Publish from #1147 #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: cargo-xwin stable build | |
| on: | |
| push: | |
| branches: [ trigger/stable ] | |
| workflow_dispatch: | |
| env: | |
| index: https://github.com/cargo-prebuilt/index/releases/download/stable-index/ | |
| crate: cargo-xwin | |
| version: 0.14.8 | |
| license: MIT | |
| description: '{"description": "Cross compile Cargo project to Windows MSVC target with ease"}' | |
| dl: https://static.crates.io/crates/cargo-xwin/cargo-xwin-0.14.8.crate | |
| checksum: 11c08ee57b16103990269874220c0e8a4613b8096a314ce2f29ad1b54d4b6d02 | |
| git: https://github.com/rust-cross/cargo-xwin | |
| bins: cargo-xwin | |
| file: ./crates/cargo-xwin.toml | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Cache | |
| uses: actions/cache@v3 | |
| id: cache | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-crate | |
| enableCrossOsArchive: true | |
| - name: Create Folder | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: mkdir -p ./build | |
| - name: Download crate and check hash | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: | | |
| wget ${{ env.dl }} | |
| echo "${{ env.checksum }} ${{ env.crate }}-${{ env.version }}.crate" | sha256sum -c | |
| tar -xf ${{ env.crate }}-${{ env.version }}.crate | |
| mv ${{ env.crate }}-${{ env.version }}/* ./build | |
| - name: Update Rust | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: | | |
| rustup update | |
| rustc --version | |
| - name: Generated lockfile if needed | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| working-directory: ./build | |
| run: test -f Cargo.lock || cargo +stable generate-lockfile --verbose | |
| reports: | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Get deps and crates from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - name: Cache Advisory DB | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.cargo/advisory-db | |
| key: stable-advisory-db | |
| - name: Update Rust | |
| run: | | |
| rustup update | |
| rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v3 | |
| with: | |
| pkgs: cargo-audit | |
| - name: Generate license report | |
| working-directory: ./build | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../license.report && echo "Crates.io license metadata: ${{ env.license }}" >> ../license.report | |
| echo "Found license texts:" >> ../license.report | |
| tail -n +1 *LICENSE* >> ../license.report || true | |
| tail -n +1 *license* >> ../license.report || true | |
| tail -n +1 *License* >> ../license.report || true | |
| - name: Generate deps report | |
| working-directory: ./build | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../deps.report && cargo +stable tree --verbose --locked -e normal,build >> ../deps.report | |
| - name: Generate audit report | |
| working-directory: ./build | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../audit.report && cargo audit >> ../audit.report || true | |
| - name: Output reports | |
| run: | | |
| echo "### License:" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| cat license.report >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| echo "### Deps:" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| cat deps.report >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| echo "### Audit:" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| cat audit.report >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| - name: Store reports | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: reports | |
| path: "*.report" | |
| t1-cross: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-unknown-linux-gnu, x86_64-unknown-linux-musl, aarch64-unknown-linux-gnu, aarch64-unknown-linux-musl ] | |
| env: | |
| CROSS_CONFIG: ../Cross.toml | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get crate from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| - name: Update Rust | |
| run: | | |
| rustup update | |
| rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v3 | |
| with: | |
| pkgs: cross | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cross +stable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| t1-apple-darwin: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-apple-darwin, aarch64-apple-darwin ] | |
| runs-on: macos-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get crate from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| - name: Update Rust and Add Target | |
| run: | | |
| rustup update | |
| rustc --version | |
| rustup target add ${{ matrix.target }} | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v3 | |
| with: | |
| pkgs: cargo-auditable | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cargo +stable auditable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| t2-cross: | |
| if: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ armv7-unknown-linux-gnueabihf,armv7-unknown-linux-musleabihf ] | |
| env: | |
| CROSS_CONFIG: ../Cross.toml | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get crate from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| - name: Update Rust | |
| run: | | |
| rustup update | |
| rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v3 | |
| with: | |
| pkgs: cross | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cross +stable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| t2-pc-windows-msvc: | |
