Commit graph

135 commits

Author SHA1 Message Date
strawberry
9e1bbc1650 ci: run on new tag pushes
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry
91ff6a36a4 ci: abort workflow if latest repo tag does not match with running tag ref
protects against a maintainer creating a downgrading version tag, and
uploading artifacts with that version

this check is only ran via workflow dispatch on the tag

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry
56f1d8be1f ci(docker): publish latest only if ref starts with our tag format
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry
2472c7c47a ci: don't run on dev anymore, run on main and non-draft PRs
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry
761263332b ci: push to gitlab container registry too
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
a7c14a861b ci: output complement diff results to job summary, temp allow error
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
05b7dec482 temp(ci): comment complement results diff for now
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
a6cf5cfd8b remove future deleted nix binary cache
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
cad16b9268 ci, nix: build and cache all packages and CI dependencies
from f5bd9bc45e
with changes for GitHub CI and misc

Co-authored-by: Charles Hall <charles@computer.surgery>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
3b410d0556 ci: run complement with direnv
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
28f599236a ci: compare complement results with checked-in results
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
13f1274c35 run complement in CI (does not compare results yet)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
799b2909ab ci: dont run registry pushes if creds are not set
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry
b0de16bf5a misc docs updates and ci path-ignore again
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
8574d0758e add concurrency group and paths-ignore to ci.yml
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
a41472cc3f why not
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster
536efe2cd7 CI working with job summaries
All images should be generating correctly with parallelism and Docker manifests, and should output the end of the CI testing errors in a job summary box when the test fails.

When the test succeeds you get a big  then at the end of the Docker publish it should include the `docker pull` commands for both Docker Hub and GHCR registries to make those pesky Docker users lives easier!
2024-04-26 02:03:40 -04:00
Tom Foster
6fbf4b5679 Simplify docker manifest CI stage 2024-04-26 02:03:40 -04:00
strawberry
c1d8678eeb try moving a couple things around in CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
e2c460ec54 ci: define packages permission in publish step
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster
d57110e2f3 Improved CI artifact filename handling 2024-04-26 02:03:40 -04:00
Tom Foster
e17f8d5b24 Multi-threaded CI to accelerate builds 2024-04-26 02:03:40 -04:00
Tom Foster
77d73583f6 Separate CI job for publishing docker manifest 2024-04-26 02:03:40 -04:00
Tom Foster
820cf3b9af ci: extract OCI images before loading and before login
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
94dfe26707 ci: fix dockerhub login
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster
a36b37ee3d Simplify to publish combined jemalloc image for all architectures 2024-04-26 02:03:40 -04:00
Tom Foster
8525dda468 Simplify publish to Dockerhub 2024-04-26 02:03:40 -04:00
strawberry
7cbe82668b ci: oci image registry publishing take 374237598
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
ce7355cbe0 add globals iterators/getters for admin query cmd, improve structure a bit
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
f954cd2387 ci(oci): add back arch prefix, try labeling our jemalloc images
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
640cb2d4a8 ci: 🧌
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
96399703cc use --no-strip for cargo-deb, fix OCI image stuff
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
31f851f157 temp: get rid of hardened_malloc builds from CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
305f75b0e7 ci: try to fix cargo-deb arm64 stripping
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
8fc32b8e90 comment x86_64-unknown-linux-gnu for now
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
2e15a0d18b split up CI again into tests, static builds, and OCI images
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
73b25b9793 ci: limit max parallel jobs to 4
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
de38d61126 merge ci steps back into one job for now
how do i persist or reuse the "state" of previous jobs

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
a898cf0db4 ci: remove download env
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry
d070c89f84 split up CI steps
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
morguldir
32eb568909 Remove extra test flag when publishing to ghcr in the CI
test -n checks if a string is longer than non-zero, but we just need a compare

