Skip to content

build(deps): bump cachix/install-nix-action from V28 to 29 #1039

build(deps): bump cachix/install-nix-action from V28 to 29

build(deps): bump cachix/install-nix-action from V28 to 29 #1039

Workflow file for this run

name: Release
on:
workflow_dispatch:
pull_request:
branches:
- main
push:
branches:
- main
tags:
- "v*.*.*"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
strategy:
matrix:
platform:
- host: ubuntu-latest
target: aarch64-unknown-linux-musl
test-bin: nix shell --inputs-from . 'nixpkgs#qemu' -c qemu-aarch64 ./result/bin/steward --help
test-oci: docker load < ./result
# TODO: Run the aarch64 binary within OCI
- host: ubuntu-latest
target: wasm32-wasi
test-bin: nix run --inputs-from . 'nixpkgs#wasmtime' ./result/bin/steward -- --help
test-oci: docker load < ./result
# TODO: Execute the WASM binary within OCI
- host: ubuntu-latest
target: x86_64-unknown-linux-musl
test-bin: ./result/bin/steward --help
test-oci: |
docker load < ./result
docker run --rm steward:$(nix eval --raw .#steward-x86_64-unknown-linux-musl-oci.imageTag) steward --help
runs-on: ${{ matrix.platform.host }}
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v29
with:
extra_nix_config: |
access-tokens = github.com=${{ github.token }}
- uses: cachix/cachix-action@v15
with:
name: enarx
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- run: nix build -L --show-trace '.#steward-${{ matrix.platform.target }}'
- run: nix run --inputs-from . 'nixpkgs#coreutils' -- --coreutils-prog=ginstall -p ./result/bin/steward "steward-${{ matrix.platform.target }}"
- uses: actions/upload-artifact@v4
with:
name: steward-${{ matrix.platform.target }}
path: steward-${{ matrix.platform.target }}
- run: ${{ matrix.platform.test-bin }}
- run: nix build -L --show-trace '.#steward-${{ matrix.platform.target }}-oci'
- run: nix run --inputs-from . 'nixpkgs#coreutils' -- --coreutils-prog=ginstall -p ./result "steward-${{ matrix.platform.target }}-oci"
- uses: actions/upload-artifact@v4
with:
name: steward-${{ matrix.platform.target }}-oci
path: steward-${{ matrix.platform.target }}-oci
- run: ${{ matrix.platform.test-oci }}
test:
needs: build
strategy:
matrix:
host: [ ubuntu-latest ]
runs-on: ${{ matrix.host }}
steps:
- uses: actions/download-artifact@v4
with:
name: steward-x86_64-unknown-linux-musl
- run: chmod +x ./steward-x86_64-unknown-linux-musl
- run: ./steward-x86_64-unknown-linux-musl --help
push_oci:
needs: build
permissions:
actions: read
packages: write
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v4
with:
name: steward-aarch64-unknown-linux-musl-oci
- uses: actions/download-artifact@v4
with:
name: steward-x86_64-unknown-linux-musl-oci
- run: skopeo copy docker-archive:./steward-aarch64-unknown-linux-musl-oci containers-storage:localhost/steward:aarch64
- run: skopeo copy docker-archive:./steward-x86_64-unknown-linux-musl-oci containers-storage:localhost/steward:x86_64
- run: podman image ls
- run: podman manifest create steward:manifest
- run: podman manifest add steward:manifest containers-storage:localhost/steward:aarch64 --arch=arm64
- run: podman manifest add steward:manifest containers-storage:localhost/steward:x86_64 --arch=amd64
- run: podman manifest inspect steward:manifest
- name: metadata
id: metadata
uses: docker/metadata-action@v5
with:
images: ghcr.io/profianinc/steward
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
sep-tags: " "
- name: add tags
if: github.event_name == 'push'
run: podman tag steward:manifest ${{ steps.metadata.outputs.tags }}
- name: push to GitHub Packages
if: github.event_name == 'push'
uses: redhat-actions/push-to-registry@v2
with:
tags: ${{ steps.metadata.outputs.tags }}
username: ${{ github.actor }}
password: ${{ github.token }}
release:
needs: build
permissions:
contents: write
if: startsWith(github.ref, 'refs/tags/') && github.event_name == 'push'
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v4
with:
name: steward-aarch64-unknown-linux-musl
- uses: actions/download-artifact@v4
with:
name: steward-aarch64-unknown-linux-musl-oci
- uses: actions/download-artifact@v4
with:
name: steward-wasm32-wasi
- uses: actions/download-artifact@v4
with:
name: steward-wasm32-wasi-oci
- uses: actions/download-artifact@v4
with:
name: steward-x86_64-unknown-linux-musl
- uses: actions/download-artifact@v4
with:
name: steward-x86_64-unknown-linux-musl-oci
- uses: softprops/action-gh-release@v2
with:
draft: true
prerelease: true
files: |
steward-aarch64-unknown-linux-musl
steward-aarch64-unknown-linux-musl-oci
steward-wasm32-wasi
steward-wasm32-wasi-oci
steward-x86_64-unknown-linux-musl
steward-x86_64-unknown-linux-musl-oci