strawberry
9e1bbc1650
ci: run on new tag pushes
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry
91ff6a36a4
ci: abort workflow if latest repo tag does not match with running tag ref
...
protects against a maintainer creating a downgrading version tag, and
uploading artifacts with that version
this check is only ran via workflow dispatch on the tag
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry
56f1d8be1f
ci(docker): publish latest
only if ref starts with our tag format
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry
2472c7c47a
ci: don't run on dev
anymore, run on main and non-draft PRs
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry
761263332b
ci: push to gitlab container registry too
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
a7c14a861b
ci: output complement diff results to job summary, temp allow error
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
05b7dec482
temp(ci): comment complement results diff for now
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
a6cf5cfd8b
remove future deleted nix binary cache
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
cad16b9268
ci, nix: build and cache all packages and CI dependencies
...
from f5bd9bc45e
with changes for GitHub CI and misc
Co-authored-by: Charles Hall <charles@computer.surgery>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
3b410d0556
ci: run complement with direnv
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
28f599236a
ci: compare complement results with checked-in results
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
13f1274c35
run complement in CI (does not compare results yet)
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
799b2909ab
ci: dont run registry pushes if creds are not set
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
b0de16bf5a
misc docs updates and ci path-ignore again
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
8574d0758e
add concurrency group and paths-ignore to ci.yml
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
a41472cc3f
why not
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster
536efe2cd7
CI working with job summaries
...
All images should be generating correctly with parallelism and Docker manifests, and should output the end of the CI testing errors in a job summary box when the test fails.
When the test succeeds you get a big ✅ then at the end of the Docker publish it should include the `docker pull` commands for both Docker Hub and GHCR registries to make those pesky Docker users lives easier!
2024-04-26 02:03:40 -04:00
Tom Foster
6fbf4b5679
Simplify docker manifest CI stage
2024-04-26 02:03:40 -04:00
strawberry
c1d8678eeb
try moving a couple things around in CI
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
e2c460ec54
ci: define packages permission in publish step
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster
d57110e2f3
Improved CI artifact filename handling
2024-04-26 02:03:40 -04:00
Tom Foster
e17f8d5b24
Multi-threaded CI to accelerate builds
2024-04-26 02:03:40 -04:00
Tom Foster
77d73583f6
Separate CI job for publishing docker manifest
2024-04-26 02:03:40 -04:00
Tom Foster
820cf3b9af
ci: extract OCI images before loading and before login
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
94dfe26707
ci: fix dockerhub login
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster
a36b37ee3d
Simplify to publish combined jemalloc image for all architectures
2024-04-26 02:03:40 -04:00
Tom Foster
8525dda468
Simplify publish to Dockerhub
2024-04-26 02:03:40 -04:00
strawberry
7cbe82668b
ci: oci image registry publishing take 374237598
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
ce7355cbe0
add globals iterators/getters for admin query cmd, improve structure a bit
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
f954cd2387
ci(oci): add back arch prefix, try labeling our jemalloc images
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
640cb2d4a8
ci: 🧌
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
96399703cc
use --no-strip for cargo-deb, fix OCI image stuff
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
31f851f157
temp: get rid of hardened_malloc builds from CI
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
305f75b0e7
ci: try to fix cargo-deb arm64 stripping
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
8fc32b8e90
comment x86_64-unknown-linux-gnu for now
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
2e15a0d18b
split up CI again into tests, static builds, and OCI images
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
73b25b9793
ci: limit max parallel jobs to 4
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
de38d61126
merge ci steps back into one job for now
...
how do i persist or reuse the "state" of previous jobs
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
a898cf0db4
ci: remove download env
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
d070c89f84
split up CI steps
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
morguldir
32eb568909
Remove extra test flag when publishing to ghcr in the CI
...
test -n checks if a string is longer than non-zero, but we just need a compare
Signed-off-by: morguldir <morguldir@protonmail.com>
2024-04-26 02:03:40 -04:00
strawberry
e95e4b9200
revert tag name in nix flake for OCI images
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry
5667884a6a
ci: wrap ref_name in quotes
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry
5015fc7a2c
add ci and flake support for using ref name to docker image tag
...
