Publish from #1063 #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: bindgen-cli stable build | |
| on: | |
| push: | |
| branches: [ trigger/stable ] | |
| workflow_dispatch: | |
| env: | |
| index: https://github.com/cargo-prebuilt/index/releases/download/stable-index/ | |
| crate: bindgen-cli | |
| version: 0.68.1 | |
| license: BSD-3-Clause | |
| description: '{"description": "Automatically generates Rust FFI bindings to C and C++ libraries."}' | |
| dl: https://static.crates.io/crates/bindgen-cli/bindgen-cli-0.68.1.crate | |
| checksum: a5aeec7f5c664f642f52a7993487bc3bde9cd6733070075cfdf6f89a8ea795fe | |
| git: https://github.com/rust-lang/rust-bindgen | |
| bins: bindgen | |
| file: ./crates/bindgen-cli.toml | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: DBG - API | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /rate_limit | |
| - name: Cache | |
| uses: actions/cache@v3 | |
| id: cache | |
| with: | |
| path: | | |
| bundle | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-deps | |
| enableCrossOsArchive: true | |
| - name: Create Folders | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: | | |
| mkdir -p ~/.cargo/registry/index | |
| mkdir -p ~/.cargo/registry/cache | |
| mkdir -p ~/.cargo/git/db | |
| mkdir -p ./bundle | |
| mkdir -p ./build | |
| - name: Download crate and check hash | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: | | |
| wget ${{ env.dl }} | |
| echo "${{ env.checksum }} ${{ env.crate }}-${{ env.version }}.crate" | sha256sum -c | |
| tar -xf ${{ env.crate }}-${{ env.version }}.crate | |
| mv ${{ env.crate }}-${{ env.version }}/* ./build | |
| - name: Update Rust | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: rustup update | |
| - name: Rust Version | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: rustc --version | |
| - name: Generated lockfile if needed | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| working-directory: ./build | |
| run: test -f Cargo.lock || cargo +stable generate-lockfile --verbose | |
| - name: Download Deps | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| working-directory: ./build | |
| run: cargo +stable fetch --verbose --locked | |
| - name: Bundle Deps | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: | | |
| mkdir -p ./bundle/registry | |
| mkdir -p ./bundle/git | |
| cp -r ~/.cargo/registry/index ./bundle/registry | |
| cp -r ~/.cargo/registry/cache ./bundle/registry | |
| cp -r ~/.cargo/git/db ./bundle/git | |
| reports: | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Get deps and crates from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| bundle | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-deps | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - name: Move deps | |
| run: mv ./bundle/* ~/.cargo | |
| - name: Cache Advisory DB | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.cargo/advisory-db | |
| key: stable-advisory-db | |
| - name: Update Rust | |
| run: rustup update | |
| - name: Rust Version | |
| run: rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v2 | |
| with: | |
| pkgs: cargo-audit | |
| - name: Generate license report | |
| working-directory: ./build | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../license.report && echo "Crates.io license metadata: ${{ env.license }}" >> ../license.report | |
| echo "Found license texts:" >> ../license.report | |
| tail -n +1 *LICENSE* >> ../license.report || true | |
| tail -n +1 *license* >> ../license.report || true | |
| tail -n +1 *License* >> ../license.report || true | |
| - name: Generate deps report | |
| working-directory: ./build | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../deps.report && cargo +stable tree --verbose --locked -e normal,build >> ../deps.report | |
| - name: Generate audit report | |
| working-directory: ./build | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../audit.report && cargo audit >> ../audit.report || true | |
| - name: Output reports | |
| run: | | |
| echo "### License:" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| cat license.report >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| echo "### Deps:" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| cat deps.report >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| echo "### Audit:" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| cat audit.report >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| - name: Store reports | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: reports | |
| path: "*.report" | |
