PUBLISH: true, - } - - { - NAME: win32-x64-mingw, - OS: windows-2022, - TOOLCHAIN: stable, - TARGET: x86_64-pc-windows-gnu, - NPM_PUBLISH: false, - PYPI_PUBLISH: false, - } - - { - NAME: win32-x64-msvc, - OS: windows-2022, - TOOLCHAIN: stable, - TARGET: x86_64-pc-windows-msvc, - NPM_PUBLISH: true, - PYPI_PUBLISH: true, - } - - { - NAME: win32-x86-msvc, - OS: windows-2022, - TOOLCHAIN: stable, - TARGET: i686-pc-windows-msvc, - NPM_PUBLISH: false, - PYPI_PUBLISH: true, - } - - { - NAME: win32-arm64-msvc, - OS: windows-2022, - TOOLCHAIN: stable, - TARGET: aarch64-pc-windows-msvc, - NPM_PUBLISH: true, - PYPI_PUBLISH: false, - } - - { - NAME: darwin-x64, - OS: macos-14, - TOOLCHAIN: stable, - TARGET: x86_64-apple-darwin, - NPM_PUBLISH: true, - PYPI_PUBLISH: true, - } - - { - NAME: darwin-arm64, - OS: macos-14, - TOOLCHAIN: stable, - TARGET: aarch64-apple-darwin, - NPM_PUBLISH: true, - PYPI_PUBLISH: true, - } - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set the release version - shell: bash - run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV - - name: Install dependencies - shell: bash - run: | - if [[ "${{ matrix.build.NAME }}" = *"-musl" ]]; then - sudo apt-get update - sudo apt-get install -y --no-install-recommends \ - --allow-unauthenticated musl-tools - fi - - name: Install Rust toolchain - uses: actions-rs/toolchain@v1 - with: - toolchain: ${{ matrix.build.TOOLCHAIN }} - target: ${{ matrix.build.TARGET }} - override: true - - name: Build (linux/macos) - if: matrix.build.OS != 'windows-2022' - uses: actions-rs/cargo@v1 - with: - use-cross: true - command: build - args: --release --locked --target ${{ matrix.build.TARGET }} - - name: Build (windows) - if: matrix.build.OS == 'windows-2022' - uses: actions-rs/cargo@v1 - with: - command: build - args: --release --locked --target ${{ matrix.build.TARGET }} # --no-default-features - - name: Prepare release assets - shell: bash - run: | - mkdir -p release/{man,completions} - cp {LICENSE-MIT,LICENSE-APACHE,README.md,CHANGELOG.md} release/ - OUT_DIR=release/completions/ cargo run --release --bin git-cliff-completions - OUT_DIR=release/man/ cargo run --release --bin git-cliff-mangen - for bin in 'git-cliff' 'git-cliff-completions' 'git-cliff-mangen'; do - if [ "${{ matrix.build.OS }}" = "windows-2022" ]; then - bin="${bin}.exe" - fi - cp "target/${{ matrix.build.TARGET }}/release/${bin}" release/ - done - mv release/ git-cliff-${{ env.RELEASE_VERSION }}/ - - name: Create release artifacts - shell: bash - run: | - if [ "${{ matrix.build.OS }}" = "windows-2022" ]; then - 7z a -tzip "git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.build.TARGET }}.zip" \ - git-cliff-${{ env.RELEASE_VERSION }}/ - else - tar -czvf git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.build.TARGET }}.tar.gz \ - git-cliff-${{ env.RELEASE_VERSION }}/ - shasum -a 512 git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.build.TARGET }}.tar.gz \ - > git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.build.TARGET }}.tar.gz.sha512 - fi - - name: Sign the release - if: matrix.build.OS == 'ubuntu-22.04' || matrix.build.OS == 'macos-14' - run: | - echo "${{ secrets.GPG_RELEASE_KEY }}" | base64 --decode > private.key - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ - --passphrase-fd 0 --import private.key - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ - --passphrase-fd 0 --detach-sign \ - git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.build.TARGET }}.tar.gz - - name: Publish to GitHub - if: ${{ !contains(github.ref, '-') }} - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.build.TARGET }}* - file_glob: true - overwrite: true - tag: ${{ github.ref }} - release_name: "Release v${{ env.RELEASE_VERSION }}" - body: "${{ needs.generate-changelog.outputs.release_body }}" - - name: Publish to GitHub (pre-release) - if: ${{ contains(github.ref, '-') }} - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.build.TARGET }}* - file_glob: true - overwrite: true - tag: ${{ github.ref }} - release_name: "Pre-release v${{ env.RELEASE_VERSION }}" - prerelease: true - - name: Install node - if: matrix.build.NPM_PUBLISH == true - uses: actions/setup-node@v4 - with: - node-version: 18 - registry-url: "https://registry.npmjs.org" - - name: Publish to NPM - if: matrix.build.NPM_PUBLISH == true - shell: bash - run: | - cd npm - bin="git-cliff" - node_os=$(echo "${{ matrix.build.NAME }}" | cut -d '-' -f1) - export node_os - node_arch=$(echo "${{ matrix.build.NAME }}" | cut -d '-' -f2) - export node_arch - export version="${{ env.RELEASE_VERSION }}" - if [ "${{ matrix.build.OS }}" = "windows-2022" ]; then - export node_pkg="${bin}-windows-${node_arch}" - else - export node_pkg="${bin}-${node_os}-${node_arch}" - fi - mkdir -p "${node_pkg}/bin" - envsubst < package.json.tmpl > "${node_pkg}/package.json" - if [ "${{ matrix.build.OS }}" = "windows-2022" ]; then - bin="${bin}.exe" - fi - cp "../target/${{ matrix.build.TARGET }}/release/${bin}" "${node_pkg}/bin" - cp ../README.md "${node_pkg}" - cd "${node_pkg}" - npm publish - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - name: Build Python wheels (linux) - if: matrix.build.PYPI_PUBLISH == true && startsWith(matrix.build.NAME, 'linux') - uses: PyO3/maturin-action@v1 - with: - working-directory: pypi - target: ${{ matrix.build.TARGET }} - args: --release --sdist --out wheels - sccache: "true" - # https://github.com/PyO3/maturin-action/issues/245 - manylinux: ${{ matrix.build.TARGET == 'aarch64-unknown-linux-gnu' && '2_28' || 