Publish crate httm 0.44.1 from #2095 #85
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: httm stable build | |
| on: | |
| push: | |
| branches: [ trigger/stable ] | |
| workflow_dispatch: | |
| permissions: { } | |
| env: | |
| INDEX: https://github.com/cargo-prebuilt/index/releases/download/stable-index/ | |
| CRATE: httm | |
| VERSION: 0.44.1 | |
| DL: https://static.crates.io/crates/httm/httm-0.44.1.crate | |
| CHECKSUM: 4e0fc15f4ed67bc6fef56d667081febc01542d3cbaea2ce2d7a78f882ecdfb51 | |
| GIT: https://github.com/kimono-koans/httm | |
| BINS: httm | |
| FILE: ./crates/httm.toml | |
| CARGO_TERM_COLOR: always | |
| python-version: "3.13" | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Cache | |
| uses: actions/cache@v4 | |
| id: cache | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.CRATE }}-${{ env.VERSION }}-stable-crate | |
| enableCrossOsArchive: true | |
| - name: Create Folder | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: mkdir -p ./build | |
| - name: Download crate and check hash | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: | | |
| wget "${DL}" | |
| echo "${CHECKSUM} ${CRATE}-${VERSION}.crate" | sha256sum -c | |
| tar -xf "${CRATE}-${VERSION}.crate" | |
| mv "${CRATE}-${VERSION}"/* ./build | |
| - name: Update Rust | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| run: | | |
| rustup update | |
| rustc --version | |
| - name: Generated lockfile if needed | |
| if: ${{ !steps.cache.outputs.cache-hit }} | |
| working-directory: ./build | |
| run: test -f Cargo.lock || cargo +stable generate-lockfile --verbose | |
| reports: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| crate-license: ${{ steps.get_toml.outputs.license }} | |
| crate-description: ${{ steps.get_toml.outputs.description }} | |
| needs: [ setup ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.python-version }} | |
| - name: Get deps and crates from cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.CRATE }}-${{ env.VERSION }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - name: Cache Advisory DB | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cargo/advisory-db | |
| key: stable-advisory-db | |
| - name: Update Rust | |
| run: | | |
| rustup update | |
| rustc --version | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v4 | |
| with: | |
| prebuilt-verify: minisign | |
| pkgs: cargo-audit | |
| - name: Get license and desc | |
| id: get_toml | |
| working-directory: ./build | |
| run: | | |
| echo "license=$(python ../scripts/crate-info.py 'license')" >> "${GITHUB_OUTPUT}" | |
| { | |
| echo 'description<<EOF' | |
| python ../scripts/crate-info.py 'description' | |
| echo EOF | |
| } >> "${GITHUB_OUTPUT}" | |
| - name: Generate license report | |
| working-directory: ./build | |
| env: | |
| LICENSE: ${{ steps.get_toml.outputs.license }} | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../license.report && echo "Crates.io license metadata: ${LICENSE}" >> ../license.report | |
| echo "Found license texts:" >> ../license.report | |
| tail -n +1 ./*LICENSE* >> ../license.report || true | |
| tail -n +1 ./*license* >> ../license.report || true | |
| tail -n +1 ./*License* >> ../license.report || true | |
| - name: Generate deps report | |
| working-directory: ./build | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../deps.report && cargo +stable tree --verbose --locked -e normal,build >> ../deps.report | |
| - name: Generate audit report | |
| working-directory: ./build | |
| run: | | |
| echo "Generated on: $(date --utc)" > ../audit.report && cargo audit >> ../audit.report || true | |
| - name: Output reports | |
| run: | | |
| { | |
| echo "### License:" | |
| echo "\`\`\`" | |
| cat license.report | |
| echo "\`\`\`" | |
| echo "### Deps:" | |
| echo "\`\`\`" | |
| cat deps.report | |
| echo "\`\`\`" | |
| echo "### Audit:" | |
| echo "\`\`\`" | |
| cat audit.report | |
| echo "\`\`\`" | |
| } >> "${GITHUB_STEP_SUMMARY}" | |
| - name: Store reports | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: reports | |
| retention-days: 1 | |
| path: "*.report" | |
| t1-cross: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-unknown-linux-gnu, x86_64-unknown-linux-musl, aarch64-unknown-linux-gnu, aarch64-unknown-linux-musl ] | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| env: | |
| TARGET: ${{ matrix.target }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.python-version }} | |
| - name: Get crate from cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.CRATE }}-${{ env.VERSION }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| prefix-key: "v0-rust-${{ matrix.target }}-${{ env.CRATE }}-${{ env.VERSION }}" | |
| - name: Build with ink cross | |
| run: | | |
| docker run --rm \ | |
| --userns host --user "$(id -u):$(id -g)" \ | |
| -v "$HOME/.cargo/registry:/usr/local/cargo/registry" \ | |
| -v ./build:/project \ | |
| "ghcr.io/cargo-prebuilt/ink-cross:stable-${TARGET}" \ | |
