mirror of
https://github.com/edera-dev/krata.git
synced 2025-08-02 21:00:55 +00:00
7143025adb
Bumps the dep-updates group with 1 update: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action).
Updates `docker/setup-buildx-action` from 3.5.0 to 3.6.1
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](aa33708b10...988b5a0280)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dep-updates
...
Signed-off-by: dependabot[bot] <support@github.com>
166 lines
6.3 KiB
YAML
166 lines
6.3 KiB
YAML
name: nightly
|
|
on:
|
|
workflow_dispatch:
|
|
schedule:
|
|
- cron: "0 10 * * *"
|
|
permissions:
|
|
contents: read
|
|
jobs:
|
|
full-build:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
arch:
|
|
- x86_64
|
|
- aarch64
|
|
env:
|
|
TARGET_ARCH: "${{ matrix.arch }}"
|
|
CI_NEEDS_FPM: "1"
|
|
name: nightly full build linux-${{ matrix.arch }}
|
|
steps:
|
|
- name: harden runner
|
|
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
|
|
with:
|
|
egress-policy: audit
|
|
- name: checkout repository
|
|
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
|
with:
|
|
submodules: recursive
|
|
- name: install stable rust toolchain with ${{ matrix.arch }}-unknown-linux-gnu and ${{ matrix.arch }}-unknown-linux-musl rust targets
|
|
run: |
|
|
rustup update --no-self-update stable
|
|
rustup default stable
|
|
rustup target add ${{ matrix.arch }}-unknown-linux-gnu ${{ matrix.arch }}-unknown-linux-musl
|
|
- name: install linux dependencies
|
|
run: ./hack/ci/install-linux-deps.sh
|
|
- name: build systemd bundle
|
|
run: ./hack/dist/bundle.sh
|
|
- name: upload systemd bundle
|
|
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
|
|
with:
|
|
name: krata-bundle-systemd-${{ matrix.arch }}
|
|
path: "target/dist/bundle-systemd-${{ matrix.arch }}.tgz"
|
|
compression-level: 0
|
|
- name: build deb package
|
|
run: ./hack/dist/deb.sh
|
|
- name: upload deb package
|
|
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
|
|
with:
|
|
name: krata-debian-${{ matrix.arch }}
|
|
path: "target/dist/*.deb"
|
|
compression-level: 0
|
|
- name: build apk package
|
|
run: ./hack/dist/apk.sh
|
|
- name: upload apk package
|
|
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
|
|
with:
|
|
name: krata-alpine-${{ matrix.arch }}
|
|
path: "target/dist/*_${{ matrix.arch }}.apk"
|
|
compression-level: 0
|
|
kratactl-build:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
platform:
|
|
- { os: linux, arch: x86_64, on: ubuntu-latest, deps: linux }
|
|
- { os: linux, arch: aarch64, on: ubuntu-latest, deps: linux }
|
|
- { os: darwin, arch: x86_64, on: macos-14, deps: darwin }
|
|
- { os: darwin, arch: aarch64, on: macos-14, deps: darwin }
|
|
- { os: freebsd, arch: x86_64, on: ubuntu-latest, deps: linux }
|
|
- { os: windows, arch: x86_64, on: windows-latest, deps: windows }
|
|
env:
|
|
TARGET_OS: "${{ matrix.platform.os }}"
|
|
TARGET_ARCH: "${{ matrix.platform.arch }}"
|
|
runs-on: "${{ matrix.platform.on }}"
|
|
name: nightly kratactl build ${{ matrix.platform.os }}-${{ matrix.platform.arch }}
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
steps:
|
|
- name: harden runner
|
|
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
|
|
with:
|
|
egress-policy: audit
|
|
- name: configure git line endings
|
|
run: git config --global core.autocrlf false && git config --global core.eol lf
|
|
if: ${{ matrix.platform.os == 'windows' }}
|
|
- name: checkout repository
|
|
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
|
with:
|
|
submodules: recursive
|
|
- name: install stable rust toolchain
|
|
run: |
|
|
rustup update --no-self-update stable
|
|
rustup default stable
|
|
- name: install ${{ matrix.platform.arch }}-apple-darwin rust target
|
|
run: "rustup target add --toolchain stable ${{ matrix.platform.arch }}-apple-darwin"
|
|
if: ${{ matrix.platform.os == 'darwin' }}
|
|
- name: setup homebrew
|
|
uses: homebrew/actions/setup-homebrew@4b34604e75af8f8b23b454f0b5ffb7c5d8ce0056 # master
|
|
if: ${{ matrix.platform.os == 'darwin' }}
|
|
- name: install ${{ matrix.platform.deps }} dependencies
|
|
run: ./hack/ci/install-${{ matrix.platform.deps }}-deps.sh
|
|
- name: cargo build kratactl
|
|
run: ./hack/build/cargo.sh build --release --bin kratactl
|
|
- name: upload kratactl
|
|
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
|
|
with:
|
|
name: kratactl-${{ matrix.platform.os }}-${{ matrix.platform.arch }}
|
|
path: "target/*/release/kratactl"
|
|
if: ${{ matrix.platform.os != 'windows' }}
|
|
- name: upload kratactl
|
|
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
|
|
with:
|
|
name: kratactl-${{ matrix.platform.os }}-${{ matrix.platform.arch }}
|
|
path: "target/*/release/kratactl.exe"
|
|
if: ${{ matrix.platform.os == 'windows' }}
|
|
oci-build:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
component:
|
|
- kratactl
|
|
- kratad
|
|
- kratanet
|
|
- krata-zone
|
|
name: nightly oci build ${{ matrix.component }}
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
packages: write
|
|
steps:
|
|
- name: harden runner
|
|
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
|
|
with:
|
|
egress-policy: audit
|
|
- name: checkout repository
|
|
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
|
with:
|
|
submodules: recursive
|
|
- name: install cosign
|
|
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
|
|
- name: setup docker buildx
|
|
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
|
|
- name: login to container registry
|
|
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
|
|
with:
|
|
registry: ghcr.io
|
|
username: "${{ github.actor }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
- name: docker build and push ${{ matrix.component }}
|
|
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
|
|
id: push
|
|
with:
|
|
file: ./images/Dockerfile.${{ matrix.component }}
|
|
platforms: linux/amd64,linux/aarch64
|
|
tags: "ghcr.io/edera-dev/${{ matrix.component }}:nightly"
|
|
push: true
|
|
- name: cosign sign ${{ matrix.component }}
|
|
run: cosign sign --yes "${TAGS}@${DIGEST}"
|
|
env:
|
|
DIGEST: "${{ steps.push.outputs.digest }}"
|
|
TAGS: "ghcr.io/edera-dev/${{ matrix.component }}:nightly"
|
|
COSIGN_EXPERIMENTAL: "true"
|