'auto' }} - - name: Build Python wheels (macos & windows) - if: | - matrix.build.PYPI_PUBLISH == true && - (startsWith(matrix.build.OS, 'macos') || startsWith(matrix.build.OS, 'windows')) - uses: PyO3/maturin-action@v1 - with: - working-directory: pypi - target: ${{ matrix.build.TARGET }} - args: --release --sdist --out wheels - sccache: "true" - - name: Build Python wheels (musl) - if: matrix.build.PYPI_PUBLISH == true && endsWith(matrix.build.OS, 'musl') - uses: PyO3/maturin-action@v1 - with: - working-directory: pypi - target: ${{ matrix.build.TARGET }} - args: --release --sdist --out wheels - sccache: "true" - manylinux: musllinux_1_2 - - name: Upload Python wheels - uses: actions/upload-artifact@v4 - with: - name: "wheels-${{ matrix.build.TARGET }}" - working-directory: pypi - path: pypi/wheels - - publish-npm: - name: Publish the base package to NPM - needs: publish-binaries - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Install node - uses: actions/setup-node@v4 - with: - node-version: 18 - registry-url: "https://registry.npmjs.org" - - name: Publish the package - shell: bash - working-directory: npm/git-cliff - run: | - yarn config set npmAuthToken ${NODE_AUTH_TOKEN} - yarn config set npmPublishRegistry "https://registry.npmjs.org" - yarn install - yarn build - cp ../../README.md . - cp ../../CHANGELOG.md . - if [ ${{ contains(github.ref, '-') }} = "true" ]; then - yarn npm publish --tag rc - else - yarn npm publish - fi - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - YARN_ENABLE_IMMUTABLE_INSTALLS: false - - publish-pypi: - name: Publish PyPI package - runs-on: ubuntu-22.04 - needs: publish-binaries - steps: - - uses: actions/download-artifact@v4 - with: - path: pypi/wheels - pattern: wheels-* - merge-multiple: true - - name: Publish to PyPI - uses: PyO3/maturin-action@v1 - env: - MATURIN_PYPI_TOKEN: ${{ vars.USE_TESTPYPI == 'true' && secrets.TESTPYPI_API_TOKEN || secrets.PYPI_API_TOKEN }} - MATURIN_REPOSITORY: ${{ vars.USE_TESTPYPI == 'true' && 'testpypi' || 'pypi' }} - with: - command: upload - args: --skip-existing pypi/wheels/* - - publish-deb: - name: Publish Debian package - needs: generate-changelog - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set the release version - shell: bash - run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV - - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable - with: - targets: x86_64-unknown-linux-gnu - - name: Install cargo-deb - run: cargo install cargo-deb - - name: Build Debian package - run: | - # https://github.com/kornelski/cargo-deb/pull/62 - sed "/readme = (.*)/d" -E -i git-cliff/Cargo.toml - cargo build --release --locked -p git-cliff - mkdir man/ - OUT_DIR=man cargo run --bin git-cliff-mangen - mkdir completions - OUT_DIR=completions cargo run --bin git-cliff-completions - cargo-deb --deb-revision="" --strip -p git-cliff -v -o git-cliff-${{ env.RELEASE_VERSION }}.deb - - name: Sign the package - run: | - echo "${{ secrets.GPG_RELEASE_KEY }}" | base64 --decode > private.key - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ - --passphrase-fd 0 --import private.key - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ - --passphrase-fd 0 --detach-sign \ - git-cliff-${{ env.RELEASE_VERSION }}.deb - - name: Upload the release - if: ${{ !contains(github.ref, '-') }} - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: git-cliff-${{ env.RELEASE_VERSION }}.deb - tag: ${{ github.ref }} - release_name: "Release v${{ env.RELEASE_VERSION }}" - body: "${{ needs.generate-changelog.outputs.release_body }}" - - name: Upload the pre-release - if: ${{ contains(github.ref, '-') }} - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: git-cliff-${{ env.RELEASE_VERSION }}.deb - tag: ${{ github.ref }} - release_name: "Pre-release v${{ env.RELEASE_VERSION }}" - prerelease: true - - publish-rpm: - name: Publish RPM package - needs: generate-changelog - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set the release version - shell: bash - run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV - - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable - with: - targets: x86_64-unknown-linux-gnu - - name: Install cargo-generate-rpm - run: cargo install cargo-generate-rpm - - name: Build RPM package - run: | - cargo build --release --locked -p git-cliff - mkdir man/ - OUT_DIR=man cargo run --bin git-cliff-mangen - mkdir completions - OUT_DIR=completions cargo run --bin git-cliff-completions - cargo generate-rpm -p git-cliff -o git-cliff-${{ env.RELEASE_VERSION }}.x86_64.rpm - - name: Sign the package - run: | - echo "${{ secrets.GPG_RELEASE_KEY }}" | base64 --decode > private.key - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ - --passphrase-fd 0 --import private.key - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ - --passphrase-fd 0 --detach-sign \ - git-cliff-${{ env.RELEASE_VERSION }}.x86_64.rpm - - name: Upload the release - if: ${{ !contains(github.ref, '-') }} - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: git-cliff-${{ env.RELEASE_VERSION }}.x86_64.rpm - tag: ${{ github.ref }} - release_name: "Release v${{ env.RELEASE_VERSION }}" - body: "${{ needs.generate-changelog.outputs.release_body }}" - - name: Upload the pre-release - if: ${{ contains(github.ref, '-') }} - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: git-cliff-${{ env.RELEASE_VERSION }}.x86_64.rpm - tag: ${{ github.ref }} - release_name: "Pre-release v${{ env.RELEASE_VERSION }}" - prerelease: true - - publish-crates-io: - name: Publish on crates.io - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set the release version - run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV - - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable - with: - targets: x86_64-unknown-linux-gnu - - name: Prepare for the crates.io release - run: | - mkdir git-cliff-core/config/ - cp config/cliff.toml git-cliff-core/config/ - sed -i 's|"../config/"|"config/"|' git-cliff-core/src/embed.rs - mkdir git-cliff-core/examples/ - cp -r examples git-cliff-core - sed -i 's|"../examples/"|"examples/"|' git-cliff-core/src/embed.rs - - name: Publish the library - run: | - cargo publish --allow-dirty --manifest-path git-cliff-core/Cargo.toml \ - --locked --token ${{ secrets.CARGO_TOKEN }} - - name: Wait for library to update - shell: bash - run: | - crate_status="https://raw.githubusercontent.com/rust-lang/crates.io-index/master/gi/t-/git-cliff-core" - until curl -s "$crate_status" | grep -q '"vers":"${{ env.RELEASE_VERSION }}"'; do sleep 5; done; - - name: Publish the binary - run: | - cargo publish --allow-dirty --manifest-path git-cliff/Cargo.toml \ - --locked --token ${{ secrets.CARGO_TOKEN }} - - publish-homebrew: - name: Publish Homebrew formula - if: ${{ !contains(github.ref, '-') }} - runs-on: ubuntu-22.04 - permissions: - contents: read - steps: - - name: Bump formula - uses: mislav/bump-homebrew-formula-action@v3.4 - with: - formula-name: git-cliff - formula-path: Formula/g/git-cliff.rb - env: - COMMITTER_TOKEN: ${{ secrets.HOMEBREW_COMMITTER_TOKEN }} diff --git a/.github/workflows/check-semver.yml b/.github/workflows/check-semver.yml deleted file mode 100644 index acaf111299..0000000000 --- a/.github/workflows/check-semver.yml +++ /dev/null @@ -1,53 +0,0 @@ -name: Check Semver - -# on: -# pull_request: -# branches: -# - main - -on: workflow_dispatch - -jobs: - check-semver: - name: Check semver - runs-on: ubuntu-latest - outputs: - error_message: ${{ steps.check_semver.outputs.error_message }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Run cargo-semver-checks - id: check_semver - uses: orhun/cargo-semver-checks-action@feat/add_action_output - - comment-on-pr: - name: Comment on pull request - runs-on: ubuntu-latest - needs: check-semver - if: always() - permissions: - pull-requests: write - steps: - - name: Comment - if: ${{ needs.check-semver.outputs.error_message != null }} - uses: marocchino/sticky-pull-request-comment@v2 - with: - header: pr-semver-check-error - message: | - Thank you for opening this pull request! - - Reviewer note: [cargo-semver-checks](https://github.com/obi1kenobi/cargo-semver-checks) reported the current version number is not SemVer-compatible with the changes made since the last release. - - Details: - - ``` - ${{ needs.check-semver.outputs.error_message }} - ``` - - - name: Delete comment - if: ${{ needs.check-semver.outputs.error_message == null }} - uses: marocchino/sticky-pull-request-comment@v2 - with: - header: pr-semver-check-error - delete: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index a4f8bee898..0000000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,245 +0,0 @@ -name: Continuous Integration - -on: - pull_request: - push: - branches: - - main - - staging # for bors - - trying # for bors - schedule: - - cron: "0 0 * * 0" - -permissions: - pull-requests: write - -jobs: - check: - name: Check - runs-on: ubuntu-22.04 - steps: - - name: Install toolchain - uses: dtolnay/rust-toolchain@stable - - name: Checkout - uses: actions/checkout@v4 - - name: Check - uses: actions-rs/cargo@v1 - with: - command: check - args: --locked --verbose - - name: Check without default features - uses: actions-rs/cargo@v1 - with: - command: check - args: --locked --no-default-features --verbose - - typos: - name: Typos - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Check typos - uses: crate-ci/typos@master - - test: - name: Test suite - runs-on: ubuntu-22.04 - steps: - - name: Install toolchain - uses: dtolnay/rust-toolchain@nightly - - name: Checkout - if: github.event_name != 'pull_request' - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Checkout - if: github.event_name == 'pull_request' - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 0 - - name: Setup cargo-tarpaulin - uses: taiki-e/install-action@cargo-tarpaulin - - name: Run tests - run: | - cargo test --no-default-features \ - -- --skip "repo::test::git_upstream_remote" - - name: Run tests - run: | - cargo tarpaulin --out xml --verbose --all-features \ - -- --skip "repo::test::git_upstream_remote" - - name: Upload reports to codecov - uses: codecov/codecov-action@v5 - with: - name: code-coverage-report - file: cobertura.xml - flags: unit-tests - fail_ci_if_error: true - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - clippy: - name: Lints - runs-on: ubuntu-22.04 - steps: - - name: Install toolchain - uses: dtolnay/rust-toolchain@nightly - with: - components: clippy - - name: Checkout - uses: actions/checkout@v4 - - name: Check the lints - uses: actions-rs/cargo@v1 - with: - command: clippy - args: --tests --verbose -- -D warnings - - name: Check the pedantic lints - uses: actions-rs/cargo@v1 - with: - command: clippy - args: --all-targets --verbose -- -W clippy::pedantic - - rustfmt: - name: Formatting - runs-on: ubuntu-22.04 - steps: - - name: Install toolchain - uses: dtolnay/rust-toolchain@nightly - with: - components: rustfmt - - name: Checkout - uses: actions/checkout@v4 - - name: Check the formatting - uses: actions-rs/cargo@v1 - with: - command: fmt - args: --all -- --check --verbose - - doctest: - name: Doctests - runs-on: ubuntu-22.04 - steps: - - name: Install toolchain - uses: dtolnay/rust-toolchain@nightly - with: - components: rustfmt - - name: Checkout - uses: actions/checkout@v4 - - name: Check the formatting - uses: actions-rs/cargo@v1 - with: - command: test - args: --doc - - lychee: - name: Links - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Check the links - uses: lycheeverse/lychee-action@v2 - with: - args: -v --max-concurrency 1 *.md website/docs/* website/blog/* - fail: true - token: ${{ secrets.GITHUB_TOKEN }} - - msrv: - name: Check Rust version - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Install cargo-binstall - uses: taiki-e/install-action@cargo-binstall - - name: Install cargo-msrv - run: cargo binstall -y cargo-msrv - - name: Run cargo-msrv - shell: bash - run: | - for package in "git-cliff" "git-cliff-core"; do - printf "Checking MSRV for $package..." - cargo msrv --output-format json --path "$package" verify | tail -n 1 | jq --exit-status '.success' - done - - tarball: - name: Check NodeJS tarball - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Install node - uses: actions/setup-node@v4 - with: - node-version: 18 - registry-url: "https://registry.npmjs.org" - - name: Validate the files in the tarball - shell: bash - working-directory: npm/git-cliff - run: | - yarn install - yarn build - cp ../../README.md . - cp ../../CHANGELOG.md . - - files_expected_in_tarball=( - "CHANGELOG.md" - "README.md" - "lib/cjs/index.cjs" - "lib/cjs/index.cjs.map" - "lib/cjs/index.d.cts" - "lib/cli/cli.js" - "lib/esm/index.d.ts" - "lib/esm/index.js" - "lib/esm/index.js.map" - "package.json" - ) - - tarball_output=$(yarn pack --dry-run) - - for file in "${files_expected_in_tarball[@]}"; do - if [[ ! "$tarball_output" == *"$file"* ]]; then - echo "Error: Expected file '$file' not found in tarball." - exit 1 - fi - done - - profiler: - name: Run profiler - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Install toolchain - uses: dtolnay/rust-toolchain@stable - - name: Run profiler - run: cargo run --profile bench --features profiler -- --no-exec - - name: Upload report - uses: actions/upload-artifact@v4 - with: - name: git-cliff.${{ github.run_id }}-profiler-report - path: git-cliff.**.flamegraph.svg - - nix-flake: - name: Build Nix flake - runs-on: ubuntu-latest - steps: - - name: Checkout the repository - uses: actions/checkout@v4 - - - name: Install Nix - uses: nixbuild/nix-quick-install-action@v29 - - - name: Restore and cache Nix store - uses: nix-community/cache-nix-action@v5 - with: - primary-key: nix-${{ runner.os }}-${{ hashFiles('**/*.nix') }} - restore-prefixes-first-match: nix-${{ runner.os }}- - gc-max-store-size-linux: 1073741824 - purge: false - - - name: Check Nix flake - run: nix flake check --all-systems -Lv --show-trace diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index b00e6d74a3..0000000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,92 +0,0 @@ -name: Docker Automated Builds - -on: - push: - branches: - - main - tags: - - "v*.*.*" - pull_request: - branches: - - main - schedule: - - cron: "0 0 * * 0" - -jobs: - docker: - name: Docker Build and Push - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - orhunp/git-cliff - ghcr.io/${{ github.repository_owner }}/git-cliff/git-cliff - tags: | - type=schedule - type=ref,event=branch - type=ref,event=pr - type=sha - type=raw,value=latest - type=semver,pattern={{version}} - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: arm64 - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v3 - - - name: Cache Docker layers - uses: actions/cache@v4 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - - name: Login to Docker Hub - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - - name: Login to GHCR - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push - id: docker_build - uses: docker/build-push-action@v6 - with: - context: ./ - file: ./Dockerfile - platforms: linux/amd64,linux/arm64 - builder: ${{ steps.buildx.outputs.name }} - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - sbom: true - provenance: true - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache - - - name: Scan the image - uses: anchore/sbom-action@v0 - with: - image: ghcr.io/${{ github.repository_owner }}/git-cliff/git-cliff - - - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/.github/workflows/test-fixtures.yml b/.github/workflows/test-fixtures.yml deleted file mode 100644 index c61c7c54c0..0000000000 --- a/.github/workflows/test-fixtures.yml +++ /dev/null @@ -1,146 +0,0 @@ -name: Test fixtures - -on: - push: - branches: - - main - pull_request: - branches: - - main - -jobs: - test-fixtures: - name: Test fixtures - runs-on: ubuntu-22.04 - strategy: - fail-fast: false - matrix: - include: - - fixtures-name: new-fixture-template - - fixtures-name: test-github-integration - - fixtures-name: test-github-integration-custom-range - command: v1.0.0..v1.0.1 - - fixtures-name: test-gitlab-integration - - fixtures-name: test-gitlab-integration-custom-range - command: 9f66ac0f76..89de5e8e50 - - fixtures-name: test-gitea-integration - - fixtures-name: test-gitea-integration-custom-range - command: 5ed596d935..c074c439b5 - - fixtures-name: test-bitbucket-integration - - fixtures-name: test-bitbucket-integration-custom-range - command: v1.0.0..v1.0.1 - - fixtures-name: test-ignore-tags - - fixtures-name: test-invert-ignore-tags - - fixtures-name: test-topo-order - command: --latest - - fixtures-name: test-date-order - command: --latest - - fixtures-name: test-topo-order-arg - command: --latest --topo-order - - fixtures-name: test-latest-with-one-tag - command: --latest - - fixtures-name: test-commit-footers - - fixtures-name: test-commit-preprocessors - - fixtures-name: test-conventional-commit - - fixtures-name: test-custom-scope - - fixtures-name: test-limit-commits - - fixtures-name: test-skip-breaking-changes - - fixtures-name: test-split-commits - - fixtures-name: test-bump-version - command: --bump - - fixtures-name: test-bump-version-major - command: --bump major - - fixtures-name: test-bump-version-minor - command: --bump minor - - fixtures-name: test-bump-version-patch - command: --bump patch - - fixtures-name: test-bump-version-custom-minor - command: --bump - - fixtures-name: test-bumped-version - command: --bumped-version - - fixtures-name: test-footer-template - - fixtures-name: test-keep-a-changelog-links - - fixtures-name: test-keep-a-changelog-links-current-arg - command: --current - - fixtures-name: test-keep-a-changelog-links-current-arg - command: --latest - - fixtures-name: test-keep-a-changelog-links-latest-arg - command: --latest - - fixtures-name: test-keep-a-changelog-links-no-tags - - fixtures-name: test-keep-a-changelog-links-no-tags - command: --unreleased - - fixtures-name: test-keep-a-changelog-links-no-tags - command: --latest - - fixtures-name: test-keep-a-changelog-links-no-tags - command: --current - - fixtures-name: test-keep-a-changelog-links-one-tag - - fixtures-name: test-keep-a-changelog-links-tag-arg - command: --tag v0.3.0 - - fixtures-name: test-keep-a-changelog-links-unreleased-arg - command: --unreleased - - fixtures-name: test-keep-a-changelog-links-unreleased-arg - command: --latest --unreleased - - fixtures-name: test-keep-a-changelog-links-one-tag-bump-arg - command: --bump - - fixtures-name: test-skip-commits - command: --skip-commit ad27b43e8032671afb4809a1a3ecf12f45c60e0e - - fixtures-name: test-no-exec - command: --no-exec - - fixtures-name: test-custom-tag-pattern - command: --tag-pattern "alpha.*" - - fixtures-name: test-configure-from-cargo-toml - - fixtures-name: test-bump-initial-tag - command: --bump - - fixtures-name: test-bump-initial-tag-default - command: --bump - - fixtures-name: test-bump-initial-tag-cli-arg - command: --bump --tag=2.1.1 - - fixtures-name: test-cli-arg-ignore-tags - command: --ignore-tags ".*beta" - - fixtures-name: test-tag-message - - fixtures-name: test-bump-unreleased-with-tag-message-arg - command: --bump --unreleased --with-tag-message "Some text" - - fixtures-name: test-from-context - command: --from-context context.json - - fixtures-name: test-from-context-does-not-discard-fields - command: --from-context context.json - - fixtures-name: test-always-render-unreleased - command: --unreleased - - fixtures-name: test-always-render - command: --unreleased --tag v0.2.0 - - fixtures-name: test-unchanged-tag-date - command: --tag v0.2.0 - - fixtures-name: test-custom-remote-api-url - command: v1.4.0..v1.4.1 - - fixtures-name: test-monorepo-include-path - command: v2.6.1..v2.7.0 --include-path .github/fixtures/ - - fixtures-name: test-require-conventional-negative - - fixtures-name: test-require-conventional-skipped - - fixtures-name: test-submodules - - fixtures-name: test-submodules-range - command: v0.1.0..HEAD - - fixtures-name: test-submodules-include-path - command: --include-path submodule_two - - fixtures-name: test-submodules-include-path-config - - fixtures-name: test-remote-config - command: --config-url "https://github.com/orhun/git-cliff/blob/main/.github/fixtures/new-fixture-template/cliff.toml?raw=true" - - fixtures-name: test-topo-order-commits - - fixtures-name: test-commit-range - - fixtures-name: test-commit-range-with-sort-commits - - fixtures-name: test-commit-range-with-given-range - command: a140cef^..a9d4050 --ignore-tags "." - - fixtures-name: test-override-scope - - fixtures-name: test-regex-json-array - - fixtures-name: test-release-statistics - previous-release-timestamp: "2022-04-06 01:25:12" - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Run a fixtures test - uses: ./.github/actions/run-fixtures-test - with: - fixtures-dir: .github/fixtures/${{ matrix.fixtures-name }} - command: ${{ matrix.command }} - previous-release-timestamp: ${{ matrix.previous-release-timestamp }} diff --git a/.github/workflows/website.yml b/.github/workflows/website.yml deleted file mode 100644 index bead6ccf6d..0000000000 --- a/.github/workflows/website.yml +++ /dev/null @@ -1,77 +0,0 @@ -name: Deploy website - -on: - push: - branches: - - main - tags: - - "v*.*.*" - pull_request: - branches: - - main - workflow_dispatch: - -permissions: - contents: read - pages: write - id-token: write - -concurrency: - group: "pages" - cancel-in-progress: true - -env: - NODE_OPTIONS: --max-old-space-size=6144 - -jobs: - test-deploy: - name: Test deployment - if: ${{ !startsWith(github.ref, 'refs/tags/v') }} - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set up Node.js - uses: actions/setup-node@v4 - with: - node-version: 18 - cache: yarn - cache-dependency-path: ./website/package-lock.json - - name: Install dependencies - working-directory: ./website - run: yarn install --frozen-lockfile --non-interactive - - name: Build - working-directory: ./website - run: yarn build - - deploy: - name: Deploy website - if: ${{ startsWith(github.ref, 'refs/tags/v') || github.event_name == 'workflow_dispatch' }} - runs-on: ubuntu-22.04 - environment: - name: github-pages - url: ${{ steps.deployment.outputs.page_url }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Set up Node.js - uses: actions/setup-node@v4 - with: - node-version: 18 - cache: yarn - cache-dependency-path: ./website/package-lock.json - - name: Install dependencies - working-directory: ./website - run: yarn install --frozen-lockfile --non-interactive - - name: Build - working-directory: ./website - run: yarn build - - name: Setup Pages - uses: actions/configure-pages@v5 - - name: Upload artifact - uses: actions/upload-pages-artifact@v3 - with: - path: website/build - - name: Deploy to GitHub Pages - id: deployment - uses: actions/deploy-pages@v4 From ac7e5b6baf6698b378b6658f2dc8fde8ec4ca11c Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 16:59:36 -0700 Subject: [PATCH 05/12] ci: remove the sign release step --- .github/workflows/build.