| auditable build --verbose --release --locked --target "${TARGET}" | |
| - name: Collect | |
| run: python ./scripts/collect.py "${TARGET}" "./build/target/${TARGET}/release" "${BINS}" | |
| - name: Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: target-${{ matrix.target }} | |
| retention-days: 1 | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| t1-apple-darwin: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-apple-darwin, aarch64-apple-darwin ] | |
| runs-on: macos-latest | |
| needs: [ setup ] | |
| env: | |
| TARGET: ${{ matrix.target }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.python-version }} | |
| - name: Get crate from cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.CRATE }}-${{ env.VERSION }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| prefix-key: "v0-rust-${{ matrix.target }}-${{ env.CRATE }}-${{ env.VERSION }}" | |
| - name: Update Rust and Add Target | |
| run: | | |
| rustup update | |
| rustc --version | |
| rustup target add "${TARGET}" | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v4 | |
| with: | |
| prebuilt-verify: minisign | |
| pkgs: cargo-auditable | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cargo +stable auditable build --verbose --release --locked --target "${TARGET}" | |
| - name: Collect | |
| run: python ./scripts/collect.py "${TARGET}" "./build/target/${TARGET}/release" "${BINS}" | |
| - name: Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: target-${{ matrix.target }} | |
| retention-days: 1 | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| t2-cross: | |
| if: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ riscv64gc-unknown-linux-gnu,s390x-unknown-linux-gnu,powerpc64le-unknown-linux-gnu,armv7-unknown-linux-gnueabihf,armv7-unknown-linux-musleabihf ] | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| env: | |
| TARGET: ${{ matrix.target }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.python-version }} | |
| - name: Get crate from cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.CRATE }}-${{ env.VERSION }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| prefix-key: "v0-rust-${{ matrix.target }}-${{ env.CRATE }}-${{ env.VERSION }}" | |
| - name: Build with ink cross | |
| run: | | |
| docker run --rm \ | |
| --userns host --user "$(id -u):$(id -g)" \ | |
| -v "$HOME/.cargo/registry:/usr/local/cargo/registry" \ | |
| -v ./build:/project \ | |
| "ghcr.io/cargo-prebuilt/ink-cross:stable-${TARGET}" \ | |
| auditable build --verbose --release --locked --target "${TARGET}" | |
| - name: Collect | |
| run: python ./scripts/collect.py "${TARGET}" "./build/target/${TARGET}/release" "${BINS}" | |
| - name: Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: target-${{ matrix.target }} | |
| retention-days: 1 | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| t2-pc-windows-msvc: | |
| if: false | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ err_no_targets ] | |
| runs-on: windows-latest | |
| needs: [ setup ] | |
| env: | |
| TARGET: ${{ matrix.target }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.python-version }} | |
| - name: Get crate from cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.CRATE }}-${{ env.VERSION }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| prefix-key: "v0-rust-${{ matrix.target }}-${{ env.CRATE }}-${{ env.VERSION }}" | |
| - name: Update Rust and Add Target | |
| run: | | |
| rustup update | |
| rustc --version | |
| rustup target add "${Env:TARGET}" | |
| - uses: cargo-prebuilt/cargo-prebuilt-action@v4 | |
| with: | |
| prebuilt-verify: minisign | |
| pkgs: cargo-auditable | |
| - name: Build crate | |
| working-directory: ./build | |
| run: cargo +stable auditable build --verbose --release --locked --target "${Env:TARGET}" | |
| - name: Collect | |
| run: python ./scripts/collect.py "${Env:TARGET}" "./build/target/${Env:TARGET}/release" "${Env:BINS}" | |
| - name: Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: target-${{ matrix.target }} | |
| retention-days: 1 | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| t3-cross: | |
| if: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [ x86_64-unknown-freebsd,powerpc64-unknown-linux-gnu ] | |
| runs-on: ubuntu-latest | |
| needs: [ setup ] | |
| env: | |
| TARGET: ${{ matrix.target }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.python-version }} | |
| - name: Get crate from cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| build | |
| key: ${{ env.CRATE }}-${{ env.VERSION }}-stable-crate | |
| enableCrossOsArchive: true | |
| fail-on-cache-miss: true | |
| - uses: Swatinem/rust-cache@v2 | |
| if: ${{ !true }} | |
| with: | |
| workspaces: "./build -> target" | |
| prefix-key: "v0-rust-${{ matrix.target }}-${{ env.CRATE }}-${{ env.VERSION }}" | |
| - name: Build with ink cross | |
| run: | | |
| docker run --rm \ | |
| --userns host --user "$(id -u):$(id -g)" \ | |
