Commit graph

143 commits

Author SHA1 Message Date
strawberry fe637f481d ci: fix incorrect startsWith syntax
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-11 14:29:00 -04:00
renovate[bot] e4e1636da8 chore(deps): update aquasecurity/trivy-action action to v0.20.0 2024-05-08 15:06:45 -04:00
strawberry e99aac9550 ci: fix gitlab container registry destination
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-08 15:04:59 -04:00
strawberry 245c34e659 ci: dont run docker publishing if none of the usernames are set
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-07 23:59:05 -04:00
strawberry 43b07be3fc ci: use PR author instead of branch name for docker image publishing
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-07 02:44:55 -04:00
strawberry 99d98efeb1 ci: fix docker publishing typo
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 13:05:00 -04:00
strawberry d657fa32e9 ci: format string
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry 16a98b0683 ci: push docker images for PRs in the merge-PR_NUMBER-HEAD_REF format, fix main pushes
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry 9e1bbc1650 ci: run on new tag pushes
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry 91ff6a36a4 ci: abort workflow if latest repo tag does not match with running tag ref
protects against a maintainer creating a downgrading version tag, and
uploading artifacts with that version

this check is only ran via workflow dispatch on the tag

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry 56f1d8be1f ci(docker): publish latest only if ref starts with our tag format
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry 2472c7c47a ci: don't run on dev anymore, run on main and non-draft PRs
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-06 03:45:10 -04:00
strawberry 761263332b ci: push to gitlab container registry too
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry a7c14a861b ci: output complement diff results to job summary, temp allow error
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry 05b7dec482 temp(ci): comment complement results diff for now
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry a6cf5cfd8b remove future deleted nix binary cache
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry cad16b9268 ci, nix: build and cache all packages and CI dependencies
from f5bd9bc45e
with changes for GitHub CI and misc

Co-authored-by: Charles Hall <charles@computer.surgery>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry 3b410d0556 ci: run complement with direnv
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry 28f599236a ci: compare complement results with checked-in results
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry 13f1274c35 run complement in CI (does not compare results yet)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry 799b2909ab ci: dont run registry pushes if creds are not set
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-05-03 01:52:29 -04:00
strawberry b0de16bf5a misc docs updates and ci path-ignore again
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 8574d0758e add concurrency group and paths-ignore to ci.yml
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry a41472cc3f why not
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster 536efe2cd7 CI working with job summaries
All images should be generating correctly with parallelism and Docker manifests, and should output the end of the CI testing errors in a job summary box when the test fails.

When the test succeeds you get a big  then at the end of the Docker publish it should include the `docker pull` commands for both Docker Hub and GHCR registries to make those pesky Docker users lives easier!
2024-04-26 02:03:40 -04:00
Tom Foster 6fbf4b5679 Simplify docker manifest CI stage 2024-04-26 02:03:40 -04:00
strawberry c1d8678eeb try moving a couple things around in CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry e2c460ec54 ci: define packages permission in publish step
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster d57110e2f3 Improved CI artifact filename handling 2024-04-26 02:03:40 -04:00
Tom Foster e17f8d5b24 Multi-threaded CI to accelerate builds 2024-04-26 02:03:40 -04:00
Tom Foster 77d73583f6 Separate CI job for publishing docker manifest 2024-04-26 02:03:40 -04:00
Tom Foster 820cf3b9af ci: extract OCI images before loading and before login
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 94dfe26707 ci: fix dockerhub login
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
Tom Foster a36b37ee3d Simplify to publish combined jemalloc image for all architectures 2024-04-26 02:03:40 -04:00
Tom Foster 8525dda468 Simplify publish to Dockerhub 2024-04-26 02:03:40 -04:00
strawberry 7cbe82668b ci: oci image registry publishing take 374237598
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry ce7355cbe0 add globals iterators/getters for admin query cmd, improve structure a bit
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry f954cd2387 ci(oci): add back arch prefix, try labeling our jemalloc images
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 640cb2d4a8 ci: 🧌
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 96399703cc use --no-strip for cargo-deb, fix OCI image stuff
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 31f851f157 temp: get rid of hardened_malloc builds from CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 305f75b0e7 ci: try to fix cargo-deb arm64 stripping
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 8fc32b8e90 comment x86_64-unknown-linux-gnu for now
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 2e15a0d18b split up CI again into tests, static builds, and OCI images
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry 73b25b9793 ci: limit max parallel jobs to 4
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry de38d61126 merge ci steps back into one job for now
how do i persist or reuse the "state" of previous jobs

