This commit is contained in:
parent
e2f4074e51
commit
7d2a234fc3
4 changed files with 57 additions and 39 deletions
|
|
@ -14,6 +14,8 @@ env:
|
|||
JUST_SHA256SUM: dc3f958aaf8c6506dd90426e9b03f86dd15e74a6467ee0e54929f750af3d9e49
|
||||
CARGO_LLVM_COV_VERSION: 0.6.21
|
||||
CARGO_LLVM_COV_SHA256SUM: 57f491aedf7cdb261538ceb49cbb1ee9d27df7ca205a5e1a009caaf5cb911afb
|
||||
CARGO_AUDIT_VERSION: 0.22.1
|
||||
CARGO_AUDIT_SHA256SUM: 9899e591c3abee79bd54e88c3b03d27bcf8dd073fb1690af9cd3089be1267a67
|
||||
jobs:
|
||||
verify:
|
||||
runs-on: docker
|
||||
|
|
@ -36,25 +38,30 @@ jobs:
|
|||
- name: Setup additional tooling
|
||||
run: |
|
||||
fetch() {
|
||||
repo="$1"; tag="$2"; filename="$3"; digest="$4"
|
||||
repo="$1"; tag="$2"; filename="$3"; digest="$4"; binary="$5"
|
||||
|
||||
curl -sSLO -w '%{stderr}HTTP %{response_code} %{url}\n' \
|
||||
[ -d /tmp/tools ] || mkdir -p /tmp/tools
|
||||
|
||||
curl -sSLO --output-dir /tmp \
|
||||
-w '%{stderr}HTTP %{response_code} %{url}\n' \
|
||||
"https://github.com/$repo/releases/download/$tag/$filename"
|
||||
|
||||
printf '%s %s\n' "$digest" "$filename" > digest
|
||||
sha256sum --check digest && tar xf "$filename" -C tools
|
||||
printf '%s %s\n' "$digest" "/tmp/$filename" > /tmp/digest
|
||||
sha256sum --check /tmp/digest
|
||||
tar xf "/tmp/$filename" -C /tmp/tools
|
||||
find /tmp/tools -type f -executable -name "$binary" \
|
||||
-exec mv '{}' /usr/local/bin ';'
|
||||
}
|
||||
|
||||
mkdir tools
|
||||
|
||||
fetch casey/just ${{ env.JUST_VERSION }} \
|
||||
just-${{ env.JUST_VERSION }}-x86_64-unknown-linux-musl.tar.gz \
|
||||
${{ env.JUST_SHA256SUM }}
|
||||
${{ env.JUST_SHA256SUM }} just
|
||||
fetch taiki-e/cargo-llvm-cov v${{ env.CARGO_LLVM_COV_VERSION }} \
|
||||
cargo-llvm-cov-x86_64-unknown-linux-gnu.tar.gz \
|
||||
${{ env.CARGO_LLVM_COV_SHA256SUM }}
|
||||
|
||||
mv -v tools/just tools/cargo-llvm-cov /usr/local/bin
|
||||
${{ env.CARGO_LLVM_COV_SHA256SUM }} cargo-llvm-cov
|
||||
fetch rustsec/rustsec v${{ env.CARGO_AUDIT_VERSION }} \
|
||||
cargo-audit-x86_64-unknown-linux-gnu-v0.22.1.tgz \
|
||||
${{ env.CARGO_AUDIT_SHA256SUM }} cargo-audit
|
||||
|
||||
- name: Build
|
||||
run: just build
|
||||
|
|
|
|||
|
|
@ -7,6 +7,8 @@ env:
|
|||
JUST_SHA256SUM: dc3f958aaf8c6506dd90426e9b03f86dd15e74a6467ee0e54929f750af3d9e49
|
||||
CARGO_LLVM_COV_VERSION: 0.6.21
|
||||
CARGO_LLVM_COV_SHA256SUM: 57f491aedf7cdb261538ceb49cbb1ee9d27df7ca205a5e1a009caaf5cb911afb
|
||||
CARGO_AUDIT_VERSION: 0.22.1
|
||||
CARGO_AUDIT_SHA256SUM: 9899e591c3abee79bd54e88c3b03d27bcf8dd073fb1690af9cd3089be1267a67
|
||||
jobs:
|
||||
publish:
|
||||
runs-on: docker
|
||||
|
|
@ -29,7 +31,9 @@ jobs:
|
|||
- name: Setup additional tooling
|
||||
run: |
|
||||
fetch() {
|
||||
repo="$1"; tag="$2"; filename="$3"; digest="$4"
|
||||
repo="$1"; tag="$2"; filename="$3"; digest="$4"; binary="$5"
|
||||
|
||||
[ -d /tmp/tools ] || mkdir -p /tmp/tools
|
||||
|
||||
curl -sSLO --output-dir /tmp \
|
||||
-w '%{stderr}HTTP %{response_code} %{url}\n' \
|
||||
|
|
@ -38,18 +42,19 @@ jobs:
|
|||
printf '%s %s\n' "$digest" "/tmp/$filename" > /tmp/digest
