name: build-and-release on: push: branches: - main release: types: [published] workflow_dispatch: inputs: tag: description: "Tag to publish (leave blank to use Cargo.toml version)" required: false type: string permissions: contents: read env: VCPKG_ROOT: C:\vcpkg VCPKG_DOWNLOADS: C:\vcpkg\downloads VCPKG_FEATURE_FLAGS: binarycaching VCPKG_BINARY_SOURCES: clear;x-gha,readwrite RUST_TOOLCHAIN: "1.92" jobs: # ──────────────── Linux (via Makefile) ──────────────── linux-x64: name: Linux x64 runs-on: ubuntu-24.04 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 # Free up disk space on Ubuntu runners - name: Free Disk Space run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /usr/local/lib/android sudo rm -rf /opt/ghc sudo rm -rf /opt/hostedtoolcache/CodeQL sudo docker image prune --all --force df -h - uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9 # master with: toolchain: ${{ env.RUST_TOOLCHAIN }} - uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 with: shared-key: kingfisher-${{ runner.os }}-${{ runner.arch }} cache-on-failure: true - name: Install packaging tools run: cargo install cargo-deb cargo-generate-rpm - name: Install Linux test dependencies run: | sudo apt-get update -qq sudo apt-get install -y --no-install-recommends \ cmake pkg-config libboost-all-dev patch perl ragel - name: Run tests run: make tests env: CARGO_BUILD_JOBS: 1 - name: Build (Makefile linux-x64) run: make ubuntu-x64 - name: Fix permissions run: sudo chown -R $(id -u):$(id -g) target - name: Build Debian package run: | cargo deb --no-build --target x86_64-unknown-linux-musl \ --output target/release/kingfisher-linux-x64.deb - name: Build RPM package run: | cargo generate-rpm --target x86_64-unknown-linux-musl \ --output target/release/kingfisher-linux-x64.rpm - name: Move artifact to dist shell: bash run: | mkdir -p dist cp target/release/kingfisher-linux-x64.tgz dist/ cp target/release/kingfisher-linux-x64.deb dist/ cp target/release/kingfisher-linux-x64.rpm dist/ - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-linux-x64.tgz path: dist/kingfisher-linux-x64.tgz - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-linux-x64.deb path: dist/kingfisher-linux-x64.deb - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-linux-x64.rpm path: dist/kingfisher-linux-x64.rpm linux-arm64: name: Linux arm64 runs-on: ubuntu-24.04-arm steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 # Free up disk space on Ubuntu runners - name: Free Disk Space run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /usr/local/lib/android sudo rm -rf /opt/ghc sudo rm -rf /opt/hostedtoolcache/CodeQL sudo docker image prune --all --force df -h - uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9 # master with: toolchain: ${{ env.RUST_TOOLCHAIN }} - uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 with: shared-key: kingfisher-${{ runner.os }}-${{ runner.arch }} cache-on-failure: true - name: Install packaging tools run: cargo install cargo-deb cargo-generate-rpm - name: Install Linux test dependencies run: | sudo apt-get update -qq sudo apt-get install -y --no-install-recommends \ cmake pkg-config libboost-all-dev patch perl ragel - name: Run tests run: make tests env: CARGO_BUILD_JOBS: 1 - name: Build (Makefile linux-arm64) run: make ubuntu-arm64 - name: Fix permissions run: sudo chown -R $(id -u):$(id -g) target - name: Build Debian package run: | cargo deb --no-build --target aarch64-unknown-linux-musl \ --output target/release/kingfisher-linux-arm64.deb - name: Build RPM package run: | cargo generate-rpm --target aarch64-unknown-linux-musl \ --output target/release/kingfisher-linux-arm64.rpm - name: Move artifact to dist shell: bash run: | mkdir -p dist cp target/release/kingfisher-linux-arm64.tgz dist/ cp target/release/kingfisher-linux-arm64.deb dist/ cp target/release/kingfisher-linux-arm64.rpm dist/ - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-linux-arm64.tgz path: dist/kingfisher-linux-arm64.tgz - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-linux-arm64.deb path: dist/kingfisher-linux-arm64.deb - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-linux-arm64.rpm path: dist/kingfisher-linux-arm64.rpm macos-x64: name: macOS x64 runs-on: macos-15-intel steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9 # master with: toolchain: ${{ env.RUST_TOOLCHAIN }} - uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 with: shared-key: kingfisher-${{ runner.os }}-${{ runner.arch }} cache-on-failure: true - name: Install macOS test dependencies run: | brew list cmake >/dev/null 2>&1 || brew install cmake brew list boost >/dev/null 2>&1 || brew install boost brew list pkg-config >/dev/null 2>&1 || brew install pkg-config brew list ragel >/dev/null 2>&1 || brew install ragel - name: Run tests run: make tests - name: Build Darwin x64 run: make darwin-x64 - name: Move artifacts to dist shell: bash run: | mkdir -p dist cp target/release/kingfisher-darwin-x64.tgz dist/ - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-darwin-x64.tgz path: dist/kingfisher-darwin-x64.tgz macos-arm64: name: macOS arm64 runs-on: macos-14 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9 # master with: toolchain: ${{ env.RUST_TOOLCHAIN }} - uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 with: shared-key: kingfisher-${{ runner.os }}-${{ runner.arch }} cache-on-failure: true - name: Install macOS test dependencies run: | brew list cmake >/dev/null 2>&1 || brew install cmake brew list boost >/dev/null 2>&1 || brew install boost brew list pkg-config >/dev/null 2>&1 || brew install pkg-config brew list ragel >/dev/null 2>&1 || brew install ragel - name: Run tests run: make tests - name: Build Darwin arm64 run: make darwin-arm64 - name: Move artifacts to dist shell: bash run: | mkdir -p dist cp target/release/kingfisher-darwin-arm64.tgz dist/ - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-darwin-arm64.tgz path: dist/kingfisher-darwin-arm64.tgz # ──────────────── Windows ──────────────── windows: name: Windows ${{ matrix.arch }} runs-on: ${{ matrix.runs_on }} strategy: fail-fast: false matrix: include: - arch: x64 runs_on: windows-latest msystem: MINGW64 - arch: arm64 runs_on: windows-11-arm msystem: CLANGARM64 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9 # master with: toolchain: ${{ env.RUST_TOOLCHAIN }} - name: Set up MSYS2 uses: msys2/setup-msys2@cafece8e6baf9247cf9b1bf95097b0b983cc558d # v2.31.0 with: msystem: ${{ matrix.msystem }} update: true install: >- make git - uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1 with: shared-key: kingfisher-${{ runner.os }}-${{ runner.arch }} cache-on-failure: true - name: Prepare Windows dependencies shell: msys2 {0} run: WINDOWS_ONLY_DEPS=1 make windows-${{ matrix.arch }} - name: Run tests shell: msys2 {0} run: | set -eu -o pipefail if [ "${{ matrix.arch }}" = "arm64" ]; then toolchain_root=/clangarm64 target_triple=aarch64-pc-windows-gnullvm else toolchain_root=/mingw64 target_triple=x86_64-pc-windows-gnu fi export LIBHS_NO_PKG_CONFIG=1 export HYPERSCAN_ROOT="$(cygpath -m "$toolchain_root")" export PKG_CONFIG_PATH="$toolchain_root/lib/pkgconfig" if ! command -v cargo >/dev/null 2>&1 && [ -n "${USERPROFILE:-}" ]; then cargo_home_candidate="$(cygpath -u "${USERPROFILE}")/.cargo/bin" if [ -d "$cargo_home_candidate" ]; then export PATH="$cargo_home_candidate:$PATH" fi fi if [ "${{ matrix.arch }}" = "x64" ]; then extra_native_lib_dirs="-L native=/mingw64/lib" if command -v x86_64-w64-mingw32-gcc >/dev/null 2>&1; then libgcc_a_path="$(x86_64-w64-mingw32-gcc -print-libgcc-file-name 2>/dev/null || true)" if [ -n "$libgcc_a_path" ] && [ -f "$libgcc_a_path" ]; then libgcc_dir="$(dirname "$libgcc_a_path")" extra_native_lib_dirs="$extra_native_lib_dirs -L native=$libgcc_dir" echo "Using libgcc from $libgcc_dir" fi fi export RUSTFLAGS="${RUSTFLAGS:-} $extra_native_lib_dirs -C target-feature=+crt-static -C link-arg=-static" else export RUSTFLAGS="${RUSTFLAGS:-} -L native=/clangarm64/lib -C target-feature=+crt-static -C link-arg=-static" fi echo "▶ cargo test --release --workspace --all-targets --target $target_triple" cargo test --release --workspace --all-targets --target "$target_triple" - name: Build shell: msys2 {0} run: make windows-${{ matrix.arch }} - name: Move artifact to dist shell: bash run: | mkdir -p dist cp target/release/kingfisher-windows-${{ matrix.arch }}.zip dist/ - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kingfisher-windows-${{ matrix.arch }} path: dist/kingfisher-windows-${{ matrix.arch }}.zip release: name: Public GitHub Release needs: [linux-x64, linux-arm64, windows, macos-x64, macos-arm64] runs-on: ubuntu-latest outputs: tag: ${{ steps.version.outputs.tag }} permissions: contents: write id-token: write attestations: write steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Determine tag id: version shell: bash env: RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} INPUT_TAG: ${{ github.event.inputs.tag }} run: | set -euo pipefail if [[ "${GITHUB_EVENT_NAME}" == "release" ]]; then TAG="${RELEASE_TAG_NAME}" elif [[ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" && -n "${INPUT_TAG}" ]]; then TAG="${INPUT_TAG}" else VERSION=$(grep -m1 '^version\s*=' Cargo.toml | cut -d '"' -f2) TAG="v${VERSION}" fi echo "tag=${TAG}" >> "$GITHUB_OUTPUT" - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: path: target/release/kingfisher-* merge-multiple: true - name: Extract latest changelog section run: | awk ' BEGIN { grabbing = 0 } /^## \[/ { if (grabbing) exit; # already grabbed latest entry grabbing = 1 } grabbing { print } ' CHANGELOG.md > .latest_changelog.md # ── create the release using just that snippet ───────────────────── - name: Create release & upload assets uses: ncipollo/release-action@339a81892b84b4eeb0f6e744e4574d79d0d9b8dd # v1.21.0 with: tag: ${{ steps.version.outputs.tag }} name: "Kingfisher ${{ steps.version.outputs.tag }}" bodyFile: .latest_changelog.md # ← only the most-recent entry allowUpdates: true generateReleaseNotes: false artifacts: target/release/** - name: Attest build provenance uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 with: subject-path: 'target/release/*' # ──────────────── Publish Docker image ──────────────── publish-docker: needs: [release] uses: ./.github/workflows/release-docker.yml with: tag: ${{ needs.release.outputs.tag }} permissions: contents: read packages: write # ──────────────── Publish PyPI wheels ──────────────── publish-pypi: needs: [release] uses: ./.github/workflows/pypi.yml with: tag: ${{ needs.release.outputs.tag }} permissions: contents: read id-token: write