Skip to content

Set persist-credentials to false on checkout action #4262

Set persist-credentials to false on checkout action

Set persist-credentials to false on checkout action #4262

Workflow file for this run

name: package
on:
pull_request:
workflow_dispatch:
workflow_call:
inputs:
branch:
description: "ref branch for this workflow"
default: "master"
required: true
type: string
env:
CARGO_TERM_COLOR: always
jobs:
package-generic-linux-x64:
runs-on: ubuntu-20.04
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Install prerequisites
run: bin/install_prerequisites_ubuntu.sh
- name: Install Python 3.11
uses: actions/[email protected]
with:
python-version: '3.11'
- name: Activate python3 venv
run: |
bin/activate_python3_venv.sh
export PATH="/tmp/hurl-python3-venv/bin:$PATH"
echo "PATH=$PATH" >> $GITHUB_ENV
which python3
python3 --version
pip --version
- name : Environment
run: bin/environment.sh
- name: Install rust
run: bin/install_rust.sh
- name: Build
run: |
bin/release/release.sh
echo "PATH=:${PWD}/target/release:$PATH" >> "${GITHUB_ENV}"
- name: Get version
run: |
VERSION=$(bin/release/get_version.sh)
echo "VERSION=${VERSION}" | tee -a "${GITHUB_ENV}"
- name: Create generic linux package
run: |
bin/release/man.sh
bin/release/create_tarball.sh
- name: Archive production artifacts
uses: actions/[email protected]
with:
name: release-generic-linux-x64-artifacts
path: target/upload/*
package-generic-linux-aarch64:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Set up QEMU
uses: docker/[email protected]
- name: Create package
uses: addnab/docker-run-action@v3
with:
image: ubuntu:22.04
options: --platform linux/arm64/v8 --volume ${{ github.workspace }}:/work --workdir /work --privileged --env CARGO_TERM_COLOR=always --env CARGO_BUILD_TARGET=aarch64-unknown-linux-gnu
run: |
set -e
echo "::group::Install Prerequisites"
bin/install_prerequisites_ubuntu.sh
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y g++-aarch64-linux-gnu libc6-dev-arm64-cross
./bin/export_cross_compile_env.sh
echo "::endgroup::"
echo "::group::Install Rust"
bin/install_rust.sh
. "$HOME/.cargo/env"
echo "::endgroup::"
echo "::group::Environment"
bin/environment.sh
echo "::endgroup::"
echo "::group::Build"
./bin/release/release.sh
cp -frp target/$CARGO_BUILD_TARGET/release/hurl ./target/release/
cp -frp target/$CARGO_BUILD_TARGET/release/hurlfmt ./target/release/
echo "::endgroup::"
echo "::group::Get version"
export VERSION=$(bin/release/get_version.sh)
echo "::endgroup::"
echo "::group::Create man"
bin/release/man.sh
echo "::endgroup::"
echo "::group::Create tarball"
bin/release/create_tarball.sh
echo "::endgroup::"
- name: Archive production artifacts
uses: actions/[email protected]
with:
name: release-generic-linux-aarch64-artifacts
path: target/upload/*
test-generic-linux-on-docker-ubuntu-x64:
needs: package-generic-linux-x64
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Retrieve release-generic-linux-x64-artifacts
uses: actions/[email protected]
with:
name: release-generic-linux-x64-artifacts
path: target/upload
- name: Install package and tests integ
uses: addnab/docker-run-action@v3
with:
image: ubuntu:22.04
options: --volume ${{ github.workspace }}:/work --workdir /work --privileged
run: |
set -e
echo "::group::Install Prerequisites"
bin/install_prerequisites_ubuntu.sh
echo "::endgroup::"
echo "::group::Install python 3.11"
