Version 0.9.5 #1290
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GitHub Workflows file | |
| name: main | |
| defaults: | |
| run: | |
| shell: bash --noprofile --norc -euo pipefail {0} | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "v*" | |
| pull_request: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| version: | |
| name: Current version | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| version: ${{ steps.version.outputs.version }} | |
| rev: ${{ steps.rev.outputs.rev }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Version | |
| id: version | |
| run: ./tools/version | tee -a "${GITHUB_OUTPUT}" | |
| - name: Rev | |
| id: rev | |
| run: printf 'rev=%s\n' "$(git rev-parse --short HEAD)" | tee -a "${GITHUB_OUTPUT}" | |
| bazel_test: | |
| name: Bazel test | |
| runs-on: ${{ matrix.os }} | |
| needs: version | |
| strategy: | |
| matrix: | |
| build: | |
| - macos | |
| - ubuntu-20.04 | |
| # - windows | |
| include: | |
| - build: macos | |
| os: macos-latest | |
| buildflags: --features=negotiate | |
| - build: ubuntu-20.04 | |
| os: ubuntu-20.04 | |
| buildflags: --features=negotiate | |
| # - build: windows | |
| # os: windows-latest | |
| # buildflags: --features=negotiate | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: macOS version | |
| if: ${{ runner.os == 'macOS' }} | |
| run: | | |
| printf 'OS_VER=%s\n' "$(sw_vers --productVersion)" | tee -a $GITHUB_ENV | |
| - name: Linux version | |
| if: ${{ runner.os == 'Linux' }} | |
| run: | | |
| printf 'OS_VER=%s\n' "$(lsb_release --short --release)" | tee -a $GITHUB_ENV | |
| - name: Bazel cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/bazel_build_cache | |
| ~/.cache/bazel_repo_cache | |
| key: ${{ runner.os }}-${{ env.OS_VER }}-bazel-test-${{ hashFiles('Cargo.lock', 'MODULE.bazel.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-${{ env.OS_VER }}-bazel-test- | |
| - name: Setup Windows Bazelrc | |
| # https://bazel.build/configure/windows | |
| run: | | |
| echo "startup --output_user_root=C:/tmp" > ${{ github.workspace }}/user.bazelrc | |
| shell: cmd | |
| if: runner.os == 'Windows' | |
| - name: Install Linux dependency | |
| run: sudo apt-get install libkrb5-dev | |
| if: ${{ startswith(matrix.os, 'ubuntu') }} | |
| - name: Run tests | |
| run: > | |
| bazel | |
| test | |
| --config=ci | |
| --//:version=${{ needs.version.outputs.version }} | |
| --//:rev=${{ needs.version.outputs.rev }} | |
| ${{ matrix.buildflags }} | |
| -- | |
| //... | |
| -//doc/... | |
| -//www/... | |
| ${{ runner.os != 'macOS' && '-//macos/... -//pkg/macos/... -//proxydetox:proxydetoxcli' || '' }} | |
| bazel_check: | |
| name: Bazel check | |
| runs-on: ubuntu-24.04 | |
| needs: version | |
| strategy: | |
| matrix: | |
| check: | |
| - clippy | |
| - format | |
| include: | |
| - check: "clippy" | |
| aspect: "@rules_rust//rust:defs.bzl%rust_clippy_aspect" | |
| output_groups: "clippy_checks" | |
| - check: "format" | |
| aspect: "@rules_rust//rust:defs.bzl%rust_clippy_aspect" | |
| output_groups: "rustfmt_checks" | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Install Linux dependency | |
| run: sudo apt-get install libkrb5-dev | |
| if: runner.os == 'Linux' | |
| - name: Run check | |
| run: > | |
| bazel | |
| build | |
| --config=ci | |
| --aspects=${{ matrix.aspect }} | |
| --output_groups=${{ matrix.output_groups }} | |
| -- | |
| //... | |
| -//macos/... | |
| -//pkg/macos/... | |
| -//proxydetox:proxydetoxcli | |
| -//doc/... | |
| -//www/... | |
| bazel_www: | |
| name: Bazel www | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - bazel_check | |
