Upgrade to 1.81 Rust #675
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: ["main"] | |
tags: ["helm/**", "v*"] | |
pull_request: | |
branches: ["main"] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
CACHE: ${{ (github.event_name == 'push' | |
|| github.event_name == 'pull_request') | |
&& github.ref != 'refs/heads/main' | |
&& !startsWith(github.ref, 'refs/tags/v') | |
&& !contains(github.event.head_commit.message, '[fresh ci]') }} | |
RUST_BACKTRACE: 1 | |
RUST_VER: "1.81" | |
jobs: | |
################ | |
# Pull Request # | |
################ | |
pr: | |
if: ${{ github.event_name == 'pull_request' }} | |
needs: | |
- clippy | |
- docker | |
- helm-lint | |
- rustdoc | |
- rustfmt | |
- test-e2e-debug | |
- test-e2e-release | |
- test-unit | |
runs-on: ubuntu-latest | |
steps: | |
- run: true | |
########################## | |
# Linting and formatting # | |
########################## | |
clippy: | |
if: ${{ !startsWith(github.ref, 'refs/tags/helm/') }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dtolnay/rust-toolchain@v1 | |
with: | |
toolchain: ${{ env.RUST_VER }} | |
components: clippy | |
- uses: Swatinem/rust-cache@v2 | |
if: ${{ env.CACHE == 'true' }} | |
- run: make cargo.lint | |
helm-lint: | |
name: helm lint | |
if: ${{ !startsWith(github.ref, 'refs/tags/v') }} | |
strategy: | |
fail-fast: false | |
matrix: | |
chart: ["baza"] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: azure/setup-helm@v4 | |
- run: make helm.lint chart=${{ matrix.chart }} | |
rustfmt: | |
if: ${{ !startsWith(github.ref, 'refs/tags/helm/') }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dtolnay/rust-toolchain@v1 | |
with: | |
toolchain: nightly | |
components: rustfmt | |
- run: make cargo.fmt check=yes | |
########### | |
# Testing # | |
########### | |
test-e2e-debug: # as a separate CI job to omit waiting `docker` CI job | |
name: test (E2E, debug) | |
if: ${{ !startsWith(github.ref, 'refs/tags/helm/') }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dtolnay/rust-toolchain@v1 | |
with: | |
toolchain: nightly | |
components: rust-src | |
- uses: dtolnay/rust-toolchain@v1 | |
with: | |
toolchain: ${{ env.RUST_VER }} | |
- uses: Swatinem/rust-cache@v2 | |
if: ${{ env.CACHE == 'true' }} | |
- run: cargo install cargo-careful | |
- run: make up background=yes dockerized=no | |
debug=yes careful=yes | |
- run: sleep 5 | |
- run: make test.e2e start-app=no | |
test-e2e-release: | |
name: test (E2E, release) | |
if: ${{ !startsWith(github.ref, 'refs/tags/helm/') }} | |
needs: ["docker"] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dtolnay/rust-toolchain@v1 | |
with: | |
toolchain: ${{ env.RUST_VER }} | |
- uses: Swatinem/rust-cache@v2 | |
if: ${{ env.CACHE == 'true' }} | |
- uses: satackey/action-docker-layer-caching@v0.0.11 | |
with: | |
key: test-e2e-release-{hash} | |
restore-keys: test-e2e-release- | |
continue-on-error: true | |
timeout-minutes: 10 | |
if: ${{ env.CACHE == 'true' }} | |
- uses: actions/download-artifact@v4 | |
with: | |
name: docker-${{ github.run_number }} | |
path: .cache/docker/ | |
- run: make docker.untar | |
- run: make up background=yes dockerized=yes | |
tag=build-${{ github.run_number }} | |
- run: sleep 5 | |
- run: make test.e2e start-app=no | |
test-unit: | |
name: test (unit, ${{ matrix.toolchain }}) | |
if: ${{ !startsWith(github.ref, 'refs/tags/helm/') }} | |
strategy: | |
fail-fast: false | |
matrix: | |
toolchain: ["stable", "nightly"] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dtolnay/rust-toolchain@v1 | |
