refactor(wadm): better visibility controls #470
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Wadm Release | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- 'v*' | |
- 'types-v*' | |
- 'client-v*' | |
workflow_dispatch: # Allow manual creation of artifacts without a release | |
permissions: | |
contents: read | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
build: | |
name: build release assets | |
runs-on: ${{ matrix.config.runnerOs }} | |
outputs: | |
version_output: ${{ steps.version_output.outputs.version }} | |
strategy: | |
matrix: | |
config: | |
- { | |
runnerOs: 'ubuntu-latest', | |
buildCommand: 'cargo zigbuild', | |
target: 'x86_64-unknown-linux-musl', | |
uploadArtifactSuffix: 'linux-amd64', | |
buildOutputPath: 'target/x86_64-unknown-linux-musl/release/wadm', | |
} | |
- { | |
runnerOs: 'ubuntu-latest', | |
buildCommand: 'cargo zigbuild', | |
target: 'aarch64-unknown-linux-musl', | |
uploadArtifactSuffix: 'linux-aarch64', | |
buildOutputPath: 'target/aarch64-unknown-linux-musl/release/wadm', | |
} | |
- { | |
runnerOs: 'macos-14', | |
buildCommand: 'cargo zigbuild', | |
target: 'x86_64-apple-darwin', | |
uploadArtifactSuffix: 'macos-amd64', | |
buildOutputPath: 'target/x86_64-apple-darwin/release/wadm', | |
} | |
- { | |
runnerOs: 'macos-14', | |
buildCommand: 'cargo zigbuild', | |
target: 'aarch64-apple-darwin', | |
uploadArtifactSuffix: 'macos-aarch64', | |
buildOutputPath: 'target/aarch64-apple-darwin/release/wadm', | |
} | |
- { | |
runnerOs: 'windows-latest', | |
buildCommand: 'cargo build', | |
target: 'x86_64-pc-windows-msvc', | |
uploadArtifactSuffix: 'windows-amd64', | |
buildOutputPath: 'target/x86_64-pc-windows-msvc/release/wadm.exe', | |
} | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: set the release version (tag) | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
run: | | |
echo "RELEASE_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV | |
- name: set the release version (main) | |
if: ${{ github.ref == 'refs/heads/main' }} | |
run: | | |
echo "RELEASE_VERSION=canary" >> $GITHUB_ENV | |
- name: Output Version | |
id: version_output | |
run: echo "version=$RELEASE_VERSION" >> $GITHUB_OUTPUT | |
- name: Install Zig | |
uses: goto-bus-stop/setup-zig@abea47f85e598557f500fa1fd2ab7464fcb39406 # v2.2.1 | |
with: | |
version: 0.13.0 | |
- name: Install latest Rust stable toolchain | |
uses: dtolnay/rust-toolchain@1ff72ee08e3cb84d84adba594e0a297990fc1ed3 # stable | |
with: | |
toolchain: stable | |
components: clippy, rustfmt | |
target: ${{ matrix.config.target }} | |
- name: Install cargo zigbuild | |
uses: taiki-e/install-action@ed8c79bccf0b1cb1544a358f81684d3acaa5133f # v2.46.11 | |
with: | |
tool: cargo-zigbuild | |
- name: Build wadm | |
run: | | |
${{ matrix.config.buildCommand }} --release --bin wadm --target ${{ matrix.config.target }} | |
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: wadm-${{ env.RELEASE_VERSION }}-${{ matrix.config.uploadArtifactSuffix }} | |
if-no-files-found: error | |
path: | | |
${{ matrix.config.buildOutputPath }} | |
publish: | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
name: publish release assets | |
runs-on: ubuntu-latest | |
needs: build | |
permissions: | |
contents: write | |
env: | |
RELEASE_VERSION: ${{ needs.build.outputs.version_output }} | |
steps: | |
- name: Download release assets | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
- name: Prepare release | |
run: | | |
for dir in */; do | |
test -d "$dir" || continue | |
tarball="${dir%/}.tar.gz" | |
tar -czvf "${tarball}" "$dir" | |
sha256sum "${tarball}" >> SHA256SUMS | |
done | |
- name: Create github release | |
uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2.0.9 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
prerelease: false | |
draft: false | |
files: | | |
SHA256SUMS | |
wadm-${{ env.RELEASE_VERSION }}-linux-aarch64.tar.gz | |
wadm-${{ env.RELEASE_VERSION }}-linux-amd64.tar.gz | |
wadm-${{ env.RELEASE_VERSION }}-macos-aarch64.tar.gz | |
