ci: setup #6
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: wrpc | |
| on: | |
| merge_group: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - 'interface-blobstore-v[0-9].[0-9]+.[0-9]+' | |
| - 'interface-blobstore-v[0-9].[0-9]+.[0-9]+-*' | |
| - 'interface-http-v[0-9].[0-9]+.[0-9]+' | |
| - 'interface-http-v[0-9].[0-9]+.[0-9]+-*' | |
| - 'runtime-wasmtime-v[0-9].[0-9]+.[0-9]+' | |
| - 'runtime-wasmtime-v[0-9].[0-9]+.[0-9]+-*' | |
| - 'transport-nats-v[0-9].[0-9]+.[0-9]+' | |
| - 'transport-nats-v[0-9].[0-9]+.[0-9]+-*' | |
| - 'transport-v[0-9].[0-9]+.[0-9]+' | |
| - 'transport-v[0-9].[0-9]+.[0-9]+-*' | |
| - 'types-v[0-9].[0-9]+.[0-9]+' | |
| - 'types-v[0-9].[0-9]+.[0-9]+-*' | |
| - 'v[0-9].[0-9]+.[0-9]+' | |
| - 'v[0-9].[0-9]+.[0-9]+-*' | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build-bin: | |
| strategy: | |
| matrix: | |
| config: | |
| - target: aarch64-unknown-linux-musl | |
| test-bin: | | |
| nix profile install --inputs-from . 'nixpkgs#qemu' | |
| qemu-aarch64 ./result/bin/wrpc --version | |
| test-oci: docker load < ./result | |
| # TODO: Run aarch64 binary within OCI | |
| - target: aarch64-apple-darwin | |
| test-bin: file ./result/bin/wrpc | |
| test-oci: docker load < ./result | |
| - target: aarch64-linux-android | |
| test-bin: file ./result/bin/wrpc | |
| test-oci: docker load < ./result | |
| - target: riscv64gc-unknown-linux-gnu-fhs | |
| test-bin: | | |
| nix build -L '.#wrpc-riscv64gc-unknown-linux-gnu' | |
| nix shell --inputs-from . 'nixpkgs#qemu' -c qemu-riscv64 ./result/bin/wrpc --version | |
| - target: x86_64-apple-darwin | |
| test-bin: file ./result/bin/wrpc | |
| test-oci: docker load < ./result | |
| - target: x86_64-pc-windows-gnu | |
| test-bin: | | |
| nix profile install --inputs-from . 'nixpkgs#wine64' | |
| wine64 ./result/bin/wrpc.exe --version | |
| test-oci: docker load < ./result | |
| # TODO: Run win64 binary within OCI | |
| - target: x86_64-unknown-linux-musl | |
| test-bin: ./result/bin/wrpc --version | |
| test-oci: | | |
| docker load < ./result | |
| docker run --rm wrpc:$(nix eval --raw .#wrpc-x86_64-unknown-linux-musl-oci.imageTag) wrpc --version | |
| name: wrpc-${{ matrix.config.target }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4.1.1 | |
| - uses: ./.github/actions/install-nix | |
| with: | |
| cachixAuthToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - uses: ./.github/actions/build-nix | |
| with: | |
| package: wrpc-${{ matrix.config.target }} | |
| - run: ${{ matrix.config.test-bin }} | |
| - uses: ./.github/actions/build-nix | |
| if: ${{ !endsWith(matrix.config.target, 'fhs') }} | |
| with: | |
| package: wrpc-${{ matrix.config.target }}-oci | |
| - run: ${{ matrix.config.test-oci }} | |
| if: ${{ !endsWith(matrix.config.target, 'fhs') }} | |
| build-lipo: | |
| name: wrpc-universal-darwin | |
| needs: build-bin | |
| runs-on: macos-latest | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: wrpc-aarch64-apple-darwin | |
| path: aarch64 | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: wrpc-x86_64-apple-darwin | |
| path: x86_64 | |
| - run: chmod +x ./x86_64/bin/* | |
| - run: ./x86_64/bin/wrpc --version | |
| - run: mkdir -p ./artifact/bin | |
| - run: lipo -create ./aarch64/bin/wrpc ./x86_64/bin/wrpc -output ./artifact/bin/wrpc | |
| - run: chmod +x ./artifact/bin/wrpc | |
| - run: ./artifact/bin/wrpc --version | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: wrpc-universal-darwin | |
| path: artifact | |
| test-linux: | |
| runs-on: ubuntu-latest | |
| needs: build-bin | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: wrpc-x86_64-unknown-linux-musl | |
| - run: chmod +x ./bin/wrpc | |
| - run: ./bin/wrpc --version | |
