release: v3.4.25 #3439
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| push: | |
| branches: ["**"] | |
| tags: [v*.*.*] | |
| pull_request: | |
| workflow_call: | |
| inputs: | |
| tag-name: | |
| required: true | |
| type: string | |
| outputs: | |
| image_tags: | |
| value: ${{ jobs.docker.outputs.image_tags }} | |
| image_url: | |
| value: https://ghcr.io/${{ github.repository }} | |
| env: | |
| IMAGE_REGISTRY: ghcr.io | |
| IMAGE_NAMESPACE: ${{ github.repository_owner }} | |
| IMAGE_NAME: ${{ github.event.repository.name }} | |
| # renovate: datasource=github-releases depName=docker/buildx | |
| BUILDX_VERSION: v0.16.2 | |
| jobs: | |
| env: | |
| # release-please によるコミットの時は workflow_call でのみ実行する | |
| if: ${{ !( github.workflow == 'build' && startsWith(github.event.head_commit.message, 'release:') && github.event.head_commit.author.name == 'github-actions[bot]' ) }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| BINARY_NAME: ${{ steps.meta.outputs.BINARY_NAME }} | |
| IMAGE_NAMESPACE: ${{ steps.lowercase.outputs.IMAGE_NAMESPACE }} | |
| PUSH: ${{ github.event_name != 'pull_request' && github.ref_name == github.event.repository.default_branch }} | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - id: meta | |
| run: | | |
| echo "BINARY_NAME=$(cargo metadata --offline --no-deps --format-version=1 | jq -r '.packages[].name')" >> $GITHUB_OUTPUT | |
| - id: lowercase | |
| run: | | |
| image_namespace='${{ env.IMAGE_NAMESPACE }}' | |
| echo "IMAGE_NAMESPACE=${image_namespace@L}" >> $GITHUB_OUTPUT | |
| meta: | |
| needs: [env] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.meta.outputs.version}} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| json: ${{ steps.meta.outputs.json }} | |
| steps: | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 | |
| with: | |
| images: ${{ env.IMAGE_REGISTRY }}/${{ needs.env.outputs.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=semver,pattern={{version}},value=${{ inputs.tag-name }} | |
| type=semver,pattern={{major}}.{{minor}},value=${{ inputs.tag-name }} | |
| type=semver,pattern={{major}},value=${{ inputs.tag-name }} | |
| type=edge | |
| type=ref,event=branch | |
| build: | |
| needs: [env] | |
| permissions: | |
| contents: write | |
| packages: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - target: aarch64-unknown-linux-gnu | |
| use-cross: true | |
| - arch: arm64 | |
| target: aarch64-unknown-linux-musl | |
| use-cross: true | |
| - target: x86_64-unknown-linux-gnu | |
| use-cross: false | |
| - arch: amd64 | |
| target: x86_64-unknown-linux-musl | |
| use-cross: false | |
| # - os: macos-latest | |
| # target: aarch64-apple-darwin | |
| # - os: macos-latest | |
| # target: x86_64-apple-darwin | |
| # - os: windows-latest | |
| # target: x86_64-pc-windows-msvc | |
| # - os: windows-latest | |
| # target: x86_64-pc-windows-gnu | |
| runs-on: ${{ matrix.os || 'ubuntu-latest'}} | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GH_REPO: ${{ github.repository }} | |
| defaults: | |
| run: | |
| shell: bash -xe {0} | |
| steps: | |
| - name: Install musl tools | |
| if: matrix.target == 'x86_64-unknown-linux-musl' | |
| run: | | |
| sudo apt-get install -y musl-tools --no-install-recommends | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: stable | |
| target: ${{ matrix.target }} | |
| - uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3 | |
| with: | |
| key: ${{ matrix.target }} | |
| - name: Install cross | |
| if: ${{ !matrix.os && matrix.use-cross }} | |
| uses: taiki-e/install-action@37129d5de13e9122cce55a7a5e7e49981cef514c # v2.42.26 | |
| with: | |
| tool: cross | |
| - run: mkdir dist | |
| - run: ${{ (!matrix.os && matrix.use-cross) && 'cross' || 'cargo' }} rustc --locked --release --target=${{ matrix.target }} -- --emit=link=dist/${{ needs.env.outputs.BINARY_NAME }} | |
| - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 | |
| with: | |
| name: ${{ matrix.target }} | |
| path: | | |
| dist/${{ needs.env.outputs.BINARY_NAME }} | |
| dist/${{ needs.env.outputs.BINARY_NAME }}.exe | |
| - id: build_image | |
| if: ${{ fromJson(needs.env.outputs.PUSH) && matrix.arch }} | |
| name: Build Image | |
| uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2.13 | |
| with: | |
| archs: ${{ matrix.arch }} | |
| base-image: scratch | |
| image: ${{ env.IMAGE_NAME }} | |
| tags: tmp | |
| content: | | |
| dist/${{ needs.env.outputs.BINARY_NAME }} | |
| entrypoint: ./${{ needs.env.outputs.BINARY_NAME }} | |
| oci: true | |
| - id: push | |
| if: ${{ steps.build_image.conclusion == 'success' }} | |
| name: Push To GHCR | |
| uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2.8 | |
| with: | |
| image: ${{ env.IMAGE_NAME }} | |
| tags: ${{ steps.build_image.outputs.tags }} | |
| registry: ${{ env.IMAGE_REGISTRY }}/${{ needs.env.outputs.IMAGE_NAMESPACE }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - id: export-digest | |
| if: ${{ steps.push.conclusion == 'success' }} | |
| name: Export digest | |
| run: | | |
| mkdir -p /tmp/digests | |
| digest="${{ steps.push.outputs.digest }}" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - if: ${{ steps.export-digest.conclusion == 'success' }} | |
| name: Upload digest | |
| uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 | |
| with: | |
| name: digests-${{ matrix.target }} | |
| path: /tmp/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| - name: Upload to release | |
| if: ${{ inputs.tag-name }} | |
| working-directory: dist/ | |
| run: | | |
| if [ -e ${{ needs.env.outputs.BINARY_NAME }}.exe ]; then | |
| filename="${{ needs.env.outputs.BINARY_NAME }}-${{ inputs.tag-name }}-${{ matrix.target }}.exe" | |
| mv ${{ needs.env.outputs.BINARY_NAME }}.exe "$filename" | |
| gh release upload ${{ inputs.tag-name }} "$filename"#${{ matrix.target }} --clobber | |
| else | |
| filename="${{ needs.env.outputs.BINARY_NAME }}-${{ inputs.tag-name }}-${{ matrix.target }}" | |
| mv ${{ needs.env.outputs.BINARY_NAME }} "$filename" | |
| gh release upload ${{ inputs.tag-name }} "$filename"#${{ matrix.target }} --clobber | |
| fi | |
| merge: | |
| permissions: | |
| packages: write | |
| needs: [env, meta, build] | |
| if: ${{ fromJson(needs.env.outputs.PUSH) }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
| with: | |
| path: /tmp/digests | |
| pattern: digests-* | |
| merge-multiple: true | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: ${{ env.IMAGE_REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create manifest list and push | |
| working-directory: /tmp/digests | |
| env: | |
| DOCKER_METADATA_OUTPUT_JSON: ${{ needs.meta.outputs.json }} | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf '${{ env.IMAGE_REGISTRY }}/${{ needs.env.outputs.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) | |
| - name: Inspect image | |
| run: | | |
| docker buildx imagetools inspect ${{ env.IMAGE_REGISTRY }}/${{ needs.env.outputs.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ needs.meta.outputs.version }} |