name: Build
on:
push:
branches: [ "main" ]
tags: [ "*" ]
pull_request:
branches: [ "main" ]
merge_group:
permissions: read-all
jobs:
build:
strategy:
fail-fast: false
matrix:
include:
- build: linux-musl
os: ubuntu-24.04
target: x86_64-unknown-linux-musl
- build: ubuntu-24.04
os: ubuntu-24.04
target:
- build: macos
os: macos-latest
target:
- build: windows
os: windows-latest
target:
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v6
- run: rustup update
- run: rustup target add ${{ matrix.target }}
if: ${{ matrix.target }}
- uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4
- uses: baptiste0928/cargo-install@f204293d9709061b7bc1756fec3ec4e2cd57dec0
with:
crate: cargo-deny
- uses: baptiste0928/cargo-install@f204293d9709061b7bc1756fec3ec4e2cd57dec0
with:
crate: typos-cli
- uses: baptiste0928/cargo-install@f204293d9709061b7bc1756fec3ec4e2cd57dec0
with:
crate: cargo-deb
if: matrix.build == 'ubuntu-24.04'
- run: sudo apt-get install -y --no-install-recommends musl-tools
shell: bash
if: matrix.build == 'linux-musl'
- run: eng/build.sh ${{ matrix.target }}
shell: bash
- uses: actions/upload-artifact@v7
if: matrix.build == 'windows'
with:
name: ${{ matrix.build }}
path: |
target/x86_64-pc-windows-msvc/release/az-pim.exe
target/x86_64-pc-windows-msvc/release/dump-roles.exe
if-no-files-found: error
- uses: actions/upload-artifact@v7
if: matrix.build == 'macos'
with:
name: ${{ matrix.build }}
path: |
target/aarch64-apple-darwin/release/az-pim
target/aarch64-apple-darwin/release/dump-roles
if-no-files-found: error
- uses: actions/upload-artifact@v7
if: matrix.build == 'linux-musl'
with:
name: ${{ matrix.build }}
path: |
target/x86_64-unknown-linux-musl/release/az-pim
target/x86_64-unknown-linux-musl/release/dump-roles
if-no-files-found: error
- uses: actions/upload-artifact@v7
if: startsWith(matrix.build, 'ubuntu-')
with:
name: ${{ matrix.build }}
path: target/x86_64-unknown-linux-gnu/debian/*.deb
if-no-files-found: error
release:
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
needs: build
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/download-artifact@v8
with:
path: artifacts
- run: find artifacts
- name: Get the release version from the tag
run: echo "VERSION=${{ github.ref_name }}" >> $GITHUB_ENV
- name: show version
run: |
echo "version is: $VERSION"
- name: Check that tag version and Cargo.toml version are the same
shell: bash
run: |
if ! grep -q "version = \"$VERSION\"" Cargo.toml; then
echo "version does not match Cargo.toml" >&2
exit 1
fi
- name: rename artifacts
run: |
set -ex
mv artifacts/macos/az-pim artifacts/macos/az-pim-macos-${VERSION}
mv artifacts/macos/dump-roles artifacts/macos/dump-roles-macos-${VERSION}
mv artifacts/windows/az-pim.exe artifacts/windows/az-pim-windows-${VERSION}.exe
mv artifacts/windows/dump-roles.exe artifacts/windows/dump-roles-windows-${VERSION}.exe
mv artifacts/linux-musl/az-pim artifacts/linux-musl/az-pim-linux-musl-${VERSION}
mv artifacts/linux-musl/dump-roles artifacts/linux-musl/dump-roles-linux-musl-${VERSION}
for ubuntu_rev in 24.04; do
for file in artifacts/ubuntu-${ubuntu_rev}/*.deb; do
mv "$file" "${file%.deb}_${ubuntu_rev}.deb"
done
done
find artifacts
- name: Create GitHub release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -ex
gh release create $VERSION --draft --verify-tag --title $VERSION
gh release upload $VERSION $(find artifacts -type f)