name: build permissions: contents: write on: workflow_dispatch: inputs: fail_fast: description: "Use fail-fast strategy" required: false default: "true" verbose: description: "Verbose output" required: false default: "false" push: tags: - "v*.*.*" # We don't filter by paths here, because we filter by tags, which means we're releasing. All releases should be built. pull_request: paths-ignore: - .hooks/** - CARGO_README.md - README.md - CHANGELOG.md - INTEGRATION.md - .gitignore - .gitattributes - LICENSE* - run.sh - run.ps1 env: CARGO_TERM_COLOR: always jobs: build: strategy: fail-fast: ${{ startsWith(github.ref, 'refs/tags/') || github.event.inputs.fail_fast == 'true' }} matrix: include: - os: ubuntu-latest target: x86_64-unknown-linux-musl tools: musl-tools # This will run against GNU target, not MUSL test: native - os: ubuntu-latest target: aarch64-unknown-linux-musl tools: gcc-aarch64-linux-gnu test: false - os: ubuntu-latest target: armv7-unknown-linux-gnueabihf tools: gcc-arm-linux-gnueabihf test: false - os: macos-13 target: x86_64-apple-darwin test: true - os: macos-latest target: aarch64-apple-darwin test: true - os: windows-latest target: x86_64-pc-windows-msvc test: true - os: windows-latest target: aarch64-pc-windows-msvc test: false runs-on: ${{ matrix.os }} name: release-${{ matrix.target }} steps: - uses: actions/checkout@v4 - uses: dtolnay/rust-toolchain@stable with: toolchain: 1.79 targets: ${{ matrix.target }} - name: Cache Rust dependencies uses: actions/cache@v4.0.2 with: path: | ~/.cargo/registry/index ~/.cargo/registry/cache ~/.cargo/git target key: ${{ runner.os }}-${{ matrix.target }}-${{ hashFiles('Cargo.lock') }} restore-keys: | ${{ runner.os }}-${{ matrix.target }}- - name: Install Linker Tools if: matrix.tools run: | sudo apt-get update sudo apt-get install ${{ matrix.tools }} # ensure has a newline at the end [ "$(tail -c 1 .cargo/config.toml)" != "" ] && echo >> .cargo/config.toml cat .cargo/config.github.toml >> .cargo/config.toml - name: Build run: cargo build ${{ github.event.inputs.verbose == 'true' && '--verbose' || '' }} --release --target ${{ matrix.target }} - name: Run tests if: matrix.test shell: bash run: | if [ "${{ matrix.test }}" = "native" ]; then cargo test ${{ github.event.inputs.verbose == 'true' && '--verbose' || '' }} --release else cargo test ${{ github.event.inputs.verbose == 'true' && '--verbose' || '' }} --release --target ${{ matrix.target }} fi - name: Prepare Variables shell: bash run: | RELEASE_VERSION=$(grep '^version = ' Cargo.toml | sed 's/version = \"\(.*\)\"/\1/') ARCHIVE=spotify-quickauth-v$RELEASE_VERSION-${{ matrix.target }} if ${{ contains(matrix.os, 'windows') }}; then ARCHIVE=$ARCHIVE.zip else ARCHIVE=$ARCHIVE.tar.gz fi ARCHIVE_DIR=target/${{ matrix.target }}/release # Export variables echo "ARCHIVE_DIR=$ARCHIVE_DIR" >> $GITHUB_ENV echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV echo "ARCHIVE=$ARCHIVE" >> $GITHUB_ENV - name: Archive if: ${{ !contains(matrix.os, 'windows') }} uses: TheDoctor0/zip-release@0.7.6 with: type: tar filename: ${{ env.ARCHIVE }} directory: ${{ env.ARCHIVE_DIR }}/ path: | spotify-quickauth - name: Archive if: ${{ contains(matrix.os, 'windows') }} uses: TheDoctor0/zip-release@0.7.6 with: type: zip filename: ${{ env.ARCHIVE }} directory: ${{ env.ARCHIVE_DIR }}/ path: | spotify-quickauth.exe - name: Install rsign2 if: startsWith(github.ref, 'refs/tags/') uses: taiki-e/install-action@v2 with: tool: rsign2 - name: Sign Archive if: startsWith(github.ref, 'refs/tags/') env: MINISIGN_KEY: ${{ secrets.MINISIGN_KEY }} ARCHIVE_PATH: ${{ env.ARCHIVE_DIR }}/${{ env.ARCHIVE }} shell: bash run: | echo "$MINISIGN_KEY" > minisign.key ts=$(node -e 'console.log((new Date).toISOString())') git=$(git rev-parse HEAD) comment="gh=$GITHUB_REPOSITORY git=$git ts=$ts run=$GITHUB_RUN_ID" rsign sign -W -s minisign.key -x "${{ env.ARCHIVE_PATH }}.sig" -t "$comment" "${{ env.ARCHIVE_PATH }}" - name: Upload Artifact if: ${{ !startsWith(github.ref, 'refs/tags/') }} uses: actions/upload-artifact@v4 with: name: spotify-quickauth-v${{ env.RELEASE_VERSION }}-${{ matrix.target }} if-no-files-found: error retention-days: 7 path: ${{ env.ARCHIVE_DIR }}/${{ env.ARCHIVE }} - name: Release uses: softprops/action-gh-release@v2 if: startsWith(github.ref, 'refs/tags/') with: token: ${{ secrets.GH_RELEASE_TOKEN }} files: | ${{ env.ARCHIVE_DIR }}/${{ env.ARCHIVE }} ${{ env.ARCHIVE_DIR }}/${{ env.ARCHIVE }}.sig generate_release_notes: true - if: ${{ startsWith(github.ref, 'refs/tags/') && matrix.target == 'x86_64-unknown-linux-musl' }} run: cargo login ${{ secrets.CRATES_IO_API_TOKEN }} - name: "Publish" if: ${{ startsWith(github.ref, 'refs/tags/') && matrix.target == 'x86_64-unknown-linux-musl' }} run: cargo publish --locked --allow-dirty