studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

ci: yaml formatting.

Browse Source 
ci: Isolate builder by actor.

Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk
2025-05-29 03:15:46 +00:00
parent 2167335c57
commit 87d258b83c
7 changed files with 184 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/bake.yml vendored
View File

@@ -55,7 +55,15 @@ on:
jobs:
bake:
if: ${{fromJSON(inputs.machines)[0] != null}}
name: ${{matrix.bake_target}} ${{matrix.cargo_profile}} ${{matrix.rust_toolchain}} ${{matrix.feat_set}} ${{matrix.sys_name}} ${{matrix.sys_version}} ${{matrix.sys_target}}
name: >
${{matrix.bake_target}}
${{matrix.cargo_profile}}
${{matrix.rust_toolchain}}
${{matrix.feat_set}}
${{matrix.sys_name}}
${{matrix.sys_version}}
${{matrix.sys_target}}
runs-on: ${{matrix.machine}}
strategy:
fail-fast: true

7
.github/workflows/deps.yml vendored
View File

@@ -130,7 +130,12 @@ jobs:
needs: [rocksdb]
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["deps-clippy", "deps-build-tests", "deps-build-bins"]'
bake_targets: >
[
"deps-clippy",
"deps-build-tests",
"deps-build-bins"
]
cargo_profiles: ${{inputs.cargo_profiles}}
feat_sets: ${{inputs.feat_sets}}
rust_toolchains: ${{inputs.rust_toolchains}}

37
.github/workflows/lint.yml vendored
View File

@@ -38,7 +38,13 @@ on:
jobs:
fmt:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }}
if: >
${{
!failure() && !cancelled()
&& contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0])
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
&& contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])
}}
name: Format
uses: ./.github/workflows/bake.yml
with:
@@ -55,7 +61,13 @@ jobs:
includes: ${{inputs.includes}}
typos:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }}
if: >
${{
!failure() && !cancelled()
&& contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0])
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
&& contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])
}}
name: Typos
uses: ./.github/workflows/bake.yml
with:
@@ -72,7 +84,13 @@ jobs:
includes: ${{inputs.includes}}
audit:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }}
if: >
${{
!failure() && !cancelled()
&& contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0])
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
&& contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])
}}
name: Audit
uses: ./.github/workflows/bake.yml
with:
@@ -89,7 +107,13 @@ jobs:
includes: ${{inputs.includes}}
lychee:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])}}
if: >
${{
!failure() && !cancelled()
&& contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0])
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
&& contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])
}}
name: Lychee
uses: ./.github/workflows/bake.yml
with:
@@ -106,7 +130,10 @@ jobs:
includes: ${{inputs.includes}}
clippy:
if: ${{ !failure() && !cancelled() }}
if: >
${{
!failure() && !cancelled()
}}
name: Clippy
uses: ./.github/workflows/bake.yml
with:

