name: Release on: push: tags: - '[0-9]+.[0-9]+.[0-9]+' workflow_dispatch: concurrency: group: release-${{ github.ref }} cancel-in-progress: true permissions: contents: read packages: write env: CARGO_TERM_COLOR: always BINARY_NAME: telemt jobs: build: name: Build ${{ matrix.target }} runs-on: ubuntu-latest strategy: fail-fast: false matrix: include: # ===== GNU / glibc ===== - target: x86_64-unknown-linux-gnu asset_name: telemt-x86_64-linux-gnu - target: aarch64-unknown-linux-gnu asset_name: telemt-aarch64-linux-gnu # ===== MUSL ===== - target: x86_64-unknown-linux-musl asset_name: telemt-x86_64-linux-musl steps: - uses: actions/checkout@v4 # ---------- Toolchain ---------- - uses: dtolnay/rust-toolchain@v1 with: toolchain: stable targets: | x86_64-unknown-linux-gnu aarch64-unknown-linux-gnu x86_64-unknown-linux-musl # ---------- System deps (bookworm) ---------- - name: Install build deps run: | sudo apt-get update sudo apt-get install -y --no-install-recommends \ build-essential \ clang \ lld \ pkg-config \ musl-tools \ gcc-aarch64-linux-gnu \ g++-aarch64-linux-gnu \ ca-certificates # ---------- Cache ---------- - uses: actions/cache@v4 with: path: | ~/.cargo/registry ~/.cargo/git target key: ${{ runner.os }}-${{ matrix.target }}-${{ hashFiles('**/Cargo.lock') }} # ---------- Build ---------- - name: Build env: CC_x86_64_unknown_linux_gnu: clang CXX_x86_64_unknown_linux_gnu: clang++ CC_aarch64_unknown_linux_gnu: aarch64-linux-gnu-gcc CXX_aarch64_unknown_linux_gnu: aarch64-linux-gnu-g++ CC_x86_64_unknown_linux_musl: musl-gcc RUSTFLAGS: "-C linker=clang -C link-arg=-fuse-ld=lld" run: | case "${{ matrix.target }}" in x86_64-unknown-linux-musl) export RUSTFLAGS="-C target-feature=+crt-static" ;; esac cargo build --release --target ${{ matrix.target }} # ---------- Package ---------- - name: Package run: | mkdir -p dist BIN=target/${{ matrix.target }}/release/${{ env.BINARY_NAME }} cp "$BIN" dist/${{ env.BINARY_NAME }}-${{ matrix.target }} cd dist tar -czf ${{ matrix.asset_name }}.tar.gz ${{ env.BINARY_NAME }}-${{ matrix.target }} sha256sum ${{ matrix.asset_name }}.tar.gz > ${{ matrix.asset_name }}.sha256 - uses: actions/upload-artifact@v4 with: name: ${{ matrix.asset_name }} path: | dist/${{ matrix.asset_name }}.tar.gz dist/${{ matrix.asset_name }}.sha256 docker: name: Docker runs-on: ubuntu-latest needs: build continue-on-error: true steps: - uses: actions/checkout@v4 - uses: actions/download-artifact@v4 with: path: artifacts - name: Extract binaries run: | mkdir dist find artifacts -name "*.tar.gz" -exec tar -xzf {} -C dist \; cp dist/telemt-x86_64-unknown-linux-musl dist/telemt || true - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - name: Login to GHCR uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract version id: vars run: echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT - name: Build & Push prod uses: docker/build-push-action@v6 with: context: . target: prod push: true platforms: linux/amd64,linux/arm64 tags: | ghcr.io/${{ github.repository }}:${{ steps.vars.outputs.VERSION }} ghcr.io/${{ github.repository }}:latest build-args: | BINARY=dist/telemt release: name: Release runs-on: ubuntu-latest needs: build permissions: contents: write steps: - uses: actions/download-artifact@v4 with: path: artifacts - name: Flatten artifacts run: | mkdir dist find artifacts -type f -exec cp {} dist/ \; - name: Create Release uses: softprops/action-gh-release@v2 with: files: dist/* generate_release_notes: true draft: false prerelease: ${{ contains(github.ref, '-rc') || contains(github.ref, '-beta') || contains(github.ref, '-alpha') }}