| - bazel_test | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Install Linux dependency | |
| run: sudo apt-get install libkrb5-dev | |
| - name: Linux version | |
| run: | | |
| printf 'OS_VER=%s\n' "$(lsb_release --short --release)" | tee -a $GITHUB_ENV | |
| - name: Bazel cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/bazel_build_cache | |
| ~/.cache/bazel_repo_cache | |
| key: ${{ runner.os }}-${{ env.OS_VER }}-bazel-test-${{ hashFiles('Cargo.lock', 'MODULE.bazel.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-${{ env.OS_VER }}-bazel-test- | |
| - name: Run build | |
| run: bazel run --config=ci -- //www:copy | |
| - name: Upload pages artifact | |
| uses: actions/upload-pages-artifact@v3 # or specific "vX.X.X" version tag for this action | |
| with: | |
| path: public/ | |
| bazel_build: | |
| name: Package | |
| runs-on: ${{ matrix.os }} | |
| needs: | |
| - bazel_test | |
| - bazel_check | |
| - version | |
| strategy: | |
| matrix: | |
| build: | |
| - macos-aarch64 | |
| - macos-x86_64 | |
| - ubuntu-20.04 | |
| - ubuntu-22.04 | |
| - ubuntu-24.04 | |
| # - windows | |
| include: | |
| - build: macos-aarch64 | |
| os: macos-latest | |
| buildflags: --features=negotiate --config=aarch64_apple_darwin | |
| pkgfile: proxydetox-${{ needs.version.outputs.version }}-apple-darwin-aarch64.pkg | |
| - build: macos-x86_64 | |
| os: macos-latest | |
| buildflags: --features=negotiate --config=x86_64_apple_darwin | |
| pkgfile: proxydetox-${{ needs.version.outputs.version }}-apple-darwin-x86_64.pkg | |
| - build: ubuntu-20.04 | |
| os: ubuntu-20.04 | |
| buildflags: --features=negotiate | |
| pkgfile: proxydetox-${{ needs.version.outputs.version }}-focal_amd64.deb | |
| - build: ubuntu-22.04 | |
| os: ubuntu-22.04 | |
| buildflags: --features=negotiate | |
| pkgfile: proxydetox-${{ needs.version.outputs.version }}-jammy_amd64.deb | |
| - build: ubuntu-24.04 | |
| os: ubuntu-24.04 | |
| buildflags: --features=negotiate | |
| pkgfile: proxydetox-${{ needs.version.outputs.version }}-noble_amd64.deb | |
| # - build: windows | |
| # os: windows-latest | |
| # buildflags: --features=negotiate | |
| # pkgfile: proxydetox-${{ needs.version.outputs.version }}-windows-x86_64.zip | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: macOS version | |
| if: ${{ runner.os == 'macOS' }} | |
| run: | | |
| printf 'OS_VER=%s\n' "$(sw_vers --productVersion)" | tee -a $GITHUB_ENV | |
| - name: Linux version | |
| if: ${{ runner.os == 'Linux' }} | |
| run: | | |
| printf 'OS_VER=%s\n' "$(lsb_release --short --release)" | tee -a $GITHUB_ENV | |
| - name: Bazel cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/bazel_build_cache | |
| ~/.cache/bazel_repo_cache | |
| key: ${{ runner.os }}-${{ env.OS_VER }}-bazel-build-${{ hashFiles('Cargo.lock', 'MODULE.bazel.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-${{ env.OS_VER }}-bazel-build- | |
| - name: Setup Windows Bazelrc | |
| # https://bazel.build/configure/windows | |
| run: | | |
| echo "startup --output_user_root=C:/tmp" > ${{ github.workspace }}\user.bazelrc | |
| shell: cmd | |
| if: runner.os == 'Windows' | |
| - name: Install Linux dependency | |
| run: sudo apt-get install libkrb5-dev | |
| if: startswith(matrix.os, 'ubuntu') | |
| - name: Make package | |
| run: > | |
| bazel | |
| run | |
| --config=ci | |
| --config=release | |
| --//:version=${{ needs.version.outputs.version }} | |
| --//:rev=${{ needs.version.outputs.rev }} | |
| ${{ matrix.buildflags }} | |
| "//pkg:copy" | |
| -- | |
| ${{ matrix.pkgfile }} | |
| - name: Upload package artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: pkg-bazel-${{ matrix.build }} | |
