-
Notifications
You must be signed in to change notification settings - Fork 13
154 lines (120 loc) · 4.66 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
---
name: CI
on:
push:
branches:
- master
pull_request: {}
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- name: Clone the source code
uses: actions/checkout@v3
- name: Ensure Rust Stable is up to date
run: rustup self update && rustup update stable
- name: Ensure the source code is formatted
run: cargo fmt -- --check
- name: Ensure there are no Clippy warnings
run: cargo clippy -- -Dwarnings
- name: Ensure tests are passing
run: cargo test -- --nocapture
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
release:
name: Local release
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
channel: [stable, beta, nightly]
steps:
- name: Clone the source code
uses: actions/checkout@v3
- name: Ensure Rust Stable is up to date
run: rustup self update && rustup update stable
- name: Start the local environment
run: docker compose up -d
- name: Run the local release process for channel ${{ matrix.channel }}
run: ./run.sh release ${{ matrix.channel }}
- name: Validate the generated signatures
run: docker compose exec -T local /src/local/check-signature.sh ${{ matrix.channel }}
- name: Remove the previously installed ${{ matrix.channel }} toolchain
run: rustup toolchain remove ${{ matrix.channel }}
- name: Install the ${{ matrix.channel }} toolchain from the local environment
run: rustup toolchain install ${{ matrix.channel }} --profile=minimal
env:
RUSTUP_DIST_SERVER: http://localhost:9000/static
rustup:
name: Local rustup
runs-on: ubuntu-latest
env:
PROMOTE_RELEASE_RUSTUP_OVERRIDE_VERSION: 99.0.0
strategy:
fail-fast: false
matrix:
channel: [stable, beta]
steps:
- name: Clone the source code
uses: actions/checkout@v3
- name: Ensure Rust Stable is up to date
run: rustup self update && rustup update stable
- name: Start the local environment
run: docker compose up -d
- name: Run the local release process for channel ${{ matrix.channel }}
run: ./run.sh rustup ${{ matrix.channel }}
- name: Update Rustup from the local environment
run: rustup self update
env:
RUSTUP_UPDATE_ROOT: http://localhost:9000/static/rustup
docker:
name: Build Docker image
runs-on: ubuntu-latest
steps:
- name: Clone the source code
uses: actions/checkout@v3
- name: Build the Docker image
run: docker build -t promote-release -f prod/Dockerfile .
- name: Create a tarball of the Docker image built previously
run: docker save promote-release | zstd -5 - > promote-release.tar.zstd
if: github.event_name == 'push' && github.repository == 'rust-lang/promote-release' && github.ref == 'refs/heads/master'
- name: Upload the Docker image we built to GitHub Actions artifacts
uses: actions/upload-artifact@v4
with:
name: docker-image
path: promote-release.tar.zstd
retention-days: 1
if: github.event_name == 'push' && github.repository == 'rust-lang/promote-release' && github.ref == 'refs/heads/master'
deploy:
name: Deploy
runs-on: ubuntu-latest
permissions:
id-token: write
needs: [test, release, rustup, docker]
if: github.event_name == 'push' && github.repository == 'rust-lang/promote-release' && github.ref == 'refs/heads/master'
steps:
- name: Download the Docker image previously built
uses: actions/download-artifact@v4
with:
name: docker-image
- name: Import the Docker image previously built
run: cat promote-release.tar.zstd | zstd -d | docker load
- name: Configure AWS credentials
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::890664054962:role/ci--rust-lang-promote-release
aws-region: us-west-1
- name: Login to Amazon ECR Private
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Tag and push docker image to Amazon ECR
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
env:
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: promote-release
run: |
docker tag promote-release $REGISTRY/$REPOSITORY:latest
docker push $REGISTRY/$REPOSITORY:latest