| t1-cross: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-unknown-linux-gnu, x86_64-unknown-linux-musl, aarch64-unknown-linux-gnu, aarch64-unknown-linux-musl ] | |
| env: | |
| CROSS_CONFIG: ../Cross.toml | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get deps and crates from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| bundle | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-deps | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - name: Move deps | |
| run: mv ./bundle/* ~/.cargo | |
| - uses: actions/cache@v3 | |
| if: ${{ !true }} | |
| with: | |
| path: | | |
| build/target | |
| key: ${{ runner.os }}-${{ env.crate }}-${{ env.version }}-stable-${{ matrix.target }} | |
| - name: Update Rust | |
| run: rustup update | |
| - name: Rust Version | |
| run: rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v2 | |
| with: | |
| pkgs: cross | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cross +stable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.sha256 | |
| ${{ matrix.target }}.hashes.json | |
| t1-apple-darwin: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-apple-darwin, aarch64-apple-darwin ] | |
| runs-on: macos-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get deps and crates from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| bundle | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-deps | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - name: Move deps | |
| run: mv ./bundle/* ~/.cargo | |
| - uses: actions/cache@v3 | |
| if: ${{ !true }} | |
| with: | |
| path: | | |
| build/target | |
| key: ${{ runner.os }}-${{ env.crate }}-${{ env.version }}-stable-${{ matrix.target }} | |
| - name: Update Rust | |
| run: rustup update | |
| - name: Rust Version | |
| run: rustc --version | |
| - name: Add Rust target | |
| run: rustup target add ${{ matrix.target }} | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v2 | |
| with: | |
| pkgs: cargo-auditable | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cargo +stable auditable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.sha256 | |
| ${{ matrix.target }}.hashes.json | |
| t2-cross: | |
| if: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-unknown-freebsd,riscv64gc-unknown-linux-gnu,s390x-unknown-linux-gnu,armv7-unknown-linux-gnueabihf,armv7-unknown-linux-musleabihf ] | |
| env: | |
| CROSS_CONFIG: ../Cross.toml | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get deps and crates from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| bundle | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-deps | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - name: Move deps | |
| run: mv ./bundle/* ~/.cargo | |
| - uses: actions/cache@v3 | |
| if: ${{ !true }} | |
| with: | |
| path: | | |
| build/target | |
| key: ${{ runner.os }}-${{ env.crate }}-${{ env.version }}-stable-${{ matrix.target }} | |
| - name: Update Rust | |
| run: rustup update | |
| - name: Rust Version | |
| run: rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v2 | |
| with: | |
| pkgs: cross | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cross +stable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.sha256 | |
| ${{ matrix.target }}.hashes.json | |
| t2-pc-windows-msvc: | |
| if: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-pc-windows-msvc,aarch64-pc-windows-msvc ] | |
| runs-on: windows-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get deps and crates from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| bundle | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-deps | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - name: Move deps | |
| run: mv ./bundle/* ~/.cargo | |
| - uses: actions/cache@v3 | |
| if: ${{ !true }} | |
| with: | |
| path: | | |
| build/target | |
| key: ${{ runner.os }}-${{ env.crate }}-${{ env.version }}-stable-${{ matrix.target }} | |
| - name: Update Rust | |
| run: rustup update | |
| - name: Rust Version | |
| run: rustc --version | |
| - name: Add Rust target | |
| run: rustup target add ${{ matrix.target }} | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v2 | |
| with: | |
| pkgs: cargo-auditable | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cargo +stable auditable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.sha256 | |
| ${{ matrix.target }}.hashes.json | |
| t3-cross: | |
| if: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-unknown-netbsd,x86_64-unknown-illumos,x86_64-sun-solaris,powerpc64-unknown-linux-gnu,powerpc64le-unknown-linux-gnu ] | |
| env: | |