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 57f3c6a8f5..1ab9cb3e09 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -127,15 +127,6 @@ jobs: shasum -a 512 git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz \ > git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz.sha512 fi - - name: Sign the release - if: contains(matrix.os, 'ubuntu') || contains(matrix.os, 'macos') - run: | - echo "${{ secrets.GPG_RELEASE_KEY }}" | base64 --decode > private.key - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ - --passphrase-fd 0 --import private.key - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --pinentry-mode=loopback \ - --passphrase-fd 0 --detach-sign \ - git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz - name: Build Python wheels (linux) if: matrix.publish_pypi && startsWith(matrix.name, 'linux') uses: PyO3/maturin-action@v1 From 28e9815eff33bae373e7ce3e298676477256ccf8 Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 17:02:34 -0700 Subject: [PATCH 06/12] ci: add 32 bit tools --- .github/workflows/build.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1ab9cb3e09..143ff4cc30 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -33,6 +33,7 @@ jobs: target: i686-unknown-linux-gnu publish_npm: false publish_pypi: false + install_32_bit_tools: true - name: linux-x86-musl os: ubuntu-latest target: i686-unknown-linux-musl @@ -93,6 +94,16 @@ jobs: sudo apt-get update sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ musl-tools + - name: Install 32-bit tools + if: matrix.install_32_bit_tools + # TODO work out which of these are actually needed + # https://stackoverflow.com/questions/53496847/rust-compile-x86-library-on-x86-64-machine + # https://stackoverflow.com/questions/22355436/how-to-compile-32-bit-apps-on-64-bit-ubuntu + # CoPilot added libc6-dev-i386, so I'm not sure if it's needed + run: | + sudo apt-get update + sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ + gcc-multilib g++-multilib libc6-dev-i386 - name: Install Rust toolchain uses: dtolnay/rust-toolchain@master with: From 36dd935ac6246a299079e9e1d53088ea4f612459 Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 17:10:46 -0700 Subject: [PATCH 07/12] ci: add 32 bit tools for x86 musl build --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 143ff4cc30..46dd462566 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -40,6 +40,7 @@ jobs: publish_npm: false publish_pypi: true install_musl: true + install_32_bit_tools: true - name: linux-arm64-glibc os: ubuntu-24.04-arm target: aarch64-unknown-linux-gnu From 9343acb0a247590c78962b30954d69473d3de305 Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 18:47:13 -0700 Subject: [PATCH 08/12] ci: add extra settings for i686 musl --- .github/workflows/build.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 46dd462566..85c9b91225 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -41,6 +41,9 @@ jobs: publish_pypi: true install_musl: true install_32_bit_tools: true + # https://github.com/briansmith/ring/blob/77f7d2045f19ab8bd1d9efa4c741d40c64518bcc/mk/cargo.sh#L124 + extra_cmd: | + export CARGO_TARGET_I686_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" - name: linux-arm64-glibc os: ubuntu-24.04-arm target: aarch64-unknown-linux-gnu @@ -111,7 +114,9 @@ jobs: toolchain: stable targets: ${{ matrix.target }} - name: Build - run: cargo build --release --locked --target ${{ matrix.target }} + run: | + ${{ matrix.extra_cmd || '' }} + cargo build --release --locked --target ${{ matrix.target }} - name: Prepare release assets shell: bash run: | From 7c7bcf1ce3bc8325080b960c6b715d23d7c1870b Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 18:58:28 -0700 Subject: [PATCH 09/12] ci: add CC and AR vars for x86 musl --- .github/workflows/build.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 85c9b91225..9aaf33a4d0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -41,9 +41,13 @@ jobs: publish_pypi: true install_musl: true install_32_bit_tools: true - # https://github.com/briansmith/ring/blob/77f7d2045f19ab8bd1d9efa4c741d40c64518bcc/mk/cargo.sh#L124 + install_clang: true extra_cmd: | + # https://github.com/briansmith/ring/blob/77f7d2045f19ab8bd1d9efa4c741d40c64518bcc/mk/cargo.sh#L124 export CARGO_TARGET_I686_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" + # https://github.com/briansmith/ring/blob/77f7d2045f19ab8bd1d9efa4c741d40c64518bcc/mk/cargo.sh#L288 + export CC_i686_unknown_linux_musl="clang-19" + export AR_i686_unknown_linux_musl="llvm-ar-19" - name: linux-arm64-glibc os: ubuntu-24.04-arm target: aarch64-unknown-linux-gnu @@ -108,6 +112,12 @@ jobs: sudo apt-get update sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ gcc-multilib g++-multilib