Skip to content

ci

ci #235

Workflow file for this run

name: ci
concurrency:
cancel-in-progress: ${{ ! startsWith(github.ref, 'refs/tags/') }}
group: ci-${{ github.event_name }}-${{ github.ref_name }}
on:
push:
branches:
- main
tags:
- v*
pull_request:
branches:
- main
schedule:
- cron: "30 1 * * *"
env:
REGISTRY: ghcr.io
GITHUB_REPOSITORY: ${{ github.repository }}
DOCKER_REPOSITORY: developerfriendly/${{ github.event.repository.name }}
permissions:
contents: read
jobs:
build-docker-edge:
if: |
(
github.event_name == 'push' &&
github.ref == 'refs/heads/main'
)
permissions:
contents: read
packages: write
security-events: write
runs-on: ubuntu-latest
steps:
- name: Build docker
uses: meysam81/build-docker@v1
with:
dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub-password: ${{ secrets.DOCKERHUB_PASSWORD }}
image-name: ghcr.io/${{ github.repository }}
image-extra-tags: |
ghcr.io/${{ github.repository }}:${{ github.run_id }}
ghcr.io/${{ github.repository }}:latest
developerfriendly/${{ github.event.repository.name }}:${{ github.run_id }}
developerfriendly/${{ github.event.repository.name }}:latest
kubescape: true
kubescape-upload-sarif: true
scout-cves: true
build-docker-stable:
if: |
(
github.event_name == 'push' &&
startsWith(github.ref, 'refs/tags/v')
)
permissions:
contents: read
packages: write
runs-on: ubuntu-latest
steps:
- name: Build docker
uses: meysam81/build-docker@v1
with:
dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub-password: ${{ secrets.DOCKERHUB_PASSWORD }}
image-name: ghcr.io/${{ github.repository }}
image-extra-tags: |
ghcr.io/${{ github.repository }}:${{ github.ref_name }}
developerfriendly/${{ github.event.repository.name }}:${{ github.ref_name }}
kubescape: true
clippy:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Cache
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Run rust-clippy
run: cargo clippy --fix --all -- -D warnings
fmt:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Cache
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Run rust-fmt
run: cargo fmt --all --check
build-binary:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Cache
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: Run build
run: cargo build --release --all-features
- name: Prepare artifacts
run: |
cp target/release/echo-server echo-server-${{ github.ref_name }}
sha256sum echo-server-${{ github.ref_name }} > echo-server-${{ github.ref_name }}.sha256
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: echo-server-${{ github.ref_name }}
path: |
echo-server-${{ github.ref_name }}
echo-server-${{ github.ref_name }}.sha256
- name: Create GitHub release
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release create ${{ github.ref_name }} \
--title ${{ github.ref_name }} \
--generate-notes
- name: Upload assets to GitHub release
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release upload ${{ github.ref_name }} echo-server-${{ github.ref_name }} echo-server-${{ github.ref_name }}.sha256