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry a898cf0db4 ci: remove download env
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
strawberry d070c89f84 split up CI steps
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-26 02:03:40 -04:00
morguldir 32eb568909 Remove extra test flag when publishing to ghcr in the CI
test -n checks if a string is longer than non-zero, but we just need a compare

Signed-off-by: morguldir <morguldir@protonmail.com>
2024-04-26 02:03:40 -04:00
strawberry e95e4b9200 revert tag name in nix flake for OCI images
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry 5667884a6a ci: wrap ref_name in quotes
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry 5015fc7a2c add ci and flake support for using ref name to docker image tag
also runs ci on dev branch

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-17 14:51:08 -04:00
strawberry b7a2482e4d output jemalloc and hmalloc builds in CI, add back target check for cargo.toml
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-14 22:35:23 -04:00
strawberry e75fb17899 ci: dont run docker stuff if not a PR *and* both env variables are not empty
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-02 00:32:41 -04:00
strawberry ed5be58f9f ci: only run dockerhub steps if username and token are not empty
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-04-02 00:32:41 -04:00
renovate[bot] 3103ad2205 chore(deps): update actions/configure-pages action to v5 2024-03-30 22:06:18 -04:00
renovate[bot] 73bdf3c5cc chore(deps): update aquasecurity/trivy-action action to v0.19.0 2024-03-30 22:06:18 -04:00
strawberry 931e1cad06 ci: make docker username and GHCR variables
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-23 01:49:27 -04:00
strawberry 694b926366 move docs/gh pages into separate workflow
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry ea6425712a dont setup github pages if pull request
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry 19f313b91d deploy book to github pages
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry e2827a1a79 build documentation/book in github actions
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-19 00:17:41 -04:00
strawberry dd22a14147 bump CI deps (CVE-2024-27297 / GHSA-2ffj-w4mj-pg37)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
strawberry 9c789bd82f (hopefully correct) check if ATTIC_ENDPOINT is set in gh repo vars
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
Charles Hall a4ec0daafa make CI more efficient (github and gitlab)
squashed from https://gitlab.com/famedly/conduit/-/merge_requests/596

ported the relevant parts to GitHub Actions

Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-08 12:51:21 -05:00
strawberry dd57ce7d0c bump trivy
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-03 22:20:37 -05:00
strawberry 5b6d05f2db add missing CI error check, add package permission
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-03 22:20:37 -05:00
strawberry 12d2680862 disable incremental builds in CI (just to be safe)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-26 00:40:15 -05:00
strawberry b1d1f3a643 add my attic binary caches
conduit and conduwuit are the same

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-15 01:18:30 -05:00
strawberry adb2059ea2 make ATTIC_TOKEN available in environment
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-15 01:18:30 -05:00
strawberry 359a137d2e add trivy for code and vulnerability scanning
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-14 20:14:21 -05:00
strawberry ee90f66450 remove test branch, only publish if not PR
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry 1b780fdbfa i think its docker.io
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry c239ff5e42 make image_name variable work, OCI uses/expects conduit
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry 2dd8d372de username is not secret, use conduwuit and main branch
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry 4be2948afc fix syntax error, add test branch
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry 29d7257a41 attempt to push OCI images to docker hub and ghcr
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
strawberry 98b54caca5 remove test branch from CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:27:13 -05:00
strawberry 83f7ea54df update gh actions OCI image paths to match gitlab
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry 25d9cc28d6 remove removing rustup and default cargo, remove building aarch64 deb
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry 4cebb282ab (prob doesnt work) build aarch64 deb
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry fedbe0dc66 build deb, update deb metadata and files
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry 1581a3ca84 force copy
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry d11b03feab dont compress OCI images, copy result to tar.gz
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry 950d69eb66 build OCI images for x86_64 and aarch64 in CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry 1f3b91accd remove redundant copy and just use path
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry 33847b8b4b fix syntax error (both uses and run)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry 77e8a6e5ae port some of artifacts building to gh actions (attempt 1)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
kubo6472 7588790c3b bump nix cache
Fix nodejs v16 incompatible/deprecation
2024-01-25 20:20:27 -05:00
renovate[bot] 44440f745f chore(deps): update actions/cache action to v4 2024-01-17 12:04:47 -05:00
strawberry da3ac7a2f1 deps updates again
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
dependabot[bot] a4afe2111b Bump actions/checkout from 3 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-20 21:46:54 -05:00
Charles Hall 216d83ea1d run engage in github actions 2023-12-20 21:46:54 -05:00