Skip to content

Commit

Permalink
Publish staging CLI on push
Browse files Browse the repository at this point in the history
  • Loading branch information
@hanneary
hanneary committed Dec 5, 2023
1 parent f8456ce commit 5adf61c
Show file tree
Hide file tree
Showing 4 changed files with 319 additions and 207 deletions.
240 changes: 240 additions & 0 deletions .github/workflows/build-and-publish.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,240 @@
name: "Build and publish CLI"
on:
workflow_call:
inputs:
stage:
required: true
default: 'staging'
type: string
major-version:
required: true
type: string
full-version:
required: true
type: string
secrets:
aws-cloudfront-distribution-id:
required: true
aws-access-key-id:
required: true
aws-secret-access-key:
required: true
evervault-rust-lib-index:
required: true
evervault-rust-lib-token:
required: true

env:
RUST_BACKTRACE: 1
WINDOWS_TARGET: x86_64-pc-windows-msvc
MACOS_TARGET: x86_64-apple-darwin
LINUX_TARGET: x86_64-unknown-linux-musl

# Directories to target during release
BIN_DIR: bin
RELEASE_DIR: release

jobs:
# compile-ubuntu:
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v3

# - name: Install musl-tools
# run: sudo apt-get install musl-tools

# - name: Set up Rust
# uses: actions-rs/toolchain@v1
# with:
# profile: minimal
# toolchain: nightly-2023-09-13
# override: true
# target: ${{ env.LINUX_TARGET }}

# - name: Download cached dependencies
# uses: Swatinem/rust-cache@v2
# with:
# shared-key: "linux-cross-builds"

# - name: Install cross
# run: cargo install cross

# - name: Inject Version
# run: |
# sh ./scripts/insert-cli-version.sh ${{ inputs.full-version }}

# - name: Build and Compress cli
# run: |
# mkdir ${{ env.BIN_DIR }}
# mkdir ${{ env.RELEASE_DIR }}
# cross build --release --all-features --target ${{ env.LINUX_TARGET }} -Z registry-auth
# mv ./target/${{ env.LINUX_TARGET }}/release/ev-cage ./${{ env.BIN_DIR }}/ev-cage
# 7z a -ttar -so -an ./${{ env.BIN_DIR }} | 7z a -si ./${{ env.RELEASE_DIR }}/ev-cage-${{ env.LINUX_TARGET }}-${{ inputs.full-version }}.tar.gz
# env:
# CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_INDEX: ${{ secrets.evervault-rust-lib-index }}
# CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_TOKEN: ${{ secrets.evervault-rust-lib-token }}
# CARGO_HOME: ${{ github.workspace }}/.cargo

# - name: Upload as artifact
# uses: actions/upload-artifact@v2
# with:
# name: linux
# path: ./${{ env.RELEASE_DIR }}

# compile-macos:
# runs-on: macos-latest
# steps:
# - uses: actions/checkout@v3

# - name: Inject Version
# run: |
# sh ./scripts/insert-cli-version.sh ${{ inputs.full-version }}

# - uses: actions-rs/toolchain@v1
# with:
# toolchain: nightly-2023-09-13
# target: ${{ env.MACOS_TARGET }}
# override: true

# - name: Download cached dependencies
# uses: Swatinem/rust-cache@v2
# with:
# shared-key: "macos-cross-builds"

# - name: Build CLI MacOs Target
# run: |
# cargo install cross
# cross build --release --all-features --target ${{ env.MACOS_TARGET }} -Z registry-auth
# env:
# CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_INDEX: ${{ secrets.evervault-rust-lib-index }}
# CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_TOKEN: ${{ secrets.evervault-rust-lib-token }}

# - name: Install 7z cli
# run: brew install p7zip

# - name: Setup directories
# run: |
# mkdir ${{ env.BIN_DIR }}
# mkdir ${{ env.RELEASE_DIR }}

# - name: Compress binary
# run: |
# mv target/${{env.MACOS_TARGET}}/release/ev-cage ${{ env.BIN_DIR }}/ev-cage
# 7z a -ttar -so -an ./${{ env.BIN_DIR }} | 7z a -si ${{ env.RELEASE_DIR }}/ev-cage-${{ env.MACOS_TARGET }}-${{ inputs.full-version }}.tar.gz

# - name: Upload as artifact
# uses: actions/upload-artifact@v2
# with:
# name: macos
# path: ./${{ env.RELEASE_DIR }}

# compile-windows:
runs-on: windows-latest
env:
VCPKGRS_DYNAMIC: 1
steps:
- uses: actions/checkout@v3

- name: Install Rust
run: rustup update --no-self-update stable && rustup default stable

- uses: actions-rs/toolchain@v1
with:
toolchain: nightly-2023-09-13
target: ${{ env.WINDOWS_TARGET }}
override: true

- name: Inject Version
run: |
sh ./scripts/insert-cli-version.sh ${{ inputs.full-version }}
- name: Download cached dependencies
uses: Swatinem/rust-cache@v2
with:
shared-key: "windows-cross-builds"

- name: Fetch dependencies
run: cargo fetch -Z registry-auth
env:
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_INDEX: ${{ secrets.evervault-rust-lib-index }}
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_TOKEN: ${{ secrets.evervault-rust-lib-token }}

- name: Build CLI for Windows
run: |
cargo install cross
cross build --release --all-features --target ${{ env.WINDOWS_TARGET }} -Z registry-auth
env:
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_INDEX: ${{ secrets.evervault-rust-lib-index }}
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_TOKEN: ${{ secrets.evervault-rust-lib-token }}