bin/install_pythonx_for_ubuntu.sh 11
bin/activate_python3_venv.sh
export PATH=/tmp/hurl-python3-venv/bin:$PATH
echo "::endgroup::"
echo "::group::Install Rust"
bin/install_rust.sh
. "$HOME/.cargo/env"
echo "::endgroup::"
echo "::group::Environment"
bin/environment.sh
echo "::endgroup::"
echo "::group::Install generic linux package"
bin/release/install_generic_linux_package.sh
export PATH="/tmp/hurl-generic-linux/bin:$PATH"
echo "::endgroup::"
echo "::group::Install tests integ prerequisistes"
bin/test/test_prerequisites.sh
echo "::endgroup::"
echo "::group::Tests"
bin/test/test_integ.sh
echo "::endgroup::"
- name: Archive production artifacts
uses: actions/[email protected]
if: ${{ always() }}
with:
name: test-generic-linux-package-docker-ubuntu-x64-artifacts
path: |
./**/*.log
test-generic-linux-on-docker-debian-x64:
needs: package-generic-linux-x64
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Retrieve release-generic-linux-x64-artifacts
uses: actions/[email protected]
with:
name: release-generic-linux-x64-artifacts
path: target/upload
- name: Install package and tests integ
uses: addnab/docker-run-action@v3
with:
image: debian
options: --volume ${{ github.workspace }}:/work --workdir /work --privileged
run: |
set -e
echo "::group::Install system prerequisites"
bin/install_prerequisites_debian.sh
echo "::endgroup::"
echo "::group::Activate python3 venv"
bin/activate_python3_venv.sh
export PATH=/tmp/hurl-python3-venv/bin:$PATH
which python3
python3 --version
pip --version
echo "::endgroup::"
echo "::group::Environment"
bin/environment.sh
echo "::endgroup::"
echo "::group::Install generic linux package"
bin/release/install_generic_linux_package.sh
export PATH="/tmp/hurl-generic-linux/bin:$PATH"
echo "::endgroup::"
echo "::group::Install tests prerequisites"
bin/test/test_prerequisites.sh
echo "::endgroup::"
echo "::group::Tests"
bin/test/test_integ.sh
echo "::endgroup::"
- name: Archive production artifacts
uses: actions/[email protected]
if: ${{ always() }}
with:
name: test-generic-linux-package-docker-debian-x64-artifacts
path: |
./**/*.log
test-generic-linux-on-docker-archlinux-x64:
needs: package-generic-linux-x64
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Retrieve release-generic-linux-x64-artifacts
uses: actions/[email protected]
with:
name: release-generic-linux-x64-artifacts
path: target/upload
- name: Install package and tests integ
uses: addnab/docker-run-action@v3
with:
image: archlinux
options: --volume ${{ github.workspace }}:/work --workdir /work --privileged
run: |
set -e
echo "::group::Install system prerequisites"
bin/install_prerequisites_archlinux.sh
echo "::endgroup::"
echo "::group::Activate python3 venv"
bin/activate_python3_venv.sh
export PATH=/tmp/hurl-python3-venv/bin:$PATH
which python3
python3 --version
pip --version
echo "::endgroup::"
echo "::group::Environment"
bin/environment.sh
echo "::endgroup::"
echo "::group::Install generic linux package"
bin/release/install_generic_linux_package.sh
export PATH="/tmp/hurl-generic-linux/bin:$PATH"
echo "::endgroup::"
echo "::group::Install tests prerequisites"
bin/test/test_prerequisites.sh
echo "::endgroup::"
echo "::group::Tests"
bin/test/test_integ.sh
echo "::endgroup::"
- name: Archive production artifacts
uses: actions/[email protected]
if: ${{ always() }}
with:
name: test-generic-linux-package-docker-archlinux-x64-artifacts
path: |
./**/*.log
