Skip to content

Feat: add stellar ledger as signer #1807

Feat: add stellar ledger as signer

Feat: add stellar ledger as signer #1807

Workflow file for this run

name: Binaries
on:
release:
types: [published]
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.ref_protected == 'true' && github.sha || github.ref }}-{{ github.event_name }}
cancel-in-progress: true
defaults:
run:
shell: bash
permissions:
id-token: write
contents: write
attestations: write
jobs:
build:
strategy:
fail-fast: false
matrix:
crate:
- name: stellar-cli
binary: stellar
sys:
- os: ubuntu-20.04 # Use 20.04 to get an older version of glibc for increased compat
target: x86_64-unknown-linux-gnu
- os: ubuntu-20.04 # Use 20.04 to get an older version of glibc for increased compat
target: aarch64-unknown-linux-gnu
- os: macos-14
target: aarch64-apple-darwin
- os: macos-14
target: x86_64-apple-darwin
- os: windows-latest
target: x86_64-pc-windows-msvc
ext: .exe
runs-on: ${{ matrix.sys.os }}
steps:
- uses: actions/checkout@v4
- run: rustup update
- run: rustup target add ${{ matrix.sys.target }}
- if: matrix.sys.target == 'aarch64-unknown-linux-gnu'
run: sudo apt-get update && sudo apt-get -y install gcc-aarch64-linux-gnu g++-aarch64-linux-gnu libudev-dev
- name: Setup vars
run: |
version="$(cargo metadata --format-version 1 --no-deps | jq -r '.packages[] | select(.name == "stellar-cli") | .version')"
echo "VERSION=${version}" >> $GITHUB_ENV
echo "NAME=${{ matrix.crate.name }}-${version}-${{ matrix.sys.target }}" >> $GITHUB_ENV
- name: Package (release only)
if: github.event_name == 'release'
run: cargo package --no-verify --package ${{ matrix.crate.name }}
- name: Package Extract (release only)
if: github.event_name == 'release'
run: |
cd target/package
tar xvfz ${{ matrix.crate.name }}-$VERSION.crate
echo "BUILD_WORKING_DIR=target/package/${{ matrix.crate.name }}-$VERSION" >> $GITHUB_ENV
- name: Build
env:
CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER: aarch64-linux-gnu-gcc
working-directory: ${{ env.BUILD_WORKING_DIR }}
run: cargo build --target-dir="$GITHUB_WORKSPACE/target" --package ${{ matrix.crate.name }} --features opt --release --target ${{ matrix.sys.target }}
- name: Build provenance for attestation (release only)
if: github.event_name == 'release'
uses: actions/attest-build-provenance@v1
with:
subject-path: target/${{ matrix.sys.target }}/release/${{ matrix.crate.binary }}${{ matrix.sys.ext }}
- name: Compress
run: |
cd target/${{ matrix.sys.target }}/release
tar czvf $NAME.tar.gz ${{ matrix.crate.binary }}${{ matrix.sys.ext }}
- name: Upload to Artifacts
uses: actions/upload-artifact@v4
with:
name: ${{ env.NAME }}.tar.gz
path: 'target/${{ matrix.sys.target }}/release/${{ env.NAME }}.tar.gz'
- name: Upload to Release (release only)
if: github.event_name == 'release'
uses: actions/github-script@v7
with:
script: |
const fs = require('fs');
await github.rest.repos.uploadReleaseAsset({
owner: context.repo.owner,
repo: context.repo.repo,
release_id: ${{ github.event.release.id }},
name: '${{ env.NAME }}.tar.gz',
data: fs.readFileSync('target/${{ matrix.sys.target }}/release/${{ env.NAME }}.tar.gz'),
});
installer:
needs: build
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
- name: Setup vars
run: |
version="$(cargo metadata --format-version 1 --no-deps | jq -r '.packages[] | select(.name == "stellar-cli") | .version')"
installer_basename="stellar-cli-installer-${version}-x86_64-pc-windows-msvc"
echo "VERSION=${version}" >> $GITHUB_ENV
echo "STELLAR_CLI_INSTALLER_BASENAME=${installer_basename}" >> $GITHUB_ENV
echo "STELLAR_CLI_INSTALLER=${installer_basename}.exe" >> $GITHUB_ENV
echo "ARTIFACT_NAME=stellar-cli-${version}-x86_64-pc-windows-msvc.tar.gz" >> $GITHUB_ENV
- name: Download Artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.ARTIFACT_NAME }}
- name: Uncompress Artifact
run: tar xvf ${{ env.ARTIFACT_NAME }}
- name: Build Installer
shell: powershell
run: |
$Env:Path += ";C:\Users\$Env:UserName\AppData\Local\Programs\Inno Setup 6"
$Env:STELLAR_CLI_VERSION = "${{ env.VERSION }}"
ISCC.exe installer.iss
- name: Build provenance for attestation (release only)
if: github.event_name == 'release'
uses: actions/attest-build-provenance@v1
with:
subject-path: ${{ env.STELLAR_CLI_INSTALLER }}
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: ${{ env.STELLAR_CLI_INSTALLER }}
path: Output/stellar-installer.exe
- name: Upload to Release (release only)
if: github.event_name == 'release'
uses: actions/github-script@v7
with:
script: |
const fs = require('fs');
await github.rest.repos.uploadReleaseAsset({
owner: context.repo.owner,
repo: context.repo.repo,
release_id: ${{ github.event.release.id }},
name: '${{ env.STELLAR_CLI_INSTALLER }}',
data: fs.readFileSync('Output/stellar-installer.exe'),
});