chore: update readme #15
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "[rproxy] release" | |
on: | |
push: | |
tags: | |
- "v*" | |
workflow_dispatch: | |
inputs: | |
draft_release: | |
type: boolean | |
default: false | |
description: "draft release" | |
required: false | |
build_container_image: | |
type: boolean | |
default: false | |
description: "build container image" | |
required: false | |
build_binary: | |
type: boolean | |
default: true | |
description: "build binary" | |
required: false | |
permissions: | |
contents: read | |
packages: write | |
jobs: | |
extract_version: | |
name: extract version | |
runs-on: warp-ubuntu-latest-x64-16x | |
outputs: | |
VERSION: ${{ steps.extract_version.outputs.VERSION }} | |
steps: | |
- name: checkout the repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: extract version | |
id: extract_version | |
run: | | |
git describe --tags --always --dirty=-dev --long --match 'v*' | |
if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then | |
VERSION="${GITHUB_REF#refs/tags/}" | |
else | |
VERSION="$( git describe --tags --always --dirty=-dev --long --match 'v*' )" | |
fi | |
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT | |
echo "| | |" >> $GITHUB_STEP_SUMMARY | |
echo "| ------------------- | ---------------------- |" >> $GITHUB_STEP_SUMMARY | |
echo "| \`GITHUB_REF_TYPE\` | \`${GITHUB_REF_TYPE}\` |" >> $GITHUB_STEP_SUMMARY | |
echo "| \`GITHUB_REF_NAME\` | \`${GITHUB_REF_NAME}\` |" >> $GITHUB_STEP_SUMMARY | |
echo "| \`GITHUB_REF\` | \`${GITHUB_REF}\` |" >> $GITHUB_STEP_SUMMARY | |
echo "| \`GITHUB_SHA\` | \`${GITHUB_SHA}\` |" >> $GITHUB_STEP_SUMMARY | |
echo "| \`VERSION\` | \`${VERSION}\` |" >> $GITHUB_STEP_SUMMARY | |
build_binary: | |
name: build binary | |
needs: extract_version | |
if: ${{ github.event.inputs.build_binary == 'true' || github.event_name == 'push' }} | |
runs-on: ${{ matrix.configs.runner }} | |
env: | |
VERSION: ${{ needs.extract_version.outputs.VERSION }} | |
container: | |
image: ubuntu:22.04 | |
permissions: | |
contents: write | |
packages: write | |
strategy: | |
matrix: | |
configs: | |
- target: x86_64-unknown-linux-gnu | |
runner: warp-ubuntu-latest-x64-32x | |
- target: aarch64-unknown-linux-gnu | |
runner: warp-ubuntu-latest-arm64-32x | |
steps: | |
- name: install dependencies | |
run: | | |
apt-get update | |
apt-get install -y \ | |
build-essential \ | |
curl \ | |
git \ | |
libclang-dev \ | |
libssl-dev \ | |
pkg-config | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y | |
- name: checkout the repository | |
uses: actions/checkout@v4 | |
- name: build the binary | |
run: | | |
git config --global --add safe.directory "$(pwd)" | |
. $HOME/.cargo/env | |
export CARGO_INCREMENTAL=0 | |
export CFLAGS="-D__TIME__=\"\" -D__DATE__=\"\"" | |
export CXXFLAGS="-D__TIME__=\"\" -D__DATE__=\"\"" | |
export LC_ALL=C | |
export SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) | |
export TZ=UTC | |
export RUSTFLAGS="\ | |
--cfg tracing_unstable \ | |
-C metadata=host \ | |
" | |
export CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS="\ | |
--cfg tracing_unstable \ | |
--remap-path-prefix /app=. \ | |
-C codegen-units=1 \ | |
-C embed-bitcode=no \ | |
-C link-arg=-static-libgcc \ | |
-C link-arg=-Wl,--build-id=none \ | |
-C metadata=target \ | |
-C target-feature=+crt-static \ | |
" | |
export CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS="\ | |
--cfg tracing_unstable \ | |
--remap-path-prefix /app=. \ | |
-C codegen-units=1 \ | |
-C embed-bitcode=no \ | |
-C link-arg=-static-libgcc \ | |
-C link-arg=-Wl,--build-id=none \ | |
-C metadata=target \ | |
-C target-feature=+crt-static \ | |
" | |
cargo build --package rproxy \ | |
--locked \ | |
--release \ | |
--target ${{ matrix.configs.target }} | |
- name: upload the binary artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: rproxy-${{ env.VERSION }}-${{ matrix.configs.target }} | |
path: target/${{ matrix.configs.target }}/release/rproxy | |
draft_release: | |
name: draft release | |
if: ${{ github.event.inputs.draft_release == 'true' || github.event_name == 'push' }} | |
needs: [extract_version, build_binary] | |
runs-on: warp-ubuntu-latest-x64-16x | |
env: | |
VERSION: ${{ needs.extract_version.outputs.VERSION }} | |
permissions: | |
contents: write | |
steps: | |
- name: checkout | |
uses: actions/checkout@v4 | |
- name: download artifacts | |
uses: actions/download-artifact@v5 | |
with: | |
merge-multiple: false | |
