From 917fc489f6ae1f37cf207af8f936db39df9ee0e9 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 28 Aug 2024 15:42:21 +0000 Subject: [PATCH 1/5] CI: Build `x86_64-darwin` release with `macos-13` runner `macos-latest` now points to `macos-14` which is an ARM64 chip. --- .github/workflows/release.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b53e75fb..04e47d1e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,7 +17,13 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - name: [linux, armv7, arm64, windows, macos] + name: + - linux + - armv7 + - arm64 + - windows + - macos-x86_64 + include: - name: linux os: ubuntu-20.04 @@ -56,8 +62,8 @@ jobs: archive_name: rage.zip asset_suffix: x86_64-windows.zip - - name: macos - os: macos-latest + - name: macos-x86_64 + os: macos-13 archive_name: rage.tar.gz asset_suffix: x86_64-darwin.tar.gz From 0cdde6031549ee348feb98056265e4d4f3698e20 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 28 Aug 2024 15:44:47 +0000 Subject: [PATCH 2/5] CI: Build releases for `arm64-darwin` --- .github/workflows/release.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 04e47d1e..e806c8b9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,6 +22,7 @@ jobs: - armv7 - arm64 - windows + - macos-arm64 - macos-x86_64 include: @@ -62,6 +63,11 @@ jobs: archive_name: rage.zip asset_suffix: x86_64-windows.zip + - name: macos-arm64 + os: macos-latest + archive_name: rage.tar.gz + asset_suffix: arm64-darwin.tar.gz + - name: macos-x86_64 os: macos-13 archive_name: rage.tar.gz @@ -140,6 +146,7 @@ jobs: - macos-11 - macos-12 - macos-13 + - macos-14 include: - os: ubuntu-20.04 @@ -177,6 +184,11 @@ jobs: archive_name: rage.tar.gz asset_suffix: x86_64-darwin.tar.gz + - os: macos-14 + name: macos + archive_name: rage.tar.gz + asset_suffix: arm64-darwin.tar.gz + steps: - name: Download archive uses: actions/download-artifact@v4 From e67f4016dc3701a2ab425485b741275b3a450bc9 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 28 Aug 2024 15:45:59 +0000 Subject: [PATCH 3/5] CI: Remove `macos-11` from release testing It was removed by GitHub in Q2 2024. --- .github/workflows/release.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e806c8b9..8a57fe3c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -143,7 +143,6 @@ jobs: - ubuntu-22.04 - windows-2019 - windows-2022 - - macos-11 - macos-12 - macos-13 - macos-14 @@ -169,11 +168,6 @@ jobs: archive_name: rage.zip asset_suffix: x86_64-windows.zip - - os: macos-11 - name: macos - archive_name: rage.tar.gz - asset_suffix: x86_64-darwin.tar.gz - - os: macos-12 name: macos archive_name: rage.tar.gz From 05f996c9195011003f6f675ade4943c35bcd364f Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 28 Aug 2024 15:47:41 +0000 Subject: [PATCH 4/5] CI: Add `ubuntu-24.04` to release testing --- .github/workflows/release.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8a57fe3c..7fb7ca8a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -141,6 +141,7 @@ jobs: os: - ubuntu-20.04 - ubuntu-22.04 + - ubuntu-24.04 - windows-2019 - windows-2022 - macos-12 @@ -158,6 +159,11 @@ jobs: archive_name: rage.tar.gz asset_suffix: x86_64-linux.tar.gz + - os: ubuntu-24.04 + name: linux + archive_name: rage.tar.gz + asset_suffix: x86_64-linux.tar.gz + - os: windows-2019 name: windows archive_name: rage.zip From 9343af9324ea5c10cf52cf111f77ee1109a8053a Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 28 Aug 2024 16:10:33 +0000 Subject: [PATCH 5/5] CI: Generate Artifact Attestations for release artifacts --- .github/workflows/release.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7fb7ca8a..d898e4f5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,6 +11,11 @@ on: required: true default: 'true' +permissions: + attestations: write + contents: write + id-token: write + jobs: build: name: Publish for ${{ matrix.name }} @@ -113,6 +118,11 @@ jobs: shell: bash if: matrix.name == 'windows' + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-path: 'release/rage/*' + - name: Upload archive as artifact uses: actions/upload-artifact@v4 with: @@ -299,6 +309,11 @@ jobs: - name: cargo deb run: cargo deb --package rage --no-build --target ${{ matrix.target }} ${{ matrix.deb_flags }} + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-path: 'target/${{ matrix.target }}/debian/*.deb' + - name: Upload Debian package as artifact uses: actions/upload-artifact@v4 with: