Skip to content

obfuscating procedures and medication statements #629

obfuscating procedures and medication statements

obfuscating procedures and medication statements #629

Workflow file for this run

name: Build with rust and docker
on:
push:
workflow_dispatch:
pull_request:
schedule:
# Fetch new base image updates every night at 1am
- cron: '0 1 * * *'
env:
CARGO_TERM_COLOR: always
PROFILE: release
jobs:
pre-check:
name: Security, License Check
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@v1
build-rust:
name: Build (Rust)
runs-on: ubuntu-22.04
strategy:
matrix:
arch:
- amd64
- arm64
steps:
- name: Set arch ${{ matrix.arch }}
env:
ARCH: ${{ matrix.arch }}
run: |
if [ "${ARCH}" == "arm64" ]; then
echo "rustarch=aarch64-unknown-linux-gnu" >> $GITHUB_ENV
elif [ "${ARCH}" == "amd64" ]; then
echo "rustarch=x86_64-unknown-linux-gnu" >> $GITHUB_ENV
else
exit 1
fi
if [ "$(dpkg --print-architecture)" != "${ARCH}" ]; then
echo "Cross-compiling to ${ARCH}."
echo "is_cross=true" >> $GITHUB_ENV
else
echo "Natively compiling to ${ARCH}."
echo "is_cross=false" >> $GITHUB_ENV
fi
- name: Set profile ${{ env.PROFILE }}
env:
PROFILE: ${{ env.PROFILE }}
run: |
if [ "${PROFILE}" == "release" ]; then
echo "profilestr=--release" >> $GITHUB_ENV
elif [ "${PROFILE}" == "debug" ]; then
echo "profilestr=" >> $GITHUB_ENV
else
echo "profilestr=--profile $PROFILE" >> $GITHUB_ENV
fi
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
target: ${{ env.rustarch }}
- uses: Swatinem/rust-cache@v2
with:
key: ${{ matrix.arch }}-${{ env.PROFILE }}
prefix-key: "v1-rust" # Increase to invalidate old caches.
- name: Build (cross to ${{ matrix.arch }})
if: env.is_cross == 'true'
uses: actions-rs/cargo@v1
with:
use-cross: ${{ env.is_cross }}
command: build
args: --target ${{ env.rustarch }} ${{ matrix.features && format('--features {0}', matrix.features) }} ${{ env.profilestr }}
- name: Build (native)
if: env.is_cross == 'false'
run: |
BINS=$(cargo build --tests --bins --message-format=json --target ${{ env.rustarch }} ${{ matrix.features && format('--features {0}', matrix.features) }} ${{ env.profilestr }} | jq -r 'select(.profile.test == true) | .executable | select(. != null)')
mkdir -p testbinaries/
for testbin in $BINS; do
mv -v $testbin testbinaries/
done
- name: Upload (bins)
uses: actions/upload-artifact@v3
with:
name: binaries-${{ matrix.arch }}
path: |
target/${{ env.rustarch }}/${{ env.PROFILE }}/focus
- name: Upload (test, native only)
if: matrix.arch == 'amd64'
uses: actions/upload-artifact@v3
with:
name: testbinaries-${{ matrix.arch }}
path: |
testbinaries/*
test:
name: Run tests
needs: [ build-rust ]
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
name: testbinaries-amd64
path: testbinaries/
- run: |
for testbin in testbinaries/*; do
chmod +x $testbin
$testbin
done
docker-focus:
needs: [ build-rust, pre-check, test ]
if: github.ref_protected == true || github.event_name == 'workflow_dispatch'
# This workflow defines how a maven package is built, tested and published.
# Visit: https://github.com/samply/github-workflows/blob/develop/.github/workflows/docker-ci.yml, for more information
uses: samply/github-workflows/.github/workflows/docker-ci.yml@main
with:
# The Docker Hub Repository you want eventually push to, e.g samply/share-client
image-name: "samply/focus"
# Define special prefixes for docker tags. They will prefix each images tag.
# image-tag-prefix: "foo"
# Define the build context of your image, typically default '.' will be enough
# build-context: '.'
# Define the Dockerfile of your image, typically default './Dockerfile' will be enough
build-file: './Dockerfile'
# NOTE: This doesn't work currently
# A list of build arguments, passed to the docker build
# build-args: |
# PROFILE=${{ env.PROFILE }}
# COMPONENT=broker
# Define the target platforms of the docker build (default "linux/amd64,linux/arm64/v8")
# build-platforms: "linux/amd64"
# If your actions generate an artifact in a previous build step, you can tell this workflow to download it
artifact-name: '*'
# This passes the secrets from calling workflow to the called workflow
secrets:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}