Continuous Deployment #438
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Deployment | |
on: | |
workflow_dispatch: | |
schedule: | |
# “At 00:10.” | |
# https://crontab.guru/#10_0_*_*_* | |
- cron: "10 0 * * *" | |
defaults: | |
run: | |
shell: bash | |
env: | |
BINARY_NAME: rustic-server | |
BINARY_NIGHTLY_DIR: rustic_server | |
jobs: | |
publish: | |
if: ${{ github.repository_owner == 'rustic-rs' && github.ref == 'refs/heads/main' }} | |
name: Publishing ${{ matrix.job.target }} | |
runs-on: ${{ matrix.job.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
rust: [stable] | |
job: | |
- os: windows-latest | |
os-name: windows | |
target: x86_64-pc-windows-msvc | |
architecture: x86_64 | |
binary-postfix: ".exe" | |
use-cross: false | |
# Disabled for now, as aws-lc-sys needs bindgen-cli for manual build with CMake in cross | |
# - os: windows-latest | |
# os-name: windows | |
# target: x86_64-pc-windows-gnu | |
# architecture: x86_64 | |
# binary-postfix: ".exe" | |
# use-cross: false | |
- os: macos-13 | |
os-name: macos | |
target: x86_64-apple-darwin | |
architecture: x86_64 | |
binary-postfix: "" | |
use-cross: false | |
- os: macos-latest | |
os-name: macos | |
target: aarch64-apple-darwin | |
architecture: arm64 | |
binary-postfix: "" | |
use-cross: false | |
- os: ubuntu-latest | |
os-name: linux | |
target: x86_64-unknown-linux-gnu | |
architecture: x86_64 | |
binary-postfix: "" | |
use-cross: false | |
- os: ubuntu-latest | |
os-name: linux | |
target: x86_64-unknown-linux-musl | |
architecture: x86_64 | |
binary-postfix: "" | |
use-cross: false | |
- os: ubuntu-latest | |
os-name: linux | |
target: aarch64-unknown-linux-gnu | |
architecture: arm64 | |
binary-postfix: "" | |
use-cross: true | |
- os: ubuntu-latest | |
os-name: linux | |
target: i686-unknown-linux-gnu | |
architecture: i686 | |
binary-postfix: "" | |
use-cross: true | |
# TODO!: This needs a fix, linking `execinfo` fails | |
# + Disabled for now, as aws-lc-sys needs bindgen-cli for manual build with CMake in cross | |
# - os: ubuntu-latest | |
# os-name: netbsd | |
# target: x86_64-unknown-netbsd | |
# architecture: x86_64 | |
# binary-postfix: "" | |
# use-cross: true | |
# Disabled for now, as aws-lc-sys needs bindgen-cli for manual build with CMake in cross | |
# - os: ubuntu-latest | |
# os-name: linux | |
# target: armv7-unknown-linux-gnueabihf | |
# architecture: armv7 | |
# binary-postfix: "" | |
# use-cross: true | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 # fetch all history so that git describe works | |
- name: Create binary artifact | |
uses: rustic-rs/create-binary-artifact-action@main # dev | |
with: | |
toolchain: ${{ matrix.rust }} | |
target: ${{ matrix.job.target }} | |
use-cross: ${{ matrix.job.use-cross }} | |
describe-tag-suffix: -nightly | |
binary-postfix: ${{ matrix.job.binary-postfix }} | |
os: ${{ runner.os }} | |
binary-name: ${{ env.BINARY_NAME }} | |
package-secondary-name: nightly-${{ matrix.job.target}} | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
gpg-release-private-key: ${{ secrets.GPG_RELEASE_PRIVATE_KEY }} | |
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
rsign-release-private-key: ${{ secrets.RSIGN_RELEASE_PRIVATE_KEY }} | |
rsign-passphrase: ${{ secrets.RSIGN_PASSPHRASE }} | |
github-ref: ${{ github.ref }} | |
sign-release: true | |
hash-release: true | |
use-project-version: false | |
publish-nightly: | |
if: ${{ github.repository_owner == 'rustic-rs' && github.ref == 'refs/heads/main' }} | |
name: Publishing nightly builds | |
needs: publish | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download all workflow run artifacts | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 | |
- name: Releasing nightly builds | |
shell: bash | |
run: | | |
# set up some directories | |
WORKING_DIR=$(mktemp -d) | |
DEST_DIR=$BINARY_NIGHTLY_DIR | |
# set up the github deploy key | |
mkdir -p ~/.ssh | |
echo "${{ secrets.NIGHTLY_RELEASE_KEY }}" > ~/.ssh/id_ed25519 | |
chmod 600 ~/.ssh/id_ed25519 | |
# set up git | |
git config --global user.name "${{ github.actor }}" | |
git config --global user.email "${{ github.actor }}" | |
ssh-keyscan -H github.com > ~/.ssh/known_hosts | |
GIT_SSH='ssh -i ~/.ssh/id_ed25519 -o UserKnownHostsFile=~/.ssh/known_hosts' | |
# clone the repo into our working directory | |
# we use --depth 1 to avoid cloning the entire history | |
# and only the main branch to avoid cloning all branches | |
GIT_SSH_COMMAND=$GIT_SSH git clone [email protected]:rustic-rs/nightly.git --branch main --single-branch --depth 1 $WORKING_DIR | |
# ensure destination directory exists | |
mkdir -p $WORKING_DIR/$DEST_DIR | |
# do the copy | |
for i in binary-*; do cp -a $i/* $WORKING_DIR/$DEST_DIR; done | |
# create the commit | |
cd $WORKING_DIR | |
git add . | |
git commit -m "${{ github.job }} from https://github.com/${{ github.repository }}/commit/${{ github.sha }}" || echo | |
GIT_SSH_COMMAND=$GIT_SSH git pull --rebase | |
GIT_SSH_COMMAND=$GIT_SSH git push |