also runs ci on dev branch
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry
b7a2482e4d
output jemalloc and hmalloc builds in CI, add back target check for cargo.toml
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-14 22:35:23 -04:00
strawberry
e75fb17899
ci: dont run docker stuff if not a PR *and* both env variables are not empty
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-02 00:32:41 -04:00
strawberry
ed5be58f9f
ci: only run dockerhub steps if username and token are not empty
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-02 00:32:41 -04:00
renovate[bot]
3103ad2205
chore(deps): update actions/configure-pages action to v5
2024-03-30 22:06:18 -04:00
renovate[bot]
73bdf3c5cc
chore(deps): update aquasecurity/trivy-action action to v0.19.0
2024-03-30 22:06:18 -04:00
strawberry
931e1cad06
ci: make docker username and GHCR variables
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-23 01:49:27 -04:00
strawberry
694b926366
move docs/gh pages into separate workflow
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry
ea6425712a
dont setup github pages if pull request
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry
19f313b91d
deploy book to github pages
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry
e2827a1a79
build documentation/book in github actions
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry
dd22a14147
bump CI deps (CVE-2024-27297 / GHSA-2ffj-w4mj-pg37)
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
strawberry
9c789bd82f
(hopefully correct) check if ATTIC_ENDPOINT is set in gh repo vars
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
Charles Hall
a4ec0daafa
make CI more efficient (github and gitlab)
...
squashed from https://gitlab.com/famedly/conduit/-/merge_requests/596
ported the relevant parts to GitHub Actions
Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
strawberry
dd57ce7d0c
bump trivy
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-03 22:20:37 -05:00
strawberry
5b6d05f2db
add missing CI error check, add package permission
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-03 22:20:37 -05:00
strawberry
12d2680862
disable incremental builds in CI (just to be safe)
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-26 00:40:15 -05:00
strawberry
b1d1f3a643
add my attic binary caches
...
conduit and conduwuit are the same
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-15 01:18:30 -05:00
strawberry
adb2059ea2
make ATTIC_TOKEN available in environment
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-15 01:18:30 -05:00
strawberry
359a137d2e
add trivy for code and vulnerability scanning
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-14 20:14:21 -05:00
strawberry
ee90f66450
remove test branch, only publish if not PR
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
1b780fdbfa
i think its docker.io
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
c239ff5e42
make image_name variable work, OCI uses/expects conduit
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
2dd8d372de
username is not secret, use conduwuit and main branch
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
4be2948afc
fix syntax error, add test branch
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
29d7257a41
attempt to push OCI images to docker hub and ghcr
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
98b54caca5
remove test branch from CI
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:27:13 -05:00
strawberry
83f7ea54df
update gh actions OCI image paths to match gitlab
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
25d9cc28d6
remove removing rustup and default cargo, remove building aarch64 deb
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
4cebb282ab
(prob doesnt work) build aarch64 deb
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
fedbe0dc66
build deb, update deb metadata and files
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
1581a3ca84
force copy
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
d11b03feab
dont compress OCI images, copy result to tar.gz
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
950d69eb66
build OCI images for x86_64 and aarch64 in CI
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
1f3b91accd
remove redundant copy and just use path
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
33847b8b4b
fix syntax error (both uses and run)
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
77e8a6e5ae
port some of artifacts building to gh actions (attempt 1)
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
kubo6472
7588790c3b
bump nix cache
...
Fix nodejs v16 incompatible/deprecation
2024-01-25 20:20:27 -05:00
renovate[bot]
44440f745f
chore(deps): update actions/cache action to v4
2024-01-17 12:04:47 -05:00
strawberry
da3ac7a2f1
deps updates again
...
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
dependabot[bot]
a4afe2111b
Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-20 21:46:54 -05:00
Charles Hall
216d83ea1d
run engage in github actions
2023-12-20 21:46:54 -05:00