with: | |
toolchain: ${{ (matrix.toolchain == 'stable' && env.RUST_VER) | |
|| matrix.toolchain }} | |
components: rust-src | |
- uses: Swatinem/rust-cache@v2 | |
if: ${{ env.CACHE == 'true' }} | |
- run: cargo install cargo-careful | |
if: ${{ matrix.toolchain == 'nightly' }} | |
- run: make test.unit | |
careful=${{ (matrix.toolchain == 'nightly' && 'yes') | |
|| 'no' }} | |
############ | |
# Building # | |
############ | |
docker: | |
if: ${{ !startsWith(github.ref, 'refs/tags/helm/') }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v3 | |
- run: make docker.image debug=no no-cache=yes | |
tag=build-${{ github.run_number }} | |
- run: make docker.tar | |
tags=build-${{ github.run_number }} | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: docker-${{ github.run_number }} | |
path: .cache/docker/image.tar | |
retention-days: 1 | |
rustdoc: | |
if: ${{ !startsWith(github.ref, 'refs/tags/helm/') }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dtolnay/rust-toolchain@v1 | |
with: | |
toolchain: ${{ env.RUST_VER }} | |
- uses: Swatinem/rust-cache@v2 | |
if: ${{ env.CACHE == 'true' }} | |
- run: make cargo.doc private=yes open=no | |
env: | |
RUSTFLAGS: -D warnings | |
############# | |
# Releasing # | |
############# | |
docker-push: | |
name: docker push | |
if: ${{ github.event_name == 'push' | |
&& (github.ref == 'refs/heads/main' | |
|| startsWith(github.ref, 'refs/tags/v')) }} | |
needs: ["docker", "test-e2e-release"] | |
strategy: | |
fail-fast: false | |
matrix: | |
registry: ["docker.io", "ghcr.io", "quay.io"] | |
runs-on: ubuntu-latest | |
steps: | |
# Skip if this is fork and no credentials are provided. | |
- id: skip | |
run: echo "no=${{ !( | |
github.repository_owner != 'instrumentisto' | |
&& ((matrix.registry == 'quay.io' | |
&& secrets.QUAYIO_ROBOT_USER == '') | |
|| (matrix.registry == 'docker.io' | |
&& secrets.DOCKERHUB_BOT_USER == '')) | |
) }}" >> $GITHUB_OUTPUT | |
- uses: actions/checkout@v4 | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- uses: actions/download-artifact@v4 | |
with: | |
name: docker-${{ github.run_number }} | |
path: .cache/docker/ | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- run: make docker.untar | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- name: Login to ${{ matrix.registry }} container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ matrix.registry }} | |
username: ${{ (matrix.registry == 'docker.io' | |
&& secrets.DOCKERHUB_BOT_USER) | |
|| (matrix.registry == 'quay.io' | |
&& secrets.QUAYIO_ROBOT_USER) | |
|| github.repository_owner }} | |
password: ${{ (matrix.registry == 'docker.io' | |
&& secrets.DOCKERHUB_BOT_PASS) | |
|| (matrix.registry == 'quay.io' | |
&& secrets.QUAYIO_ROBOT_TOKEN) | |
|| secrets.GITHUB_TOKEN }} | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- name: Parse semver versions from Git tag | |
id: semver | |
uses: actions-ecosystem/action-regex-match@v2 | |
with: | |
text: ${{ github.ref }} | |
regex: '^refs/tags/v((([0-9]+)\.[0-9]+)\.[0-9]+(-.+)?)$' | |
if: ${{ steps.skip.outputs.no == 'true' | |
&& startsWith(github.ref, 'refs/tags/v') }} | |
- name: Form version Docker tags | |
id: tags | |
uses: actions/github-script@v7 | |
with: | |
result-encoding: string | |
script: | | |
let versions = '${{ steps.semver.outputs.group1 }}'; | |
if ('${{ steps.semver.outputs.group4 }}' === '') { | |
versions += ',${{ steps.semver.outputs.group2 }}'; | |
if ('${{ steps.semver.outputs.group3 }}' !== '0') { | |