wadm-${{ env.RELEASE_VERSION }}-macos-amd64.tar.gz | |
wadm-${{ env.RELEASE_VERSION }}-windows-amd64.tar.gz | |
crate: | |
if: ${{ startsWith(github.ref, 'refs/tags/v') || startsWith(github.ref, 'refs/tags/types-v') || startsWith(github.ref, 'refs/tags/client-v') }} | |
name: Publish crate | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Install latest Rust stable toolchain | |
uses: dtolnay/rust-toolchain@1ff72ee08e3cb84d84adba594e0a297990fc1ed3 # stable | |
with: | |
toolchain: stable | |
- name: Cargo login | |
run: | | |
cargo login ${{ secrets.CRATES_TOKEN }} | |
- name: Cargo publish wadm-types | |
if: ${{ startsWith(github.ref, 'refs/tags/types-v') }} | |
working-directory: ./crates/wadm-types | |
run: | | |
cargo publish | |
- name: Cargo publish wadm lib | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
working-directory: ./crates/wadm | |
run: | | |
cargo publish | |
- name: Cargo publish wadm-client | |
if: ${{ startsWith(github.ref, 'refs/tags/client-v') }} | |
working-directory: ./crates/wadm-client | |
run: | | |
cargo publish | |
docker-image: | |
name: Build and push docker images | |
runs-on: ubuntu-latest | |
needs: build | |
permissions: | |
contents: read | |
packages: write | |
env: | |
RELEASE_VERSION: ${{ needs.build.outputs.version_output }} | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 | |
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
path: ./artifacts | |
pattern: '*linux*' | |
- name: Prepare container artifacts | |
working-directory: ./artifacts | |
run: | | |
for dir in */; do | |
name="${dir%/}" | |
mv "${name}/wadm" wadm | |
chmod +x wadm | |
rmdir "${name}" | |
mv wadm "${name}" | |
done | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: lowercase repository owner | |
run: | | |
echo "OWNER=${GITHUB_REPOSITORY_OWNER,,}" >>$GITHUB_ENV | |
- name: Set the formatted release version for the docker tag | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
run: | | |
echo "RELEASE_VERSION_DOCKER_TAG=${RELEASE_VERSION#v}" >> $GITHUB_ENV | |
- name: Build and push (tag) | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
with: | |
push: true | |
platforms: linux/amd64,linux/arm64 | |
context: ./ | |
build-args: | | |
BIN_ARM64=./artifacts/wadm-${{ env.RELEASE_VERSION }}-linux-aarch64 | |
BIN_AMD64=./artifacts/wadm-${{ env.RELEASE_VERSION }}-linux-amd64 | |
tags: | | |
ghcr.io/${{ env.OWNER }}/wadm:latest | |
ghcr.io/${{ env.OWNER }}/wadm:${{ env.RELEASE_VERSION }}, | |
ghcr.io/${{ env.OWNER }}/wadm:${{ env.RELEASE_VERSION_DOCKER_TAG }} | |
- name: Build and push wolfi (tag) | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
with: | |
push: true | |
platforms: linux/amd64,linux/arm64 | |
context: ./ | |
file: ./Dockerfile.wolfi | |
build-args: | | |
BIN_ARM64=./artifacts/wadm-${{ env.RELEASE_VERSION }}-linux-aarch64 | |
BIN_AMD64=./artifacts/wadm-${{ env.RELEASE_VERSION }}-linux-amd64 | |
tags: | | |
ghcr.io/${{ env.OWNER }}/wadm:latest-wolfi | |
ghcr.io/${{ env.OWNER }}/wadm:${{ env.RELEASE_VERSION }}-wolfi | |
ghcr.io/${{ env.OWNER }}/wadm:${{ env.RELEASE_VERSION_DOCKER_TAG }}-wolfi | |
- name: Build and push (main) | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 | |
if: ${{ github.ref == 'refs/heads/main' }} | |
with: | |
push: true | |
platforms: linux/amd64,linux/arm64 | |
context: ./ | |
build-args: | | |
BIN_ARM64=./artifacts/wadm-${{ env.RELEASE_VERSION }}-linux-aarch64 | |
BIN_AMD64=./artifacts/wadm-${{ env.RELEASE_VERSION }}-linux-amd64 | |
tags: ghcr.io/${{ env.OWNER }}/wadm:canary | |
- name: Build and push (main) | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 | |
if: ${{ github.ref == 'refs/heads/main' }} | |
with: | |
push: true | |
platforms: linux/amd64,linux/arm64 | |
context: ./ | |
file: ./Dockerfile.wolfi | |
build-args: | | |
BIN_ARM64=./artifacts/wadm-${{ env.RELEASE_VERSION }}-linux-aarch64 | |
BIN_AMD64=./artifacts/wadm-${{ env.RELEASE_VERSION }}-linux-amd64 | |
tags: ghcr.io/${{ env.OWNER }}/wadm:canary-wolfi |