Binaries #108
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build-release | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| workflow_dispatch: | |
| inputs: | |
| docker-tag-type: | |
| description: The docker tag to upload as | |
| required: true | |
| default: latest-unstable | |
| type: choice | |
| options: | |
| - latest-unstable | |
| - stable | |
| env: | |
| CARGO_TERM_COLOR: always | |
| # for attestations | |
| permissions: | |
| id-token: write | |
| attestations: write | |
| contents: read | |
| jobs: | |
| docker: | |
| environment: Docker Release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: get tag | |
| id: get-tag | |
| run: | | |
| if [[ "${DOCKER_TAG_TYPE}" = 'stable' ]]; then | |
| tag="$(cargo metadata --format-version 1 | jq -r '.packages[] | select(.name == "mdq") | .version')" | |
| else | |
| tag=latest-unstable | |
| fi | |
| echo "tag=$tag" >> "$GITHUB_OUTPUT" | |
| env: | |
| DOCKER_TAG_TYPE: ${{ inputs.docker-tag-type }} | |
| DOCKER_USERNAME: ${{ vars.DOCKER_USERNAME }} | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ vars.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PAT }} | |
| - name: Gather metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ vars.DOCKER_USERNAME }}/mdq | |
| - name: Build and push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ vars.DOCKER_USERNAME}}/mdq:${{ steps.get-tag.outputs.tag }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build: | |
| strategy: | |
| matrix: | |
| os: [ubuntu, macos, windows] | |
| runs-on: ${{ matrix.os }}-latest | |
| steps: | |
| - name: setup | |
| shell: bash | |
| run: | | |
| if [[ "$RUNNER_OS" == Windows ]]; then | |
| build_file_name=mdq.exe | |
| else | |
| build_file_name=mdq | |
| fi | |
| echo "BUILD_FILE_NAME=${build_file_name}" >> "$GITHUB_ENV" | |
| - name: rustc version | |
| run: rustc --version --verbose | |
| - uses: actions/checkout@v4 | |
| - name: build | |
| run: cargo build --release | |
| - name: check for any changes in the git tree | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| if [[ -n "$(git status --porcelain)" ]]; then | |
| echo '::error title=post-build check::changes detected in git tree' | |
| git status | |
| exit 1 | |
| fi | |
| - name: Attest Build Provenance | |
| uses: actions/attest-build-provenance@v1 | |
| with: | |
| subject-path: "target/release/${{ env.BUILD_FILE_NAME }}" | |
| - name: mac installer | |
| if: ${{ runner.os == 'macOS' }} | |
| run: | | |
| tmp_file="$(mktemp)" | |
| cp scripts/installer.sh "$tmp_file" | |
| base64 -b 72 -i target/release/mdq | sed 's/^/# /' >> "$tmp_file" | |
| mv "$tmp_file" target/release/mdq-installer.sh | |
| export BUILD_FILE_NAME=mdq-installer.sh | |
| echo BUILD_FILE_NAME=mdq-installer.sh >> "$GITHUB_ENV" | |
| - name: Attest Build Provenance (mac installer) | |
| if: ${{ runner.os == 'macOS' }} | |
| uses: actions/attest-build-provenance@v1 | |
| with: | |
| subject-path: "target/release/${{ env.BUILD_FILE_NAME }}" | |
| - name: upload | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| if-no-files-found: error | |
| name: mdq-${{ matrix.os }} | |
| path: target/release/${{ env.BUILD_FILE_NAME }} |