Skip to content

chore(deps): lock file maintenance #1319

chore(deps): lock file maintenance

chore(deps): lock file maintenance #1319

Workflow file for this run

name: Build new release
on:
push:
branches:
- main
pull_request:
branches:
- main
permissions:
contents: write
packages: write
pull-requests: read
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
# Gets the build version and information about if this is a new version
get-version:
name: Get version
runs-on: ubuntu-latest
outputs:
is_new_version: ${{ steps.get_version.outputs.IS_NEW_VERSION }}
version: ${{ steps.get_version.outputs.VERSION }}
sane_branch_name_key: ${{ steps.get_version.outputs.SANE_BRANCH_NAME_KEY }}
build_date: ${{ steps.get_version.outputs.BUILD_DATE }}
is_prerelease: ${{ steps.get_version.outputs.IS_PRERELEASE }}
toolchain: ${{ steps.get_toolchain.outputs.TOOLCHAIN }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- run: git fetch --tags
- run: pip3 install yq==2.13.0
- name: Get Build Version
id: get_version
run: ./scripts/check-version.sh
shell: bash
- name: Get Toolchain Version
id: get_toolchain
run: |
echo "TOOLCHAIN=$(cat rust-toolchain.toml | tomlq .toolchain.channel)" >> $GITHUB_OUTPUT
# Github releases are only performed when the release version changes
build-binary:
name: Build binary
runs-on: ubuntu-latest
needs: [get-version]
if: ${{ needs.get-version.outputs.is_new_version == 'true' || needs.get-version.outputs.is_prerelease == 'true'}}
strategy:
matrix:
architectures:
- arch: x86_64
target-tupl: x86_64-unknown-linux-gnu
dependencies: protobuf-compiler
bindgenExtraClangArgs: ""
- arch: aarch64
target-tupl: aarch64-unknown-linux-gnu
dependencies: gcc-aarch64-linux-gnu protobuf-compiler libclang-dev g++-aarch64-linux-gnu
bindgenExtraClangArgs: "--sysroot=/usr/aarch64-linux-gnu -mfloat-abi=hard"
steps:
- uses: actions/checkout@v4
- name: install toolchains
run: |
rustup toolchain install ${{ needs.get-version.outputs.toolchain }}
rustup target add ${{ matrix.architectures.target-tupl }} --toolchain ${{ needs.get-version.outputs.toolchain }}
rustup target add wasm32-unknown-unknown --toolchain ${{ needs.get-version.outputs.toolchain }}
rustup component add rust-src
- name: install deps
run: sudo apt-get update && sudo apt-get install ${{ matrix.architectures.dependencies }}
- name: Install sccache
env:
TEMP: ${{ runner.temp }}
run: |
curl -L https://github.com/gruntwork-io/fetch/releases/download/v0.4.6/fetch_linux_amd64 --output $TEMP/fetch
chmod +x $TEMP/fetch
$TEMP/fetch --repo="https://github.com/mozilla/sccache" --tag="~>0.7.5" --release-asset="^sccache-v[0-9.]*-x86_64-unknown-linux-musl.tar.gz$" $TEMP
tar -xvf $TEMP/sccache-v*-x86_64-unknown-linux-musl.tar.gz -C $TEMP
mv $TEMP/sccache-v*-x86_64-unknown-linux-musl/sccache $TEMP/sccache
rm -rf $TEMP/sccache-v*-x86_64-unknown-linux-musl $TEMP/sccache-v*-x86_64-unknown-linux-musl.tar.gz $TEMP/fetch
chmod +x $TEMP/sccache
- name: Cache cargo registry
uses: actions/cache@v4
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}-${{ github.sha }}
restore-keys: |
${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
${{ runner.os }}-cargo-registry-
- name: Cache cargo index
uses: actions/cache@v4
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }}-${{ github.sha }}
restore-keys: |
${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }}
${{ runner.os }}-cargo-index-
- name: Cache sccache
uses: actions/cache@v4