66
.github/workflows/main.yml vendored
View File

@@ -39,7 +39,31 @@ jobs:
default_sys_targets: '["x86_64-linux-gnu"]'
default_machines: '["x86_64"]'
steps:
- run: true
- name: Initialize Builder
run: |
set +e
docker buildx inspect "${GITHUB_ACTOR}"
if test x"$?" = x"0"; then
exit 0
fi
set -e
cat <<EOF > ./buildkitd.toml
[system]
platformsCacheMaxAge = "504h"
[worker.oci]
enabled = true
rootless = true
gc = false
EOF
docker buildx create \
--bootstrap \
--driver docker-container \
--buildkitd-config ./buildkitd.toml \
--name "${GITHUB_ACTOR}" \
--buildkitd-flags "--allow-insecure-entitlement network.host"
deps:
if: ${{fromJSON(vars.CI_VERBOSE_DEPS || 'false')}}
@@ -55,7 +79,12 @@ jobs:
sys_targets: ${{needs.init.outputs.sys_targets}}
sys_versions: ${{needs.init.outputs.sys_versions}}
machines: ${{needs.init.outputs.machines}}
excludes: '[{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, {"cargo_profile": "release-max-perf", "feat_set": "none"}]'
excludes: >
[
{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"},
{"cargo_profile": "release-max-perf", "rust_toolchain": "stable"},
{"cargo_profile": "release-max-perf", "feat_set": "none"}
]
lint:
if: ${{ !failure() && !cancelled() }}
@@ -71,7 +100,12 @@ jobs:
sys_targets: ${{needs.init.outputs.sys_targets}}
sys_versions: ${{needs.init.outputs.sys_versions}}
machines: ${{needs.init.outputs.machines}}
excludes: '[{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, {"cargo_profile": "release-max-perf", "feat_set": "none"}]'
excludes: >
[
{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"},
{"cargo_profile": "release-max-perf", "rust_toolchain": "stable"},
{"cargo_profile": "release-max-perf", "feat_set": "none"}
]
test:
if: ${{ !failure() && !cancelled() }}
@@ -88,7 +122,12 @@ jobs:
sys_versions: ${{needs.init.outputs.sys_versions}}
machines: ${{needs.init.outputs.machines}}
complement: ${{fromJSON(vars.COMPLEMENT || 'true')}}
excludes: '[{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, {"cargo_profile": "release-max-perf", "feat_set": "none"}]'
excludes: >
[
{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"},
{"cargo_profile": "release-max-perf", "rust_toolchain": "stable"},
{"cargo_profile": "release-max-perf", "feat_set": "none"}
]
package:
if: ${{ !failure() && !cancelled() }}
@@ -104,14 +143,20 @@ jobs:
sys_targets: ${{needs.init.outputs.sys_targets}}
sys_versions: ${{needs.init.outputs.sys_versions}}
machines: ${{needs.init.outputs.machines}}
excludes: '[{"cargo_profile": "test"}, {"feat_set": "none"}, {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}]'
excludes: >
[
{"cargo_profile": "test"},
{"feat_set": "none"},
{"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}
]
publish:
if: ${{ !failure() && !cancelled() && github.ref == 'refs/heads/main' }}
if: ${{ !failure() && !cancelled() }}
name: Publish
needs: [init, test, package]
uses: ./.github/workflows/publish.yml
with:
docker_repo: ${{vars.DOCKER_REPO}}
cargo_profiles: ${{needs.init.outputs.cargo_profiles}}
feat_sets: ${{needs.init.outputs.feat_sets}}
rust_toolchains: ${{needs.init.outputs.rust_toolchains}}
@@ -120,8 +165,13 @@ jobs:
sys_targets: ${{needs.init.outputs.sys_targets}}
sys_versions: ${{needs.init.outputs.sys_versions}}
machines: ${{needs.init.outputs.machines}}
excludes: '[{"cargo_profile": "test"}, {"feat_set": "none"}, {"rust_toolchain": "nightly", "cargo_profile": "release"}, {"cargo_profile": "release-max-perf"}]'
docker_repo: ${{vars.DOCKER_REPO}}
excludes: >
[
{"cargo_profile": "test"},
{"feat_set": "none"},
{"rust_toolchain": "nightly", "cargo_profile": "release"},
{"cargo_profile": "release-max-perf"}
]
secrets:
ghcr_token: ${{ secrets.GHCR_TOKEN }}

22
.github/workflows/package.yml vendored
View File

@@ -39,7 +39,13 @@ on:
jobs:
deb:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0]) }}
if: >
${{
!failure() && !cancelled()
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
&& contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0])
&& contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0])
}}
name: Deb
uses: ./.github/workflows/bake.yml
with:
@@ -56,7 +62,13 @@ jobs:
includes: ${{inputs.includes}}
rpm:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0]) }}
if: >
${{
!failure() && !cancelled()
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
&& contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0])
&& contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0])
}}
name: RPM
uses: ./.github/workflows/bake.yml
with:
@@ -73,7 +85,11 @@ jobs:
includes: ${{inputs.includes}}
static:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) }}
if: >
${{
!failure() && !cancelled()
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
}}
name: Standalone
uses: ./.github/workflows/bake.yml
with:

