Version 3.5.11 #62
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
release: | |
types: [published] | |
jobs: | |
version: | |
name: Start Release | |
runs-on: ubuntu-latest | |
environment: | |
name: GitHub | |
url: https://github.com/SierraSoftworks/git-tool/releases | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: get secrets - sentry | |
uses: hashicorp/[email protected] | |
with: | |
url: https://vault.sierrasoftworks.com | |
method: jwt | |
path: github-actions | |
role: deploy | |
jwtGithubAudience: https://vault.sierrasoftworks.com | |
secrets: | | |
secrets/data/repos/SierraSoftworks/git-tool/sentry token | SENTRY_AUTH_TOKEN; | |
- name: Setup Sentry CLI | |
uses: mathieu-bour/[email protected] | |
with: | |
token: ${{ env.SENTRY_AUTH_TOKEN }} | |
organization: sierra-softworks | |
project: git-tool | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Create Sentry Release | |
run: | | |
VERSION="git-tool@${{ github.event.release.tag_name }}" | |
sentry-cli releases new "$VERSION" | |
sentry-cli releases set-commits "$VERSION" --auto | |
- name: Generate Package Version | |
shell: pwsh | |
run: | | |
$VERSION="$('${{ github.event.release.tag_name }}'.substring(1))" | |
Add-Content -Path $env:GITHUB_ENV -Value "VERSION=$VERSION" | |
Write-Host $VERSION | |
- name: Set Package Version | |
run: sed -i "s/^version\s*=\s*\".*\"/version = \"$VERSION\"/g" Cargo.toml | |
- name: Stash Versioned Cargo.toml | |
uses: actions/upload-artifact@v4 | |
with: | |
name: cargofile | |
path: Cargo.toml | |
build: | |
name: ${{ matrix.os }}-${{ matrix.arch }}-release | |
runs-on: ${{ matrix.run_on }} | |
continue-on-error: true | |
environment: | |
name: GitHub | |
url: https://github.com/SierraSoftworks/git-tool/releases | |
permissions: | |
id-token: write | |
contents: write | |
attestations: write | |
needs: | |
- version | |
strategy: | |
matrix: | |
include: | |
# Windows builds | |
- arch: amd64 | |
os: windows | |
run_on: windows-latest | |
target: x86_64-pc-windows-msvc | |
extension: .exe | |
# Linux builds | |
- arch: amd64 | |
run_on: ubuntu-latest | |
os: linux | |
target: x86_64-unknown-linux-gnu | |
setup: | | |
sudo apt-get update | |
sudo apt-get install -y libdbus-1-3 libdbus-1-dev | |
strip: strip --strip-debug | |
# - arch: "386" | |
# os: linux | |
# run_on: ubuntu-latest | |
# target: i686-unknown-linux-gnu | |
# experimental: true | |
# setup: | | |
# sudo apt-get update | |
# sudo apt-get install -y libdbus-1-3 libdbus-1-dev gcc-multilib | |
- arch: "arm64" | |
os: linux | |
run_on: ubuntu-20.04 | |
target: aarch64-unknown-linux-gnu | |
experimental: true | |
setup: | | |
sudo apt-get update | |
sudo apt-get install -y gcc-aarch64-linux-gnu lld | |
# Ensure that the libgcc | |
sudo ln -s /usr/aarch64-linux-gnu/lib/libgcc_s.so.1 /usr/aarch64-linux-gnu/lib/libgcc_s.so | |
strip: aarch64-linux-gnu-strip --strip-debug | |
flags: --no-default-features | |
# Apple MacOS builds | |
- arch: amd64 | |
run_on: macos-latest | |
os: darwin | |
target: x86_64-apple-darwin | |
- arch: arm64 | |
run_on: macos-latest | |
os: darwin | |
target: aarch64-apple-darwin | |
steps: | |
- name: setup dependencies | |
run: ${{ matrix.setup }} | |
if: matrix.setup | |
- name: Get Rust Stable | |
uses: actions-rs/[email protected] | |
with: | |
toolchain: stable | |
override: true | |
target: ${{ matrix.target }} | |
- name: get secrets - sentry | |
uses: hashicorp/[email protected] | |
with: | |
url: https://vault.sierrasoftworks.com | |
method: jwt | |
path: github-actions | |
role: deploy | |
