github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
eb5fc34f355c075730fe8e66afe6acaf8895e37f
firezone/.github/workflows/rust.yml
Gabi eb5fc34f35 CI: add a flow that test client to resource ping (#1729) 
This PR fixes a bunch of small things to allow a new flow to test
clients pinging a resource within docker compose.

Masquerade/Forwarding is enabled directly in the container for now, this
might change in the future.

Also added a README to be able to run this locally.

---------

Signed-off-by: Gabi <gabrielalejandro7@gmail.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
2023-07-05 03:17:26 +00:00

174 lines
5.9 KiB
YAML
Raw Blame History

name: Rust
on:
merge_group:
types: [checks_requested]
pull_request:
paths:
- "rust/**"
- ".github/workflows/rust.yml"
workflow_call:
# Cancel old workflow runs if new code is pushed
concurrency:
group: "rust-${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
defaults:
run:
working-directory: ./rust
jobs:
draft-release:
runs-on: ubuntu-latest
outputs:
tag_name: ${{ steps.release_drafter.outputs.tag_name }}
steps:
- uses: release-drafter/release-drafter@v5
with:
commitish: cloud
id: release_drafter
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
test:
strategy:
fail-fast: false
matrix:
runs-on:
- ubuntu-20.04
- ubuntu-22.04
- macos-11
- macos-12
- windows-2019
- windows-2022
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@v3
# This implicitly triggers installation of the toolchain in the `rust-toolchain.toml` file.
# If we don't do this here, our cache action will compute a cache key based on the Rust version shipped on GitHub's runner which might differ from the one we use.
- run: rustup show
- uses: Swatinem/rust-cache@v2
with:
workspaces: ./rust
key: v2
prefix-key: rust-${{ matrix.runs-on }}
save-if: ${{ github.ref == 'refs/heads/cloud' }}
# TODO: Building *ring* from git requires us to install additional tools;
# once we're not using a forked *ring* these 2 steps can be removed.
- if: ${{ contains(matrix.runs-on, 'windows') }}
name: Install *ring* build tools
run: |
git clone `
--branch windows `
--depth 1 `
https://github.com/briansmith/ring-toolchain `
target/tools/windows
# The repo above is for a newer version of the *ring* build script which
# expects different paths; instead of going through the trouble of
# copying the older installation script let's just move the exe.
- if: ${{ contains(matrix.runs-on, 'windows') }}
name: Move *ring* build tools
run: |
mv target/tools/windows/nasm/nasm.exe target/tools/nasm.exe
- run: cargo fmt -- --check
- run: cargo doc --all-features --no-deps --document-private-items
env:
RUSTDOCFLAGS: "-D warnings"
- run: cargo clippy --all-targets --all-features -- -D warnings
- run: cargo test --all-features
build-android:
needs:
- draft-release
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v3
- uses: Swatinem/rust-cache@v2
with:
workspaces: ./rust
- name: Update toolchain
run: rustup show
- uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'adopt'
cache: gradle
- name: Validate Gradle wrapper
uses: gradle/wrapper-validation-action@v1
- name: Assemble Release
uses: gradle/gradle-build-action@v2
with:
arguments: build assembleRelease
build-root-directory: rust/connlib/clients/android
- name: Move artifact
run: |
mv ./connlib/clients/android/lib/build/outputs/aar/lib-release.aar ./connlib-${{ needs.draft-release.outputs.tag_name }}.aar
- uses: actions/upload-artifact@v3
with:
name: connlib-android
path: |
./rust/connlib-${{ needs.draft-release.outputs.tag_name }}.aar
build-apple:
needs:
- draft-release
runs-on: macos-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v3
- uses: Swatinem/rust-cache@v2
with:
workspaces: ./rust
- name: Update toolchain
run: rustup show
- name: Setup lipo
run: cargo install cargo-lipo
- uses: actions/cache@v3
with:
path: apple/.build
key: ${{ runner.os }}-spm-${{ hashFiles('**/Package.resolved') }}
restore-keys: |
${{ runner.os }}-spm-
- name: Build Connlib.xcframework.zip
env:
CONFIGURATION: Release
PROJECT_DIR: .
working-directory: ./rust/connlib/clients/apple
run: |
# build-xcframework.sh calls build-rust.sh indirectly via `xcodebuild`, but it pollutes the environment
# to the point that it causes the `ring` build to fail for the aarch64-apple-darwin target. So, explicitly
# build first. See https://github.com/briansmith/ring/issues/1332
./build-rust.sh
./build-xcframework.sh
mv Connlib.xcframework.zip ../../../../Connlib-${{ needs.draft-release.outputs.tag_name }}.xcframework.zip
mv Connlib.xcframework.zip.checksum.txt ../../../../Connlib-${{ needs.draft-release.outputs.tag_name }}.xcframework.zip.checksum.txt
- uses: actions/upload-artifact@v3
with:
name: connlib-apple
path: |
./Connlib-${{ needs.draft-release.outputs.tag_name }}.xcframework.zip
./Connlib-${{ needs.draft-release.outputs.tag_name }}.xcframework.zip.checksum.txt
cross-relay: # cross is separate from test because cross-compiling yields different artifacts and we cannot reuse the cache.
name: Cross compile relay
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# This implicitly triggers installation of the toolchain in the `rust-toolchain.toml` file.
# If we don't do this here, our cache action will compute a cache key based on the Rust version shipped on GitHub's runner which might differ from the one we use.
- run: rustup show
- uses: Swatinem/rust-cache@v2
with:
workspaces: ./rust
- run: sudo apt-get install -y musl-tools
- run: cargo build --bin relay --target x86_64-unknown-linux-musl
Reference in New Issue View Git Blame Copy Permalink