versions += ',${{ steps.semver.outputs.group3 }}'; | |
} | |
versions += ',latest'; | |
} | |
return versions; | |
if: ${{ steps.skip.outputs.no == 'true' | |
&& startsWith(github.ref, 'refs/tags/v') }} | |
- run: make docker.tags | |
registries=${{ matrix.registry }} | |
of=build-${{ github.run_number }} | |
tags=${{ (startsWith(github.ref, 'refs/tags/v') | |
&& steps.tags.outputs.result) | |
|| 'edge' }} | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- run: make docker.push | |
registries=${{ matrix.registry }} | |
tags=${{ (startsWith(github.ref, 'refs/tags/v') | |
&& steps.tags.outputs.result) | |
|| 'edge' }} | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
# On GitHub Container Registry README is automatically updated on pushes. | |
- name: Update README on Docker Hub | |
uses: christian-korneck/update-container-description-action@v1 | |
with: | |
provider: dockerhub | |
destination_container_repo: ${{ github.repository }} | |
readme_file: README.md | |
env: | |
DOCKER_USER: ${{ secrets.DOCKERHUB_BOT_USER }} | |
DOCKER_PASS: ${{ secrets.DOCKERHUB_BOT_PASS }} | |
if: ${{ steps.skip.outputs.no == 'true' | |
&& matrix.registry == 'docker.io' }} | |
- name: Update README on Quay.io | |
uses: christian-korneck/update-container-description-action@v1 | |
with: | |
provider: quay | |
destination_container_repo: ${{ matrix.registry }}/${{ github.repository }} | |
readme_file: README.md | |
env: | |
DOCKER_APIKEY: ${{ secrets.QUAYIO_API_TOKEN }} | |
if: ${{ steps.skip.outputs.no == 'true' | |
&& matrix.registry == 'quay.io' }} | |
helm-push: | |
name: helm push | |
if: ${{ startsWith(github.ref, 'refs/tags/helm/') }} | |
needs: ["helm-lint"] | |
strategy: | |
max-parallel: 1 | |
matrix: | |
chart: ["baza"] | |
runs-on: ubuntu-latest | |
steps: | |
- id: skip | |
run: echo "no=${{ | |
startsWith(github.ref, | |
format('refs/tags/helm/{0}/', matrix.chart)) | |
}}" >> $GITHUB_OUTPUT | |
- uses: actions/checkout@v4 | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- uses: azure/setup-helm@v4 | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- name: Parse semver versions from Git tag | |
id: semver | |
uses: actions-ecosystem/action-regex-match@v2 | |
with: | |
text: ${{ github.ref }} | |
regex: '^refs/tags/helm/${{ matrix.chart }}/((([0-9]+)\.[0-9]+)\.[0-9]+(-.+)?)$' | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- name: Verify Git tag version matches `Chart.yaml` version | |
run: | | |
test "${{ steps.semver.outputs.group1 }}" \ | |
== "$(grep -m1 'version: ' helm/${{ matrix.chart }}/Chart.yaml \ | |
| cut -d' ' -f2)" | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- run: make helm.package chart=${{ matrix.chart }} | |
out-dir=.cache/helm/ clean=yes | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
# Helm's digest is just SHA256 checksum: | |
# https://github.com/helm/helm/blob/v3.9.2/pkg/provenance/sign.go#L417-L418 | |
- name: Generate SHA256 checksum | |
run: ls -1 | xargs -I {} sh -c "sha256sum {} > {}.sha256sum" | |
working-directory: .cache/helm/ | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- name: Show generated SHA256 checksum | |
run: cat *.sha256sum | |
working-directory: .cache/helm/ | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- name: Parse CHANGELOG link | |
id: changelog | |
run: echo "link=${{ github.server_url }}/${{ github.repository }}/blob/helm%2F${{ matrix.chart }}%2F${{ steps.semver.outputs.group1 }}/helm/${{ matrix.chart }}/CHANGELOG.md#$(sed -n '/^## \[${{ steps.semver.outputs.group1 }}\]/{s/^## \[\(.*\)\][^0-9]*\([0-9].*\)/\1--\2/;s/[^0-9a-z-]*//g;p;}' helm/${{ matrix.chart }}/CHANGELOG.md)" | |
