Skip to content

chore(deps): update rust crate actix-web to v4.9.0 #1408

chore(deps): update rust crate actix-web to v4.9.0

chore(deps): update rust crate actix-web to v4.9.0 #1408

Workflow file for this run

name: CI/CD
on:
push:
pull_request:
types:
- opened
workflow_dispatch: # allow manual execution
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
IMAGE_NAME: rouhim/this-week-in-past
jobs:
# Use latest for main and PR number for the "ticket" string as prefix for PRs
set_image_tag:
name: Set image tag
runs-on: ubuntu-latest
steps:
- name: Set image tag
id: set_image_tag
run: |
IMAGE_TAG=
if [[ "$GITHUB_REF" == "refs/heads/main" ]]; then
IMAGE_TAG="latest"
elif [ -n "${{ github.event.issue.number }}" ]; then
echo "Using github.event.issue.number: ${{ github.event.issue.number }}"
IMAGE_TAG="ISSUE-${{ github.event.issue.number }}"
elif [ -n "${{ github.event.pull_request.number }}" ];then
echo "Using github.event.pull_request.number: ${{ github.event.pull_request.number }}"
IMAGE_TAG="PR-${{ github.event.pull_request.number }}"
else
echo "Using GITHUB_REF_NAME: $GITHUB_REF_NAME"
IMAGE_TAG="$(echo -n $GITHUB_REF_NAME | md5sum | cut -c1-6)"
fi
echo "IMAGE_TAG: $IMAGE_TAG"
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_OUTPUT
outputs:
IMAGE_TAG: ${{ steps.set_image_tag.outputs.IMAGE_TAG }}
check-oci-config:
name: Check Containerfile
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'config'
hide-progress: false
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
check-repo:
name: Check git repository
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
check-code-style:
name: Check code style
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install rust toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
components: rustfmt
- uses: Swatinem/rust-cache@v2 # use rust / cargo caching
with:
cache-on-failure: "true"
- name: Check the code style
run: cargo fmt --all -- --check
check-code:
name: Check rust code
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install rust toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
components: clippy
- uses: Swatinem/rust-cache@v2 # use rust / cargo caching
with:
cache-on-failure: "true"
- name: Verify code
run: cargo clippy
test:
name: Run application tests
runs-on: ubuntu-latest
env:
BIGDATA_CLOUD_API_KEY: ${{ secrets.BIGDATA_CLOUD_API_KEY }}
OPEN_WEATHER_MAP_API_KEY: ${{ secrets.OPEN_WEATHER_MAP_API_KEY }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install rust toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
- uses: Swatinem/rust-cache@v2 # use rust / cargo caching
with:
cache-on-failure: "true"
- name: Test code
run: cargo test
create-release:
name: Create release
needs: [ check-oci-config, check-repo, check-code-style, check-code, test ]
runs-on: ubuntu-latest
steps:
- name: Checkout code
if: github.ref == 'refs/heads/main'
uses: actions/checkout@v4
# Create a new release based on semantic versioning
- name: Set up Node.js
if: github.ref == 'refs/heads/main'
uses: actions/setup-node@v4
with:
node-version: 20
- name: Install Dependencies
if: github.ref == 'refs/heads/main'
run: |
npm install -g \
semantic-release \
@semantic-release/git \
@semantic-release/gitlab \
@semantic-release/changelog \
@semantic-release/exec \
@semantic-release/commit-analyzer \
conventional-changelog-conventionalcommits
- name: Generate Semantic Release Notes and Create Release
if: github.ref == 'refs/heads/main'
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
run: npx semantic-release
build-binaries:
name: Build
needs: [ check-oci-config, check-repo, check-code-style, check-code, test, create-release ]
runs-on: ubuntu-latest
# Run all targets in parallel
strategy:
matrix:
target: [ x86_64-musl, aarch64-musl, armv7-musleabihf, arm-musleabihf ]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set version to environment
if: github.ref == 'refs/heads/main'
shell: bash
run: |
REPO="RouHim/this-week-in-past"
LATEST_RELEASE_VERSION=$(curl --silent "https://api.github.com/repos/$REPO/releases/latest" | jq -r ".tag_name")
echo "Latest release is $LATEST_RELEASE_VERSION"
echo "VERSION=$LATEST_RELEASE_VERSION" >> $GITHUB_ENV
# Ensure that version is valid
if ! [[ $LATEST_RELEASE_VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Latest release version is not invalid: $LATEST_RELEASE_VERSION"
exit 1
fi
- name: Install rust toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: stable
- name: Set version
if: github.ref == 'refs/heads/main'
shell: bash
run: |
sed -i "s/version = \"0.0.0\"/version = \"${{ env.VERSION }}\"/g" Cargo.toml
echo "Cargo version is now" $(cargo metadata --no-deps --format-version 1 | jq -r ".packages[0].version")
- uses: Swatinem/rust-cache@v2 # use rust / cargo caching
with:
cache-on-failure: "true"
- name: Build static application binary
run: |
# Prepare rust-cross/rust-musl-cross for cross compiling
source .github/workflows/scripts/prep-build-env.sh
# Compile the desired target
build-rust-static-bin ${{ matrix.target }}
# Translate ${{ matrix.target }} to rust target triple
export TARGET_TRIPPLE=$(bash .github/workflows/scripts/translate-arch-to-rust-tripple.sh ${{ matrix.target }})
echo "TARGET_TRIPPLE=${TARGET_TRIPPLE}"
echo "TARGET_TRIPPLE=${TARGET_TRIPPLE}" >> $GITHUB_ENV
- name: Upload static application binaries
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.target }}
path: target/${{ env.TARGET_TRIPPLE }}/release/this-week-in-past
test-container-image:
name: Test container image
needs: [ build-binaries, set_image_tag ]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Download x86_64-musl static application binary
uses: actions/download-artifact@v4
with:
name: x86_64-musl
path: target/x86_64-unknown-linux-musl/release/
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build x86 image and load into local repo
uses: docker/build-push-action@v6
with:
tags: ${{ env.IMAGE_NAME }}:${{ needs.set_image_tag.outputs.IMAGE_TAG }}
context: .
file: ./Containerfile
load: true
push: false
- name: Prepare test env
run: |
mkdir -p /tmp/this-week-in-past-test
wget https://raw.githubusercontent.com/ianare/exif-samples/master/jpg/gps/DSCN0010.jpg -O /tmp/this-week-in-past-test/DSCN0010.jpg
- name: Start test container
run: docker run --pull never -d --name test-container -p 8080:8080 -v /tmp/this-week-in-past-test:/resources ${{ env.IMAGE_NAME }}:${{ needs.set_image_tag.outputs.IMAGE_TAG }}
- name: Test container web api
run: wget -q -O /dev/null --timeout 5 --tries 3 http://localhost:8080/api/health
- name: Cleanup
run: docker kill test-container && docker rm test-container
upload-artifacts:
name: Release artifacts
needs: [ build-binaries ]
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Download x86_64-musl binary
uses: actions/download-artifact@v4
with:
name: x86_64-musl
path: target/x86_64-unknown-linux-musl/release/
- name: Download aarch64-musl binary
uses: actions/download-artifact@v4
with:
name: aarch64-musl
path: target/aarch64-unknown-linux-musl/release/
- name: Download armv7-musleabihf binary
uses: actions/download-artifact@v4
with:
name: armv7-musleabihf
path: target/armv7-unknown-linux-musleabihf/release/
- name: Download arm-musleabihf binary
uses: actions/download-artifact@v4
with:
name: arm-musleabihf
path: target/arm-unknown-linux-musleabihf/release/
- name: Upload the x86 built binaries to the release
run: |
bash .github/workflows/scripts/upload-asset-to-release.sh \
${{ secrets.RELEASE_TOKEN }} \