test-generic-linux-on-docker-fedora-x64:
needs: package-generic-linux-x64
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Retrieve release-generic-linux-x64-artifacts
uses: actions/[email protected]
with:
name: release-generic-linux-x64-artifacts
path: target/upload
- name: Install package and tests integ
uses: addnab/docker-run-action@v3
with:
image: fedora
options: --volume ${{ github.workspace }}:/work --workdir /work --privileged
run: |
set -e
echo "::group::Disable PAM for sudo with root and no tty"
bin/disable_pam_for_sudo.sh
echo "::endgroup::"
echo "::group::Install system prerequisites"
bin/install_prerequisites_fedora.sh
echo "::endgroup::"
echo "::group::Activate python3 venv"
bin/activate_python3_venv.sh
export PATH=/tmp/hurl-python3-venv/bin:$PATH
which python3
python3 --version
pip --version
echo "::endgroup::"
echo "::group::Environment"
bin/environment.sh
echo "::endgroup::"
echo "::group::Install generic linux package"
bin/release/install_generic_linux_package.sh
export PATH="/tmp/hurl-generic-linux/bin:$PATH"
echo "::group::Install tests prerequisites"
echo "::endgroup::"
bin/test/test_prerequisites.sh
echo "::endgroup::"
echo "::group::Tests"
bin/test/test_integ.sh
echo "::endgroup::"
- name: Archive production artifacts
uses: actions/[email protected]
if: ${{ always() }}
with:
name: test-generic-linux-package-docker-fedora-x64-artifacts
path: |
./**/*.log
test-dockerfile-x64:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Set up Docker Buildx
uses: docker/[email protected]
- name: Build docker images
run: |
echo "::group::Docker build prerequisites"
sudo docker buildx create --name mybuilder
sudo docker buildx use mybuilder
sudo docker buildx inspect --bootstrap
sudo docker buildx ls
echo "::endgroup::"
echo "::group::Build docker hurl"
docker_build_date=$(date "+%Y-%m-%d %H-%M-%S")
docker_build_tag=$(grep ^version packages/hurl/Cargo.toml | cut --delimiter '=' --field 2 | tr -d '" ')
sudo docker buildx build \
--progress=plain \
--file contrib/docker/Dockerfile \
--platform linux/amd64 \
--build-arg docker_build_date="${docker_build_date}" \
--build-arg docker_build_tag="${docker_build_tag}" \
--tag local/hurl:amd64 \
--load .
sudo docker inspect local/hurl:amd64
sudo docker run --rm local/hurl:amd64 --version
echo "::endgroup::"
- name: Integration tests
uses: addnab/docker-run-action@v3
with:
image: local/hurl:amd64
options: --volume ${{ github.workspace }}:/work --workdir /work --privileged --env CARGO_TERM_COLOR=always --entrypoint sh --platform=linux/amd64
run: |
echo "::group::Install system prerequisites"
set -e
cat /etc/os-release
apk add sudo bash curl python3 py3-pip
echo "::endgroup::"
echo "::group::Install alpine prerequisites"
bash bin/install_prerequisites_alpine.sh
echo "::endgroup::"
echo "::group::Install tests prerequisites"
bash bin/activate_python3_venv.sh
export PATH=/tmp/hurl-python3-venv/bin:$PATH
which python3
python3 --version
pip --version
bash bin/test/test_prerequisites.sh
echo "::endgroup::"
echo "::group::Environment"
bash bin/environment.sh
echo "::endgroup::"
echo "::group::Integration tests"
bash bin/test/test_integ.sh
echo "::endgroup::"
- name: find artifacts
run: |
pwd
find . -name "*.log"
- name: Archive production artifacts
uses: actions/[email protected]
if: ${{ always() }}
with:
name: test-docker-amd64-package-artifacts
path: |
./**/*.log
package-deb-x64:
