Skip to content

chore: adds write permission #15

chore: adds write permission

chore: adds write permission #15

Workflow file for this run

name: Tests and release
on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
env:
CRATE_NAME: secret-service
GITHUB_TOKEN: ${{ github.token }}
RUST_BACKTRACE: 1
jobs:
test:
name: Release - ${{ matrix.platform.release_for }}
runs-on: ${{ matrix.platform.os }}
permissions: write-all
strategy:
fail-fast: false
matrix:
platform:
# Windows doesnt work for the moment:
#
# - release_for: Windows-x86_64
# os: windows-latest
# target: x86_64-pc-windows-msvc
# bin: secret-service.exe
# name: secret-service-Windows-x86_64.zip
# command: both
- release_for: Linux-x86_64
os_name: Linux-x86_64
os: ubuntu-20.04
target: x86_64-unknown-linux-musl
bin: secret-service
name: secret-service-Linux-x86_64-musl.tar.gz
- release_for: Linux-aarch64
os_name: Linux-aarch64
os: ubuntu-20.04
target: aarch64-unknown-linux-musl
bin: secret-service
name: secret-service-Linux-aarch64-musl.tar.gz
- release_for: MacOS-aarch64
os_name: macOS-aarch64
os: macOS-latest
target: aarch64-apple-darwin
bin: secret-service
name: secret-service-Darwin-aarch64.tar.gz
toolchain:
- stable
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Build binary
uses: houseabsolute/actions-rust-cross@v0
with:
command: ${{ matrix.platform.command }}
target: ${{ matrix.platform.target }}
args: "--locked --release"
strip: true
- name: Package as archive
shell: bash
run: |
cd target/${{ matrix.platform.target }}/release
if [[ "${{ matrix.platform.os }}" == "windows-latest" ]]; then
7z a ../../../${{ matrix.platform.name }} ${{ matrix.platform.bin }}
else
tar czvf ../../../${{ matrix.platform.name }} ${{ matrix.platform.bin }}
fi
cd -
if: |
matrix.toolchain == 'stable' &&
( startsWith( github.ref, 'refs/tags/v' ) ||
github.ref == 'refs/tags/test-release' )
- name: Publish release artifacts
uses: actions/upload-artifact@v4
with:
name: secret-service-${{ matrix.platform.os_name }}
path: "secret-service-*"
if: matrix.toolchain == 'stable' && github.ref == 'refs/tags/test-release'
- name: Generate SHA-256
run: shasum -a 256 ${{ matrix.platform.name }}
if: |
matrix.toolchain == 'stable' &&
matrix.platform.os == 'macOS-latest' &&
( startsWith( github.ref, 'refs/tags/v' ) ||
github.ref == 'refs/tags/test-release' )
- name: Publish GitHub release
uses: softprops/action-gh-release@v2
with:
draft: true
files: "secret-service-*"
body_path: CHANGELOG.adoc
if: matrix.toolchain == 'stable' && startsWith( github.ref, 'refs/tags/v' )