studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
main
tuwunel/.github/workflows/publish.yml
Jason Volk 1a5b552cd6 ci: Upgrade docker/login-action. 
Signed-off-by: Jason Volk <jason@zemos.net>
2026-03-12 02:18:03 +00:00

338 lines
10 KiB
YAML
Raw Permalink Blame History

name: Publish
on:
workflow_call:
secrets:
ghcr_token:
dockerhub_token:
inputs:
cargo_profiles:
type: string
description: Cargo profiles
feat_sets:
type: string
description: Cargo feature groups
rust_toolchains:
type: string
description: Rust toolchains
sys_names:
type: string
description: System names
sys_versions:
type: string
description: System versions
rust_targets:
type: string
description: Rust targets
sys_targets:
type: string
description: System targets
machines:
type: string
description: Hardware platform vector
excludes:
type: string
default: '[]'
description: Matrix exclusions
includes:
type: string
default: '[]'
description: Matrix inclusions
checkout:
type: string
default: 'HEAD'
docker_repo:
type: string
description: DockerHub Repository
docker_acct:
type: string
description: DockerHub account name
release_url:
type: string
description: For release assets
pages_url:
type: string
description: For pages deployment
jobs:
documents:
if: >
!failure() && !cancelled()
&& (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/v'))
&& !contains(github.ref, '-draft')
name: Documents
runs-on: ['X64', 'het']
permissions:
contents: read
id-token: write
pages: write
environment:
name: github-pages
url: ${{inputs.pages_url}}
steps:
- id: book
name: Book
uses: actions/deploy-pages@v4
containers:
if: >
!failure() && !cancelled()
&& inputs.machines
&& inputs.docker_repo != ''
&& (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/v'))
name: Containers
runs-on: ${{matrix.machine}}
permissions: write-all
strategy:
fail-fast: true
matrix:
bake_target: ${{fromJSON('["docker_io", "ghcr_io"]')}}
cargo_profile: ${{fromJSON(inputs.cargo_profiles)}}
rust_toolchain: ${{fromJSON(inputs.rust_toolchains)}}
feat_set: ${{fromJSON(inputs.feat_sets)}}
sys_name: ${{fromJSON(inputs.sys_names)}}
sys_version: ${{fromJSON(inputs.sys_versions)}}
rust_target: ${{fromJSON(inputs.rust_targets)}}
sys_target: ${{fromJSON(inputs.sys_targets)}}
machine: ${{fromJSON(inputs.machines)}}
exclude: ${{fromJSON(inputs.excludes)}}
include: ${{fromJSON(inputs.includes)}}
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
fetch-depth: 0
fetch-tags: true
- name: GitHub Login
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.ghcr_token }}
- name: DockerHub Login
uses: docker/login-action@v4
with:
registry: docker.io
username: ${{ inputs.docker_acct }}
password: ${{ secrets.dockerhub_token }}
- name: Bake
env:
bake_target: ${{matrix.bake_target}}
cargo_profile: ${{matrix.cargo_profile}}
rust_toolchain: ${{matrix.rust_toolchain}}
rust_target: ${{matrix.rust_target}}
feat_set: ${{matrix.feat_set}}
sys_name: ${{matrix.sys_name}}
sys_version: ${{matrix.sys_version}}
sys_target: ${{matrix.sys_target}}
machine: ${{matrix.machine}}
git_checkout: ${{inputs.checkout}}
acct: ${{github.actor}}
repo: ${{github.repository}}
docker_repo: ${{inputs.docker_repo}}
run: |
docker/bake.sh "${{matrix.bake_target}}"
bundles:
if: >
!failure() && !cancelled()
&& inputs.machines
&& inputs.docker_repo != ''
&& contains(fromJSON(inputs.cargo_profiles), fromJSON('["release"]')[0])
&& contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0])
&& contains(fromJSON(inputs.rust_toolchains), fromJSON('["stable"]')[0])
&& (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/v'))
name: Bundles
needs: [containers]
runs-on: 'het'
permissions: write-all
strategy:
fail-fast: true
matrix:
bake_target: ${{fromJSON('["docker_io", "ghcr_io"]')}}
cargo_profile: ${{fromJSON('["release"]')}}
feat_set: ${{fromJSON('["all"]')}}
rust_toolchain: ${{fromJSON('["stable"]')}}
sys_name: ${{fromJSON(inputs.sys_names)}}
sys_version: ${{fromJSON(inputs.sys_versions)}}
rust_target: ${{fromJSON(inputs.rust_targets)}}
sys_target: ${{fromJSON(inputs.sys_targets)}}
