Skip to content

identity: add spire identity client #530

identity: add spire identity client

identity: add spire identity client #530

Workflow file for this run

name: release
on:
pull_request:
paths:
- .github/actions/package/*
- .github/workflows/release.yml
- justfile
- Cargo.toml # For release build settings
push:
tags:
- "release/*"
permissions:
contents: write
env:
CARGO_INCREMENTAL: 0
CARGO_NET_RETRY: 10
CHECKSEC_VERSION: 2.5.0
RUSTFLAGS: "-D warnings -A deprecated"
RUSTUP_MAX_RETRIES: 10
jobs:
cleanup:
runs-on: ubuntu-latest
permissions:
actions: write
steps:
- uses: styfle/cancel-workflow-action@01ce38bf961b4e243a6342cbade0dbc8ba3f0432
with:
all_but_latest: true
access_token: ${{ github.token }}
meta:
timeout-minutes: 5
runs-on: ubuntu-latest
steps:
- id: meta
shell: bash
run: |
shopt -s extglob
ref="${{ github.ref }}"
if [[ "$ref" == refs/tags/release/* ]]; then
ver="${ref##refs/tags/release/}"
if [[ "$ver" != v+([0-9]).+([0-9]).+([0-9])?(-+([a-z0-9-])) ]]; then
echo "Invalid version: $ver" >&2
exit 1
fi
( echo publish=true
echo version="${ver#v}"
echo archs='["amd64", "arm64", "arm"]'
) >> "$GITHUB_OUTPUT"
else
sha="${{ github.sha }}"
( echo version="0.0.0-test.${sha:0:7}"
echo archs='["amd64"]'
) >> "$GITHUB_OUTPUT"
fi
outputs:
archs: ${{ steps.meta.outputs.archs }}
publish: ${{ steps.meta.outputs.publish }}
version: ${{ steps.meta.outputs.version }}
package:
needs: [meta]
strategy:
matrix:
arch: ${{ fromJson(needs.meta.outputs.archs) }}
libc: [gnu] # musl
# If we're not actually building on a release tag, don't short-circuit on
# errors. This helps us know whether a failure is platform-specific.
continue-on-error: ${{ !needs.meta.outputs.publish }}
runs-on: ubuntu-latest
timeout-minutes: 40
container: docker://ghcr.io/linkerd/dev:v42-rust-musl
env:
LINKERD2_PROXY_VENDOR: ${{ github.repository_owner }}
LINKERD2_PROXY_VERSION: ${{ needs.meta.outputs.version }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- run: git config --global --add safe.directory "$PWD" # actions/runner#2033
- run: just fetch
- run: just arch=${{ matrix.arch }} libc=${{ matrix.libc }} rustup
- run: just arch=${{ matrix.arch }} libc=${{ matrix.libc }} profile=release build
- run: just arch=${{ matrix.arch }} libc=${{ matrix.libc }} profile=release package
- uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392
with:
name: ${{ matrix.arch }}-artifacts
path: target/package/*
publish:
needs: [meta, package]
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935
with:
path: artifacts
- run: du -h artifacts/**/*
- if: needs.meta.outputs.publish
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
with:
name: v${{ needs.meta.outputs.version }}
files: artifacts/**/*
generate_release_notes: true