Skip to content

Upgrade CI toolchain #556

Upgrade CI toolchain

Upgrade CI toolchain #556

Workflow file for this run

name: Quick check crates
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
release:
types: [ published ]
env:
version: ${{ github.event.release.tag_name || github.sha }}
rust: 1.77.2 # same as nixos 23.11
jobs:
security_audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
- uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3
with:
token: ${{ secrets.GITHUB_TOKEN }}
build:
env:
clippy_args: --locked --target ${{ matrix.target }} ${{ matrix.packages }}
build_args: --locked --release --target ${{ matrix.target }} ${{ matrix.packages }}
target_path: target/${{ matrix.target }}/release/0s${{ matrix.os == 'windows-latest' && '.exe' || '' }}
asset_name: 0s-${{ github.event.release.tag_name || github.sha }}-${{ matrix.target }}${{ matrix.os == 'windows-latest' && '.exe' || '' }}
strategy:
matrix:
name: [
macos,
macos-m1,
windows
]
include:
- name: macos
os: macos-latest
target: x86_64-apple-darwin
cross: false
packages: -p zerostash -p zerostash-files
- name: macos-m1
os: macos-latest
target: aarch64-apple-darwin
cross: true
packages: -p zerostash -p zerostash-files
skip_tests: true
- name: windows
os: windows-latest
target: x86_64-pc-windows-msvc
cross: false
packages: -p zerostash -p zerostash-files
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
- uses: Swatinem/rust-cache@2656b87321093db1cb55fbd73183d195214fdfd1
- uses: actions-rs/toolchain@b2417cde72dcf67f306c0ae8e0828a81bf0b189f
with:
toolchain: ${{ env.rust }}
target: ${{ matrix.target }}
override: true
profile: minimal
components: clippy
- uses: actions-rs/clippy-check@b5b5f21f4797c02da247df37026fcd0a5024aa4d
if: matrix.skip_clippy != true
with:
token: ${{ secrets.GITHUB_TOKEN }}
args: ${{ env.clippy_args }}
- name: Test
if: matrix.skip_tests != true
uses: actions-rs/cargo@ae10961054e4aa8b4aa7dffede299aaf087aa33b
with:
use-cross: ${{ matrix.cross }}
args: ${{ env.build_args }}
command: test
- name: Build
id: build
uses: actions-rs/cargo@ae10961054e4aa8b4aa7dffede299aaf087aa33b
with:
use-cross: ${{ matrix.cross }}
args: ${{ env.build_args }}
command: build
- name: Upload binaries
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
with:
name: ${{ env.asset_name }}
path: ${{ env.target_path }}
linux:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
- uses: cachix/install-nix-action@4b933aa7ebcc94a6174cf1364864e957b4910265
- uses: cachix/cachix-action@6a9a34cdd93d0ae4b4b59fd678660efb08109f2f
with:
name: symmetree-labs
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- uses: actions-rs/toolchain@b2417cde72dcf67f306c0ae8e0828a81bf0b189f
with:
toolchain: ${{ env.rust }}
override: true
components: clippy
- run: sudo apt-get update && sudo apt-get install -y libfuse3-dev
- uses: actions-rs/clippy-check@b5b5f21f4797c02da247df37026fcd0a5024aa4d
with:
token: ${{ secrets.GITHUB_TOKEN }}
- id: build
run: |
path=$(nix build --json .#zerostash-static | jq -r .[].outputs.out)/bin/0s
echo bin_path=$path >> "$GITHUB_OUTPUT"
- name: Upload binaries
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
with:
name: 0s-${{ github.event.release.tag_name || github.sha }}-x86_64-linux
path: ${{ steps.build.outputs.bin_path }}
release:
runs-on: ubuntu-latest
needs: [build, linux, security_audit]
if: github.event_name == 'release' && github.event.action == 'published'
steps:
- name: Download artifacts
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
path: bin
- name: Package artifacts
run: |
set -e
cd bin
for dir in 0s-*-linux 0s-*-darwin; do
(cd $dir;
echo $dir
tar czf $dir.tar.gz 0s;
sha256sum $dir.tar.gz
)
done
- name: Attach binaries to release
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
with:
script: |
const fs = require('fs/promises');
const path = require('path');
const {owner, repo} = context.repo;
const release_id = context.payload.release.id;
const artifacts = await fs.readdir('bin/');
for (dir of artifacts) {
const files = await fs.readdir(`bin/${dir}`);
for (file of files) {
if (file === '0s') {
continue;
}
var file_name = file;
if (file === '0s.exe') {
file_name = `${dir}.exe`;
}
console.log(`Uploading ${dir}/${file} as ${file_name} for release ${release_id}`);
await github.rest.repos.uploadReleaseAsset({
owner,
repo,
release_id,
name: file_name,
data: await fs.readFile(`bin/${dir}/${file}`),
});
// only upload the first file
// there shouldn't be more anyway
break;
}
}