Skip to content

Merge pull request #399 from friedemannsommer/dependabot/cargo/lightn… #963

Merge pull request #399 from friedemannsommer/dependabot/cargo/lightn…

Merge pull request #399 from friedemannsommer/dependabot/cargo/lightn… #963

Workflow file for this run

name: Rust continuous integration
on:
push:
branches:
- main
tags:
- "v*.*.*"
pull_request:
branches:
- "*"
permissions:
actions: none
checks: none
contents: read
deployments: none
id-token: none
issues: none
packages: none
pages: none
pull-requests: none
repository-projects: none
security-events: none
statuses: none
env:
CARGO_TERM_COLOR: always
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Rust latest stable
uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
- uses: Swatinem/rust-cache@v2
- name: Run tests
run: cargo test
check:
name: Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Rust latest stable
uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
- uses: Swatinem/rust-cache@v2
- name: Run checks
run: cargo check
fmt:
name: Rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Rust latest stable
uses: dtolnay/rust-toolchain@master
with:
components: rustfmt
toolchain: stable
- uses: Swatinem/rust-cache@v2
- name: Check formatting
run: cargo fmt --all -- --check
clippy:
name: Clippy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Rust latest stable
uses: dtolnay/rust-toolchain@master
with:
components: clippy
toolchain: stable
- uses: Swatinem/rust-cache@v2
- name: Run lints
run: cargo clippy -- -D warnings
clippy-analyze:
name: Run rust-clippy analyzing
runs-on: ubuntu-latest
continue-on-error: true
permissions:
contents: read
security-events: write
steps:
- uses: actions/checkout@v4
- name: Rust latest stable
uses: dtolnay/rust-toolchain@master
with:
components: clippy
toolchain: stable
- uses: Swatinem/rust-cache@v2
- name: Install required cargo
run: cargo install clippy-sarif sarif-fmt
- name: Run rust-clippy
run:
cargo clippy
--all-features
--message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt
continue-on-error: true
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: rust-clippy-results.sarif
wait-for-processing: true
build-release:
name: "Build release"
runs-on: ubuntu-latest
if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/')
needs:
- test
- check
- fmt
- clippy
strategy:
matrix:
include:
- target: "aarch64-unknown-linux-musl"
binary: "searproxy"
- target: "arm-unknown-linux-musleabihf"
binary: "searproxy"
- target: "armv7-unknown-linux-musleabihf"
binary: "searproxy"
- target: "x86_64-unknown-linux-musl"
binary: "searproxy"
- target: "i686-unknown-linux-musl"
binary: "searproxy"
- target: "x86_64-pc-windows-gnu"
binary: "searproxy.exe"
steps:
- uses: actions/checkout@v4
- name: Rust latest stable
uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
target: ${{ matrix.target }}
- uses: Swatinem/rust-cache@v2
with:
key: ${{ matrix.target }}
- name: install cross
run: cargo install cross --git https://github.com/cross-rs/cross
- name: compile with cross
run: cross build --target ${{ matrix.target }} --release
- uses: actions/upload-artifact@v4
with:
name: "SearProxy_${{ matrix.target }}"
path: "target/${{ matrix.target }}/release/${{ matrix.binary }}"
retention-days: 1
if-no-files-found: error
build-containers:
name: "Build Docker containers"
runs-on: ubuntu-latest
needs:
- "build-release"
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
id: download
with:
path: artifact-binaries
- name: Set up QEMU
uses: docker/setup-qemu-action@v3.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3.6.1
- name: Log in to the Container registry
uses: docker/login-action@v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5.5.1
with:
images: ghcr.io/${{ github.repository }}
- name: Copy binaries to Docker context
run: |
cp -r "${{ steps.download.outputs.download-path }}" ./packaging/docker
- name: Build and push Docker image
uses: docker/build-push-action@v6.7.0
with:
context: packaging/docker
platforms: linux/arm64,linux/arm/v6,linux/arm/v7,linux/amd64,linux/386
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
release:
name: "Create release"
runs-on: ubuntu-latest
needs:
- "build-release"
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
id: download
with:
path: artifact-binaries
- name: Rename files
run: |
TARGETS=( \
'aarch64-unknown-linux-musl' 'arm-unknown-linux-musleabihf' \
'armv7-unknown-linux-musleabihf' 'x86_64-unknown-linux-musl' \
'i686-unknown-linux-musl' 'x86_64-pc-windows-gnu' \
)
mkdir release-binaries
for target in "${TARGETS[@]}"; do
TARGET_PATH="${{ steps.download.outputs.download-path }}/SearProxy_$target/"
TARGET_FILE=$(find "$TARGET_PATH" -maxdepth 1 -name "searproxy*" -type f)
if [[ $target == "arm-unknown-linux-musleabihf" ]]; then
# rename "arm" to "armv6" to explicitly state ARM version
mv "$TARGET_FILE" "./release-binaries/searproxy_armv6-unknown-linux-musleabihf"
elif [[ $target == "x86_64-pc-windows-gnu" ]]; then
mv "$TARGET_FILE" "./release-binaries/searproxy_$target.exe"
else
mv "$TARGET_FILE" "./release-binaries/searproxy_$target"
fi
done
- name: Create checksums
run: |
declare -A checksums
for filename in ./release-binaries/*; do
[ -e "$filename" ] || continue
checksums["$filename"]=$(sha256sum "$filename" | cut -d " " -f1)
done
for key in "${!checksums[@]}"; do
echo "${checksums[$key]} $(basename $key)" > "$key.sha256"
done
- name: Create release
uses: "softprops/action-gh-release@v2"
with:
generate_release_notes: true
draft: true
files: |
release-binaries/*