|
||||
sha256sum --check /tmp/digest
|
||||
tar xf "/tmp/$filename" -C /tmp/tools
|
||||
find /tmp/tools -type f -executable -name "$binary" \
|
||||
-exec mv '{}' /usr/local/bin ';'
|
||||
}
|
||||
|
||||
mkdir /tmp/tools
|
||||
|
||||
fetch casey/just ${{ env.JUST_VERSION }} \
|
||||
just-${{ env.JUST_VERSION }}-x86_64-unknown-linux-musl.tar.gz \
|
||||
${{ env.JUST_SHA256SUM }}
|
||||
${{ env.JUST_SHA256SUM }} just
|
||||
fetch taiki-e/cargo-llvm-cov v${{ env.CARGO_LLVM_COV_VERSION }} \
|
||||
cargo-llvm-cov-x86_64-unknown-linux-gnu.tar.gz \
|
||||
${{ env.CARGO_LLVM_COV_SHA256SUM }}
|
||||
|
||||
mv -v /tmp/tools/just /tmp/tools/cargo-llvm-cov /usr/local/bin
|
||||
${{ env.CARGO_LLVM_COV_SHA256SUM }} cargo-llvm-cov
|
||||
fetch rustsec/rustsec v${{ env.CARGO_AUDIT_VERSION }} \
|
||||
cargo-audit-x86_64-unknown-linux-gnu-v0.22.1.tgz \
|
||||
${{ env.CARGO_AUDIT_SHA256SUM }} cargo-audit
|
||||
|
||||
- name: Build release binary
|
||||
run: just full-build
|
||||
|
|
@ -63,5 +68,5 @@ jobs:
|
|||
--user jutty:${{ secrets.GJD_REGISTRY_TOKEN }} \
|
||||
--upload-file target/release/en $url
|
||||
|
||||
- name: Print sha256sum
|
||||
- name: Calculate SHA-256 hash
|
||||
run: just shasum
|
||||
|
|
|
|||
|
|
@ -229,7 +229,8 @@ verify:
|
|||
git status
|
||||
exit 1
|
||||
fi
|
||||
{{ just_cmd }} update version-assess format-assess lint-assess check test cover-assess
|
||||
{{ just_cmd }} update version-assess \
|
||||
security-assess format-assess lint-assess check test cover-assess
|
||||
|
||||
alias v := verify
|
||||
|
||||
|
|
@ -252,6 +253,11 @@ version-assess: update
|
|||
|
||||
alias va := version-assess
|
||||
|
||||
# Audit security advisories
|
||||
security-assess:
|
||||
cargo audit --deny warnings
|
||||
alias sa := security-assess
|
||||
|
||||
# BUILD
|
||||
|
||||
# Cleanup build artifacts
|
||||
|
|
|
|||
40
Cargo.lock
generated
40
Cargo.lock
generated
|
|
@ -123,9 +123,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "bumpalo"
|
||||
version = "3.20.1"
|
||||
version = "3.20.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "5c6f81257d10a0f602a294ae4182251151ff97dbb504ef9afcdda4a64b24d9b4"
|
||||
checksum = "5d20789868f4b01b2f2caec9f5c4e0213b41e3e5702a50157d699ae31ced2fcb"
|
||||
|
||||
[[package]]
|
||||
name = "bytes"
|
||||
|
|
@ -151,9 +151,9 @@ checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801"
|
|||
|
||||
[[package]]
|
||||
name = "chrono"
|
||||
version = "0.4.43"
|
||||
version = "0.4.44"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "fac4744fb15ae8337dc853fee7fb3f4e48c0fbaa23d0afe49c447b4fab126118"
|
||||
checksum = "c673075a2e0e5f4a1dde27ce9dee1ea4558c7ffe648f576438a20ca1d2acc4b0"
|
||||
dependencies = [
|
||||
"iana-time-zone",
|
||||
"num-traits",
|
||||
|
|
@ -534,9 +534,9 @@ checksum = "92ecc6618181def0457392ccd0ee51198e065e016d1d527a7ac1b6dc7c1f09d2"
|
|||
|
||||
[[package]]
|
||||
name = "js-sys"
|
||||
version = "0.3.85"
|
||||
version = "0.3.90"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "8c942ebf8e95485ca0d52d97da7c5a2c387d0e7f0ba4c35e93bfcaee045955b3"
|
||||
