From 70ab0a696465daecdd775713d2100972a083d4e2 Mon Sep 17 00:00:00 2001 From: Eli Moshkovich Date: Tue, 8 Oct 2024 08:41:20 -0700 Subject: [PATCH] ci for cedar-agent (#35) * ci for cedar-agent * changes for ci * build check * final - after check * timeout-minutes added * test with --locked * test with another rust build actions * another check * using another action to upload artifacts * final * cross-build-check * build-cross-chek * build-cross test * build-cross test * check with --locked * --locked removed * disabled macos * final * final-2 * check with arm * check with arm * check with arm * check with arm compile * check arm64 * check arm * export added for link * check with anouther linker * check arm * build with arm - final * cargo-update-locked-file * pre-release --- .github/workflows/build_release.yml | 146 ++++++++++++++++++++++++++++ .github/workflows/pr_test.yml | 30 ++++++ Cargo.lock | 69 ++++++------- Cargo.toml | 1 + 4 files changed, 207 insertions(+), 39 deletions(-) create mode 100644 .github/workflows/build_release.yml create mode 100644 .github/workflows/pr_test.yml diff --git a/.github/workflows/build_release.yml b/.github/workflows/build_release.yml new file mode 100644 index 0000000..a898a03 --- /dev/null +++ b/.github/workflows/build_release.yml @@ -0,0 +1,146 @@ +name: Cedar-agent cross-build and Docker Build + +on: + release: + types: [published] + +env: + # The project name specified in Cargo.toml + PROJECT_NAME: cedar-agent + +jobs: + build-cross-package: + # Set the job to run on the platform specified by the matrix below + runs-on: ${{ matrix.runner }} + + # Define the build matrix for cross-compilation + strategy: + matrix: + include: + - name: linux-amd64 + runner: ubuntu-latest + target: x86_64-unknown-linux-gnu + - name: linux-arm64 + runner: ubuntu-latest + target: aarch64-unknown-linux-gnu + # ------- Lets keep this commented out for now for future optional use + # - name: win-amd64 + # runner: windows-latest + # target: x86_64-pc-windows-msvc + # - name: macos-amd64 + # runner: macos-latest + # target: x86_64-apple-darwin + # - name: macos-arm64 + # runner: macos-latest + # target: aarch64-apple-darwin + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Install Rust + uses: dtolnay/rust-toolchain@stable + with: + targets: "${{ matrix.target }}" + + - name: Setup Cache + uses: Swatinem/rust-cache@v2 + + - name: Update Cargo.toml version + run: | + if [[ "${{ matrix.runner }}" == "macos-latest" ]]; then + sed -i '' '/\[package\]/,/^version = /s/^version = .*/version = "${{ github.event.release.tag_name }}"/' Cargo.toml + cat Cargo.toml + fi + if [[ "${{ matrix.runner }}" == "ubuntu-latest" ]]; then + sed -i '/\[package\]/,/^version = /s/^version = .*/version = \"${{ github.event.release.tag_name }}\"/' Cargo.toml + cat Cargo.toml + fi + + - name: Prepare for ARM64 + if: ${{ matrix.target == 'aarch64-unknown-linux-gnu' }} + run: | + sudo apt-get update + sudo apt-get install -y gcc-aarch64-linux-gnu + + # Define the path to the Cargo config file + CARGO_CONFIG="$HOME/.cargo/config.toml" + + # Check if the file exists; if not, create it + if [[ ! -f "$CARGO_CONFIG" ]]; then + mkdir -p "$HOME/.cargo" + touch "$CARGO_CONFIG" + fi + + # Add the target configuration if it doesn't already exist + if ! grep -q "\[target.aarch64-unknown-linux-gnu\]" "$CARGO_CONFIG"; then + echo -e "\n[target.aarch64-unknown-linux-gnu]" >> "$CARGO_CONFIG" + echo 'linker = "aarch64-linux-gnu-gcc"' >> "$CARGO_CONFIG" + echo "Configuration added to $CARGO_CONFIG" + else + echo "Configuration already exists in $CARGO_CONFIG" + fi + cat $HOME/.cargo/config.toml + + - name: Build Binary + run: cargo build --verbose --release --target ${{ matrix.target }} # --locked have been removed to avoid error + + - name: Dry run cargo publish + run: cargo publish --dry-run --allow-dirty --target ${{ matrix.target }} + + - name: Upload Binaries + uses: "taiki-e/upload-rust-binary-action@v1" + with: + bin: ${{ env.PROJECT_NAME }} + target: ${{ matrix.target }} + token: ${{ secrets.TOKEN_GITHUB }} + + - name: Publish package to crates.io + run: cargo publish --token ${CRATES_TOKEN} --target ${{ matrix.target }} + env: + CRATES_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }} + + docker-build-push: + runs-on: ubuntu-latest + timeout-minutes: 70 + needs: build-cross-package + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build & Push cedar-agent - (pre-release) + if: "github.event.release.prerelease" + uses: docker/build-push-action@v4 + with: + file: Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + cache-from: type=registry,ref=permitio/cedar-agent:latest + cache-to: type=inline + tags: | + permitio/cedar-agent:${{ github.event.release.tag_name }} + + - name: Build & Push cedar-agent - (official release) + if: "!github.event.release.prerelease" + uses: docker/build-push-action@v4 + with: + file: Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + cache-from: type=registry,ref=permitio/cedar-agent:latest + cache-to: type=inline + tags: | + permitio/cedar-agent:latest + permitio/cedar-agent:${{ github.event.release.tag_name }} diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml new file mode 100644 index 0000000..299a569 --- /dev/null +++ b/.github/workflows/pr_test.yml @@ -0,0 +1,30 @@ +name: Cedar-agent - PR test + +on: + pull_request: + branches: + - main + +jobs: + pr_checks: + runs-on: ubuntu-latest + timeout-minutes: 15 + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up Rust + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + profile: minimal + override: true + + - name: Run cargo update --locked + run: cargo update --locked + + - name: Run cargo test + run: cargo test + + - name: Run cargo build + run: cargo build diff --git a/Cargo.lock b/Cargo.lock index f743733..d64a5c1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4,9 +4,9 @@ version = 3 [[package]] name = "addr2line" -version = "0.24.1" +version = "0.24.