- name: Setup directories
shell: bash
run: |
mkdir ${{ env.BIN_DIR }}
mkdir ${{ env.RELEASE_DIR }}
- name: Compress
shell: bash
run: |
mv target/${{ env.WINDOWS_TARGET }}/release/ev-cage.exe ${{ env.BIN_DIR }}/ev-cage.exe
7z a -ttar -so -an ./${{ env.BIN_DIR }} | 7z a -si ./${{ env.RELEASE_DIR }}/ev-cage-${{ env.WINDOWS_TARGET }}-${{ inputs.full-version }}.tar.gz
- name: Upload as artifact
uses: actions/upload-artifact@v2
with:
name: windows
path: ./${{ env.RELEASE_DIR }}


upload-artifacts-to-s3:
needs: [ compile-ubuntu, compile-macos, compile-windows ]
runs-on: ubuntu-latest
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.aws-access-key-id }}
aws-secret-access-key: ${{ secrets.aws-secret-access-key }}
aws-region: us-east-1

# - name: Download MacOS Artifacts
# uses: actions/download-artifact@v1
# with:
# name: macos

# - name: Download Linux Artifacts
# uses: actions/download-artifact@v1
# with:
# name: linux

# - name: Download Windows Artifacts
# uses: actions/download-artifact@v1
# with:
# name: windows

# - name: Upload Windows CLI to S3
# run: |
# aws s3 cp ./windows/ev-cage-${{ env.WINDOWS_TARGET }}-${{ inputs.full-version }}.tar.gz s3://cage-build-assets-${{ inputs.stage }}/cli/${{ inputs.full-version }}/${{ inputs.full-version}}/${{ env.WINDOWS_TARGET }}/ev-cage.tar.gz

# - name: Upload MacOS CLI to S3
# run: |
# aws s3 cp ./macos/ev-cage-${{ env.MACOS_TARGET }}-${{ inputs.full-version }}.tar.gz s3://cage-build-assets-${{ inputs.stage }}/cli/${{ inputs.full-version }}/${{ inputs.full-version }}/${{ env.MACOS_TARGET }}/ev-cage.tar.gz

# - name: Upload Ubuntu CLI to S3
# run: |
# aws s3 cp ./linux/ev-cage-${{ env.LINUX_TARGET }}-${{ inputs.full-version }}.tar.gz s3://cage-build-assets-${{ inputs.stage }}/cli/${{ inputs.major-version }}/${{ inputs.full-version }}/${{ env.LINUX_TARGET }}/ev-cage.tar.gz

- uses: actions/checkout@v3
- name: Update install script in S3
run: |
sh ./scripts/generate-installer.sh ${{ inputs.full-version }} ${{ inputs.major-version }}
sh ./scripts/update-versions.sh ${{ inputs.full-version }}
cat scripts/install
aws s3 cp scripts/install s3://cage-build-assets-${{ inputs.stage }}/cli/${{ inputs.major-version }}/${{ inputs.full-version }}/install
aws s3 cp scripts/install s3://cage-build-assets-${{ inputs.stage }}/cli/install
aws s3 cp scripts/version s3://cage-build-assets-${{ inputs.stage }}/cli/${{ inputs.major-version }}/version
aws s3 cp scripts/version s3://cage-build-assets-${{ inputs.stage }}/cli/version
aws s3 cp scripts/versions s3://cage-build-assets-${{ inputs.stage }}/cli/versions
aws cloudfront create-invalidation --distribution-id ${{ secrets.aws-cloudfront-distribution-id }} --paths "/cli/install" "/cli/version" "/cli/versions"
1 change: 1 addition & 0 deletions .github/workflows/lint-and-test-cli.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ on:
- .github/workflows/lint-and-test-cli.yml
- Cargo.toml
name: Lint and Test CLI

jobs:
clippy_check_cli:
runs-on: ubuntu-latest
Expand Down
62 changes: 62 additions & 0 deletions .github/workflows/release-cli-version-staging.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
# on:
# push:
# branches:
# - main

on: [push]

jobs:
clippy_check_cli:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions-hub/docker/cli@f5fdbfc3f9d2a9265ead8962c1314108a7b7ec5d
env:
SKIP_LOGIN: true
- uses: actions-rs/toolchain@v1
with:
toolchain: nightly-2023-09-13
override: true
components: rustfmt, clippy
- name: Compile project
run: cargo build --all-features -p ev-cage -Z registry-auth
env:
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_INDEX: ${{ secrets.RUST_CRYPTO_REGISTRY }}
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_TOKEN: ${{ secrets.CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_TOKEN }}
- name: Test project
run: cargo test -p ev-cage
env:
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_INDEX: ${{ secrets.RUST_CRYPTO_REGISTRY }}
- name: Format project
run: cargo fmt --check
env:
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_INDEX: ${{ secrets.RUST_CRYPTO_REGISTRY }}
- name: Lint project
run: cargo clippy
env:
CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_INDEX: ${{ secrets.RUST_CRYPTO_REGISTRY }}

get-version:
needs: [clippy_check_cli]
runs-on: ubuntu-latest
outputs:
full_version: ${{ steps.get-full-version.outputs.full_version }}
steps:
- id: get-full-version
run: |
echo "using sha tag ${GITHUB_SHA::6}"
echo ::set-output name=full_version::1.0.0-${GITHUB_SHA::6}
build-and-deploy:
needs: [get-version]
uses: ./.github/workflows/build-and-publish.yml
with:
stage: 'staging'
major-version: '1'
full-version: ${{ needs.get-version.outputs.full_version }}
secrets:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGING }}
aws-cloudfront-distribution-id: ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID_STAGING }}
evervault-rust-lib-index: ${{ secrets.RUST_CRYPTO_REGISTRY }}
evervault-rust-lib-token: ${{ secrets.CARGO_REGISTRIES_EVERVAULT_RUST_LIBRARIES_TOKEN }}
Loading

0 comments on commit 5adf61c

Please sign in to comment.