checksum = "14dc6f6450b3f6d4ed5b16327f38fed626d375a886159ca555bd7822c0c3a5a6"
|
||||
dependencies = [
|
||||
"once_cell",
|
||||
"wasm-bindgen",
|
||||
|
|
@ -810,9 +810,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "regex-syntax"
|
||||
version = "0.8.9"
|
||||
version = "0.8.10"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "a96887878f22d7bad8a3b6dc5b7440e0ada9a245242924394987b21cf2210a4c"
|
||||
checksum = "dc897dd8d9e8bd1ed8cdad82b5966c3e0ecae09fb1907d58efaa013543185d0a"
|
||||
|
||||
[[package]]
|
||||
name = "ring"
|
||||
|
|
@ -830,9 +830,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "rustls"
|
||||
version = "0.23.36"
|
||||
version = "0.23.37"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "c665f33d38cea657d9614f766881e4d510e0eda4239891eea56b4cadcf01801b"
|
||||
checksum = "758025cb5fccfd3bc2fd74708fd4682be41d99e5dff73c377c0646c6012c73a4"
|
||||
dependencies = [
|
||||
"log",
|
||||
"once_cell",
|
||||
|
|
@ -1028,9 +1028,9 @@ checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
|
|||
|
||||
[[package]]
|
||||
name = "syn"
|
||||
version = "2.0.116"
|
||||
version = "2.0.117"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3df424c70518695237746f84cede799c9c58fcb37450d7b23716568cc8bc69cb"
|
||||
checksum = "e665b8803e7b1d2a727f4023456bbbbe74da67099c585258af0ad9c5013b9b99"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
|
@ -1266,9 +1266,9 @@ checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b"
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen"
|
||||
version = "0.2.108"
|
||||
version = "0.2.113"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "64024a30ec1e37399cf85a7ffefebdb72205ca1c972291c51512360d90bd8566"
|
||||
checksum = "60722a937f594b7fde9adb894d7c092fc1bb6612897c46368d18e7a20208eff2"
|
||||
dependencies = [
|
||||
"cfg-if",
|
||||
"once_cell",
|
||||
|
|
@ -1279,9 +1279,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-macro"
|
||||
version = "0.2.108"
|
||||
version = "0.2.113"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "008b239d9c740232e71bd39e8ef6429d27097518b6b30bdf9086833bd5b6d608"
|
||||
checksum = "0fac8c6395094b6b91c4af293f4c79371c163f9a6f56184d2c9a85f5a95f3950"
|
||||
dependencies = [
|
||||
"quote",
|
||||
"wasm-bindgen-macro-support",
|
||||
|
|
@ -1289,9 +1289,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-macro-support"
|
||||
version = "0.2.108"
|
||||
version = "0.2.113"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "5256bae2d58f54820e6490f9839c49780dff84c65aeab9e772f15d5f0e913a55"
|
||||
checksum = "ab3fabce6159dc20728033842636887e4877688ae94382766e00b180abac9d60"
|
||||
dependencies = [
|
||||
"bumpalo",
|
||||
"proc-macro2",
|
||||
|
|
@ -1302,9 +1302,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-shared"
|
||||
version = "0.2.108"
|
||||
version = "0.2.113"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "1f01b580c9ac74c8d8f0c0e4afb04eeef2acf145458e52c03845ee9cd23e3d12"
|
||||
checksum = "de0e091bdb824da87dc01d967388880d017a0a9bc4f3bdc0d86ee9f9336e3bb5"
|
||||
dependencies = [
|
||||
"unicode-ident",
|
||||
]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue