name: Rust
on:
push:
pull_request:
env:
CARGO_TERM_COLOR: always
jobs:
setup:
name: Setup
runs-on: ubuntu-slim
outputs:
targets: ${{ steps.targets.outputs.targets }}
steps:
- uses: actions/checkout@v6
- id: targets
run: echo "targets=$(cat .github/targets.json | jq -c)" >> $GITHUB_OUTPUT
fmt:
name: Format
runs-on: ubuntu-slim
steps:
- uses: actions/checkout@v6
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
components: rustfmt
- run: cargo fmt --check
clippy:
name: Clippy
runs-on: ubuntu-slim
steps:
- uses: actions/checkout@v6
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
components: clippy
- run: cargo clippy -- -D warnings
msrv:
name: MSRV
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: taiki-e/install-action@cargo-hack
- run: cargo hack check --rust-version --workspace --all-targets
test:
name: Test (${{ matrix.os }})
needs: [setup]
runs-on: ${{ matrix.os }}
strategy:
matrix:
include: ${{ fromJson(needs.setup.outputs.targets) }}
steps:
- uses: actions/checkout@v6
- uses: actions-rust-lang/setup-rust-toolchain@v1
- run: cargo test
coverage:
name: Coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions-rust-lang/setup-rust-toolchain@v1
- uses: taiki-e/install-action@cargo-llvm-cov
- run: cargo llvm-cov --lcov --output-path lcov.info
- uses: codecov/codecov-action@v5
with:
files: lcov.info
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
build:
name: Build (${{ matrix.artifact }})
needs: [setup]
runs-on: ${{ matrix.os }}
permissions:
id-token: write
attestations: write
strategy:
matrix:
include: ${{ fromJson(needs.setup.outputs.targets) }}
steps:
- uses: actions/checkout@v6
- uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Build release binary
run: cargo build --release
- name: Rename binary
shell: bash
run: mv "target/release/${{ matrix.bin }}" "${{ matrix.artifact }}"
- name: Attest provenance
uses: actions/attest-build-provenance@v3
with:
subject-path: ${{ matrix.artifact }}
- name: Upload artifact
uses: actions/upload-artifact@v6
with:
name: ${{ matrix.artifact }}
path: ${{ matrix.artifact }}
required-checks:
name: Required Checks
if: always()
needs: [fmt, clippy, msrv, test, build]
runs-on: ubuntu-latest
steps:
- if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
run: exit 1
release-please:
name: Release Please
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
outputs:
release_created: ${{ steps.release.outputs.release_created }}
tag_name: ${{ steps.release.outputs.tag_name }}
steps:
- uses: googleapis/release-please-action@v4
id: release
with:
config-file: release-please-config.json
manifest-file: .release-please-manifest.json
should-release:
name: Should release
if: needs.release-please.outputs.release_created == 'true'
needs: [release-please, required-checks]
runs-on: ubuntu-latest
steps:
- run: echo "Releasing ${{ needs.release-please.outputs.tag_name }}"
release-github:
name: Release (GitHub)
needs: [release-please, should-release]
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Download all artifacts
uses: actions/download-artifact@v7
with:
path: artifacts
merge-multiple: true
- name: Upload binaries to release
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ needs.release-please.outputs.tag_name }}
files: artifacts/*
publish:
name: Publish to crates.io
needs: [should-release]
runs-on: ubuntu-latest
environment: crates-io
permissions:
id-token: write
steps:
- uses: actions/checkout@v6
- uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Authenticate with crates.io
id: auth
uses: rust-lang/crates-io-auth-action@v1
- run: cargo publish
env:
CARGO_REGISTRY_TOKEN: ${{ steps.auth.outputs.token }}
docker:
name: Docker
needs: [release-please, should-release]
runs-on: ubuntu-latest
environment: docker
permissions:
packages: write
steps:
- uses: actions/checkout@v6
- name: Set up QEMU
uses: docker/setup-qemu-action@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/twangodev/gemote
${{ vars.DOCKERHUB_USERNAME }}/gemote
tags: |
type=semver,pattern={{version}},value=${{ needs.release-please.outputs.tag_name }}
type=semver,pattern={{major}}.{{minor}},value=${{ needs.release-please.outputs.tag_name }}
type=raw,value=latest
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}