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f5fb1d8e4442bd405fdfd1dacb42792696b0cf9cb15882e5d097b742a676d375" +checksum = "dfbe277e56a376000877090da837660b4427aad530e3028d44e0bffe4f89a1c1" dependencies = [ "gimli", ] @@ -248,9 +248,9 @@ checksum = "428d9aa8fbc0670b7b8d6030a7fadd0f86151cae55e4dbbece15f3780a3dfaf3" [[package]] name = "cc" -version = "1.1.24" +version = "1.1.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "812acba72f0a070b003d3697490d2b55b837230ae7c6c6497f05cc2ddbb8d938" +checksum = "2e80e3b6a3ab07840e1cae9b0666a63970dc28e8ed5ffbcdacbfc760c281bfc1" dependencies = [ "shlex", ] @@ -352,9 +352,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.19" +version = "4.5.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7be5744db7978a28d9df86a214130d106a89ce49644cbc4e3f0c22c3fba30615" +checksum = "b97f376d85a664d5837dbae44bf546e6477a679ff6610010f17276f686d867e8" dependencies = [ "clap_builder", "clap_derive", @@ -362,9 +362,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.19" +version = "4.5.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5fbc17d3ef8278f55b282b2a2e75ae6f6c7d4bb70ed3d0382375104bfafdb4b" +checksum = "19bc80abd44e4bed93ca373a0704ccbd1b710dc5749406201bb018272808dc54" dependencies = [ "anstream", "anstyle", @@ -665,9 +665,9 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "futures" -version = "0.3.30" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "645c6916888f6cb6350d2550b80fb63e734897a8498abe35cfb732b6487804b0" +checksum = "65bc07b1a8bc7c85c5f2e110c476c7389b4554ba72af57d8445ea63a576b0876" dependencies = [ "futures-channel", "futures-core", @@ -679,9 +679,9 @@ dependencies = [ [[package]] name = "futures-channel" -version = "0.3.30" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eac8f7d7865dcb88bd4373ab671c8cf4508703796caa2b1985a9ca867b3fcb78" +checksum = "2dff15bf788c671c1934e366d07e30c1814a8ef514e1af724a602e8a2fbe1b10" dependencies = [ "futures-core", "futures-sink", @@ -689,33 +689,33 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.30" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d" +checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e" [[package]] name = "futures-io" -version = "0.3.30" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a44623e20b9681a318efdd71c299b6b222ed6f231972bfe2f224ebad6311f0c1" +checksum = "9e5c1b78ca4aae1ac06c48a526a655760685149f0d465d21f37abfe57ce075c6" [[package]] name = "futures-sink" -version = "0.3.30" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9fb8e00e87438d937621c1c6269e53f536c14d3fbd6a042bb24879e57d474fb5" +checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7" [[package]] name = "futures-task" -version = "0.3.30" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004" +checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988" [[package]] name = "futures-util" -version = "0.3.30" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48" +checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81" dependencies = [ "futures-channel", "futures-core", @@ -754,9 +754,9 @@ dependencies = [ [[package]] name = "gimli" -version = "0.31.0" +version = "0.31.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32085ea23f3234fc7846555e85283ba4de91e21016dc0455a16286d87a292d64" +checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f" [[package]] name = "glob" @@ -1251,9 +1251,9 @@ dependencies = [ [[package]] name = "object" -version = "0.36.4" +version = "0.36.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "084f1a5821ac4c651660a94a7153d27ac9d8a53736203f58b31945ded098070a" +checksum = "aedf0a2d09c573ed1d8d85b30c119153926a2b36dce0ab28322c09a117a4683e" dependencies = [ "memchr", ] @@ -1272,12 +1272,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.20.1" +version = "1.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82881c4be219ab5faaf2ad5e5e5ecdff8c66bd7402ca3160975c93b24961afd1" -dependencies = [ - "portable-atomic", -] +checksum = "1261fe7e33c73b354eab43b1273a57c8f967d0391e80353e51f764ac02cf6775" [[package]] name = "ordered-float" @@ -1383,12 +1380,6 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" -[[package]] -name = "portable-atomic" -version = "1.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc9c68a3f6da06753e9335d63e27f6b9754dd1920d941135b7ea8224f141adb2" - [[package]] name = "powerfmt" version = "0.2.0" @@ -1412,9 +1403,9 @@ checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c" [[package]] name = "proc-macro2" -version = "1.0.86" +version = "1.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" +checksum = "b3e4daa0dcf6feba26f985457cdf104d4b4256fc5a09547140f3631bb076b19a" dependencies = [ "unicode-ident", ] diff --git a/Cargo.toml b/Cargo.toml index 22c0553..cfc120e 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,5 +1,6 @@ [package] name = "cedar-agent" +# This update dynamically via CI version = "0.2.0" edition = "2021" license = "Apache-2.0"