Skip to content

Merge pull request #546 from DataDog/juli1/version-0.4.6 #94

Merge pull request #546 from DataDog/juli1/version-0.4.6

Merge pull request #546 from DataDog/juli1/version-0.4.6 #94

Workflow file for this run

name: Release new version
on:
push:
tags:
- '**'
permissions:
contents: write
jobs:
test-rules:
uses: './.github/workflows/test-rules.yaml'
integration-tests:
uses: './.github/workflows/integration-tests.yaml'
secrets: inherit
verify-schema:
uses: './.github/workflows/verify-schema.yaml'
versions-check:
uses: './.github/workflows/versions-check.yaml'
build:
strategy:
fail-fast: false
matrix:
include:
- { target: aarch64-unknown-linux-gnu, os: ubuntu-latest, image: 'ubuntu:20.04' }
- { target: x86_64-unknown-linux-gnu, os: ubuntu-latest, image: 'ubuntu:20.04' }
- { target: aarch64-apple-darwin, os: macos-latest }
- { target: x86_64-apple-darwin, os: macos-13 }
- { target: x86_64-pc-windows-msvc, os: windows-latest }
name: Build binaries for ${{ matrix.target }}
runs-on: ${{ matrix.os }}
container:
image: ${{ matrix.image || '' }}
options: --privileged
steps:
- name: Configure container
if: startsWith(matrix.os, 'ubuntu')
run: |
apt-get update
apt-get --no-install-recommends install -y build-essential ca-certificates curl git jq wget zip
git config --global --add safe.directory $GITHUB_WORKSPACE
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Rust
uses: actions-rust-lang/setup-rust-toolchain@v1.10.1
with:
target: ${{ matrix.target }}
- name: Install cross-compilation tools
uses: taiki-e/setup-cross-toolchain-action@v1
with:
target: ${{ matrix.target }}
# Set the current SHA as the version so that it's exposed on the server.
- name: Set the version
shell: bash
run: sed "s/development/$GITHUB_SHA/g" crates/static-analysis-kernel/src/constants.rs > bla && rm crates/static-analysis-kernel/src/constants.rs && mv bla crates/static-analysis-kernel/src/constants.rs
- name: Build Rust binaries
run: |
cargo build --release --target ${{ matrix.target }} --bin datadog-static-analyzer
cargo build --release --target ${{ matrix.target }} --bin datadog-static-analyzer-git-hook
cargo build --release --target ${{ matrix.target }} --bin datadog-static-analyzer-server
- name: Zip Rust binaries (Unix)
if: ${{ !startsWith(matrix.os, 'windows') }}
run: |
zip -j datadog-static-analyzer-${{ matrix.target }}.zip target/${{ matrix.target }}/release/datadog-static-analyzer
zip -j datadog-static-analyzer-git-hook-${{ matrix.target }}.zip target/${{ matrix.target }}/release/datadog-static-analyzer-git-hook
zip -j datadog-static-analyzer-server-${{ matrix.target }}.zip target/${{ matrix.target }}/release/datadog-static-analyzer-server
- name: Zip Rust binaries (Windows)
if: startsWith(matrix.os, 'windows')
run: |
7z a datadog-static-analyzer-${{ matrix.target }}.zip target/${{ matrix.target }}/release/datadog-static-analyzer.exe
7z a datadog-static-analyzer-git-hook-${{ matrix.target }}.zip target/${{ matrix.target }}/release/datadog-static-analyzer-git-hook.exe
7z a datadog-static-analyzer-server-${{ matrix.target }}.zip target/${{ matrix.target }}/release/datadog-static-analyzer-server.exe
- name: Upload assets
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.target }}
path: |
datadog-static-analyzer-${{ matrix.target }}.zip
datadog-static-analyzer-git-hook-${{ matrix.target }}.zip
datadog-static-analyzer-server-${{ matrix.target }}.zip
if-no-files-found: error
retention-days: 7
release:
name: Release on GitHub
needs:
- test-rules
- integration-tests
- verify-schema
- versions-check
- build
runs-on: ubuntu-latest
permissions:
contents: write
outputs:
release: ${{ steps.set-release.outputs.release }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set release variable
id: set-release
run: |
mainCount=$(git branch -r --contains ${{ github.ref }} --format "%(refname:lstrip=3)" | grep -xc main)
if [[ $mainCount -eq 0 ]]; then
echo "Tag was not pushed onto main branch, exiting"
exit 1
elif [[ $GITHUB_REF =~ ^refs/tags/[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "release=true" >> $GITHUB_OUTPUT
else
echo "release=false" >> $GITHUB_OUTPUT
fi
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
- name: Display structure of downloaded files
run: ls -lR
working-directory: artifacts
- name: Create release
if: ${{ steps.set-release.outputs.release == 'true' }}
run: |-
gh release create --generate-notes \
${{ github.ref_name }} \
versions.json \
artifacts/*/datadog-static-analyzer*.zip
env:
GH_TOKEN: ${{ github.token }}
- name: Create pre-release
if: ${{ steps.set-release.outputs.release == 'false' }}
run: |-
gh release create --generate-notes --prerelease \
${{ github.ref_name }} \
versions.json \
artifacts/*/datadog-static-analyzer*.zip
env:
GH_TOKEN: ${{ github.token }}
ghcr:
needs: release
uses: './.github/workflows/ghcr.yml'
with:
release: ${{ needs.release.outputs.release == 'true' }}
permissions:
contents: read
packages: write
id-token: write