| CROSS_CONFIG: ../Cross.toml | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get deps and crates from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| bundle | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-deps | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - name: Move deps | |
| run: mv ./bundle/* ~/.cargo | |
| - uses: actions/cache@v3 | |
| if: ${{ !true }} | |
| with: | |
| path: | | |
| build/target | |
| key: ${{ runner.os }}-${{ env.crate }}-${{ env.version }}-stable-${{ matrix.target }} | |
| - name: Update Rust | |
| run: rustup update | |
| - name: Rust Version | |
| run: rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v2 | |
| with: | |
| pkgs: cross | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cross +stable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.sha256 | |
| ${{ matrix.target }}.hashes.json | |
| push-index: | |
| if: ${{ always() && !contains(needs.*.result, 'cancelled') && !contains(needs.setup.result, 'failure') && !contains(needs.reports.result, 'failure') && !contains(needs.t1-cross.result, 'failure') && !contains(needs.t1-apple-darwin.result, 'failure') && !contains(needs.t2-cross.result, 'failure') && !contains(needs.t2-pc-windows-msvc.result, 'failure') }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Rust Update | |
| run: rustup update | |
| - name: Get rust version guess | |
| run: | | |
| echo "rustc_version=$(rustc --version)" >> $GITHUB_ENV | |
| - uses: actions/download-artifact@v3 | |
| - name: DBG - List Structure | |
| run: ls -R | |
| - name: Create info.json and hashes.json | |
| run: python ./scripts/info.py '${{ env.file }}' '${{ env.version }}' '${{ env.license }}' '${{ env.description }}' '${{ env.rustc_version }}' | |
| - name: Sign info.json and hashes.json | |
| if: ${{ true }} | |
| run: | | |
| eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" | |
| brew install minisign | |
| echo -n "$SIGNING_KEY" | base64 --decode > ~/.minisign_secret.key | |
| minisign -S -s ~/.minisign_secret.key -m info.json | |
| minisign -S -s ~/.minisign_secret.key -m hashes.json | |
| minisign -V -p ./keys/cargo-prebuilt-index.pub -m info.json | |
| minisign -V -p ./keys/cargo-prebuilt-index.pub -m hashes.json | |
| rm -f ~/.minisign_secret.key | |
| env: | |
| SIGNING_KEY: ${{ secrets.MINISIGN_SIGNING_KEY }} | |
| - name: Artifact | |
| if: ${{ !true }} | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: final | |
| path: | | |
| info.json | |
| hashes.json | |
| reports/*.report | |
| target-*/*.tar.gz | |
| target-*/*.sha256 | |
| - name: Create and push artifacts to release | |
| uses: ncipollo/release-action@v1 | |
| if: ${{ true }} | |
| with: | |
| tag: ${{ env.crate }}-${{ env.version }} | |
| name: ${{ env.crate }}-${{ env.version }} | |
| allowUpdates: true | |
| prerelease: true | |
| artifacts: "reports/*.report,target-*/*.tar.gz,target-*/*.sha256,*.minisig,hashes.json,info.json" | |
| body: "" | |
| - name: Create index file | |
| if: ${{ true }} | |
| run: echo "${{ env.version }}" > ${{ env.crate }} | |
| - name: Push to index | |
| uses: svenstaro/upload-release-action@2.6.1 | |
| if: ${{ true }} | |
| with: | |
| tag: stable-index | |
| overwrite: true | |
| make_latest: true | |
| file: ${{ env.crate }} | |
| - name: DBG - API | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /rate_limit | |
| banned-index: | |
| if: ${{ true && always() && !contains(needs.*.result, 'cancelled') && !contains(needs.setup.result, 'failure') && !contains(needs.reports.result, 'failure') && (contains(needs.t1-cross.result, 'failure') || contains(needs.t1-apple-darwin.result, 'failure') || contains(needs.t2-cross.result, 'failure') || contains(needs.t2-pc-windows-msvc.result, 'failure')) }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Create index file | |
| run: echo "${{ env.version }}" > ${{ env.crate }} | |
| - name: Push to index | |
| uses: svenstaro/upload-release-action@2.6.1 | |
| with: | |
| tag: banned-index | |
| make_latest: false | |
| file: ${{ env.crate }} | |
| - name: DBG - API | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /rate_limit | |
| track-index: | |
| if: ${{ true && always() && !contains(needs.*.result, 'cancelled') && contains(needs.*.result, 'failure') }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Create index file | |
| run: echo "${{ env.version }}" > ${{ env.crate }} | |
| - name: Push to index | |
| uses: svenstaro/upload-release-action@2.6.1 | |
| with: | |
| tag: track-index | |
| make_latest: false | |
| file: ${{ env.crate }} | |
| - name: DBG - API | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /rate_limit |