Skip to content

New security helmet and coat #80

New security helmet and coat

New security helmet and coat #80

Workflow file for this run

name: Build Rust library
on:
issue_comment:
types: created
jobs:
build-rust:
if: |
github.event.issue.pull_request &&
(github.event.comment.body == '!build_rust') &&
((github.event.sender.id == github.event.issue.user.id) ||
(github.event.comment.author_association == 'COLLABORATOR') ||
(github.event.comment.author_association == 'MEMBER') ||
(github.event.comment.author_association == 'OWNER'))
runs-on: ubuntu-latest
steps:
- id: create_token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.PRIVATE_KEY }}
- run: echo "GH_TOKEN=${{ steps.create_token.outputs.token }}" >> "$GITHUB_ENV"
- run: echo "FAIL_NOTIFIED=false" >> "$GITHUB_ENV"
- name: Like the comment
env:
BASE_REPOSITORY: ${{ github.repository }}
run: |
gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/repos/$BASE_REPOSITORY/issues/comments/${{ github.event.comment.id }}/reactions \
-f content='+1'
- name: PR Data
run: |
pr_json=$(curl -L -s --fail-with-body -H "Authorization: token ${{ github.token }}" ${{ github.event.issue.pull_request.url }})
if [ `jq -r '.maintainer_can_modify' <<<$pr_json` == "false" ] ; then
gh pr comment ${{ github.event.issue.html_url }} --body 'GitHub Actions can not push to the repository without "Allow edits and access to secrets by maintainers" checked.'
echo "FAIL_NOTIFIED=true" >> "$GITHUB_ENV"
exit 1
fi
echo "PR_REPO=`jq -r '.head.repo.full_name' <<<$pr_json`" >> $GITHUB_ENV
echo "PR_BRANCH=`jq -r '.head.ref' <<<$pr_json`" >> $GITHUB_ENV
echo "PR_HEAD_LABEL=`jq -r '.head.label' <<<$pr_json`" >> $GITHUB_ENV
- uses: actions/checkout@v4
with:
repository: ${{ env.PR_REPO }}
ref: ${{ env.PR_BRANCH }}
token: ${{ env.GH_TOKEN }}
- name: Build rustlibs
env:
BASE_BRANCH: ${{ github.event.repository.default_branch }}
BASE_REPOSITORY: ${{ github.repository }}
GH_TOKEN: ${{ env.GH_TOKEN }}
run: |
# Get the code.
git config user.name paradisess13[bot]
git config user.email "165046124+paradisess13[bot]@users.noreply.github.com"
git pull origin "$PR_BRANCH" --depth=$((ahead_by + 1))
git remote add upstream "https://github.com/$BASE_REPOSITORY.git"
git fetch upstream "$BASE_BRANCH" --depth=$((behind_by + 1))
cd rust
# Get dependencies.
rustup target add i686-unknown-linux-gnu
rustup target add i686-pc-windows-gnu
sudo dpkg --add-architecture i386
sudo apt-get update
sudo apt-get install zlib1g-dev:i386 lib32gcc-11-dev mingw-w64 mingw-w64-i686-dev
# Build it.
cargo build --release --target i686-unknown-linux-gnu
cargo build --release --target i686-pc-windows-gnu
# Copy the built targets to their checked-in locations.
cp target/i686-unknown-linux-gnu/release/librustlibs.so ../tools/ci/librustlibs_ci.so
cp target/i686-pc-windows-gnu/release/rustlibs.dll ../rustlibs.dll
git commit -a -m "Build Rust library" --allow-empty
git push origin
- name: Notify Failure
if: failure() && env.FAIL_NOTIFIED != 'true'
run: |
gh pr comment ${{ github.event.issue.html_url }} -b 'Building Rust library failed, see the action run log for details: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'