>> $GITHUB_OUTPUT | |
- name: Create GitHub release | |
uses: softprops/action-gh-release@v2 | |
with: | |
name: helm/${{ matrix.chart }} ${{ steps.semver.outputs.group1 }} | |
body: > | |
[Changelog](${{ steps.changelog.outputs.link }}) | | |
[Overview](${{ github.server_url }}/${{ github.repository }}/tree/helm%2F${{ matrix.chart }}%2F${{ steps.semver.outputs.group1 }}/helm/${{ matrix.chart }}) | | |
[Values](${{ github.server_url }}/${{ github.repository }}/blob/helm%2F${{ matrix.chart }}%2F${{ steps.semver.outputs.group1 }}/helm/${{ matrix.chart }}/values.yaml) | |
files: | | |
.cache/helm/*.tgz | |
.cache/helm/*.sha256sum | |
fail_on_unmatched_files: true | |
prerelease: ${{ contains(steps.semver.outputs.group1, '-') }} | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
- name: Parse Git repository name | |
id: repo | |
uses: actions-ecosystem/action-regex-match@v2 | |
with: | |
text: ${{ github.repository }} | |
regex: '^${{ github.repository_owner }}/(.+)$' | |
# TODO: Find or write a tool to build index idempotently from GitHub | |
# releases, and keep on GitHub Pages only the built index. | |
# https://github.com/helm/chart-releaser/issues/133 | |
- name: Update Helm repository index | |
run: | | |
set -ex | |
git config --local user.email 'actions+${{ github.run_number }}@github.com' | |
git config --local user.name 'GitHub Actions' | |
git fetch origin gh-pages:gh-pages | |
git checkout gh-pages | |
git reset --hard | |
mkdir -p helm/ | |
cp -rf .cache/helm/*.tgz helm/ | |
helm repo index helm/ --url=https://${{ github.repository_owner }}.github.io/${{ steps.repo.outputs.group1 }}/helm | |
git add -v helm/ | |
git commit -m 'Release ${{ steps.semver.outputs.group1 }} version of `${{ matrix.chart }}` Helm chart' | |
git checkout - | |
git push origin gh-pages | |
if: ${{ steps.skip.outputs.no == 'true' }} | |
release-github: | |
name: release (GitHub) | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
needs: | |
- clippy | |
- docker-push | |
- rustdoc | |
- rustfmt | |
- test-e2e-debug | |
- test-e2e-release | |
- test-unit | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Parse semver versions from Git tag | |
id: semver | |
uses: actions-ecosystem/action-regex-match@v2 | |
with: | |
text: ${{ github.ref }} | |
regex: '^refs/tags/v((([0-9]+)\.[0-9]+)\.[0-9]+(-.+)?)$' | |
- name: Verify Git tag version matches `Cargo.toml` version | |
run: | | |
test "${{ steps.semver.outputs.group1 }}" \ | |
== "$(grep -m1 'version = "' Cargo.toml | cut -d'"' -f2)" | |
- name: Parse CHANGELOG link | |
id: changelog | |
run: echo "link=${{ github.server_url }}/${{ github.repository }}/blob/v${{ steps.semver.outputs.group1 }}/CHANGELOG.md#$(sed -n '/^## \[${{ steps.semver.outputs.group1 }}\]/{s/^## \[\(.*\)\][^0-9]*\([0-9].*\)/\1--\2/;s/[^0-9a-z-]*//g;p;}' CHANGELOG.md)" | |
>> $GITHUB_OUTPUT | |
- name: Parse milestone link | |
id: milestone | |
run: echo "link=${{ github.server_url }}/${{ github.repository }}/milestone/$(sed -n '/^## \[${{ steps.semver.outputs.group1 }}\]/,/Milestone/{s/.*milestone.\([0-9]*\).*/\1/p;}' CHANGELOG.md)" | |
>> $GITHUB_OUTPUT | |
- name: Create GitHub release | |
uses: softprops/action-gh-release@v2 | |
with: | |
name: ${{ steps.semver.outputs.group1 }} | |
body: > | |
[Changelog](${{ steps.changelog.outputs.link }}) | | |
[Milestone](${{ steps.milestone.outputs.link }}) | |
prerelease: ${{ contains(steps.semver.outputs.group1, '-') }} |