with:
path: ${{ runner.temp }}/cache
key: ${{ runner.os }}-cargo-build-cache-release-${{ matrix.architectures.arch }}-${{ needs.get-version.outputs.toolchain }}-${{ needs.get-version.outputs.sane_branch_name_key }}-${{ github.sha }}
restore-keys: |
${{ runner.os }}-cargo-build-cache-release-${{ matrix.architectures.arch }}-${{ needs.get-version.outputs.toolchain }}-${{ needs.get-version.outputs.sane_branch_name_key }}
${{ runner.os }}-cargo-build-cache-release-${{ matrix.architectures.arch }}-${{ needs.get-version.outputs.toolchain }}-
${{ runner.os }}-cargo-build-cache-release-${{ matrix.architectures.arch }}-
${{ runner.os }}-cargo-build-cache-release-
- name: Cargo build
env:
RUSTC_WRAPPER: ${{ runner.temp }}/sccache
SCCACHE_DIR: ${{ runner.temp }}/cache
SCCACHE_CACHE_SIZE: "1G"
BINDGEN_EXTRA_CLANG_ARGS: ${{ matrix.architectures.bindgenExtraClangArgs }}
run: |
cargo build --profile=production --target ${{ matrix.architectures.target-tupl }}
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: sqnc-node-${{ matrix.architectures.arch }}
path: |
./target/${{ matrix.architectures.target-tupl }}/production/sqnc-node
./target/${{ matrix.architectures.target-tupl }}/production/wbuild/sqnc-runtime/sqnc_runtime.compact.wasm
build-release:
name: Build release
runs-on: ubuntu-latest
needs: [get-version, build-binary]
if: ${{ needs.get-version.outputs.is_new_version == 'true' || needs.get-version.outputs.is_prerelease == 'true'}}
steps:
- name: Download x86_64 Artifacts
uses: actions/download-artifact@v4
with:
name: sqnc-node-x86_64
path: x86_64
- name: Download aarch64 Artifacts
uses: actions/download-artifact@v4
with:
name: sqnc-node-aarch64
path: aarch64
- name: Prepare artefacts
env:
BUILD_VERSION: ${{ needs.get-version.outputs.version }}
run: |
ls -R .
pushd ./x86_64
echo $BUILD_VERSION | tee ./VERSION.txt
mv ./wbuild/sqnc-runtime/sqnc_runtime.compact.wasm ./sqnc_runtime.compact.wasm
chmod +x ./sqnc-node
shasum -a 256 ./sqnc-node | cut -d ' ' -f 1 | tee ./sqnc-node.sha256
shasum -a 256 ./sqnc_runtime.compact.wasm | cut -d ' ' -f 1 | tee ./sqnc_runtime.compact.wasm.sha256
tar -czvf ../sqnc-node-${BUILD_VERSION}-x86_64-unknown-linux-gnu.tar.gz ./VERSION.txt ./sqnc-node ./sqnc-node.sha256
tar -czvf ../sqnc-node-${BUILD_VERSION}-runtime-wasm.tar.gz ./VERSION.txt ./sqnc_runtime.compact.wasm ./sqnc_runtime.compact.wasm.sha256
popd;
pushd ./aarch64
echo $BUILD_VERSION | tee ./VERSION.txt
mv ./wbuild/sqnc-runtime/sqnc_runtime.compact.wasm ./sqnc_runtime.compact.wasm
chmod +x ./sqnc-node
shasum -a 256 ./sqnc-node | cut -d ' ' -f 1 | tee ./sqnc-node.sha256
tar -czvf ../sqnc-node-${BUILD_VERSION}-aarch64-unknown-linux-gnu.tar.gz ./VERSION.txt ./sqnc-node ./sqnc-node.sha256
popd;
- name: Build release version
uses: softprops/action-gh-release@v2
with:
token: "${{ secrets.GITHUB_TOKEN }}"
tag_name: ${{ needs.get-version.outputs.version }}
name: ${{ needs.get-version.outputs.version }}
prerelease: ${{ needs.get-version.outputs.is_prerelease == 'true' }}
generate_release_notes: true
files: |
./sqnc-node-${{ needs.get-version.outputs.version }}-x86_64-unknown-linux-gnu.tar.gz
./sqnc-node-${{ needs.get-version.outputs.version }}-aarch64-unknown-linux-gnu.tar.gz
./sqnc-node-${{ needs.get-version.outputs.version }}-runtime-wasm.tar.gz
- name: Delete release latest
if: ${{ needs.get-version.outputs.is_prerelease != 'true' }}
uses: actions/github-script@v7
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const { owner, repo } = context.repo
try {
await github.rest.git.deleteRef({ owner, repo, ref: 'tags/latest' })
}
catch (err) {
if (err.status !== 422) throw err
}
- name: Build release latest
if: ${{ needs.get-version.outputs.is_prerelease != 'true' }}
uses: softprops/action-gh-release@v2
with:
token: "${{ secrets.GITHUB_TOKEN }}"
tag_name: latest
name: Latest ${{ needs.get-version.outputs.version }}
prerelease: false
generate_release_notes: true
files: |
./sqnc-node-${{ needs.get-version.outputs.version }}-x86_64-unknown-linux-gnu.tar.gz
./sqnc-node-${{ needs.get-version.outputs.version }}-aarch64-unknown-linux-gnu.tar.gz
./sqnc-node-${{ needs.get-version.outputs.version }}-runtime-wasm.tar.gz
# Docker build are always performed but are only version tagged on new version
build-docker:
name: Build Docker
runs-on: ubuntu-latest
needs: [get-version, build-release]
steps:
- uses: actions/checkout@v4
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
with:
buildkitd-flags: --debug
- name: Generate tags
id: generate-tags
env:
VERSION: ${{ needs.get-version.outputs.version }}
IS_NEW_VERSION: ${{ needs.get-version.outputs.is_new_version }}
IS_PRERELEASE: ${{ needs.get-version.outputs.is_prerelease }}
# if it's a new non prerelease version tag with hash, version latest-dev and latest
# if it's a new prerelease version tag with hash, version and latest-dev
# if it's a non new version tag with hash and latest-dev
run: |
if [ "$IS_NEW_VERSION" == "true" ]; then
echo "GHCR_VERSION_TAG=ghcr.io/digicatapult/sqnc-node:$VERSION" >> $GITHUB_OUTPUT
echo "DOCKERHUB_VERSION_TAG=digicatapult/sqnc-node:$VERSION" >> $GITHUB_OUTPUT
if [ "$IS_PRERELEASE" == "false" ]; then
echo "GHCR_LATEST_TAG=ghcr.io/digicatapult/sqnc-node:latest" >> $GITHUB_OUTPUT
echo "DOCKERHUB_LATEST_TAG=digicatapult/sqnc-node:latest" >> $GITHUB_OUTPUT
else
echo "GHCR_LATEST_TAG=" >> $GITHUB_OUTPUT
echo "DOCKERHUB_LATEST_TAG=" >> $GITHUB_OUTPUT
fi;
else
echo "GHCR_VERSION_TAG=" >> $GITHUB_OUTPUT
echo "GHCR_LATEST_TAG=" >> $GITHUB_OUTPUT
echo "DOCKERHUB_VERSION_TAG=" >> $GITHUB_OUTPUT
echo "DOCKERHUB_LATEST_TAG=" >> $GITHUB_OUTPUT
fi;
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Dockerhub Registry
uses: docker/login-action@v3
with:
username: ${{ secrets.SQNC_DOCKERHUB_USERNAME }}
password: ${{ secrets.SQNC_DOCKERHUB_TOKEN }}
- name: Build image
uses: docker/build-push-action@v6
with:
builder: ${{ steps.buildx.outputs.name }}
context: .
build-args: |
RUST_TOOLCHAIN=${{ needs.get-version.outputs.toolchain }}
SQNC_VERSION=${{ needs.get-version.outputs.version }}
file: ./Dockerfile
platforms: linux/amd64, linux/arm64
push: true
tags: |
ghcr.io/digicatapult/sqnc-node:${{ github.sha }}
${{ steps.generate-tags.outputs.GHCR_VERSION_TAG }}
${{ steps.generate-tags.outputs.GHCR_LATEST_TAG }}
digicatapult/sqnc-node:${{ github.sha }}
${{ steps.generate-tags.outputs.DOCKERHUB_VERSION_TAG }}
${{ steps.generate-tags.outputs.DOCKERHUB_LATEST_TAG }}
labels: |
org.opencontainers.image.title=sqnc-node
org.opencontainers.image.description=${{ github.event.repository.description }}
org.opencontainers.image.source=${{ github.event.repository.html_url }}
org.opencontainers.image.url=${{ github.event.repository.html_url }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.version=${{ needs.get-version.outputs.version }}
org.opencontainers.image.created=${{ needs.get-version.outputs.build_date }}