jwtGithubAudience: https://vault.sierrasoftworks.com | |
secrets: | | |
secrets/data/repos/SierraSoftworks/git-tool/sentry token | SENTRY_AUTH_TOKEN; | |
- name: Setup Sentry CLI | |
uses: mathieu-bour/[email protected] | |
with: | |
token: ${{ env.SENTRY_AUTH_TOKEN }} | |
organization: sierra-softworks | |
project: git-tool | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Fetch Versioned Cargo.toml | |
uses: actions/download-artifact@v4 | |
with: | |
name: cargofile | |
- name: install protoc | |
run: | | |
if ('${{ matrix.os }}' -eq 'windows') { | |
$protoc_arch = 'win64' | |
} elseif ('${{ matrix.os }}' -eq 'darwin') { | |
$protoc_arch = 'osx-x86_64' | |
} else { | |
$protoc_arch = 'linux-x86_64' | |
} | |
$protoc_url = "https://github.com/protocolbuffers/protobuf/releases/download/v3.20.2/protoc-3.20.2-$protoc_arch.zip" | |
Write-Host "Downloading protoc from '$protoc_url'" | |
Invoke-WebRequest -OutFile protoc.zip -Uri $protoc_url | |
Expand-Archive protoc.zip -DestinationPath ../tools | |
Add-Content -Path $env:GITHUB_PATH -Value "$((Get-Item ./).Parent.FullName)/tools/bin" | |
shell: pwsh | |
- name: cargo build | |
uses: actions-rs/[email protected] | |
with: | |
command: build | |
args: --release --target ${{ matrix.target }} ${{ matrix.flags }} | |
- name: Upload Debug Symbols to Sentry | |
run: | | |
sentry-cli upload-dif -o sierra-softworks -p git-tool --include-sources ./target/${{ matrix.target }}/release/ | |
- name: Strip Debug Symbols | |
run: | | |
${{ matrix.strip }} target/${{ matrix.target }}/release/git-tool${{ matrix.extension }} | |
if: matrix.strip | |
- name: Upload GitHub Release Artifacts | |
uses: SierraSoftworks/[email protected] | |
with: | |
files: "target/${{ matrix.target }}/release/git-tool${{ matrix.extension }} | git-tool-${{ matrix.os }}-${{ matrix.arch }}${{ matrix.extension }}" | |
token: ${{ secrets.GITHUB_TOKEN }} | |
overwrite: "true" | |
- uses: anchore/sbom-action@v0 | |
with: | |
file: "target/${{ matrix.target }}/release/git-tool${{ matrix.extension }}" | |
format: 'spdx-json' | |
output-file: 'sbom.spdx.json' | |
upload-artifact: false | |
artifact-name: "sbom-${{ matrix.os }}-${{ matrix.arch}}.spdx.json" | |
- name: Attest Build Provenance | |
uses: actions/[email protected] | |
with: | |
subject-name: "git-tool-${{ matrix.os }}-${{ matrix.arch }}${{ matrix.extension }}" | |
subject-path: "target/${{ matrix.target }}/release/git-tool${{ matrix.extension }}" | |
- uses: actions/attest-sbom@v1 | |
with: | |
subject-name: "git-tool-${{ matrix.os }}-${{ matrix.arch }}${{ matrix.extension }}" | |
subject-path: "target/${{ matrix.target }}/release/git-tool${{ matrix.extension }}" | |
sbom-path: 'sbom.spdx.json' | |
sentry: | |
name: Finalize Release | |
runs-on: ubuntu-latest | |
needs: | |
- version | |
- build | |
environment: | |
name: GitHub | |
url: https://github.com/SierraSoftworks/git-tool/releases | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: get secrets - sentry | |
uses: hashicorp/[email protected] | |
with: | |
url: https://vault.sierrasoftworks.com | |
method: jwt | |
path: github-actions | |
role: deploy | |
jwtGithubAudience: https://vault.sierrasoftworks.com | |
secrets: | | |
secrets/data/repos/SierraSoftworks/git-tool/sentry token | SENTRY_AUTH_TOKEN; | |
- name: Setup Sentry CLI | |
uses: mathieu-bour/[email protected] | |
with: | |
token: ${{ env.SENTRY_AUTH_TOKEN }} | |
organization: sierra-softworks | |
project: git-tool | |
- name: Finalize Sentry Release | |
run: | | |
VERSION="git-tool@${{ github.event.release.tag_name }}" | |
sentry-cli releases finalize "$VERSION" |