Main #59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Main | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| on: | |
| schedule: | |
| - cron: '0 8 */6 * *' # every 6 days to keep cache | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - '**' | |
| tags: | |
| - 'v*' | |
| pull_request: | |
| jobs: | |
| prepare: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| test_matrix: ${{ steps.platforms.outputs.test_matrix }} | |
| build_matrix: ${{ steps.platforms.outputs.build_matrix }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Create matrix | |
| id: platforms | |
| run: | | |
| echo test_matrix=$(docker buildx bake test-cross --print | jq -cr '.target."test-cross".platforms') >> $GITHUB_OUTPUT | |
| echo build_matrix=$(docker buildx bake binary-cross --print | jq -cr '.target."binary-cross".platforms') >> $GITHUB_OUTPUT | |
| - name: Show matrix | |
| run: | | |
| echo ${{ steps.platforms.outputs.test_matrix }} | |
| echo ${{ steps.platforms.outputs.build_matrix }} | |
| validate: | |
| runs-on: ubuntu-22.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: ['lint', 'license-validate'] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: ${{ matrix.target }} | |
| uses: docker/bake-action@v3 | |
| with: | |
| targets: ${{ matrix.target }} | |
| set: | | |
| *.cache-from=type=gha,scope=test | |
| *.cache-to=type=gha,scope=test | |
| test: | |
| runs-on: ubuntu-22.04 | |
| needs: [prepare, validate] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| go-version: ['1.20'] | |
| openssl-version: ['1.0.2', '1.1.0', '1.1.1', '3.0.1'] | |
| openssl-dev: [false, true] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Test | |
| uses: docker/bake-action@v3 | |
| with: | |
| targets: test | |
| set: | | |
| *.args.GO_VERSION=${{ matrix.go-version }} | |
| *.args.OPENSSL_VERSION=${{ matrix.openssl-version }} | |
| *.args.GO_BUILDTAGS=${{ matrix.openssl-dev && 'openssldev' || '' }} | |
| *.args.GO_TESTFLAGS=-gcflags=all=-d=checkptr -count 10 | |
| *.cache-from=type=gha,scope=test-${{ matrix.openssl-version }} | |
| *.cache-to=type=gha,scope=test-${{ matrix.openssl-version }} | |
| - name: Test (with race detector) | |
| uses: docker/bake-action@v3 | |
| with: | |
| targets: test | |
| set: | | |
| *.args.GO_VERSION=${{ matrix.go-version }} | |
| *.args.OPENSSL_VERSION=${{ matrix.openssl-version }} | |
| *.args.GO_BUILDTAGS=${{ matrix.openssl-dev && 'openssldev' || '' }} | |
| *.args.GO_TESTFLAGS=-race | |
| *.cache-from=type=gha,scope=test-${{ matrix.openssl-version }} | |
| *.cache-to=type=gha,scope=test-${{ matrix.openssl-version }} | |
| test-cross: | |
| runs-on: ubuntu-22.04 | |
| needs: [prepare, validate] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| platform: ${{ fromJson(needs.prepare.outputs.test_matrix) }} | |
| steps: | |
| - name: Prepare | |
| run: | | |
| platform=${{ matrix.platform }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Test | |
| uses: docker/bake-action@v3 | |
| with: | |
| targets: test-cross | |
| set: | | |
| *.platform=${{ matrix.platform }} | |
| *.args.GO_BUILDTAGS=openssldev | |
| *.args.GO_TESTFLAGS=-gcflags=all=-d=checkptr -count 10 | |
| *.cache-from=type=gha,scope=test-${{ env.PLATFORM_PAIR }} | |
| *.cache-to=type=gha,scope=test-${{ env.PLATFORM_PAIR }} | |
| binary: | |
| runs-on: ubuntu-22.04 | |
| needs: [prepare, test, test-cross] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| platform: ${{ fromJson(needs.prepare.outputs.build_matrix) }} | |
| steps: | |
| - name: Prepare | |
| run: | | |
| platform=${{ matrix.platform }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Build static binary | |
| uses: docker/bake-action@v3 | |
| with: | |
| targets: release | |
| set: | | |
| *.platform=${{ matrix.platform }} | |
| *.args.GO_BUILDTAGS=openssldev | |
| *.args.GO_BUILDFLAGS=-v -x | |
| *.args.GO_LINKMODE=static | |
| *.args.GO_STRIP=1 | |
| *.cache-from=type=gha,scope=binary-${{ env.PLATFORM_PAIR }} | |
| *.cache-to=type=gha,scope=binary-${{ env.PLATFORM_PAIR }},mode=max | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: pedersen | |
| path: ./bin/release/* | |
| if-no-files-found: error | |
| release-image: | |
| needs: [binary] | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| name=arella/pedersen | |
| flavor: | | |
| latest=auto | |
| tags: | | |
| type=ref,event=tag | |
| type=semver,pattern={{version}} | |
| - uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_WRITE_TOKEN }} | |
| - name: Build images | |
| uses: docker/bake-action@v3 | |
| with: | |
| files: | | |
| ./docker-bake.hcl | |
| ${{ steps.meta.outputs.bake-file }} | |
| targets: image-cross | |
| push: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
| sbom: true | |
| set: | | |
| *.args.GO_BUILDTAGS=openssldev | |
| *.args.GO_BUILDFLAGS=-v -x | |
| *.args.GO_LINKMODE=static | |
| *.args.GO_STRIP=1 | |
| *.cache-from=type=gha,scope=image-${{ env.PLATFORM_PAIR }} | |
| *.cache-to=type=gha,scope=image-${{ env.PLATFORM_PAIR }},mode=max | |
| release-bin: | |
| needs: [binary] | |
| runs-on: ubuntu-22.04 | |
| if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: pedersen | |
| path: ./bin/release/* | |
| - name: Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| files: | | |
| ./bin/release/** | |
| draft: false | |
| generate_release_notes: true | |
| - name: Trigger docs build | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| await github.rest.actions.createWorkflowDispatch({ | |
| owner: '${{ github.repository_owner }}', | |
| repo: '${{ github.event.repository.name }}', | |
| workflow_id: 'docs.yml', | |
| ref: '${{ github.ref }}', | |
| inputs: { | |
| "release_tag": "${{ github.ref_name }}" | |
| } | |
| }) |