| -v "$HOME/.cargo/registry:/usr/local/cargo/registry" \ | |
| -v ./build:/project \ | |
| "ghcr.io/cargo-prebuilt/ink-cross:stable-${TARGET}" \ | |
| auditable build --verbose --release --locked --target "${TARGET}" | |
| - name: Collect | |
| run: python ./scripts/collect.py "${TARGET}" "./build/target/${TARGET}/release" "${BINS}" | |
| - name: Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: target-${{ matrix.target }} | |
| retention-days: 1 | |
| path: | | |
| ${{ matrix.target }}.tar.gz | |
| ${{ matrix.target }}.hashes.json | |
| push-index: | |
| if: ${{ always() && !contains(needs.*.result, 'cancelled') && !contains(needs.setup.result, 'failure') && !contains(needs.reports.result, 'failure') && !contains(needs.t1-cross.result, 'failure') && !contains(needs.t1-apple-darwin.result, 'failure') && !contains(needs.t2-cross.result, 'failure') && !contains(needs.t2-pc-windows-msvc.result, 'failure') }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.python-version }} | |
| - name: Rust Version Guess | |
| run: | | |
| rustup update | |
| echo "RUSTC_VERSION=$(rustc --version)" >> "${GITHUB_ENV}" | |
| - uses: actions/download-artifact@v4 | |
| - name: DBG - List Structure | |
| run: ls -R | |
| - name: Merge hashes | |
| shell: bash | |
| run: | | |
| set -euxo pipefail | |
| echo -n "" > hashes.sha256 | |
| for D in ./target-*; do | |
| if [ -d "${D}" ]; then | |
| echo "${D}" | |
| pushd "${D}" | |
| echo "$(cat *.hashes.json | jq --raw-output '.archive[] | select(.type | test("sha256")) | .hash') " *.tar.gz >> ../hashes.sha256 | |
| popd | |
| fi | |
| done | |
| - name: Create info.json and hashes.json | |
| env: | |
| CRATE_LICENSE: ${{ needs.reports.outputs.crate-license }} | |
| CRATE_DESC: ${{ needs.reports.outputs.crate-description }} | |
| run: python ./scripts/info.py "${FILE}" "${VERSION}" "${CRATE_LICENSE}" "${CRATE_DESC}" "${RUSTC_VERSION}" | |
| - name: Sign info.json and hashes.json | |
| if: ${{ true }} | |
| env: | |
| SIGNING_KEY: ${{ secrets.MINISIGN_SIGNING_KEY }} | |
| run: | | |
| set -euxo pipefail | |
| eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" | |
| brew install minisign | |
| echo -n "${SIGNING_KEY}" | base64 --decode > ~/.minisign_secret.key | |
| minisign -S -s ~/.minisign_secret.key -m info.json | |
| minisign -S -s ~/.minisign_secret.key -m hashes.json | |
| minisign -V -p ./keys/cargo-prebuilt-index.pub -m info.json | |
| minisign -V -p ./keys/cargo-prebuilt-index.pub -m hashes.json | |
| rm -f ~/.minisign_secret.key | |
| - name: Artifact | |
| if: ${{ !true }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: final | |
| retention-days: 1 | |
| path: | | |
| info.json | |
| hashes.json | |
| hashes.sha256 | |
| reports/*.report | |
| target-*/*.tar.gz | |
| target-*/*.hashes.json | |
| - name: Create and push artifacts to release | |
| uses: ncipollo/release-action@v1 | |
| if: ${{ true }} | |
| with: | |
| tag: ${{ env.CRATE }}-${{ env.VERSION }} | |
| name: ${{ env.CRATE }}-${{ env.VERSION }} | |
| allowUpdates: true | |
| prerelease: true | |
| artifacts: "reports/*.report,target-*/*.tar.gz,hashes.sha256,*.minisig,hashes.json,info.json" | |
| body: "" | |
| - name: Create index file | |
| if: ${{ true }} | |
| run: echo "${VERSION}" > "${CRATE}" | |
| - name: Push to index | |
| uses: ncipollo/release-action@v1 | |
| if: ${{ true }} | |
| with: | |
| tag: stable-index | |
| allowUpdates: true | |
| makeLatest: true | |
| omitBodyDuringUpdate: true | |
| omitNameDuringUpdate: true | |
| artifacts: "${{ env.CRATE }}" | |
| banned-index: | |
| if: ${{ true && always() && !contains(needs.*.result, 'cancelled') && !contains(needs.setup.result, 'failure') && !contains(needs.reports.result, 'failure') && (contains(needs.t1-cross.result, 'failure') || contains(needs.t1-apple-darwin.result, 'failure') || contains(needs.t2-cross.result, 'failure') || contains(needs.t2-pc-windows-msvc.result, 'failure')) }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Create index file | |
| run: echo "${VERSION}" > "${CRATE}" | |
| - name: Push to index | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| tag: banned-index | |
| allowUpdates: true | |
| makeLatest: false | |
| omitBodyDuringUpdate: true | |
| omitNameDuringUpdate: true | |
| artifacts: "${{ env.CRATE }}" | |
| track-index: | |
| if: ${{ true && always() && !contains(needs.*.result, 'cancelled') && contains(needs.*.result, 'failure') }} | |
| runs-on: ubuntu-latest | |
| needs: [ setup, reports, t1-cross, t1-apple-darwin, t2-cross, t2-pc-windows-msvc, t3-cross ] | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Create index file | |
| run: echo "${VERSION}" > "${CRATE}" | |
| - name: Push to index | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| tag: track-index | |
| allowUpdates: true | |
| makeLatest: false | |
| omitBodyDuringUpdate: true | |
| omitNameDuringUpdate: true | |
| artifacts: "${{ env.CRATE }}" |