3
0
Fork 0
mirror of https://github.com/dtolnay/install.git synced 2024-11-22 08:29:30 +01:00
cargo-install/.github/workflows/build.yml
2023-10-08 10:01:23 -07:00

74 lines
2.4 KiB
YAML

name: build
on:
workflow_call:
inputs:
crate:
required: true
type: string
bin:
required: false
type: string
git:
required: false
type: string
ref:
required: false
type: string
path:
required: false
type: string
toolchain:
required: false
type: string
default: stable
locked:
required: false
type: boolean
default: false
secrets:
private_key:
required: true
jobs:
build:
name: ${{inputs.crate}}
runs-on: ubuntu-latest
permissions:
contents: write
timeout-minutes: 45
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v4
with:
repository: ${{inputs.git}}
ref: ${{inputs.ref}}
path: ${{inputs.crate}}
if: inputs.git
- uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{inputs.toolchain}}
- run: cargo install --force ${{inputs.git && format('--path={0}', inputs.path || '.') || inputs.crate}} --bin ${{inputs.bin || inputs.crate}} ${{inputs.locked && '--locked' || ''}}
working-directory: ${{inputs.git && inputs.crate || '.'}}
- id: which
run: echo "which=$(which ${{inputs.bin || inputs.crate}})" >> $GITHUB_OUTPUT
- id: version
run: echo "version=$(cargo install --list | grep -o '^${{inputs.crate}} \([^ :]\)\+')" >> $GITHUB_OUTPUT
- run: echo "$PRIVATE_KEY" | gpg --import
env:
PRIVATE_KEY: ${{secrets.private_key}}
- run: gpg --output ${{inputs.bin || inputs.crate}}.sig --detach-sig ${{steps.which.outputs.which}}
- run: gpg --output signing-key.gpg --dearmor signing-key.asc
- run: gpg --no-default-keyring --keyring ./signing-key.gpg --verify ${{inputs.bin || inputs.crate}}.sig ${{steps.which.outputs.which}}
- run: git tag -d ${{inputs.crate}} || true
- run: git tag ${{inputs.crate}}
- run: git push origin tag ${{inputs.crate}} --force
- uses: softprops/action-gh-release@v1
with:
tag_name: ${{inputs.crate}}
target_commitish: ${{github.ref}}
files: |
${{steps.which.outputs.which}}
${{inputs.bin || inputs.crate}}.sig
fail_on_unmatched_files: true
body: ${{steps.version.outputs.version}}