| path: ./${{ matrix.pkgfile }} | |
| if-no-files-found: "error" | |
| cargo_test: | |
| name: Cargo test | |
| runs-on: windows-latest | |
| needs: version | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Install Rust | |
| uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: ${{ runner.os }}-test | |
| # see https://github.com/rust-lang/rust-bindgen/issues/1797 | |
| - name: Install Windows dependency (LLVM) | |
| uses: KyleMayes/[email protected] | |
| with: | |
| version: "11.0" | |
| directory: ${{ runner.temp }}/llvm | |
| - name: Set LIBCLANG_PATH | |
| run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV | |
| shell: pwsh | |
| - name: Run cargo test | |
| run: cargo test | |
| cargo_build: | |
| name: Cargo build | |
| runs-on: windows-latest | |
| needs: cargo_test | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Install Rust | |
| uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: ${{ runner.os }}-build | |
| # see https://github.com/rust-lang/rust-bindgen/issues/1797 | |
| - name: Install Windows dependency (LLVM) | |
| uses: KyleMayes/[email protected] | |
| with: | |
| version: "11.0" | |
| directory: ${{ runner.temp }}/llvm | |
| - name: Set LIBCLANG_PATH | |
| run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV | |
| shell: pwsh | |
| - name: Build Release Package | |
| id: buildpkg | |
| run: ./tools/mkzip.ps1 | |
| shell: pwsh | |
| - name: Upload package artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: pkg-cargo-windows | |
| path: ./${{ steps.buildpkg.outputs.pkgfile }} | |
| if-no-files-found: "error" | |
| mkrelease: | |
| name: Create Release | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - bazel_build | |
| - bazel_www | |
| - cargo_build | |
| - version | |
| steps: | |
| - name: Download pkg artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: pkg-* | |
| merge-multiple: true | |
| - name: Show downloaded artifacts | |
| run: find . -name '*.deb' -o -name '*.pkg' -o -name '*.zip' | |
| - name: Create Release | |
| if: ${{ github.event_name == 'push' && startswith(github.ref, 'refs/tags/') }} | |
| run: | | |
| gh --repo "${REPO}" release create "${VERSION}" --generate-notes *.deb *.pkg *.zip | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| REPO: ${{ github.repository }} | |
| VERSION: v${{ needs.version.outputs.version }} | |
| pages: | |
| if: ${{ github.event_name == 'push' && startswith(github.ref, 'refs/tags/') }} | |
| needs: | |
| - bazel_www | |
| - mkrelease | |
| # Grant GITHUB_TOKEN the permissions required to make a Pages deployment | |
| permissions: | |
| pages: write | |
| id-token: write | |
| # Deploy to the github-pages environment | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Deploy to GitHub Pages | |
| id: deployment | |
| uses: actions/deploy-pages@v4 | |
| # The success job is here to consolidate the total success/failure state of | |
| # all other jobs. This job is then included in the GitHub branch protection | |
| # rule which prevents merges unless all other jobs are passing. This makes | |
| # it easier to manage the list of jobs via this yml file and to prevent | |
| # accidentally adding new jobs without also updating the branch protections. | |
| success: | |
| name: Success gate | |
| if: always() | |
| needs: | |
| - bazel_test | |
| - bazel_check | |
| - bazel_www | |
| - cargo_build | |
| - cargo_test | |
| - mkrelease | |
| - version | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - run: jq --exit-status 'all(.result == "success")' <<< '${{ toJson(needs) }}' | |
| - name: Done | |
| run: exit 0 |