mirror of
https://github.com/martinvonz/jj.git
synced 2025-01-03 18:24:19 +00:00
af76631021
The new code scanner is complaining that actions have permissions to do too much. It wasn't obvious to me what permissions the jobs need, but let's see how this works.
74 lines
2.2 KiB
YAML
74 lines
2.2 KiB
YAML
name: Release
|
|
|
|
on:
|
|
release:
|
|
types: [created]
|
|
|
|
permissions: read-all
|
|
|
|
jobs:
|
|
build-release:
|
|
name: build-release
|
|
permissions:
|
|
contents: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
build: [linux-musl, macos, win-msvc]
|
|
include:
|
|
- build: linux-musl
|
|
os: ubuntu-20.04
|
|
target: x86_64-unknown-linux-musl
|
|
- build: macos
|
|
os: macos-11
|
|
target: x86_64-apple-darwin
|
|
- build: win-msvc
|
|
os: windows-2022
|
|
target: x86_64-pc-windows-msvc
|
|
runs-on: ${{ matrix.os }}
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
- name: Install packages (Ubuntu)
|
|
if: matrix.os == 'ubuntu-20.04'
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y --no-install-recommends xz-utils liblz4-tool musl-tools
|
|
- name: Install Rust
|
|
uses: actions-rs/toolchain@v1
|
|
with:
|
|
toolchain: stable
|
|
profile: minimal
|
|
override: true
|
|
target: ${{ matrix.target }}
|
|
- name: Build release binary
|
|
uses: actions-rs/cargo@v1
|
|
with:
|
|
command: build
|
|
args: --target ${{ matrix.target }} --verbose --release
|
|
- name: Build archive
|
|
shell: bash
|
|
run: |
|
|
outdir="./target/${{ matrix.target }}/release"
|
|
staging="jj-${{ github.event.release.tag_name }}-${{ matrix.target }}"
|
|
mkdir -p "$staging"/complete
|
|
cp {README.md,LICENSE} "$staging/"
|
|
if [ "${{ matrix.os }}" = "windows-2022" ]; then
|
|
cp "target/${{ matrix.target }}/release/jj.exe" "$staging/"
|
|
cd "$staging"
|
|
7z a "../$staging.zip" .
|
|
echo "ASSET=$staging.zip" >> $GITHUB_ENV
|
|
else
|
|
cp "target/${{ matrix.target }}/release/jj" "$staging/"
|
|
tar czf "$staging.tar.gz" -C "$staging" .
|
|
echo "ASSET=$staging.tar.gz" >> $GITHUB_ENV
|
|
fi
|
|
- name: Upload release archive
|
|
uses: actions/upload-release-asset@v1.0.1
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
with:
|
|
upload_url: ${{ github.event.release.upload_url }}
|
|
asset_path: ${{ env.ASSET }}
|
|
asset_name: ${{ env.ASSET }}
|
|
asset_content_type: application/octet-stream
|