| test-windows: | |
| runs-on: windows-latest | |
| needs: build-bin | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: wrpc-x86_64-pc-windows-gnu | |
| - run: .\bin\wrpc.exe --version | |
| cargo: | |
| strategy: | |
| matrix: | |
| check: | |
| - audit | |
| - fmt | |
| - clippy | |
| - nextest | |
| name: cargo ${{ matrix.check }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4.1.1 | |
| - uses: ./.github/actions/install-nix | |
| with: | |
| cachixAuthToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - run: nix build -L .#checks.x86_64-linux.${{ matrix.check }} | |
| build-doc: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4.1.1 | |
| - uses: ./.github/actions/install-nix | |
| with: | |
| cachixAuthToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - run: nix build -L .#checks.x86_64-linux.doc | |
| - run: cp --no-preserve=mode -R ./result/share/doc ./doc | |
| - run: rm -f doc/.lock | |
| - name: Create `.nojekyll` | |
| run: touch doc/.nojekyll | |
| - name: Write `index.html` | |
| run: | | |
| cat <<EOF > doc/index.html | |
| <!DOCTYPE html> | |
| <meta charset="utf-8"> | |
| <title>Redirecting to wrpc/index.html</title> | |
| <meta http-equiv="refresh" content="0; URL=wrpc/index.html"> | |
| <link rel="canonical" href="https://${{ github.repository_owner }}.github.io/wrpc/wrpc/index.html"> | |
| EOF | |
| - uses: actions/upload-pages-artifact@v3.0.1 | |
| with: | |
| path: doc | |
| deploy-doc: | |
| runs-on: ubuntu-latest | |
| needs: build-doc | |
| permissions: | |
| pages: write | |
| id-token: write | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/deploy-pages@v4.0.4 | |
| id: deployment | |
| oci: | |
| strategy: | |
| matrix: | |
| include: | |
| - bin: wrpc | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| needs: | |
| - build-bin | |
| - test-linux | |
| steps: | |
| - uses: actions/checkout@v4.1.1 | |
| - uses: ./.github/actions/install-nix | |
| with: | |
| cachixAuthToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - name: Extract tag context | |
| id: ctx | |
| run: | | |
| echo "owner=${GITHUB_REPOSITORY_OWNER,,}" >> "$GITHUB_OUTPUT" | |
| echo "sha_short=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT" | |
| version=${GITHUB_REF_NAME#${{ matrix.prefix }}v} | |
| echo "version=${version}" >> "$GITHUB_OUTPUT" | |
| echo "version is ${version}" | |
| if [[ $version == *"-"* ]]; then | |
| echo "version ${version} is a pre-release" | |
| echo "prerelease=true" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Login to GitHub Container Registry | |
| if: startswith(github.ref, format('refs/tags/{0}v', matrix.prefix)) || github.ref == 'refs/heads/main' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Install `buildah` | |
| run: nix profile install --inputs-from . 'nixpkgs#buildah' | |
| - name: Build `${{ matrix.bin }}` image | |
| run: nix run -L .#build-${{ matrix.bin }}-oci-debian ${{ matrix.bin }} | |
| - name: Test `${{ matrix.bin }}` image | |
| run: | | |
| buildah push ${{ matrix.bin }}:amd64 docker-daemon:${{ matrix.bin }}:test | |
| docker run --rm ${{ matrix.bin }}:test ${{ matrix.bin }} --version | |
| - name: Push `${{ matrix.bin }}` commit rev tag | |
| if: startswith(github.ref, format('refs/tags/{0}v', matrix.prefix)) || github.ref == 'refs/heads/main' | |
| run: | | |
| buildah manifest push --all --format 'v2s2' ${{ matrix.bin }} docker://ghcr.io/${{ steps.ctx.outputs.owner }}/${{ matrix.bin }}:${{ github.sha }} | |
| buildah manifest push --all --format 'v2s2' ${{ matrix.bin }} docker://ghcr.io/${{ steps.ctx.outputs.owner }}/${{ matrix.bin }}:${{ steps.ctx.outputs.sha_short }} | |
| docker run --rm ghcr.io/${{ steps.ctx.outputs.owner }}/${{ matrix.bin }}:${{ github.sha }} ${{ matrix.bin }} --version | |