96
.github/workflows/publish.yml vendored
View File

@@ -44,8 +44,66 @@ on:
dockerhub_token:
jobs:
packages:
if: >
${{
!failure() && !cancelled()
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
}}
name: Publish packages
runs-on: ${{matrix.machine}}
continue-on-error: true
strategy:
fail-fast: false
matrix:
target: >
${{fromJSON('[
["standalone", "tuwunel"]
["pkg-deb","tuwunel_1.0.0-1_amd64.deb"],
["pkg-rpm","tuwunel-1.0.0-1.x86_64.rpm"],
]')}}
cargo_profile: ${{fromJSON(inputs.cargo_profiles)}}
rust_toolchain: ${{fromJSON(inputs.rust_toolchains)}}
feat_set: ${{fromJSON('["all"]')}}
sys_name: ${{fromJSON(inputs.sys_names)}}
sys_version: ${{fromJSON(inputs.sys_versions)}}
rust_target: ${{fromJSON(inputs.rust_targets)}}
sys_target: ${{fromJSON(inputs.sys_targets)}}
machine: ${{fromJSON(inputs.machines)}}
exclude: ${{fromJSON(inputs.excludes)}}
include: ${{fromJSON(inputs.includes)}}
steps:
- name: Extract
env:
file: ${{matrix.target[1]}}
iid:
${{matrix.target[0]}}
--${{matrix.cargo_profile}}
--${{matrix.rust_toolchain}}
--${{matrix.rust_target}}
--${{matrix.feat_set}}
--${{matrix.sys_name}}
--${{matrix.sys_version}}
--${{matrix.sys_target}}
run: |
cid=$(docker create "$iid" /)
docker cp "$cid:$file" .
- name: Upload Artifacts
uses: actions/upload-artifact@v4
with:
path: ${{matrix.target[1]}}
name: ${{matrix.target[1]}}-${{matrix.cargo_profile}}
containers:
if: ${{ !failure() && !cancelled() && inputs.docker_repo }}
if: >
${{
!failure() && !cancelled()
&& inputs.docker_repo
&& github.ref == 'refs/heads/main'
}}
name: Publish containers
runs-on: ${{matrix.machine}}
permissions: write-all
@@ -97,39 +155,3 @@ jobs:
run: |
docker/bake.sh "${{matrix.bake_target}}"
packages:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) }}
name: Publish packages
runs-on: ${{matrix.machine}}
continue-on-error: true
strategy:
fail-fast: false
matrix:
target: ${{fromJSON('[["pkg-rpm","tuwunel-1.0.0-1.x86_64.rpm"],["pkg-deb","tuwunel_1.0.0-1_amd64.deb"],["standalone", "tuwunel"]]')}}
cargo_profile: ${{fromJSON(inputs.cargo_profiles)}}
rust_toolchain: ${{fromJSON(inputs.rust_toolchains)}}
feat_set: ${{fromJSON('["all"]')}}
sys_name: ${{fromJSON(inputs.sys_names)}}
sys_version: ${{fromJSON(inputs.sys_versions)}}
rust_target: ${{fromJSON(inputs.rust_targets)}}
sys_target: ${{fromJSON(inputs.sys_targets)}}
machine: ${{fromJSON(inputs.machines)}}
exclude: ${{fromJSON(inputs.excludes)}}
include: ${{fromJSON(inputs.includes)}}
steps:
- name: Extract
env:
iid: ${{matrix.target[0]}}--${{matrix.cargo_profile}}--${{matrix.rust_toolchain}}--${{matrix.rust_target}}--${{matrix.feat_set}}--${{matrix.sys_name}}--${{matrix.sys_version}}--${{matrix.sys_target}}
file: ${{matrix.target[1]}}
run: |
cid=$(docker create "$iid" /)
docker cp "$cid:$file" .
- name: Upload Artifacts
uses: actions/upload-artifact@v4
with:
name: ${{matrix.target[1]}}-${{matrix.cargo_profile}}
path: ${{matrix.target[1]}}

2
docker/bake.sh
View File

@@ -58,7 +58,7 @@ sys_versions="${env_sys_versions:-$default_sys_versions}"
docker_dir="$PWD/$BASEDIR"
runner_name=$(echo $RUNNER_NAME | cut -d"." -f1)
runner_num=$(echo $RUNNER_NAME | cut -d"." -f2)
builder_name="owo"
builder_name="${GITHUB_ACTOR:-owo}"
rocksdb_opt_level=3
rocksdb_portable=1
git_checkout="HEAD"