Build kuksa-databroker #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /******************************************************************************** | |
# * Copyright (c) 2022 Contributors to the Eclipse Foundation | |
# * | |
# * See the NOTICE file(s) distributed with this work for additional | |
# * information regarding copyright ownership. | |
# * | |
# * This program and the accompanying materials are made available under the | |
# * terms of the Apache License 2.0 which is available at | |
# * http://www.apache.org/licenses/LICENSE-2.0 | |
# * | |
# * SPDX-License-Identifier: Apache-2.0 | |
# ********************************************************************************/ | |
name: Build kuksa-databroker | |
on: | |
push: | |
branches: [ main] | |
pull_request: | |
workflow_call: | |
secrets: | |
QUAY_IO_TOKEN: | |
required: true | |
QUAY_IO_USERNAME: | |
required: true | |
workflow_dispatch: | |
# suffix to avoid cancellation when running from release workflow | |
concurrency: | |
group: ${{ github.ref }}-${{ github.workflow }}-databroker | |
cancel-in-progress: true | |
# Needed as default_workflow_permissions is "read" | |
permissions: | |
packages: write | |
jobs: | |
lint: | |
name: Lint | |
runs-on: ubuntu-latest | |
env: | |
CARGO_TERM_COLOR: always | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
~/.cargo/.crates.toml | |
~/.cargo/.crates2.json | |
target/ | |
key: databroker-lint-${{ hashFiles('**/Cargo.lock') }} | |
- name: Show toolchain information | |
working-directory: ${{github.workspace}} | |
run: | | |
rustup toolchain list | |
cargo --version | |
- name: cargo fmt | |
working-directory: ${{github.workspace}} | |
run: cargo fmt -- --check | |
- name: cargo clippy | |
working-directory: ${{github.workspace}} | |
run: cargo clippy --all-targets -- -W warnings -D warnings | |
- name: cargo clippy (feature viss) | |
working-directory: ${{github.workspace}} | |
run: cargo clippy --features viss --all-targets -- -W warnings -D warnings | |
test: | |
name: Run unit tests | |
runs-on: ubuntu-latest | |
env: | |
CARGO_TERM_COLOR: always | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
~/.cargo/.crates.toml | |
~/.cargo/.crates2.json | |
~/.cache/pip/ | |
target/ | |
key: databroker-coverage-${{ hashFiles('**/Cargo.lock') }} | |
- name: Install cargo-llvm-cov | |
uses: taiki-e/install-action@cargo-llvm-cov | |
- name: Generate code coverage | |
run: cargo llvm-cov --all-features --workspace --lcov --output-path lcov.info | |
- name: Upload coverage to Codecov | |
# Uploaded result available at https://app.codecov.io/gh/eclipse-kuksa/kuksa-databroker | |
uses: codecov/codecov-action@v4 | |
with: | |
files: lcov.info | |
token: ${{ secrets.CODECOV_TOKEN }} | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
env: | |
CARGO_TERM_COLOR: always | |
strategy: | |
matrix: | |
platform: | |
- name: amd64 | |
- name: arm64 | |
- name: riscv64 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
~/.cargo/.crates.toml | |
~/.cargo/.crates2.json | |
target-*/ | |
key: databroker-release-${{ matrix.platform.name }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Install build prerequisites | |
working-directory: ${{github.workspace}}/ | |
run: | | |
cargo install cross cargo-license cargo-cyclonedx | |
pip install "git+https://github.com/eclipse-kuksa/kuksa-common.git@6f3d7627760582d8ba83cc8a0f7449d00fffee84#subdirectory=sbom-tools" | |
- name: Build | |
working-directory: ${{github.workspace}} | |
env: | |
KUKSA_DATABROKER_FEATURES: databroker/viss,databroker/tls | |
KUKSA_DATABROKER_SBOM: y | |
run: | | |
./scripts/build-databroker.sh ${{ matrix.platform.name }} | |
- name: "Archiving artifacts" | |
shell: bash | |
working-directory: ${{github.workspace}}/dist/${{ matrix.platform.name }} | |
run: | | |
tar -czf ../databroker-${{ matrix.platform.name }}.tar.gz * | |
- name: "Uploading artifacts" | |
uses: actions/upload-artifact@v4 | |
with: | |
name: databroker-${{ matrix.platform.name }} | |
path: ${{github.workspace}}/dist/databroker-${{ matrix.platform.name}}.tar.gz | |
if-no-files-found: error | |
check_ghcr_push: | |
name: Check access rights | |
uses: eclipse-kuksa/kuksa-actions/.github/workflows/check_ghcr_push.yml@4 | |
secrets: inherit | |
create-container: | |
name: Create multiarch container | |
runs-on: ubuntu-latest | |
needs: [build, check_ghcr_push] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Retrieve artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