| if: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-pc-windows-msvc ] | |
| runs-on: windows-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get crate from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| - name: Update Rust and Add Target | |
| run: | | |
| rustup update | |
| rustc --version | |
| rustup target add ${{ matrix.target }} | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v3 | |
| with: | |
| pkgs: cargo-auditable | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cargo +stable auditable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| t3-cross: | |
| if: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-unknown-freebsd,x86_64-unknown-netbsd,x86_64-unknown-illumos,x86_64-sun-solaris ] | |
| env: | |
| CROSS_CONFIG: ../Cross.toml | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Get crate from cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.crate }}-${{ env.version }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| - name: Update Rust | |
| run: | | |
| rustup update | |
| rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v3 | |
| with: | |
| pkgs: cross | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cross +stable build --verbose --release --locked --target ${{ matrix.target }} | |
| - name: Collect | |
| run: python ./scripts/collect.py ${{ matrix.target }} ./build/target/${{ matrix.target }}/release ${{ env.bins }} | |
| - name: Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: target-${{ matrix.target }} | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| push-index: | |
| if: ${{ always() && !contains(needs.*.result, 'cancelled') && !contains(needs.setup.result, 'failure') && !contains(needs.reports.result, 'failure') && !contains(needs.t1-cross.result, 'failure') && !contains(needs.t1-apple-darwin.result, 'failure') && !contains(needs.t2-cross.result, 'failure') && !contains(needs.t2-pc-windows-msvc.result, 'failure') }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Rust Version Guess | |
| run: | | |
| rustup update | |
| echo "rustc_version=$(rustc --version)" >> $GITHUB_ENV | |
| - uses: actions/download-artifact@v3 | |
| - name: DBG - List Structure | |
| run: ls -R | |
| - name: Merge hashes | |
| shell: bash | |
| run: | | |
| echo -n "" > hashes.sha256 | |
| for D in target-*; do | |
| if [ -d "${D}" ]; then | |
| echo "${D}" | |
| pushd "${D}" | |
| echo "$(cat *.hashes.json | jq --raw-output '.archive[] | select(.type | test("sha256")) | .hash') " *.tar.gz >> ../hashes.sha256 | |
| popd | |
| fi | |
| done | |
| - name: Create info.json and hashes.json | |
| run: python ./scripts/info.py '${{ env.file }}' '${{ env.version }}' '${{ env.license }}' '${{ env.description }}' '${{ env.rustc_version }}' | |
| - name: Sign info.json and hashes.json | |
| if: ${{ true }} | |
| run: | | |
| eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" | |
| brew install minisign | |
| echo -n "$SIGNING_KEY" | base64 --decode > ~/.minisign_secret.key | |
| minisign -S -s ~/.minisign_secret.key -m info.json | |
| minisign -S -s ~/.minisign_secret.key -m hashes.json | |
| minisign -V -p ./keys/cargo-prebuilt-index.pub -m info.json | |
| minisign -V -p ./keys/cargo-prebuilt-index.pub -m hashes.json | |
| rm -f ~/.minisign_secret.key | |
| env: | |
| SIGNING_KEY: ${{ secrets.MINISIGN_SIGNING_KEY }} | |
| - name: Artifact | |
| if: ${{ !true }} | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: final | |
| path: | | |
| info.json | |
| hashes.json | |
| hashes.sha256 | |
| reports/*.report | |
| target-*/*.tar.gz | |
| target-*/*.hashes.json | |
| - name: Create and push artifacts to release | |
| uses: ncipollo/release-action@v1 | |
| if: ${{ true }} | |
| with: | |
| tag: ${{ env.crate }}-${{ env.version }} | |
| name: ${{ env.crate }}-${{ env.version }} | |
| allowUpdates: true | |
| prerelease: true | |
| artifacts: "reports/*.report,target-*/*.tar.gz,hashes.sha256,*.minisig,hashes.json,info.json" | |
| body: "" | |
| - name: Create index file | |
| if: ${{ true }} | |
| run: echo "${{ env.version }}" > ${{ env.crate }} | |
| - name: Push to index | |
| uses: svenstaro/upload-release-action@2.7.0 | |
| if: ${{ true }} | |
| with: | |
| tag: stable-index | |
| overwrite: true | |
| make_latest: true | |
| file: ${{ env.crate }} | |
| banned-index: | |
| if: ${{ true && always() && !contains(needs.*.result, 'cancelled') && !contains(needs.setup.result, 'failure') && !contains(needs.reports.result, 'failure') && (contains(needs.t1-cross.result, 'failure') || contains(needs.t1-apple-darwin.result, 'failure') || contains(needs.t2-cross.result, 'failure') || contains(needs.t2-pc-windows-msvc.result, 'failure')) }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Create index file | |
| run: echo "${{ env.version }}" > ${{ env.crate }} | |
| - name: Push to index | |
| uses: svenstaro/upload-release-action@2.7.0 | |
| with: | |
| tag: banned-index | |
| make_latest: false | |
| file: ${{ env.crate }} | |
| track-index: | |
| if: ${{ true && always() && !contains(needs.*.result, 'cancelled') && contains(needs.*.result, 'failure') }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Create index file | |
| run: echo "${{ env.version }}" > ${{ env.crate }} | |
| - name: Push to index | |
| uses: svenstaro/upload-release-action@2.7.0 | |
| with: | |
| tag: track-index | |
| make_latest: false | |
| file: ${{ env.crate }} |