ci for cedar-agent

.github/workflows/build_release.yml

@@ -0,0 +1,146 @@
+name: Cedar-agent cross-build and Docker Build
+
+on:
+  release:
+    types: [published]
+
+env:
+  # The project name specified in Cargo.toml
+  PROJECT_NAME: cedar-agent
+
+jobs:
+  build-cross-package:
+    # Set the job to run on the platform specified by the matrix below
+    runs-on: ${{ matrix.runner }}
+
+    # Define the build matrix for cross-compilation
+    strategy:
+      matrix:
+        include:
+          - name: linux-amd64
+            runner: ubuntu-latest
+            target: x86_64-unknown-linux-gnu
+          - name: linux-arm64
+            runner: ubuntu-latest
+            target: aarch64-unknown-linux-gnu
+          # -------   Lets keep this commented out for now for future optional use
+          # - name: win-amd64
+          #   runner: windows-latest
+          #   target: x86_64-pc-windows-msvc
+          # - name: macos-amd64
+          #   runner: macos-latest
+          #   target: x86_64-apple-darwin
+          # - name: macos-arm64
+          #   runner: macos-latest
+          #   target: aarch64-apple-darwin
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Install Rust
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          targets: "${{ matrix.target }}"
+
+      - name: Setup Cache
+        uses: Swatinem/rust-cache@v2
+
+      - name: Update Cargo.toml version
+        run: |
+          if [[ "${{ matrix.runner }}" == "macos-latest" ]]; then
+            sed -i '' '/\[package\]/,/^version = /s/^version = .*/version = "${{ github.event.release.tag_name }}"/' Cargo.toml
+            cat Cargo.toml
+          fi
+          if [[ "${{ matrix.runner }}" == "ubuntu-latest" ]]; then
+            sed -i '/\[package\]/,/^version = /s/^version = .*/version = \"${{ github.event.release.tag_name }}\"/' Cargo.toml
+            cat Cargo.toml
+          fi
+
+      - name: Prepare for ARM64
+        if: ${{ matrix.target == 'aarch64-unknown-linux-gnu' }}
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y gcc-aarch64-linux-gnu
+
+          # Define the path to the Cargo config file
+          CARGO_CONFIG="$HOME/.cargo/config.toml"
+
+          # Check if the file exists; if not, create it
+          if [[ ! -f "$CARGO_CONFIG" ]]; then
+              mkdir -p "$HOME/.cargo"
+              touch "$CARGO_CONFIG"
+          fi
+
+          # Add the target configuration if it doesn't already exist
+          if ! grep -q "\[target.aarch64-unknown-linux-gnu\]" "$CARGO_CONFIG"; then
+              echo -e "\n[target.aarch64-unknown-linux-gnu]" >> "$CARGO_CONFIG"
+              echo 'linker = "aarch64-linux-gnu-gcc"' >> "$CARGO_CONFIG"
+              echo "Configuration added to $CARGO_CONFIG"
+          else
+              echo "Configuration already exists in $CARGO_CONFIG"
+          fi
+          cat $HOME/.cargo/config.toml
+
+      - name: Build Binary
+        run: cargo build --verbose --release --target ${{ matrix.target }} # --locked have been removed to avoid error
+
+      - name: Dry run cargo publish
+        run: cargo publish --dry-run --allow-dirty --target ${{ matrix.target }}
+
+      - name: Upload Binaries
+        uses: "taiki-e/upload-rust-binary-action@v1"
+        with:
+          bin: ${{ env.PROJECT_NAME }}
+          target: ${{ matrix.target }}
+          token: ${{ secrets.TOKEN_GITHUB }}
+
+      - name: Publish package to crates.io
+        run: cargo publish --token ${CRATES_TOKEN} --target ${{ matrix.target }}
+        env:
+          CRATES_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
+
+  docker-build-push:
+    runs-on: ubuntu-latest
+    timeout-minutes: 70
+    needs: build-cross-package
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build & Push cedar-agent - (pre-release)
+        if: "github.event.release.prerelease"
+        uses: docker/build-push-action@v4
+        with:
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          cache-from: type=registry,ref=permitio/cedar-agent:latest
+          cache-to: type=inline
+          tags: |
+            permitio/cedar-agent:${{ github.event.release.tag_name }}
+
+      - name: Build & Push cedar-agent - (official release)
+        if: "!github.event.release.prerelease"
+        uses: docker/build-push-action@v4
+        with:
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          cache-from: type=registry,ref=permitio/cedar-agent:latest
+          cache-to: type=inline
+          tags: |
+            permitio/cedar-agent:latest
+            permitio/cedar-agent:${{ github.event.release.tag_name }}

.github/workflows/pr_test.yml

@@ -0,0 +1,30 @@
+name: Cedar-agent - PR test
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  pr_checks:
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Set up Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          profile: minimal
+          override: true
+
+      - name: Run cargo update --locked
+        run: cargo update --locked
+
+      - name: Run cargo test
+        run: cargo test
+
+      - name: Run cargo build
+        run: cargo build

Cargo.toml

@@ -1,5 +1,6 @@
 [package]
 name = "cedar-agent"
+# This update dynamically via CI
 version = "0.2.0"
 edition = "2021"
 license = "Apache-2.0"