"./target/x86_64-unknown-linux-musl/release/this-week-in-past" \
"this-week-in-past-x86_64-unknown-linux-musl"
- name: Upload the aarch64 built binaries to the release
run: |
bash .github/workflows/scripts/upload-asset-to-release.sh \
${{ secrets.RELEASE_TOKEN }} \
"./target/aarch64-unknown-linux-musl/release/this-week-in-past" \
"this-week-in-past-aarch64-unknown-linux-musl"
- name: Upload the armv7 built binaries to the release
run: |
bash .github/workflows/scripts/upload-asset-to-release.sh \
${{ secrets.RELEASE_TOKEN }} \
"./target/armv7-unknown-linux-musleabihf/release/this-week-in-past" \
"this-week-in-past-armv7-unknown-linux-musleabihf"
- name: Upload the arm v6 built binaries to the release
run: |
bash .github/workflows/scripts/upload-asset-to-release.sh \
${{ secrets.RELEASE_TOKEN }} \
"./target/arm-unknown-linux-musleabihf/release/this-week-in-past" \
"this-week-in-past-arm-unknown-linux-musleabihf"
publish-container-images:
name: Publish container images
needs: [ test-container-image, set_image_tag ]
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set version to environment
shell: bash
if: github.ref == 'refs/heads/main'
run: |
REPO="RouHim/this-week-in-past"
VERSION=$(curl --silent "https://api.github.com/repos/$REPO/releases/latest" | jq -r ".tag_name")
MINOR_PART=$(echo $VERSION | cut -d. -f2)
MAJOR_PART=$(echo $VERSION | cut -d. -f1)
echo "Latest release is $VERSION"
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "MINOR_VERSION=$MAJOR_PART.$MINOR_PART" >> $GITHUB_ENV
echo "MAJOR_VERSION=$MAJOR_PART" >> $GITHUB_ENV
- name: Download x86_64-musl binary
uses: actions/download-artifact@v4
with:
name: x86_64-musl
path: target/x86_64-unknown-linux-musl/release/
- name: Download aarch64-musl binary
uses: actions/download-artifact@v4
with:
name: aarch64-musl
path: target/aarch64-unknown-linux-musl/release/
- name: Download armv7-musleabihf binary
uses: actions/download-artifact@v4
with:
name: armv7-musleabihf
path: target/armv7-unknown-linux-musleabihf/release/
- name: Download arm-musleabihf binary
uses: actions/download-artifact@v4
with:
name: arm-musleabihf
path: target/arm-unknown-linux-musleabihf/release/
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Build and push multi platform container image
uses: docker/build-push-action@v6
with:
tags: ${{ env.IMAGE_NAME }}:${{ needs.set_image_tag.outputs.IMAGE_TAG }}
platforms: linux/amd64, linux/arm64/v8, linux/arm/v7, linux/arm/v6
context: .
file: ./Containerfile
load: false
push: true
- name: Build and push versioned multi platform container image
uses: docker/build-push-action@v6
if: env.VERSION != ''
with:
tags: ${{ env.IMAGE_NAME }}:${{ env.VERSION }}
platforms: linux/amd64, linux/arm64/v8, linux/arm/v7, linux/arm/v6
context: .
file: ./Containerfile
load: false
push: true
- name: Build and push minor versioned multi platform container image
uses: docker/build-push-action@v6
if: env.VERSION != ''
with:
tags: ${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}
platforms: linux/amd64, linux/arm64/v8, linux/arm/v7, linux/arm/v6
context: .
file: ./Containerfile
load: false
push: true
- name: Build and push major versioned multi platform container image
uses: docker/build-push-action@v6
if: env.VERSION != ''
with:
tags: ${{ env.IMAGE_NAME }}:${{ env.MAJOR_VERSION }}
platforms: linux/amd64, linux/arm64/v8, linux/arm/v7, linux/arm/v6
context: .
file: ./Containerfile
load: false
push: true
- name: Delete old releases
uses: dev-drprasad/[email protected]
with:
keep_latest: 5
delete_tags: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Update docker hub description
if: github.ref == 'refs/heads/main'
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
repository: ${{ env.IMAGE_NAME }}