Skip to content

Add zizmor v0.8.0

Add zizmor v0.8.0 #147

Workflow file for this run

name: Build and Release
on:
workflow_call:
push:
branches: [main]
pull_request:
release:
types: [published]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
complete:
if: always()
needs: [cargo, go]
runs-on: ubuntu-latest
steps:
- if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
run: exit 1
cargo:
strategy:
fail-fast: false
matrix:
crate:
- name: cargo-workspaces
version: '0.2.35'
- name: cargo-workspaces
version: '0.3.6'
- name: cargo-hack
version: '0.5.28'
- name: cargo-set-rust-version
version: '0.5.0'
- name: cargo-edit
version: '0.11.6'
- name: cargo-fuzz
version: '0.12.0'
- name: cargo-deny
version: '0.14.19'
rust: '1.79.0'
- name: cargo-deny
version: '0.16.1'
- name: cargo-readme
version: '3.3.1'
- name: cargo-semver-checks
version: '0.35.0'
- name: cargo-public-api
version: '0.33.1'
- name: wasm-pack
version: '0.13.0'
- name: wasm-bindgen-cli
version: '0.2.92'
- name: check-lockfile-intersection
version: '0.1.0'
- name: wasm-cs
version: '1.0.0'
- name: zizmor
version: '0.8.0'
runs-on:
- ubuntu-latest
- macos-12 # amd64
- macos-14 # arm64
- windows-latest
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@v3
- if: 'matrix.crate.rust'
shell: bash
run: |
rustup install ${{ matrix.crate.rust }}
rustup default ${{ matrix.crate.rust }}
- if: '!matrix.crate.rust'
shell: bash
run: rustup update
- shell: bash
run: |
rustc -V
cargo -V
- uses: stellar/actions/rust-cache@main
- shell: bash
run: cargo install --target-dir ~/.cargo/target --root . --locked --version ${{ matrix.crate.version }} ${{ matrix.crate.name }}
- shell: bash
run: tar cvfz ${{ matrix.crate.name }}-${{ matrix.crate.version }}-${{ runner.os }}-${{ runner.arch }}.tar.gz -C bin .
- uses: actions/upload-artifact@v3
with:
name: ${{ matrix.crate.name }}-${{ matrix.crate.version }}-${{ matrix.runs-on }}
path: '*.tar.gz'
go:
strategy:
fail-fast: false
matrix:
package:
- name: actionlint
import-path: github.com/rhysd/actionlint/cmd/actionlint
version: '1.7.1'
runs-on:
- ubuntu-latest
- macos-12 # amd64
- macos-14 # arm64
- windows-latest
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v5
with:
go-version: stable
- shell: bash
run: GOBIN="$PWD/bin" go install ${{ matrix.package.import-path }}@v${{ matrix.package.version }}
- shell: bash
run: tar cvfz ${{ matrix.package.name }}-${{ matrix.package.version }}-${{ runner.os }}-${{ runner.arch }}.tar.gz -C bin .
- uses: actions/upload-artifact@v3
with:
name: ${{ matrix.package.name }}-${{ matrix.package.version }}-${{ matrix.runs-on }}
path: '*.tar.gz'
release-create:
if: github.ref_name == 'main'
needs: complete
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- id: set-tag
run: echo "tag=v$(git rev-list --count HEAD)" >> $GITHUB_OUTPUT
- run: gh release -R ${{ github.repository }} create --generate-notes --target ${{ github.sha }} "${{ steps.set-tag.outputs.tag }}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
outputs:
tag: ${{ steps.set-tag.outputs.tag }}
release-upload:
if: github.ref_name == 'main'
needs: release-create
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v3
- run: gh release -R ${{ github.repository }} upload --clobber "${{ needs.release-create.outputs.tag }}" **/*.tar.gz
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}