gauge metrics to inspect flag settings (#207) #3
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release TDX Quote Provider | |
| on: | |
| push: | |
| tags: | |
| - "tdx-quote-provider/v*" | |
| workflow_dispatch: | |
| inputs: | |
| draft-release: | |
| default: false | |
| description: "Draft Release" | |
| required: false | |
| type: boolean | |
| features: | |
| default: "" | |
| description: "Binary Compilation Features" | |
| options: | |
| - "" | |
| required: false | |
| type: choice | |
| jobs: | |
| extract-version: | |
| name: Extract version | |
| runs-on: warp-ubuntu-latest-x64-16x | |
| outputs: | |
| VERSION: ${{ steps.extract_version.outputs.VERSION }} | |
| steps: | |
| - name: Extract version | |
| id: extract_version | |
| run: | | |
| if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then | |
| VERSION="${GITHUB_REF#refs/tags/}" | |
| else | |
| VERSION="$(echo ${GITHUB_SHA} | cut -c1-7)" | |
| fi | |
| echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT | |
| echo "| | |" >> $GITHUB_STEP_SUMMARY | |
| echo "| ------------------- | ---------------------- |" >> $GITHUB_STEP_SUMMARY | |
| echo "| \`GITHUB_REF_TYPE\` | \`${GITHUB_REF_TYPE}\` |" >> $GITHUB_STEP_SUMMARY | |
| echo "| \`GITHUB_REF_NAME\` | \`${GITHUB_REF_NAME}\` |" >> $GITHUB_STEP_SUMMARY | |
| echo "| \`GITHUB_REF\` | \`${GITHUB_REF}\` |" >> $GITHUB_STEP_SUMMARY | |
| echo "| \`GITHUB_SHA\` | \`${GITHUB_SHA}\` |" >> $GITHUB_STEP_SUMMARY | |
| echo "| \`VERSION\` | \`${VERSION}\` |" >> $GITHUB_STEP_SUMMARY | |
| echo "| \`FEATURES\` | \`${{ github.event.inputs.features || 'none' }}\` |" >> $GITHUB_STEP_SUMMARY | |
| build-binary: | |
| name: Build binary | |
| needs: extract-version | |
| runs-on: ${{ matrix.configs.runner }} | |
| container: | |
| image: ubuntu:22.04 | |
| permissions: | |
| contents: write | |
| packages: write | |
| strategy: | |
| matrix: | |
| configs: | |
| - target: x86_64-unknown-linux-gnu | |
| runner: warp-ubuntu-latest-x64-32x | |
| - target: aarch64-unknown-linux-gnu | |
| runner: warp-ubuntu-latest-arm64-32x | |
| # Paused until docker is pre-installed https://github.com/actions/runner-images/blob/main/images/macos/macos-14-arm64-Readme.md | |
| # - target: aarch64-apple-darwin | |
| # runner: warp-macos-14-arm64-6x | |
| features: | |
| - ${{ github.event.inputs.features || '' }} | |
| steps: | |
| - name: Install dependencies | |
| run: | | |
| apt-get update | |
| apt-get install -y \ | |
| build-essential \ | |
| curl \ | |
| git \ | |
| libclang-dev \ | |
| libssl-dev \ | |
| libtss2-dev \ | |
| pkg-config \ | |
| protobuf-compiler | |
| curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y | |
| - uses: actions/checkout@v4 # must install git before checkout and set safe.directory after checkout because of container | |
| - name: Build tdx-quote-provider binary | |
| run: | | |
| git config --global --add safe.directory "$(pwd)" | |
| . $HOME/.cargo/env | |
| cargo build --release --features=${{ matrix.features }} --target ${{ matrix.configs.target }} --package tdx-quote-provider | |
| mkdir -p artifacts | |
| mv target/${{ matrix.configs.target }}/release/tdx-quote-provider artifacts/tdx-quote-provider-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.configs.target }}${{ matrix.features && '-' }}${{ matrix.features }} | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: tdx-quote-provider-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.configs.target }}${{ matrix.features && '-' }}${{ matrix.features }} | |
| path: artifacts | |
| draft-release: | |
| name: Draft release | |
| if: ${{ github.event.inputs.draft-release == 'true' || github.event_name == 'push'}} # when manually triggered or version tagged | |
| needs: [extract-version, build-binary] | |
| runs-on: warp-ubuntu-latest-x64-16x | |
| env: | |
| VERSION: op-${{ needs.extract-version.outputs.VERSION }} | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| path: artifacts | |
| - name: Record artifacts checksums | |
| working-directory: artifacts | |
| run: | | |
| find ./ || true | |
| for file in *; do sha256sum "$file" >> sha256sums.txt; done; | |
| cat sha256sums.txt | |
| - name: Create release draft | |
| uses: softprops/[email protected] | |
| id: create-release-draft | |
| with: | |
| draft: true | |
| files: artifacts/* | |
| generate_release_notes: true | |
| name: ${{ env.VERSION }} | |
| tag_name: ${{ env.VERSION }} | |
| - name: Write Github Step Summary | |
| run: | | |
| echo "---" | |
| echo "### Release Draft: ${{ env.VERSION }}" >> $GITHUB_STEP_SUMMARY | |
| echo "${{ steps.create-release-draft.outputs.url }}" >> $GITHUB_STEP_SUMMARY |