libc6-dev-i386 + - name: Install Clang + if: matrix.install_clang + run: | + sudo apt-get update + sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ + clang-19 llvm-19 - name: Install Rust toolchain uses: dtolnay/rust-toolchain@master with: From 9a250ac101154961948b4c7621b21fac1a909889 Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 23:15:42 -0700 Subject: [PATCH 10/12] ci: simplify matrix a bit --- .github/workflows/build.yml | 143 +++++++++++++++--------------------- 1 file changed, 58 insertions(+), 85 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9aaf33a4d0..36c65907b2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,117 +16,90 @@ jobs: strategy: fail-fast: false matrix: + target: + - x86_64-unknown-linux-gnu + - x86_64-unknown-linux-musl + - i686-unknown-linux-gnu + - i686-unknown-linux-musl + - aarch64-unknown-linux-gnu + - aarch64-unknown-linux-musl + - x86_64-pc-windows-gnu + - x86_64-pc-windows-msvc + - i686-pc-windows-msvc + - aarch64-pc-windows-msvc + - x86_64-apple-darwin + - aarch64-apple-darwin include: - - name: linux-x64-glibc + - target: x86_64-unknown-linux-gnu os: ubuntu-latest - target: x86_64-unknown-linux-gnu - publish_npm: true - publish_pypi: true - - name: linux-x64-musl + publish-npm: true + publish-pypi: true + - target: x86_64-unknown-linux-musl os: ubuntu-latest - target: x86_64-unknown-linux-musl - publish_npm: false - publish_pypi: true - install_musl: true - - name: linux-x86-glibc + publish-pypi: true + - target: i686-unknown-linux-gnu os: ubuntu-latest - target: i686-unknown-linux-gnu - publish_npm: false - publish_pypi: false - install_32_bit_tools: true - - name: linux-x86-musl + - target: i686-unknown-linux-musl os: ubuntu-latest - target: i686-unknown-linux-musl - publish_npm: false - publish_pypi: true - install_musl: true - install_32_bit_tools: true - install_clang: true - extra_cmd: | - # https://github.com/briansmith/ring/blob/77f7d2045f19ab8bd1d9efa4c741d40c64518bcc/mk/cargo.sh#L124 - export CARGO_TARGET_I686_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" - # https://github.com/briansmith/ring/blob/77f7d2045f19ab8bd1d9efa4c741d40c64518bcc/mk/cargo.sh#L288 - export CC_i686_unknown_linux_musl="clang-19" - export AR_i686_unknown_linux_musl="llvm-ar-19" - - name: linux-arm64-glibc + publish-pypi: true + - target: aarch64-unknown-linux-gnu os: ubuntu-24.04-arm - target: aarch64-unknown-linux-gnu - publish_npm: true - publish_pypi: true - - name: linux-arm64-musl + publish-npm: true + publish-pypi: true + - target: aarch64-unknown-linux-musl os: ubuntu-24.04-arm - target: aarch64-unknown-linux-musl - publish_npm: false - publish_pypi: true - install_musl: true - - name: win32-x64-mingw + publish-pypi: true + - target: x86_64-pc-windows-gnu os: windows-latest - target: x86_64-pc-windows-gnu - publish_npm: false - publish_pypi: false - - name: win32-x64-msvc + publish-npm: false + publish-pypi: false + - target: x86_64-pc-windows-msvc os: windows-latest - target: x86_64-pc-windows-msvc - publish_npm: true - publish_pypi: true - - name: win32-x86-msvc + publish-npm: true + publish-pypi: true + - target: i686-pc-windows-msvc os: windows-latest - target: i686-pc-windows-msvc - publish_npm: false - publish_pypi: true - - name: win32-arm64-msvc + publish-pypi: true + - target: aarch64-pc-windows-msvc os: windows-11-arm - target: aarch64-pc-windows-msvc - publish_npm: true - publish_pypi: false - - name: darwin-x64 + publish-npm: true + - target: x86_64-apple-darwin os: macos-13 - target: x86_64-apple-darwin - publish_npm: true - publish_pypi: true - - name: darwin-arm64 + publish-npm: true + publish-pypi: true + - target: aarch64-apple-darwin os: macos-latest - target: aarch64-apple-darwin - publish_npm: true - publish_pypi: true + publish-npm: true + publish-pypi: true steps: - name: Checkout uses: actions/checkout@v4 - name: Set the release version shell: bash run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV + - name: Update apt + if: matrix.os == 'ubuntu-latest' || matrix.os == 'ubuntu-24.04-arm' + run: sudo apt-get update - name: Install Musl tools - if: matrix.install_musl - shell: bash - run: | - sudo apt-get update - sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ - musl-tools + if: endsWith(matrix.target, 'musl') + run: sudo apt-get install -yq --no-install-recommends --allow-unauthenticated musl-tools - name: Install 32-bit tools - if: matrix.install_32_bit_tools - # TODO work out which of these are actually needed - # https://stackoverflow.com/questions/53496847/rust-compile-x86-library-on-x86-64-machine - # https://stackoverflow.com/questions/22355436/how-to-compile-32-bit-apps-on-64-bit-ubuntu - # CoPilot added libc6-dev-i386, so I'm not sure if it's needed - run: | - sudo apt-get update - sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ - gcc-multilib g++-multilib libc6-dev-i386 + if: startsWith(matrix.target, 'i686-unknown-linux-') + run: sudo apt-get install -yq --no-install-recommends --allow-unauthenticated gcc-multilib - name: Install Clang - if: matrix.install_clang + if: matrix.target == 'i686-unknown-linux-musl' run: | - sudo apt-get update - sudo apt-get install -y --no-install-recommends --allow-unauthenticated \ - clang-19 llvm-19 + sudo apt-get install -yq --no-install-recommends --allow-unauthenticated clang-19 llvm-19 + echo "CARGO_TARGET_I686_UNKNOWN_LINUX_MUSL_RUSTFLAG=-Clink-self-contained=yes -Clinker=rust-lld" >> $GITHUB_ENV + echo "CC_i686_unknown_linux_musl=clang-19" >> $GITHUB_ENV + echo "AR_i686_unknown_linux_musl=llvm-ar-19" >> $GITHUB_ENV - name: Install Rust toolchain uses: dtolnay/rust-toolchain@master with: toolchain: stable targets: ${{ matrix.target }} - name: Build - run: | - ${{ matrix.extra_cmd || '' }} - cargo build --release --locked --target ${{ matrix.target }} + run: cargo build --release --locked --target ${{ matrix.target }} - name: Prepare release assets shell: bash run: | @@ -155,7 +128,7 @@ jobs: > git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz.sha512 fi - name: Build Python wheels (linux) - if: matrix.publish_pypi && startsWith(matrix.name, 'linux') + if: matrix.publish-pypi && startsWith(matrix.os, 'ubuntu-') uses: PyO3/maturin-action@v1 with: working-directory: pypi @@ -165,7 +138,7 @@ jobs: # https://github.com/PyO3/maturin-action/issues/245 manylinux: ${{ matrix.target == 'aarch64-unknown-linux-gnu' && '2_28' || 'auto' }} - name: Build Python wheels (macos & windows) - if: matrix.publish_pypi && (contains(matrix.os, 'macos') || contains(matrix.os, 'windows')) + if: matrix.publish-pypi && (startsWith(matrix.os, 'macos') || startsWith(matrix.os, 'windows')) uses: PyO3/maturin-action@v1 with: working-directory: pypi @@ -173,7 +146,7 @@ jobs: args: --release --sdist --out wheels sccache: "true" - name: Build Python wheels (musl) - if: matrix.publish_pypi && matrix.install_musl + if: matrix.publish-pypi && endsWith(matrix.target, 'musl') uses: PyO3/maturin-action@v1 with: working-directory: pypi From da3c97139996571a3934c7758e7fc949cf51ac8b Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Tue, 1 Jul 2025 23:56:45 -0700 Subject: [PATCH 11/12] fix: cargo-env --- .github/workflows/build.yml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 36c65907b2..ff9d707166 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -42,6 +42,7 @@ jobs: - target: i686-unknown-linux-musl os: ubuntu-latest publish-pypi: true + cargo-env: RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" CC=clang-19 AR=llvm-ar-19 - target: aarch64-unknown-linux-gnu os: ubuntu-24.04-arm publish-npm: true @@ -88,18 +89,15 @@ jobs: run: sudo apt-get install -yq --no-install-recommends --allow-unauthenticated gcc-multilib - name: Install Clang if: matrix.target == 'i686-unknown-linux-musl' - run: | - sudo apt-get install -yq --no-install-recommends --allow-unauthenticated clang-19 llvm-19 - echo "CARGO_TARGET_I686_UNKNOWN_LINUX_MUSL_RUSTFLAG=-Clink-self-contained=yes -Clinker=rust-lld" >> $GITHUB_ENV - echo "CC_i686_unknown_linux_musl=clang-19" >> $GITHUB_ENV - echo "AR_i686_unknown_linux_musl=llvm-ar-19" >> $GITHUB_ENV + shell: bash + run: sudo apt-get install -yq --no-install-recommends --allow-unauthenticated clang-19 llvm-19 - name: Install Rust toolchain uses: dtolnay/rust-toolchain@master with: toolchain: stable targets: ${{ matrix.target }} - name: Build - run: cargo build --release --locked --target ${{ matrix.target }} + run: ${{ matrix.cargo-env }} cargo build --release --locked --target ${{ matrix.target }} - name: Prepare release assets shell: bash run: | From c818d5a7dd891c57f0c5702bf25a5fd059d0c1a1 Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Wed, 2 Jul 2025 00:55:08 -0700 Subject: [PATCH 12/12] ci: more simplification --- .github/workflows/build.yml | 27 +++++---------------------- 1 file changed, 5 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ff9d707166..aee67ae46a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -79,7 +79,7 @@ jobs: shell: bash run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV - name: Update apt - if: matrix.os == 'ubuntu-latest' || matrix.os == 'ubuntu-24.04-arm' + if: startsWith(matrix.os, 'ubuntu-') run: sudo apt-get update - name: Install Musl tools if: endsWith(matrix.target, 'musl') @@ -88,8 +88,8 @@ jobs: if: startsWith(matrix.target, 'i686-unknown-linux-') run: sudo apt-get install -yq --no-install-recommends --allow-unauthenticated gcc-multilib - name: Install Clang + # this target needs clang, instead of musl-gcc which is not compatible with ring (crypto library) if: matrix.target == 'i686-unknown-linux-musl' - shell: bash run: sudo apt-get install -yq --no-install-recommends --allow-unauthenticated clang-19 llvm-19 - name: Install Rust toolchain uses: dtolnay/rust-toolchain@master @@ -125,8 +125,8 @@ jobs: shasum -a 512 git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz \ > git-cliff-${{ env.RELEASE_VERSION }}-${{ matrix.target }}.tar.gz.sha512 fi - - name: Build Python wheels (linux) - if: matrix.publish-pypi && startsWith(matrix.os, 'ubuntu-') + - name: Build Python wheels + if: matrix.publish-pypi uses: PyO3/maturin-action@v1 with: working-directory: pypi @@ -134,21 +134,4 @@ jobs: args: --release --sdist --out wheels sccache: "true" # https://github.com/PyO3/maturin-action/issues/245 - manylinux: ${{ matrix.target == 'aarch64-unknown-linux-gnu' && '2_28' || 'auto' }} - - name: Build Python wheels (macos & windows) - if: matrix.publish-pypi && (startsWith(matrix.os, 'macos') || startsWith(matrix.os, 'windows')) - uses: PyO3/maturin-action@v1 - with: - working-directory: pypi - target: ${{ matrix.target }} - args: --release --sdist --out wheels - sccache: "true" - - name: Build Python wheels (musl) - if: matrix.publish-pypi && endsWith(matrix.target, 'musl') - uses: PyO3/maturin-action@v1 - with: - working-directory: pypi - target: ${{ matrix.target }} - args: --release --sdist --out wheels - sccache: "true" - manylinux: musllinux_1_2 + manylinux: ${{ matrix.target == 'aarch64-unknown-linux-gnu' && '2_28' || endsWith(matrix.target, 'musl') && 'musllinux_1_2' || 'auto' }}