Signed-off-by: morguldir <morguldir@protonmail.com>
2024-04-26 02:03:40 -04:00
strawberry
e95e4b9200 revert tag name in nix flake for OCI images
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry
5667884a6a ci: wrap ref_name in quotes
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry
5015fc7a2c add ci and flake support for using ref name to docker image tag
also runs ci on dev branch

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry
b7a2482e4d output jemalloc and hmalloc builds in CI, add back target check for cargo.toml
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-14 22:35:23 -04:00
strawberry
e75fb17899 ci: dont run docker stuff if not a PR *and* both env variables are not empty
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-02 00:32:41 -04:00
strawberry
ed5be58f9f ci: only run dockerhub steps if username and token are not empty
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-02 00:32:41 -04:00
renovate[bot]
3103ad2205 chore(deps): update actions/configure-pages action to v5 2024-03-30 22:06:18 -04:00
renovate[bot]
73bdf3c5cc chore(deps): update aquasecurity/trivy-action action to v0.19.0 2024-03-30 22:06:18 -04:00
strawberry
931e1cad06 ci: make docker username and GHCR variables
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-23 01:49:27 -04:00
strawberry
694b926366 move docs/gh pages into separate workflow
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry
ea6425712a dont setup github pages if pull request
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry
19f313b91d deploy book to github pages
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry
e2827a1a79 build documentation/book in github actions
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry
dd22a14147 bump CI deps (CVE-2024-27297 / GHSA-2ffj-w4mj-pg37)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
strawberry
9c789bd82f (hopefully correct) check if ATTIC_ENDPOINT is set in gh repo vars
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
Charles Hall
a4ec0daafa make CI more efficient (github and gitlab)
squashed from https://gitlab.com/famedly/conduit/-/merge_requests/596

ported the relevant parts to GitHub Actions

Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
strawberry
dd57ce7d0c bump trivy
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-03 22:20:37 -05:00
strawberry
5b6d05f2db add missing CI error check, add package permission
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-03 22:20:37 -05:00
strawberry
12d2680862 disable incremental builds in CI (just to be safe)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-26 00:40:15 -05:00
strawberry
b1d1f3a643 add my attic binary caches
conduit and conduwuit are the same

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-15 01:18:30 -05:00
strawberry
adb2059ea2 make ATTIC_TOKEN available in environment
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-15 01:18:30 -05:00
strawberry
359a137d2e add trivy for code and vulnerability scanning
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-14 20:14:21 -05:00
strawberry
ee90f66450 remove test branch, only publish if not PR
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
1b780fdbfa i think its docker.io
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
c239ff5e42 make image_name variable work, OCI uses/expects conduit
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
2dd8d372de username is not secret, use conduwuit and main branch
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
4be2948afc fix syntax error, add test branch
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
29d7257a41 attempt to push OCI images to docker hub and ghcr
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry
98b54caca5 remove test branch from CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:27:13 -05:00
strawberry
83f7ea54df update gh actions OCI image paths to match gitlab
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
25d9cc28d6 remove removing rustup and default cargo, remove building aarch64 deb
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
4cebb282ab (prob doesnt work) build aarch64 deb
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
fedbe0dc66 build deb, update deb metadata and files
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
1581a3ca84 force copy
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
d11b03feab dont compress OCI images, copy result to tar.gz
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
950d69eb66 build OCI images for x86_64 and aarch64 in CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
1f3b91accd remove redundant copy and just use path
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
33847b8b4b fix syntax error (both uses and run)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
77e8a6e5ae port some of artifacts building to gh actions (attempt 1)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
kubo6472
7588790c3b bump nix cache
Fix nodejs v16 incompatible/deprecation
2024-01-25 20:20:27 -05:00
renovate[bot]
44440f745f chore(deps): update actions/cache action to v4 2024-01-17 12:04:47 -05:00
strawberry
da3ac7a2f1 deps updates again
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
dependabot[bot]
a4afe2111b Bump actions/checkout from 3 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-20 21:46:54 -05:00
Charles Hall
216d83ea1d run engage in github actions 2023-12-20 21:46:54 -05:00