From 8658ca335388887aa9fcb6b0b9553817aa02f514 Mon Sep 17 00:00:00 2001 From: refcell Date: Tue, 7 Nov 2023 11:19:05 +0100 Subject: [PATCH] new github actions --- .github/workflows/audit.yml | 17 +++++ .github/workflows/ci.yml | 71 +++++++++------------ .github/workflows/cross-release.yml | 88 ++++++++++++++++++++++++++ .github/workflows/github-release.yml | 38 +++++++++++ .github/workflows/manual-tag.yml | 21 ++++++ .github/workflows/release.yml | 27 ++++++++ .github/workflows/tag.yml | 35 ++++++++++ .github/workflows/validate-version.yml | 43 +++++++++++++ README.md | 20 +++--- 9 files changed, 311 insertions(+), 49 deletions(-) create mode 100644 .github/workflows/audit.yml create mode 100644 .github/workflows/cross-release.yml create mode 100644 .github/workflows/github-release.yml create mode 100644 .github/workflows/manual-tag.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/tag.yml create mode 100644 .github/workflows/validate-version.yml diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml new file mode 100644 index 0000000..8c1d830 --- /dev/null +++ b/.github/workflows/audit.yml @@ -0,0 +1,17 @@ +name: Audit + +on: + push: + paths: + - '**/Cargo.toml' + - '**/Cargo.lock' + +jobs: + security_audit: + runs-on: ubuntu-latest + permissions: write-all + steps: + - uses: actions/checkout@v4 + - uses: actions-rs/audit-check@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1b8bbe9..4baeb8a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,89 +1,78 @@ -name: ci +name: CI -on: [push] +on: + push: + branches: + - main + pull_request: + workflow_dispatch: + +permissions: + contents: read + +env: + RUSTFLAGS: -Dwarnings jobs: cargo-tests: runs-on: ubuntu-latest timeout-minutes: 20 steps: - - name: Checkout sources - uses: actions/checkout@v3 - - name: Install Rust toolchain - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@v4 + - uses: actions-rs/toolchain@v1 with: toolchain: nightly profile: minimal override: true - uses: Swatinem/rust-cache@v1 - with: - cache-on-failure: true - - name: cargo test - run: cargo test --all - - name: cargo test all features - run: cargo test --all --all-features + - run: cargo test --all + - run: cargo test --all --all-features cargo-lint: runs-on: ubuntu-latest timeout-minutes: 20 steps: - - name: Checkout sources - uses: actions/checkout@v3 - - name: Install Rust toolchain - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@v4 + - uses: actions-rs/toolchain@v1 with: toolchain: nightly profile: minimal components: rustfmt, clippy override: true - uses: Swatinem/rust-cache@v1 - with: - cache-on-failure: true - - name: cargo fmt - run: cargo +nightly fmt --all -- --check - - name: cargo clippy - run: cargo +nightly clippy --all --all-features -- -D warnings + - run: cargo +nightly fmt --all -- --check + - run: cargo +nightly clippy --all --all-features -- -D warnings cargo-build: runs-on: ubuntu-latest timeout-minutes: 20 continue-on-error: true steps: - - name: Checkout sources - uses: actions/checkout@v3 - - name: Install Rust toolchain - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@v4 + - uses: actions-rs/toolchain@v1 with: toolchain: nightly profile: minimal override: true - uses: Swatinem/rust-cache@v1 - with: - cache-on-failure: true - - name: build - id: build - continue-on-error: true + - continue-on-error: true run: cargo build --all + id: build cargo-doc: runs-on: ubuntu-latest timeout-minutes: 20 continue-on-error: true steps: - - name: Checkout sources - uses: actions/checkout@v3 - - name: Install Rust toolchain - uses: actions-rs/toolchain@v1 + - uses: actions/checkout@v4 + - uses: actions-rs/toolchain@v1 with: toolchain: nightly profile: minimal override: true - uses: Swatinem/rust-cache@v1 - with: - cache-on-failure: true - - name: doclint - id: build + - name: doclints continue-on-error: true run: RUSTDOCFLAGS="-D warnings" cargo doc --all --no-deps --all-features --document-private-items - - name: doctest - run: cargo test --doc --all --all-features + id: build + - run: cargo test --doc --all --all-features diff --git a/.github/workflows/cross-release.yml b/.github/workflows/cross-release.yml new file mode 100644 index 0000000..4b8a00a --- /dev/null +++ b/.github/workflows/cross-release.yml @@ -0,0 +1,88 @@ +name: Cross Release + +on: + workflow_dispatch: + +jobs: + extract-version: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Export Crate Package Version + run: echo "VERSION=$(cargo metadata --format-version=1 --no-deps | jq -r '.packages[0].version')" >> $GITHUB_OUTPUT + id: export + outputs: + VERSION: ${{ steps.export.outputs.VERSION }} + + build: + name: build release + strategy: + matrix: + arch: + [ + aarch64-unknown-linux-gnu, + x86_64-unknown-linux-gnu, + x86_64-apple-darwin, + aarch64-apple-darwin, + x86_64-pc-windows-gnu, + ] + include: + - arch: aarch64-unknown-linux-gnu + platform: ubuntu-20.04 + profile: maxperf + - arch: x86_64-unknown-linux-gnu + platform: ubuntu-20.04 + profile: maxperf + - arch: x86_64-apple-darwin + platform: macos-latest + profile: maxperf + - arch: aarch64-apple-darwin + platform: macos-latest + profile: maxperf + - arch: x86_64-pc-windows-gnu + platform: ubuntu-20.04 + profile: maxperf + + runs-on: ${{ matrix.platform }} + needs: extract-version + env: + VERSION: ${{ needs.extract-version.outputs.VERSION }} + steps: + - uses: actions/checkout@v4 + - run: rustup update stable + - run: rustup target add ${{ matrix.arch }} + - uses: Swatinem/rust-cache@v2 + with: + cache-on-failure: true + - name: Apple M1 setup + if: ${{ matrix.job.target == 'aarch64-apple-darwin' }} + run: | + echo "SDKROOT=$(xcrun -sdk macosx --show-sdk-path)" >> $GITHUB_ENV + echo "MACOSX_DEPLOYMENT_TARGET=$(xcrun -sdk macosx --show-sdk-platform-version)" >> $GITHUB_ENV + - name: Build for ${{ matrix.arch }} + run: | + cargo install cross + env PROFILE=${{ matrix.profile }} make build-${{ matrix.arch }} + - name: Move cross-compiled binary + if: matrix.arch != 'x86_64-pc-windows-gnu' + run: | + mkdir artifacts + mv target/${{ matrix.arch }}/${{ matrix.profile }}/* ./artifacts + - name: Create artifacts + run: tar --directory=artifacts -czf release-${{ env.VERSION }}-${{ matrix.arch }}.tar.gz $(ls -U artifacts/ | head -1) + shell: bash + + release: + name: Release on Github + runs-on: ubuntu-latest + permissions: + contents: write + needs: [build, extract-version] + env: + VERSION: ${{ needs.extract-version.outputs.VERSION }} + steps: + - uses: actions/checkout@v4 + - uses: ncipollo/release-action@v1 + with: + artifacts: "artifacts/*" + tag: v${{ env.VERSION }} diff --git a/.github/workflows/github-release.yml b/.github/workflows/github-release.yml new file mode 100644 index 0000000..ee63ebc --- /dev/null +++ b/.github/workflows/github-release.yml @@ -0,0 +1,38 @@ +name: Github Release + +on: + workflow_dispatch: + workflow_run: + workflows: ["CI"] + branches: [main] + types: + - completed + +jobs: + extract-crate-version: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Export Crate Package Version + run: echo "VERSION=$(cargo metadata --format-version=1 --no-deps | jq -r '.packages[0].version')" >> $GITHUB_OUTPUT + id: export_crate_version + outputs: + VERSION: ${{ steps.export_crate_version.outputs.VERSION }} + + release: + name: Release on Github + runs-on: ubuntu-latest + permissions: + contents: write + needs: [extract-crate-version] + env: + VERSION: ${{ needs.extract-crate-version.outputs.VERSION }} + steps: + - uses: actions/checkout@v4 + - run: cargo build --release + - name: Generate the Release Tarball + run: tar --directory=target/release -cf release.tar.gz $(ls -U target/release/ | head -1) + - uses: ncipollo/release-action@v1 + with: + artifacts: "release.tar.gz" + tag: v${{ env.VERSION }} diff --git a/.github/workflows/manual-tag.yml b/.github/workflows/manual-tag.yml new file mode 100644 index 0000000..dbb3ab0 --- /dev/null +++ b/.github/workflows/manual-tag.yml @@ -0,0 +1,21 @@ +name: Manual Tag + +on: + workflow_dispatch: + inputs: + version: + description: "The version to release. Should match the version in `Cargo.toml`. For example, 0.1.20" + required: true + +jobs: + tag: + runs-on: ubuntu-latest + permissions: + contents: write + timeout-minutes: 20 + steps: + - uses: actions/checkout@v4 + - uses: anothrNick/github-tag-action@master + env: + CUSTOM_TAG: v${{ inputs.version }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..9186316 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,27 @@ +name: Release + +on: + workflow_dispatch: + workflow_run: + workflows: ["CI"] + branches: [main] + types: + - completed + +jobs: + publish: + name: Publish Crate to Crates.io + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions-rs/toolchain@v1 + with: + profile: minimal + toolchain: stable + override: true + - uses: baptiste0928/cargo-install@v2 + with: + crate: cargo-release + - run: CARGO_REGISTRY_TOKEN=${CRATES_TOKEN} cargo release --execute --no-confirm --no-push --no-tag + env: + CRATES_TOKEN: ${{ secrets.CRATES_TOKEN }} diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml new file mode 100644 index 0000000..ea1fb32 --- /dev/null +++ b/.github/workflows/tag.yml @@ -0,0 +1,35 @@ +name: Tag + +on: + workflow_run: + workflows: ["CI"] + branches: [main] + types: + - completed + +jobs: + extract-crate-version: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Export Crate Package Version + run: echo "VERSION=$(cargo metadata --format-version=1 --no-deps | jq -r '.packages[0].version')" >> $GITHUB_OUTPUT + id: export_crate_version + outputs: + VERSION: ${{ steps.export_crate_version.outputs.VERSION }} + + tag: + runs-on: ubuntu-latest + permissions: + contents: write + timeout-minutes: 20 + needs: [extract-crate-version] + env: + VERSION: ${{ needs.extract-crate-version.outputs.VERSION }} + steps: + - uses: actions/checkout@v4 + - name: Bump version and push tag + uses: anothrNick/github-tag-action@master + env: + CUSTOM_TAG: v${{ env.VERSION }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/validate-version.yml b/.github/workflows/validate-version.yml new file mode 100644 index 0000000..0097d10 --- /dev/null +++ b/.github/workflows/validate-version.yml @@ -0,0 +1,43 @@ +name: Validate Release Version + +on: + pull_request: + branches: + - main + workflow_dispatch: + +jobs: + extract-github-tag: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions-ecosystem/action-get-latest-tag@v1 + id: get-latest-tag + - name: Extract the git tag version + run: echo "VERSION=$(echo ${{ steps.get-latest-tag.outputs.tag }} | sed 's/^.*[^0-9]\([0-9]*\.[0-9]*\.[0-9]*\).*$/\1/')" >> $GITHUB_OUTPUT + id: export-git-tag + outputs: + VERSION: ${{ steps.export-git-tag.outputs.VERSION }} + + extract-crate-version: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Export Crate Package Version + run: echo "VERSION=$(cargo metadata --format-version=1 --no-deps | jq -r '.packages[0].version')" >> $GITHUB_OUTPUT + id: export_crate_version + outputs: + VERSION: ${{ steps.export_crate_version.outputs.VERSION }} + + validate-crate-version: + runs-on: ubuntu-latest + needs: [extract-github-tag, extract-crate-version] + env: + GIT_TAG: ${{ needs.extract-github-tag.outputs.VERSION }} + CRATE_VERSION: ${{ needs.extract-crate-version.outputs.VERSION }} + steps: + - uses: baptiste0928/cargo-install@v2 + with: + crate: semver-util + - name: Validate Semvers + run: semver cmp ${{ env.CRATE_VERSION }} gt ${{ env.GIT_TAG }} || exit 1 diff --git a/README.md b/README.md index ccf761a..6766ca5 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,27 @@ # op-up -[![Build Status]][actions] +[![CI Build Status]][actions] +[![Release]][actions] +[![Tag Build Status]][actions] [![License]][mit-license] [![Docs]][Docs-rs] [![Latest Version]][crates.io] -[![rustc 1.31+]][Rust 1.31] +[![rustc 1.70+]][Rust 1.70] -[Build Status]: https://img.shields.io/github/actions/workflow/status/anton-rs/op-up/ci.yml?branch=main +[CI Build Status]: https://img.shields.io/github/actions/workflow/status/anton-rs/op-up/ci.yml?branch=main&label=build +[Tag Build Status]: https://img.shields.io/github/actions/workflow/status/anton-rs/op-up/tag.yml?branch=main&label=tag +[Release]: https://img.shields.io/github/actions/workflow/status/anton-rs/op-up/release.yml?branch=main&label=release [actions]: https://github.com/anton-rs/op-up/actions?query=branch%3Amain [Latest Version]: https://img.shields.io/crates/v/opup.svg -[crates.io]: https://crates.io/crates/opup -[rustc 1.31+]: https://img.shields.io/badge/rustc_1.31+-lightgray.svg -[Rust 1.31]: https://blog.rust-lang.org/2018/12/06/Rust-1.31-and-rust-2018.html +[crates.io]: https://crates.io/crates/op-up +[rustc 1.70+]: https://img.shields.io/badge/rustc_1.70+-lightgray.svg?label=msrv +[Rust 1.70]: https://blog.rust-lang.org/2023/06/01/Rust-1.70.0.html [License]: https://img.shields.io/badge/license-MIT-7795AF.svg [mit-license]: https://github.com/anton-rs/op-up/blob/main/LICENSE.md [Docs-rs]: https://docs.rs/opup/ -[Docs]: https://img.shields.io/docsrs/opup.svg?color=319e8c&label=docs.rs +[Docs]: https://img.shields.io/docsrs/op-up.svg?color=319e8c&label=docs.rs -**Composable OP Stack Orchestration System.** op-up is in https://github.com/anton-rs/op-up/labels/alpha. +**Composable OP Stack Orchestration System.** https://github.com/anton-rs/op-up/labels/alpha. ![](https://raw.githubusercontent.com/anton-rs/op-up/main/etc/op-up-banner.png)