machine: ${{fromJSON(inputs.machines)}}
exclude: ${{fromJSON(inputs.excludes)}}
include: ${{fromJSON(inputs.includes)}}
steps:
- name: GitHub Login
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.ghcr_token }}
- name: DockerHub Login
uses: docker/login-action@v4
with:
registry: docker.io
username: ${{ inputs.docker_acct }}
password: ${{ secrets.dockerhub_token }}
- name: Release Branch
if: >
!failure() && !cancelled()
&& (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/v'))
env:
acct: ${{github.actor}}
ghcr_repo: ${{github.repository}}
docker_repo: ${{inputs.docker_repo}}
registry: ${{matrix.bake_target}}
cargo_profile: ${{matrix.cargo_profile}}
feat_set: ${{matrix.feat_set}}
sys_target: ${{matrix.sys_target}}
ref_name: ${{github.ref_name}}
run: |
registry="$(echo -n $registry | sed s/_/./)"
if test "$registry" = "ghcr.io"; then
repo="$ghcr_repo"
else
repo="$docker_repo"
fi
docker manifest create "${registry}/${repo}:${ref_name}" \
--amend "${registry}/${repo}:${ref_name}-${cargo_profile}-${feat_set}-${sys_target}"
- name: Release Preview
if: >
!failure() && !cancelled()
&& contains(github.ref, 'refs/tags/v')
&& !contains(github.ref, '-draft')
env:
acct: ${{github.actor}}
ghcr_repo: ${{github.repository}}
docker_repo: ${{inputs.docker_repo}}
registry: ${{matrix.bake_target}}
cargo_profile: ${{matrix.cargo_profile}}
feat_set: ${{matrix.feat_set}}
sys_target: ${{matrix.sys_target}}
ref_name: ${{github.ref_name}}
run: |
registry="$(echo -n $registry | sed s/_/./)"
if test "$registry" = "ghcr.io"; then
repo="$ghcr_repo"
else
repo="$docker_repo"
fi
docker manifest create "${registry}/${repo}:preview" \
--amend "${registry}/${repo}:${ref_name}-${cargo_profile}-${feat_set}-${sys_target}"
- name: Release Latest
if: >
!failure() && !cancelled()
&& contains(github.ref, 'refs/tags/v')
&& !contains(github.ref, '-draft')
&& !contains(github.ref, '-rc')
env:
acct: ${{github.actor}}
ghcr_repo: ${{github.repository}}
docker_repo: ${{inputs.docker_repo}}
registry: ${{matrix.bake_target}}
cargo_profile: ${{matrix.cargo_profile}}
feat_set: ${{matrix.feat_set}}
sys_target: ${{matrix.sys_target}}
ref_name: ${{github.ref_name}}
run: |
registry="$(echo -n $registry | sed s/_/./)"
if test "$registry" = "ghcr.io"; then
repo="$ghcr_repo"
else
repo="$docker_repo"
fi
docker manifest create "${registry}/${repo}:latest" \
--amend "${registry}/${repo}:${ref_name}-${cargo_profile}-${feat_set}-${sys_target}"
delivery:
if: >
!failure() && !cancelled()
&& inputs.machines
&& inputs.docker_repo != ''
&& (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/v'))
name: Delivery
needs: [bundles, documents]
runs-on: 'het'
permissions: write-all
steps:
- name: GitHub Login
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.ghcr_token }}
- name: DockerHub Login
uses: docker/login-action@v4
with:
registry: docker.io
username: ${{ inputs.docker_acct }}
password: ${{ secrets.dockerhub_token }}
- name: Push Branch
if: >
!failure() && !cancelled()
&& (github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags/v'))
env:
ref_name: ${{github.ref_name}}
ghcr_repo: ${{github.repository}}
docker_repo: ${{inputs.docker_repo}}
run: |
docker manifest push -p "ghcr.io/${ghcr_repo}:${ref_name}"
docker manifest push -p "docker.io/${docker_repo}:${ref_name}"
- name: Push Preview
if: >
!failure() && !cancelled()
&& contains(github.ref, 'refs/tags/v')
&& !contains(github.ref, '-draft')
env:
ghcr_repo: ${{github.repository}}
docker_repo: ${{inputs.docker_repo}}
run: |
docker manifest push -p "ghcr.io/${ghcr_repo}:preview"
docker manifest push -p "docker.io/${docker_repo}:preview"
- name: Push Latest
if: >
!failure() && !cancelled()
&& contains(github.ref, 'refs/tags/v')
&& !contains(github.ref, '-draft')
&& !contains(github.ref, '-rc')
env:
ghcr_repo: ${{github.repository}}
docker_repo: ${{inputs.docker_repo}}
run: |
docker manifest push -p "ghcr.io/${ghcr_repo}:latest"
docker manifest push -p "docker.io/${docker_repo}:latest"
Reference in New Issue View Git Blame Copy Permalink