diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index d7847f1..f9b42c8 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,54 +1,41 @@ -name: CI +name: CI/CD on: + workflow_call: push: branches: - main pull_request: workflow_dispatch: -jobs: - fmt: - name: Check Formatting - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v4 - - name: Cache cargo dependencies - uses: Swatinem/rust-cache@v2 - - - name: Check formatting - run: cargo fmt --check --all - - check: - name: Lint and Build - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v4 - - name: Cache cargo dependencies - uses: Swatinem/rust-cache@v2 - - - name: Clippy lints - run: cargo clippy --all --all-features --all-targets --no-deps -- -D warnings - - - name: Cargo Doc - run: RUSTDOCFLAGS="-D warnings" cargo doc --all --all-features --no-deps --document-private-items - - test: - name: Run Tests on all platforms - strategy: - matrix: - runs-on: ["ubuntu-24.04", "windows-2022", "macos-14"] - runs-on: ${{ matrix.runs-on }} - steps: - - uses: actions/checkout@v4 - - name: Cache cargo dependencies - uses: Swatinem/rust-cache@v2 +on: + pull_request: + workflow_dispatch: - - name: Test - run: cargo test --all --all-features --all-targets +env: + CI_IS_DEFAULT_BRANCH: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} + CI_IS_TAG: ${{ startsWith(github.ref, 'refs/tags/') }} - deny: - name: Run cargo deny - runs-on: ubuntu-22.04 +jobs: + check-inputs: + runs-on: ubuntu-24.04 + outputs: + CI_CARGO_PROFILE: ${{ steps.set-profile.outputs.CI_CARGO_PROFILE }} steps: - - uses: actions/checkout@v4 - - uses: EmbarkStudios/cargo-deny-action@v1 + - name: Set CI_CARGO_PROFILE + id: set-profile + run: | + if [[ ${CI_IS_DEFAULT_BRANCH} == 'true' ]]; then + echo "CI_CARGO_PROFILE=artifact" >> $GITHUB_OUTPUT + else + echo "CI_CARGO_PROFILE=debug" >> $GITHUB_OUTPUT + fi + + rust: + needs: check-inputs + uses: ./.github/workflows/rust.yaml + with: + profile: ${{ needs.check-inputs.outputs.CI_CARGO_PROFILE }} + + container: + needs: rust + uses: ./.github/workflows/container.yaml diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml new file mode 100644 index 0000000..f79a46b --- /dev/null +++ b/.github/workflows/container.yaml @@ -0,0 +1,21 @@ +name: Build Containers +on: + workflow_call: + +jobs: + build: + name: Build Docker/OCI Image + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v4.2.0 + - name: Download Rust Artifacts + uses: actions/download-artifact@v4.1.8 + with: + name: rust + path: artifacts + - name: Run buildah to build OCI image + run: | + buildah build . \ + --platform linux/arm64,linux/amd64,windows/amd64 \ + -f identity-server/Dockerfile + diff --git a/.github/workflows/release.yaml b/.github/workflows/rust.yaml similarity index 56% rename from .github/workflows/release.yaml rename to .github/workflows/rust.yaml index 4d34528..bb5da72 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/rust.yaml @@ -1,15 +1,58 @@ -name: Release +name: Rust CI on: - workflow_dispatch: + workflow_call: inputs: - component: - description: "The component to release" + profile: required: true - type: choice - options: - - identity-server + type: string jobs: + fmt: + name: Check Formatting + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v4.2.0 + - name: Cache cargo dependencies + uses: Swatinem/rust-cache@v2.7.3 + + - name: Check formatting + run: cargo fmt --check --all + + check: + name: Lint and Build + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v4.2.0 + - name: Cache cargo dependencies + uses: Swatinem/rust-cache@v2.7.3 + + - name: Clippy lints + run: cargo clippy --all --all-features --all-targets --no-deps -- -D warnings + + - name: Cargo Doc + run: RUSTDOCFLAGS="-D warnings" cargo doc --all --all-features --no-deps --document-private-items + + test: + name: Run Tests on all platforms + strategy: + matrix: + runs-on: ["ubuntu-24.04", "windows-2022", "macos-14"] + runs-on: ${{ matrix.runs-on }} + steps: + - uses: actions/checkout@v4.2.0 + - name: Cache cargo dependencies + uses: Swatinem/rust-cache@v2.7.3 + + - name: Test + run: cargo test --all --all-features --all-targets + + deny: + name: Run cargo deny + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v4.2.0 + - uses: EmbarkStudios/cargo-deny-action@v2.0.1 + build: name: Build the code for each platform # unless we use osxcross, we can only target mac from a mac machine @@ -26,8 +69,6 @@ jobs: version: 0.13.0 - name: Cache cargo dependencies uses: Swatinem/rust-cache@v2.7.3 - # - name: Install mingw - # run: sudo apt-get install -y mingw-w64 - name: Install cargo-zigbuild run: cargo install --locked cargo-zigbuild@0.19.3 @@ -39,14 +80,18 @@ jobs: --target ${LINUX_ARM} \ --target ${WINDOWS} \ --target ${MACOS} \ - --profile artifact \ - -p ${{ inputs.component }} + --profile ${{ inputs.profile }} \ + --all + - name: Arrange artifact directory run: | set -Eeuxo pipefail mkdir artifacts - component="${{ inputs.component }}" - for f in target/*/artifact/"${component}"{,\.exe}; do + # TODO: Make it possible to release *all* binaries in these artifacts, not + # just the identity-server. + component="identity-server" + profile="${{ inputs.profile }}" + for f in target/*/"${profile}"/"${component}"{,\.exe}; do target_triple="$(echo "${f}" | cut -d '/' -f2)" case "${target_triple}" in "${LINUX}") @@ -62,7 +107,6 @@ jobs: exit 1 ;; esac done - ls -aRsh artifacts - name: Compute sha256 checksums @@ -84,19 +128,3 @@ jobs: path: | artifacts - release: - name: Create Release and Tag - runs-on: ubuntu-24.04 - needs: build - steps: - - name: Download Rust Artifacts - uses: actions/download-artifact@v4.1.8 - with: - # didn't specify artifact name, so all artifacts are downloaded and merged - # into the `artifacts` dir - path: artifacts - merge-multiple: true - - - name: List Downloaded Artifacts - run: ls -aRsh artifacts -