name: Release
on:
push:
tags:
- 'v*'
env:
CARGO_TERM_COLOR: always
jobs:
prepare:
name: Bump Cargo.toml version
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- uses: dtolnay/rust-toolchain@stable
- name: Commit version bump and re-tag
run: |
VERSION="${GITHUB_REF_NAME#v}"
sed -i.bak "s/^version = \"[^\"]*\"/version = \"$VERSION\"/" Cargo.toml
rm -f Cargo.toml.bak
cargo update --workspace
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git add Cargo.toml Cargo.lock
if git diff --staged --quiet; then
echo "Version already up to date, no commit needed"
else
git commit -m "chore: bump version to $VERSION [skip ci]"
git push origin HEAD:main
git tag -f "$GITHUB_REF_NAME"
git push origin "$GITHUB_REF_NAME" --force
fi
test:
name: Verify tests pass before release
needs: prepare
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- uses: dtolnay/rust-toolchain@stable
- run: cargo test --no-default-features
- run: cargo test --features mcp
build:
name: Build ${{ matrix.target }}
needs: test
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: ubuntu-latest
target: x86_64-unknown-linux-musl
artifact: pqaudit-linux-x86_64
rustflags: "-C target-feature=+crt-static"
- os: ubuntu-latest
target: aarch64-unknown-linux-musl
artifact: pqaudit-linux-aarch64
rustflags: "-C target-feature=+crt-static"
use_cross: true
- os: macos-latest
target: x86_64-apple-darwin
artifact: pqaudit-macos-x86_64
rustflags: ""
- os: macos-latest
target: aarch64-apple-darwin
artifact: pqaudit-macos-aarch64
rustflags: ""
- os: windows-latest
target: x86_64-pc-windows-msvc
artifact: pqaudit-windows-x86_64.exe
rustflags: ""
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.target }}
- uses: Swatinem/rust-cache@v2
with:
key: ${{ matrix.target }}
- name: Install musl-tools (x86_64 linux musl)
if: matrix.target == 'x86_64-unknown-linux-musl'
run: sudo apt-get update -y && sudo apt-get install -y musl-tools
- name: Install cross (aarch64 linux musl)
if: matrix.use_cross
uses: taiki-e/install-action@cross
- name: Build release binary (cross)
if: matrix.use_cross == true
env:
RUSTFLAGS: ${{ matrix.rustflags }}
run: cross build --release --target ${{ matrix.target }}
- name: Build release binary
if: matrix.use_cross != true
env:
RUSTFLAGS: ${{ matrix.rustflags }}
run: cargo build --release --target ${{ matrix.target }}
- name: Rename binary (unix)
if: runner.os != 'Windows'
run: |
cp target/${{ matrix.target }}/release/pqaudit ${{ matrix.artifact }}
- name: Rename binary (windows)
if: runner.os == 'Windows'
run: |
cp target/${{ matrix.target }}/release/pqaudit.exe ${{ matrix.artifact }}
- uses: actions/upload-artifact@v4
with:
name: ${{ matrix.artifact }}
path: ${{ matrix.artifact }}
release:
name: Create GitHub Release
needs: build
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- uses: actions/download-artifact@v4
with:
path: artifacts
merge-multiple: true
- name: Create release and upload binaries
uses: softprops/action-gh-release@v2
with:
files: artifacts/*
generate_release_notes: true
prerelease: ${{ contains(github.ref_name, '-') }}
make_latest: ${{ !contains(github.ref_name, '-') }}
- name: Update floating major version tag
if: ${{ !contains(github.ref_name, '-') }}
run: |
TAG="${GITHUB_REF_NAME}"
MAJOR="${TAG%%.*}"
git tag -f "$MAJOR"
git push origin "$MAJOR" --force
publish:
name: Publish to crates.io
needs: release
if: ${{ !contains(github.ref_name, '-') }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- uses: dtolnay/rust-toolchain@stable
- name: Publish
env:
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
run: cargo publish