diff --git a/.github/workflows/bake.yml b/.github/workflows/bake.yml index d63c00b9..01d40089 100644 --- a/.github/workflows/bake.yml +++ b/.github/workflows/bake.yml @@ -55,7 +55,15 @@ on: jobs: bake: if: ${{fromJSON(inputs.machines)[0] != null}} - name: ${{matrix.bake_target}} ${{matrix.cargo_profile}} ${{matrix.rust_toolchain}} ${{matrix.feat_set}} ${{matrix.sys_name}} ${{matrix.sys_version}} ${{matrix.sys_target}} + name: > + ${{matrix.bake_target}} + ${{matrix.cargo_profile}} + ${{matrix.rust_toolchain}} + ${{matrix.feat_set}} + ${{matrix.sys_name}} + ${{matrix.sys_version}} + ${{matrix.sys_target}} + runs-on: ${{matrix.machine}} strategy: fail-fast: true diff --git a/.github/workflows/deps.yml b/.github/workflows/deps.yml index 6c0f061a..e5bbda6f 100644 --- a/.github/workflows/deps.yml +++ b/.github/workflows/deps.yml @@ -130,7 +130,12 @@ jobs: needs: [rocksdb] uses: ./.github/workflows/bake.yml with: - bake_targets: '["deps-clippy", "deps-build-tests", "deps-build-bins"]' + bake_targets: > + [ + "deps-clippy", + "deps-build-tests", + "deps-build-bins" + ] cargo_profiles: ${{inputs.cargo_profiles}} feat_sets: ${{inputs.feat_sets}} rust_toolchains: ${{inputs.rust_toolchains}} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ab768b07..add07aff 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -38,7 +38,13 @@ on: jobs: fmt: - if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }} + if: > + ${{ + !failure() && !cancelled() + && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) + && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) + && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) + }} name: Format uses: ./.github/workflows/bake.yml with: @@ -55,7 +61,13 @@ jobs: includes: ${{inputs.includes}} typos: - if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }} + if: > + ${{ + !failure() && !cancelled() + && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) + && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) + && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) + }} name: Typos uses: ./.github/workflows/bake.yml with: @@ -72,7 +84,13 @@ jobs: includes: ${{inputs.includes}} audit: - if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }} + if: > + ${{ + !failure() && !cancelled() + && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) + && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) + && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) + }} name: Audit uses: ./.github/workflows/bake.yml with: @@ -89,7 +107,13 @@ jobs: includes: ${{inputs.includes}} lychee: - if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])}} + if: > + ${{ + !failure() && !cancelled() + && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) + && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) + && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) + }} name: Lychee uses: ./.github/workflows/bake.yml with: @@ -106,7 +130,10 @@ jobs: includes: ${{inputs.includes}} clippy: - if: ${{ !failure() && !cancelled() }} + if: > + ${{ + !failure() && !cancelled() + }} name: Clippy uses: ./.github/workflows/bake.yml with: diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index be353e70..4b557931 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -39,7 +39,31 @@ jobs: default_sys_targets: '["x86_64-linux-gnu"]' default_machines: '["x86_64"]' steps: - - run: true + - name: Initialize Builder + run: | + set +e + docker buildx inspect "${GITHUB_ACTOR}" + if test x"$?" = x"0"; then + exit 0 + fi + + set -e + cat < ./buildkitd.toml + [system] + platformsCacheMaxAge = "504h" + + [worker.oci] + enabled = true + rootless = true + gc = false + EOF + + docker buildx create \ + --bootstrap \ + --driver docker-container \ + --buildkitd-config ./buildkitd.toml \ + --name "${GITHUB_ACTOR}" \ + --buildkitd-flags "--allow-insecure-entitlement network.host" deps: if: ${{fromJSON(vars.CI_VERBOSE_DEPS || 'false')}} @@ -55,7 +79,12 @@ jobs: sys_targets: ${{needs.init.outputs.sys_targets}} sys_versions: ${{needs.init.outputs.sys_versions}} machines: ${{needs.init.outputs.machines}} - excludes: '[{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, {"cargo_profile": "release-max-perf", "feat_set": "none"}]' + excludes: > + [ + {"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, + {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, + {"cargo_profile": "release-max-perf", "feat_set": "none"} + ] lint: if: ${{ !failure() && !cancelled() }} @@ -71,7 +100,12 @@ jobs: sys_targets: ${{needs.init.outputs.sys_targets}} sys_versions: ${{needs.init.outputs.sys_versions}} machines: ${{needs.init.outputs.machines}} - excludes: '[{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, {"cargo_profile": "release-max-perf", "feat_set": "none"}]' + excludes: > + [ + {"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, + {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, + {"cargo_profile": "release-max-perf", "feat_set": "none"} + ] test: if: ${{ !failure() && !cancelled() }} @@ -88,7 +122,12 @@ jobs: sys_versions: ${{needs.init.outputs.sys_versions}} machines: ${{needs.init.outputs.machines}} complement: ${{fromJSON(vars.COMPLEMENT || 'true')}} - excludes: '[{"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, {"cargo_profile": "release-max-perf", "feat_set": "none"}]' + excludes: > + [ + {"cargo_profile": "release-debuginfo", "rust_toolchain": "nightly"}, + {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}, + {"cargo_profile": "release-max-perf", "feat_set": "none"} + ] package: if: ${{ !failure() && !cancelled() }} @@ -104,14 +143,20 @@ jobs: sys_targets: ${{needs.init.outputs.sys_targets}} sys_versions: ${{needs.init.outputs.sys_versions}} machines: ${{needs.init.outputs.machines}} - excludes: '[{"cargo_profile": "test"}, {"feat_set": "none"}, {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"}]' + excludes: > + [ + {"cargo_profile": "test"}, + {"feat_set": "none"}, + {"cargo_profile": "release-max-perf", "rust_toolchain": "stable"} + ] publish: - if: ${{ !failure() && !cancelled() && github.ref == 'refs/heads/main' }} + if: ${{ !failure() && !cancelled() }} name: Publish needs: [init, test, package] uses: ./.github/workflows/publish.yml with: + docker_repo: ${{vars.DOCKER_REPO}} cargo_profiles: ${{needs.init.outputs.cargo_profiles}} feat_sets: ${{needs.init.outputs.feat_sets}} rust_toolchains: ${{needs.init.outputs.rust_toolchains}} @@ -120,8 +165,13 @@ jobs: sys_targets: ${{needs.init.outputs.sys_targets}} sys_versions: ${{needs.init.outputs.sys_versions}} machines: ${{needs.init.outputs.machines}} - excludes: '[{"cargo_profile": "test"}, {"feat_set": "none"}, {"rust_toolchain": "nightly", "cargo_profile": "release"}, {"cargo_profile": "release-max-perf"}]' - docker_repo: ${{vars.DOCKER_REPO}} + excludes: > + [ + {"cargo_profile": "test"}, + {"feat_set": "none"}, + {"rust_toolchain": "nightly", "cargo_profile": "release"}, + {"cargo_profile": "release-max-perf"} + ] secrets: ghcr_token: ${{ secrets.GHCR_TOKEN }} diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 0a2e70b8..f57a4617 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -39,7 +39,13 @@ on: jobs: deb: - if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0]) }} + if: > + ${{ + !failure() && !cancelled() + && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) + && contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0]) + && contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0]) + }} name: Deb uses: ./.github/workflows/bake.yml with: @@ -56,7 +62,13 @@ jobs: includes: ${{inputs.includes}} rpm: - if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0]) }} + if: > + ${{ + !failure() && !cancelled() + && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) + && contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0]) + && contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0]) + }} name: RPM uses: ./.github/workflows/bake.yml with: @@ -73,7 +85,11 @@ jobs: includes: ${{inputs.includes}} static: - if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) }} + if: > + ${{ + !failure() && !cancelled() + && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) + }} name: Standalone uses: ./.github/workflows/bake.yml with: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index cca09f3c..ff29493a 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -44,8 +44,66 @@ on: dockerhub_token: jobs: + packages: + if: > + ${{ + !failure() && !cancelled() + && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) + }} + name: Publish packages + runs-on: ${{matrix.machine}} + continue-on-error: true + strategy: + fail-fast: false + matrix: + target: > + ${{fromJSON('[ + ["standalone", "tuwunel"] + ["pkg-deb","tuwunel_1.0.0-1_amd64.deb"], + ["pkg-rpm","tuwunel-1.0.0-1.x86_64.rpm"], + ]')}} + cargo_profile: ${{fromJSON(inputs.cargo_profiles)}} + rust_toolchain: ${{fromJSON(inputs.rust_toolchains)}} + feat_set: ${{fromJSON('["all"]')}} + sys_name: ${{fromJSON(inputs.sys_names)}} + sys_version: ${{fromJSON(inputs.sys_versions)}} + rust_target: ${{fromJSON(inputs.rust_targets)}} + sys_target: ${{fromJSON(inputs.sys_targets)}} + machine: ${{fromJSON(inputs.machines)}} + exclude: ${{fromJSON(inputs.excludes)}} + include: ${{fromJSON(inputs.includes)}} + + steps: + - name: Extract + env: + file: ${{matrix.target[1]}} + iid: + ${{matrix.target[0]}} + --${{matrix.cargo_profile}} + --${{matrix.rust_toolchain}} + --${{matrix.rust_target}} + --${{matrix.feat_set}} + --${{matrix.sys_name}} + --${{matrix.sys_version}} + --${{matrix.sys_target}} + + run: | + cid=$(docker create "$iid" /) + docker cp "$cid:$file" . + + - name: Upload Artifacts + uses: actions/upload-artifact@v4 + with: + path: ${{matrix.target[1]}} + name: ${{matrix.target[1]}}-${{matrix.cargo_profile}} + containers: - if: ${{ !failure() && !cancelled() && inputs.docker_repo }} + if: > + ${{ + !failure() && !cancelled() + && inputs.docker_repo + && github.ref == 'refs/heads/main' + }} name: Publish containers runs-on: ${{matrix.machine}} permissions: write-all @@ -97,39 +155,3 @@ jobs: run: | docker/bake.sh "${{matrix.bake_target}}" - - packages: - if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) }} - name: Publish packages - runs-on: ${{matrix.machine}} - continue-on-error: true - strategy: - fail-fast: false - matrix: - target: ${{fromJSON('[["pkg-rpm","tuwunel-1.0.0-1.x86_64.rpm"],["pkg-deb","tuwunel_1.0.0-1_amd64.deb"],["standalone", "tuwunel"]]')}} - cargo_profile: ${{fromJSON(inputs.cargo_profiles)}} - rust_toolchain: ${{fromJSON(inputs.rust_toolchains)}} - feat_set: ${{fromJSON('["all"]')}} - sys_name: ${{fromJSON(inputs.sys_names)}} - sys_version: ${{fromJSON(inputs.sys_versions)}} - rust_target: ${{fromJSON(inputs.rust_targets)}} - sys_target: ${{fromJSON(inputs.sys_targets)}} - machine: ${{fromJSON(inputs.machines)}} - exclude: ${{fromJSON(inputs.excludes)}} - include: ${{fromJSON(inputs.includes)}} - - steps: - - name: Extract - env: - iid: ${{matrix.target[0]}}--${{matrix.cargo_profile}}--${{matrix.rust_toolchain}}--${{matrix.rust_target}}--${{matrix.feat_set}}--${{matrix.sys_name}}--${{matrix.sys_version}}--${{matrix.sys_target}} - file: ${{matrix.target[1]}} - - run: | - cid=$(docker create "$iid" /) - docker cp "$cid:$file" . - - - name: Upload Artifacts - uses: actions/upload-artifact@v4 - with: - name: ${{matrix.target[1]}}-${{matrix.cargo_profile}} - path: ${{matrix.target[1]}} diff --git a/docker/bake.sh b/docker/bake.sh index ded8667e..fd335927 100755 --- a/docker/bake.sh +++ b/docker/bake.sh @@ -58,7 +58,7 @@ sys_versions="${env_sys_versions:-$default_sys_versions}" docker_dir="$PWD/$BASEDIR" runner_name=$(echo $RUNNER_NAME | cut -d"." -f1) runner_num=$(echo $RUNNER_NAME | cut -d"." -f2) -builder_name="owo" +builder_name="${GITHUB_ACTOR:-owo}" rocksdb_opt_level=3 rocksdb_portable=1 git_checkout="HEAD"