Skip to content

chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#474) #160

chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#474)

chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#474) #160

Workflow file for this run

name: CI/CD
on:
pull_request:
branches:
- main
push:
branches:
- main
permissions:
contents: read
concurrency:
group: ci-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
test:
if: ${{ github.event_name == 'pull_request' }}
strategy:
fail-fast: false
matrix:
command:
- 'check --all --locked'
- 'test --all --locked'
- 'clippy --all -- -D warnings'
- 'fmt --all -- --check'
runs-on: ubuntu-20.04
name: Test on nightly-2022-07-24 ( ${{ matrix.command }} )
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
fetch-depth: 0
- name: Install protobuf-compiler
run: sudo apt install -y protobuf-compiler
- name: Install toolchain
uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af
with:
profile: minimal
toolchain: nightly-2022-07-24
components: clippy, rustfmt
target: wasm32-unknown-unknown
override: true
default: true
- name: Rust Cache
uses: Swatinem/rust-cache@3cf7f8cc28d1b4e7d01e3783be10a97d55d483c8
- name: Run cargo ${{ matrix.command }}
run: cargo ${{ matrix.command }}
build:
if: ${{ github.event_name == 'push' && github.ref_type == 'branch' }}
runs-on: ubuntu-20.04
name: Build
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
fetch-depth: 0
- name: Install protobuf-compiler
run: sudo apt install -y protobuf-compiler
- name: Install toolchain
uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af
with:
profile: minimal
toolchain: nightly-2022-07-24
components: clippy, rustfmt
target: wasm32-unknown-unknown
override: true
default: true
- name: Rust Cache
uses: Swatinem/rust-cache@3cf7f8cc28d1b4e7d01e3783be10a97d55d483c8
- name: Run cargo build
run: cargo build --release --locked
- name: Copy binnary file
run: cp target/release/debio .
- name: Send WASM to Discord
uses: tsickert/discord-webhook@c840d45a03a323fbc3f7507ac7769dbd91bfb164
with:
webhook-url: ${{ secrets.DISCORD_WEBHOOK }}
embed-title: New WASM
embed-description: Build success on commit sha ${{ github.sha }}
filename: ./target/release/wbuild/debio-runtime/debio_runtime.compact.compressed.wasm
- name: Set Up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
- name: Set Up Docker Buildx
id: set-up-buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226
with:
install: true
- name: Cache Docker Layers
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build Docker
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09
with:
builder: ${{ steps.set-up-buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
context: .
file: .maintain/docker/injected-binnary.Dockerfile
tags: ${{ github.repository }}:${{ github.sha }}
outputs: type=docker,dest=/tmp/docker_image.tar
- name: Move Cache Docker Layers
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Upload Build to Artifact
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
with:
name: build_${{ github.sha }}
path: |
/tmp/docker_image.tar
retention-days: 5
release-please:
needs:
- build
runs-on: ubuntu-20.04
name: Release Please
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
fetch-depth: 0
- name: Compute Version
id: compute-version
shell: bash
run: |
VERSION=$(sed -n '/^[[:space:]]spec_version:/p' ./runtime/src/lib.rs | sed -e 's/^[[:space:]]spec_version: \(.*\),/\1/')
MAJOR=${VERSION:0:2}
if [[ ${MAJOR:1:1} == "0" ]]
then
MAJOR=${MAJOR:0:1}
fi
MINOR=${VERSION:2:1}
PATCH=${VERSION:3:1}
echo "semver=$MAJOR.$MINOR.$PATCH" >> $GITHUB_OUTPUT
- name: Release
id: release
uses: google-github-actions/release-please-action@4c5670f886fe259db4d11222f7dff41c1382304d
with:
token: ${{ secrets.PAT }}
fork: true
plugins: cargo-workspace
path: ./node
package-name: debio
release-type: rust
release-as: ${{ steps.compute-version.outputs.semver }}
include-v-in-tag: false
outputs:
release_created: ${{ steps.release.outputs.release_created }}
tag_name: ${{ steps.release.outputs.tag_name }}
publish-docker:
needs:
- release-please
runs-on: ubuntu-20.04
name: Publish Docker
steps:
- name: Login to DockerHub
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Download Build from Artifact
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
name: build_${{ github.sha }}
path: /tmp
- name: Load Downloaded Image
run: |
docker load --input /tmp/docker_image.tar
docker images --no-trunc --digests ${{ github.repository }}
- name: Tag as Release Version
if: ${{ needs.release-please.outputs.release_created }}
run: |
docker tag ${{ github.repository }}:${{ github.sha }} ${{ github.repository }}:${{ needs.release-please.outputs.tag_name }}
docker tag ${{ github.repository }}:${{ github.sha }} ${{ github.repository }}:latest
docker images --no-trunc --digests ${{ github.repository }}
- name: Push
run: docker image push -a ${{ github.repository }}