| docker run --rm ghcr.io/${{ steps.ctx.outputs.owner }}/${{ matrix.bin }}:${{ steps.ctx.outputs.sha_short }} ${{ matrix.bin }} --version | |
| - name: Push `${{ matrix.bin }}` version tag | |
| if: startswith(github.ref, format('refs/tags/{0}v', matrix.prefix)) | |
| continue-on-error: ${{ github.repository_owner != 'rvolosatovs' }} | |
| run: | | |
| buildah manifest push --all --format 'v2s2' ${{ matrix.bin }} docker://ghcr.io/${{ steps.ctx.outputs.owner }}/${{ matrix.bin }}:${{ steps.ctx.outputs.version }} | |
| docker run --rm ghcr.io/${{ steps.ctx.outputs.owner }}/${{ matrix.bin }}:${{ steps.ctx.outputs.version }} ${{ matrix.bin }} --version | |
| - name: Push `${{ matrix.bin }}` `latest` tag | |
| if: startswith(github.ref, format('refs/tags/{0}v', matrix.prefix)) && !steps.ctx.outputs.prerelease | |
| continue-on-error: ${{ github.repository_owner != 'rvolosatovs' }} | |
| run: | | |
| buildah manifest push --all --format 'v2s2' ${{ matrix.bin }} docker://ghcr.io/${{ steps.ctx.outputs.owner }}/${{ matrix.bin }}:latest | |
| docker run --rm ghcr.io/${{ steps.ctx.outputs.owner }}/${{ matrix.bin }}:latest ${{ matrix.bin }} --version | |
| release: | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| needs: | |
| - build-bin | |
| - build-doc | |
| - build-lipo | |
| - cargo | |
| - oci | |
| - test-linux | |
| - test-windows | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4.1.1 | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| path: artifacts | |
| - run: | | |
| for dir in ./artifacts/wrpc-*; do | |
| target=${dir#./artifacts/wrpc-} | |
| for bin_path in $(find ${dir}/bin -type f); do | |
| chmod +x ${bin_path} | |
| bin=$(basename ${bin_path}) | |
| case "$bin" in | |
| *.exe) | |
| bin="${bin%.exe}" | |
| mkdir -p ./${bin} | |
| mv ${bin_path} ./${bin}/${bin}-${target}.exe | |
| ;; | |
| *) | |
| mkdir -p ./${bin} | |
| mv ${bin_path} ./${bin}/${bin}-${target%-fhs} | |
| ;; | |
| esac | |
| done | |
| done | |
| - uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| with: | |
| draft: true | |
| prerelease: true | |
| generate_release_notes: true | |
| files: ./wrpc/* | |
| crates: | |
| strategy: | |
| matrix: | |
| include: | |
| - crate: interface-blobstore | |
| workspace-dependencies: true | |
| - crate: interface-http | |
| workspace-dependencies: true | |
| - crate: runtime-wasmtime | |
| workspace-dependencies: true | |
| - crate: transport | |
| workspace-dependencies: true | |
| - crate: transport-nats | |
| workspace-dependencies: true | |
| - crate: types | |
| name: publish ${{ matrix.crate }} to crates.io | |
| needs: cargo | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4.1.1 | |
| - name: Extract tag context | |
| id: ctx | |
| run: | | |
| version=${GITHUB_REF_NAME#${{ matrix.crate }}-v} | |
| echo "version is ${version}" | |
| if [[ $version == *"-"* ]]; then | |
| echo "version ${version} is a pre-release" | |
| echo "prerelease=true" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: dry-run publish ${{ matrix.crate }} to crates.io | |
| if: ${{ !startsWith(github.ref, 'refs/tags/') }} | |
| continue-on-error: ${{ matrix.workspace-dependencies }} # publish may fail due to workspace crates not being published yet | |
| run: cargo publish --dry-run | |
| working-directory: ./crates/${{ matrix.crate }} | |
| - name: publish ${{ matrix.crate }} to crates.io | |
| if: startsWith(github.ref, format('refs/tags/{0}-v', matrix.crate)) && !steps.ctx.outputs.prerelease | |
| continue-on-error: ${{ github.repository_owner != 'rvolosatovs' }} | |
| run: cargo publish --token ${{ secrets.CRATES_PUBLISH_TOKEN }} | |
| working-directory: ./crates/${{ matrix.crate }} |