runs-on: ubuntu-20.04
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Install Prerequisites
run: bin/install_prerequisites_ubuntu.sh
- name: Install Python 3.11
uses: actions/[email protected]
with:
python-version: '3.11'
- name: Activate python3 venv
run: |
bin/activate_python3_venv.sh
export PATH="/tmp/hurl-python3-venv/bin:$PATH"
echo "PATH=$PATH" >> $GITHUB_ENV
which python3
python3 --version
pip --version
- name: Install Rust
run: bin/install_rust.sh
- name: Environment
run: bin/environment.sh
- name: Build
run: |
bin/release/release.sh
echo "PATH=:${PWD}/target/release:$PATH" >> "${GITHUB_ENV}"
- name: Get version
run: |
VERSION=$(bin/release/get_version.sh)
echo "VERSION=${VERSION}" | tee -a "${GITHUB_ENV}"
- name: Create deb package
run: |
bin/release/man.sh
bin/release/create_deb_package.sh
- name: Install package
run: |
bin/release/install_deb_package.sh
echo "PATH=/tmp/hurl-deb-package/usr/bin:$PATH" >> "${GITHUB_ENV}"
- name: Test integ
run: |
bin/test/test_prerequisites.sh
bin/test/test_integ.sh
- name: Archive production artifacts
uses: actions/[email protected]
with:
name: release-deb-x64-artifacts
path: target/upload/*
package-macos-x64:
runs-on: macos-13
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Install Prerequisites
run: |
bin/install_prerequisites_macos.sh
echo "PATH=$PATH" >> $GITHUB_ENV
- name: Activate python3 venv
run: |
bin/activate_python3_venv.sh
export PATH="/tmp/hurl-python3-venv/bin:$PATH"
echo "PATH=$PATH" >> $GITHUB_ENV
which python3
python3 --version
pip --version
- name: Install Rust
run: bin/install_rust.sh
- name: Environment
run: bin/environment.sh
- name: Build
run: |
bin/release/release.sh
echo "PATH=${PWD}/target/release:$PATH" >> "${GITHUB_ENV}"
- name: Get version
run: |
VERSION=$(bin/release/get_version.sh)
echo "VERSION=${VERSION}" | tee -a "${GITHUB_ENV}"
- name: Create generic macos package
run: |
bin/release/man.sh
bin/release/create_tarball.sh
- name: Install package
run: |
bin/release/install_generic_macos_package.sh
echo "PATH=/tmp/hurl-generic-macos/bin:$PATH" >> "${GITHUB_ENV}"
- name: Test integ
run: |
bin/test/test_prerequisites.sh
bin/test/test_integ.sh
- name: Archive production artifacts
uses: actions/[email protected]
with:
name: release-macos-x64-artifacts
path: target/upload/*
package-macos-aarch64:
runs-on: macos-14
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Install Prerequisites
run: |
bin/install_prerequisites_macos.sh
echo "PATH=$PATH" >> $GITHUB_ENV
- name: Activate python3 venv
run: |
bin/activate_python3_venv.sh
export PATH="/tmp/hurl-python3-venv/bin:$PATH"
echo "PATH=$PATH" >> $GITHUB_ENV
which python3
python3 --version
pip --version
- name: Install Rust
run: bin/install_rust.sh
- name: Environment
run: bin/environment.sh
- name: Build
run: |
bin/release/release.sh
echo "PATH=${PWD}/target/release:$PATH" >> "${GITHUB_ENV}"
- name: Get version
run: |
VERSION=$(bin/release/get_version.sh)
echo "VERSION=${VERSION}" | tee -a "${GITHUB_ENV}"
- name: Create generic macos package
run: |
bin/release/man.sh
bin/release/create_tarball.sh
- name: Install package
run: |
bin/release/install_generic_macos_package.sh
echo "PATH=/tmp/hurl-generic-macos/bin:$PATH" >> "${GITHUB_ENV}"
- name: Test integ
run: |
bin/test/test_prerequisites.sh
bin/test/test_integ.sh
- name: Archive production artifacts
uses: actions/[email protected]
with:
name: release-macos-aarch64-artifacts
path: target/upload/*
package-windows-x64:
runs-on: windows-latest
env:
VCPKGRS_DYNAMIC: 1
steps:
- name: Set git to use LF
run: |
git config --global core.autocrlf false
git config --global core.eol lf
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- name: Install Rust
run: |
.\bin\install_rust.ps1
- name: Manage vcpkg cache
uses: actions/[email protected]
with:
path: C:\vcpkg
key: ${{ runner.os }}-release-windows-x64
- name: Install prerequisites
run: .\bin\install_prerequisites_windows.ps1
- name: Install Python 3.11
uses: actions/[email protected]
with:
python-version: '3.11'
- name: Environment
run: |
.\bin\activate_python3_venv.ps1
.\bin\environment.ps1
- name: Build
run: .\bin\release\release.ps1
- name: Create windows64 Zip package
run: .\bin\release\create_windows64_zip_package.ps1
- name: Install win64 zip and test integ
run: |
.\bin\release\install_windows64_zip_package.ps1
.\bin\activate_python3_venv.ps1
.\bin\test\test_prerequisites.ps1
.\bin\test\test_integ.ps1
- name: Create windows64 installer
run: .\bin\release\create_windows64_installer.ps1
- name: Install win64 installer and test integ
run: |
.\bin\release\install_windows64_installer.ps1
.\bin\activate_python3_venv.ps1
.\bin\test\test_prerequisites.ps1
.\bin\test\test_integ.ps1
- name: Archive production artifacts
uses: actions/[email protected]
with:
name: release-windows-x64-artifacts
path: |
.\target\win-package\hurl-*-installer.exe
.\target\win-package\hurl-*.zip
package-anatomy:
needs:
- package-generic-linux-x64
- package-generic-linux-aarch64
- package-deb-x64
- package-macos-x64
- package-macos-aarch64
- package-windows-x64
name: package-anatomy
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ inputs.branch }}
- uses: actions/[email protected]
with:
path: artifacts
- name: Prerequisites
if: ${{ always() }}
run: sudo apt-get install -y -qq --silent icdiff >/dev/null
- name: Package generic linux x64 anatomy
if: ${{ always() }}
run: bin/release/package-anatomy.sh artifacts/release-generic-linux-x64-artifacts/hurl-*-x86_64-unknown-linux-gnu.tar.gz --compare-with-dir docs/spec/packages
- name: Package generic linux aarch64 anatomy
if: ${{ always() }}
run: bin/release/package-anatomy.sh artifacts/release-generic-linux-aarch64-artifacts/hurl-*-aarch64-unknown-linux-gnu.tar.gz --compare-with-dir docs/spec/packages
- name: Package deb x64 anatomy
if: ${{ always() }}
run: bin/release/package-anatomy.sh artifacts/release-deb-x64-artifacts/hurl_*_amd64.deb --compare-with-dir docs/spec/packages
- name: Package macos x64 anatomy
if: ${{ always() }}
run: bin/release/package-anatomy.sh artifacts/release-macos-x64-artifacts/hurl-*-x86_64-apple-darwin.tar.gz --compare-with-dir docs/spec/packages
- name: Package macos aarch64 anatomy
if: ${{ always() }}
run: bin/release/package-anatomy.sh artifacts/release-macos-aarch64-artifacts/hurl-*-aarch64-apple-darwin.tar.gz --compare-with-dir docs/spec/packages
- name: Package windows x64 installer anatomy
if: ${{ always() }}
run: bin/release/package-anatomy.sh artifacts/release-windows-x64-artifacts/hurl-*-x86_64-pc-windows-msvc-installer.exe --compare-with-dir docs/spec/packages
- name: Package windows x64 zip anatomy
if: ${{ always() }}
run: bin/release/package-anatomy.sh artifacts/release-windows-x64-artifacts/hurl-*-x86_64-pc-windows-msvc.zip --compare-with-dir docs/spec/packages