CD #34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CD | |
on: | |
release: | |
types: [published] | |
workflow_dispatch: | |
inputs: | |
tag_name: | |
description: "The tag name to use" | |
required: true | |
type: string | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
build: | |
strategy: | |
matrix: | |
arch: [x86_64-unknown-linux-musl, aarch64-unknown-linux-musl] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
key: "${{ matrix.arch }}" | |
- uses: taiki-e/install-action@v2 | |
with: | |
tool: cross | |
- name: Build | |
run: cross build --features vendor-openssl --release --target "${{ matrix.arch }}" | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: localauth0-${{ matrix.arch }} | |
path: ./target/${{ matrix.arch }}/release/localauth0 | |
build-web: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- run: rustup target add wasm32-unknown-unknown | |
- uses: Swatinem/rust-cache@v2 | |
- uses: taiki-e/install-action@v2 | |
with: | |
tool: trunk@0.17 | |
- name: Build web | |
run: trunk build --release web/index.html | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: web | |
path: ./web/dist | |
release: | |
runs-on: ubuntu-latest | |
needs: [build, build-web] | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/download-artifact@v3 | |
- name: Create container | |
run: |- | |
buildah manifest create "localauth0" | |
for arch in amd64 arm64; do | |
rust_arch="$([ "$arch" = "arm64" ] && echo aarch64 || echo x86_64)-unknown-linux-musl" | |
localauth0_binary="./localauth0-$rust_arch/localauth0" | |
chmod +x "$localauth0_binary" | |
ctr="$(buildah from --arch $arch scratch)" | |
buildah copy "$ctr" "$localauth0_binary" "/localauth0" | |
buildah copy "$ctr" ./web/ /web | |
buildah config \ | |
--env 'RUST_LOG=error,localauth0=info' \ | |
--cmd '["/localauth0"]' \ | |
"$ctr" | |
buildah commit --manifest "localauth0" "$ctr" | |
done | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: arn:aws:iam::193543784330:role/oidc-github-ecr-localauth0 | |
aws-region: us-east-1 | |
- name: Login to public ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
with: | |
mask-password: "true" | |
registry-type: public | |
- name: Push | |
run: >- | |
buildah manifest push --all localauth0 | |
"docker://public.ecr.aws/c6i9l4r6/localauth0:${{ inputs.tag_name || github.event.release.tag_name }}" |