path: artifacts | |
- name: record artifacts checksums | |
working-directory: artifacts | |
run: | | |
for dir in $( find . -type d -name "rproxy-*" -printf "%f\n" ); do | |
mv ./$dir ./$dir.bak | |
mv ./$dir.bak/rproxy ./$dir | |
rm -r ./$dir.bak | |
done | |
find ./ || true | |
for file in $( find ./ -type f ); do | |
sha256sum "$file" >> sha256sums.txt | |
done; | |
cat sha256sums.txt | |
- name: create release draft | |
uses: softprops/action-gh-release@v2.0.5 | |
id: create-release-draft | |
with: | |
draft: true | |
files: artifacts/* | |
generate_release_notes: true | |
name: ${{ env.VERSION }} | |
tag_name: ${{ env.VERSION }} | |
- name: write github workflow summary | |
run: | | |
echo "---" | |
echo "### release: ${{ env.VERSION }}" >> $GITHUB_STEP_SUMMARY | |
echo "${{ steps.create-release-draft.outputs.url }}" >> $GITHUB_STEP_SUMMARY | |
build_container_images: | |
if: ${{ (github.ref_type == 'tag') || (github.event.inputs.build_container_image == 'true') }} | |
name: build and publish container image | |
needs: extract_version | |
runs-on: ${{ matrix.configs.runner }} | |
env: | |
VERSION: ${{ needs.extract_version.outputs.VERSION }} | |
permissions: | |
contents: read | |
packages: write | |
strategy: | |
matrix: | |
configs: | |
- platform: linux/amd64 | |
runner: warp-ubuntu-latest-x64-16x | |
- platform: linux/arm64 | |
runner: warp-ubuntu-latest-arm64-16x | |
steps: | |
- name: checkout sources | |
uses: actions/checkout@v4 | |
- name: set env | |
run: | | |
platform=${{ matrix.configs.platform }} | |
echo "PLATFORM=${platform#*/}" >> $GITHUB_ENV | |
- name: setup docker qemu | |
uses: docker/setup-qemu-action@v3 | |
- name: setup docker buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: generate container metadata | |
uses: docker/metadata-action@v5 | |
id: meta | |
with: | |
images: ghcr.io/${{ github.repository }} | |
labels: org.opencontainers.image.source=${{ github.repositoryUrl }} | |
tags: | | |
type=semver,pattern={{version}},value=${{ env.VERSION }},prefix=v,suffix=-${{ env.PLATFORM }} | |
type=sha,suffix=-${{ env.PLATFORM }} | |
# Push latest tag for full version only, not for prerelease versions (i.e. not for v1.2.3-rc1) | |
type=raw,value=latest,enable=${{ !contains(env.VERSION, '-') }},suffix=-${{ env.PLATFORM }} | |
- name: login to ghcr | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: build and push image | |
uses: docker/build-push-action@v5 | |
id: build | |
with: | |
push: true | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
file: Dockerfile | |
context: . | |
labels: ${{ steps.meta.outputs.labels }} | |
platforms: ${{ matrix.configs.platform }} | |
tags: ${{ steps.meta.outputs.tags }} | |
- name: export digest | |
run: | | |
mkdir -p /tmp/digests | |
digest="${{ steps.build.outputs.digest }}" | |
touch "/tmp/digests/${digest#sha256:}" | |
- name: upload digest | |
uses: actions/upload-artifact@v4 | |
with: | |
name: digests-${{ env.PLATFORM }} | |
path: /tmp/digests/* | |
if-no-files-found: error | |
retention-days: 1 | |
publish_container_index: | |
name: publish container index | |
runs-on: warp-ubuntu-latest-x64-16x | |
env: | |
VERSION: ${{ needs.extract_version.outputs.VERSION }} | |
needs: | |
- build_container_images | |
- extract_version | |
steps: | |
- name: download digests | |
uses: actions/download-artifact@v4 | |
with: | |
path: /tmp/digests | |
pattern: digests-* | |
merge-multiple: true | |
- name: setup docker buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: login to ghcr | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: generate container metadata | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ghcr.io/${{ github.repository }} | |
labels: org.opencontainers.image.source=${{ github.repositoryUrl }} | |
tags: | | |
type=semver,pattern={{version}},value=${{ env.VERSION }},prefix=v | |
type=sha | |
# Push latest tag for full version only, not for prerelease versions (i.e. not for v1.2.3-rc1) | |
type=raw,value=latest,enable=${{ !contains(env.VERSION, '-') }} | |
- name: create manifest list and push | |
working-directory: /tmp/digests | |
run: | | |
jq -cr '.tags[]' <<< "$DOCKER_METADATA_OUTPUT_JSON" | while read -r tag; do | |
echo "Creating manifest for tag: $tag" | |
docker buildx imagetools create -t $tag $( | |
printf 'ghcr.io/${{ github.repository }}@sha256:%s ' * | |
) | |
done | |
- name: inspect image | |
run: | | |
docker buildx imagetools inspect ghcr.io/${{ github.repository }}:${{ env.VERSION }} |