path: artifacts | |
pattern: databroker-* | |
merge-multiple: true | |
- name: Unpack binaries | |
run: | | |
mkdir -p dist/amd64 dist/arm64 dist/riscv64 | |
tar xf artifacts/databroker-arm64.tar.gz -C dist/arm64 | |
tar xf artifacts/databroker-amd64.tar.gz -C dist/amd64 | |
tar xf artifacts/databroker-riscv64.tar.gz -C dist/riscv64 | |
- name: Set container metadata | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
ghcr.io/eclipse-kuksa/kuksa-databroker | |
quay.io/eclipse-kuksa/kuksa-databroker | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
- name: Setup Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Log in to ghcr.io container registry | |
if: needs.check_ghcr_push.outputs.push == 'true' | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Log in to quay.io container registry | |
if: needs.check_ghcr_push.outputs.push == 'true' | |
uses: docker/login-action@v3 | |
with: | |
registry: quay.io | |
username: ${{ secrets.QUAY_IO_USERNAME }} | |
password: ${{ secrets.QUAY_IO_TOKEN }} | |
- name: Build kuksa-databroker container and push to ghcr.io, quay.io and ttl.sh | |
id: ghcr-build | |
if: needs.check_ghcr_push.outputs.push == 'true' | |
uses: docker/build-push-action@v5 | |
with: | |
platforms: | | |
linux/amd64 | |
linux/arm64 | |
linux/riscv64 | |
file: ./scripts/Dockerfile | |
context: . | |
push: true | |
tags: | | |
${{ steps.meta.outputs.tags }} | |
ttl.sh/eclipse-kuksa/kuksa-databroker-${{github.sha}} | |
labels: ${{ steps.meta.outputs.labels }} | |
# Provenance to solve that an unknown/unkown image is shown on ghcr.io | |
# Same problem as described in https://github.com/orgs/community/discussions/45969 | |
provenance: false | |
- name: Build ephemeral kuksa-databroker container and push to ttl.sh | |
if: needs.check_ghcr_push.outputs.push == 'false' | |
id: tmp-build | |
uses: docker/build-push-action@v5 | |
with: | |
platforms: | | |
linux/amd64 | |
linux/arm64 | |
linux/riscv64 | |
file: ./scripts/Dockerfile | |
context: . | |
push: true | |
tags: "ttl.sh/eclipse-kuksa/kuksa-databroker-${{github.sha}}" | |
labels: ${{ steps.meta.outputs.labels }} | |
# Provenance to solve that an unknown/unkown image is shown on ghcr.io | |
# Same problem as described in https://github.com/orgs/community/discussions/45969 | |
provenance: false | |
- name: Posting message | |
uses: eclipse-kuksa/kuksa-actions/post-container-location@4 | |
with: | |
image: ttl.sh/eclipse-kuksa/kuksa-databroker-${{github.sha}} | |
integration-test: | |
name: Run integration test | |
runs-on: ubuntu-latest | |
needs: [create-container] | |
strategy: | |
matrix: | |
platform: ["arm64", "amd64", "riscv64"] | |
steps: | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- uses: actions/checkout@v4 | |
- name: Run integration test on ${{ matrix.platform }} container | |
env: | |
DATABROKER_IMAGE: ttl.sh/eclipse-kuksa/kuksa-databroker-${{github.sha}} | |
CONTAINER_PLATFORM: linux/${{ matrix.platform }} | |
run: | | |
${{github.workspace}}/integration_test/run.sh | |
bom: | |
name: License Compliance Check | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: databroker-bom-${{ hashFiles('**/Cargo.lock') }} | |
# Follows the pattern from | |
# https://github.com/eclipse/dash-licenses?tab=readme-ov-file#example-rustcargo | |
- name: "Using cargo to create Dash input" | |
working-directory: ${{github.workspace}}/ | |
# target all is not really needed, and will also return i.e. wasm deps, however | |
# better safe than sorry, the alternative would be running this for each currently | |
# built target and combining the lists, but that would need adapting, when | |
# adding targets, or also when i.e. switching between MUSL/glibc. So this is safer | |
run: | | |
cargo tree -e normal --prefix none --no-dedupe -p databroker --target all --all-features > ${{github.workspace}}/cargodeps | |
cat ${{github.workspace}}/cargodeps | sort -u \ | |
| grep -v '^[[:space:]]*$' | grep -v kuksa | grep -v databroker \ | |
| sed -E 's|([^ ]+) v([^ ]+).*|crate/cratesio/-/\1/\2|' \ | |
> ${{github.workspace}}/dash-databroker-deps | |
- name: Dash license check | |
uses: eclipse-kuksa/kuksa-actions/check-dash@4 | |
with: | |
dashinput: ${{github.workspace}}/dash-databroker-deps | |
dashtoken: ${{ secrets.ECLIPSE_GITLAB_API_TOKEN }} | |
check-doc-links: | |
name: Check links in markdown | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: eclipse-kuksa/kuksa-actions/check-markdown@4 |