actions/cargo-binstall
1
0
Fork 0
mirror of https://github.com/cargo-bins/cargo-binstall.git synced 2025-04-20 20:48:43 +00:00
Code Issues Projects Releases Packages Wiki Activity

Revert "release: cargo-binstall v1.4.0" and fix (#1398)

Browse source 
* Revert "release: cargo-binstall v1.4.0 (#1397)"

This reverts commit 99e8256018.

* --allow-dirty on publish

* Remove private key file after generation

* Write public key file to bin crate and to package

* Upload public key file to release
This commit is contained in:
Félix Saparelli 2023-09-26 19:47:25 +13:00 committed by GitHub
parent 99e8256018
commit 49b37ff1e2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 44 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.github/scripts/ephemeral-gen.sh vendored
View file

@ -11,6 +11,12 @@ algorithm = "minisign"
pubkey = "$(tail -n1 minisign.pub)" pubkey = "$(tail -n1 minisign.pub)"
EOF EOF
echo "public=$(tail -n1 minisign.pub)" >> "$GITHUB_OUTPUT"
cp minisign.pub crates/bin/minisign.pub
set +x set +x
echo "::add-mask::$(tail -n1 minisign.key)" echo "::add-mask::$(tail -n1 minisign.key)"
echo "private=$(tail -n1 minisign.key)" >> "$GITHUB_OUTPUT" echo "private=$(tail -n1 minisign.key)" >> "$GITHUB_OUTPUT"
set -x
rm minisign.key

23
.github/workflows/release-build.yml vendored
View file

@ -8,6 +8,10 @@ on:
description: "Set to the release metadata JSON to publish the release" description: "Set to the release metadata JSON to publish the release"
required: false required: false
type: string type: string
publickey:
description: "Minisign public key. Required when publishing"
required: false
type: string
CARGO_PROFILE_RELEASE_LTO: CARGO_PROFILE_RELEASE_LTO:
description: "Set to override default release profile lto settings" description: "Set to override default release profile lto settings"
required: false required: false
@ -65,6 +69,15 @@ jobs:
if: inputs.CARGO_PROFILE_RELEASE_CODEGEN_UNITS if: inputs.CARGO_PROFILE_RELEASE_CODEGEN_UNITS
run: echo "CARGO_PROFILE_RELEASE_CODEGEN_UNITS=${{ inputs.CARGO_PROFILE_RELEASE_CODEGEN_UNITS }}" >> "$GITHUB_ENV" run: echo "CARGO_PROFILE_RELEASE_CODEGEN_UNITS=${{ inputs.CARGO_PROFILE_RELEASE_CODEGEN_UNITS }}" >> "$GITHUB_ENV"
- name: Include public key in package
if: inputs.publickey
env:
PUBLIC_KEY: ${{ inputs.publickey }}
shell: bash
run: |
echo "untrusted comment: minisign public key" > minisign.pub
cat >> minisign.pub <<< "$PUBLIC_KEY"
- uses: ./.github/actions/just-setup - uses: ./.github/actions/just-setup
with: with:
tools: cargo-auditable tools: cargo-auditable
@ -94,6 +107,7 @@ jobs:
- if: inputs.publish - if: inputs.publish
env: env:
SIGNING_KEY: ${{ secrets.signingkey }} SIGNING_KEY: ${{ secrets.signingkey }}
shell: bash
run: .github/scripts/ephemeral-sign.sh packages/cargo-binstall-* run: .github/scripts/ephemeral-sign.sh packages/cargo-binstall-*
- if: inputs.publish - if: inputs.publish
@ -131,6 +145,15 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Include public key in package
if: inputs.publickey
env:
PUBLIC_KEY: ${{ inputs.publickey }}
shell: bash
run: |
echo "untrusted comment: minisign public key" > minisign.pub
cat >> minisign.pub <<< "$PUBLIC_KEY"
- uses: taiki-e/install-action@v2 - uses: taiki-e/install-action@v2
with: with:
tool: just tool: just

12
.github/workflows/release.yml vendored
View file

@ -61,8 +61,17 @@ jobs:
env: env:
crate: ${{ needs.info.outputs.crate }} crate: ${{ needs.info.outputs.crate }}
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }} CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
run: cargo publish -p "$crate" run: cargo publish -p "$crate" --allow-dirty
- name: Upload public key to release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
release_name: v${{ needs.info.outputs.version }}
tag: v${{ needs.info.outputs.version }}
body: ${{ needs.info.outputs.notes }}
file: minisign.pub
outputs: outputs:
publickey: ${{ steps.keypair.outputs.public }}
signingkey: ${{ steps.keypair.outputs.private }} signingkey: ${{ steps.keypair.outputs.private }}
package: package:
@ -73,5 +82,6 @@ jobs:
uses: ./.github/workflows/release-build.yml uses: ./.github/workflows/release-build.yml
with: with:
publish: ${{ toJSON(needs.info.outputs) }} publish: ${{ toJSON(needs.info.outputs) }}
publickey: ${{ needs.clitag.publickey }}
secrets: secrets:
signingkey: ${{ needs.clitag.signingkey }} signingkey: ${{ needs.clitag.signingkey }}

2
Cargo.lock generated
View file

@ -512,7 +512,7 @@ dependencies = [
[[package]] [[package]]
name = "cargo-binstall" name = "cargo-binstall"
version = "1.4.0" version = "1.3.1"
dependencies = [ dependencies = [
"binstalk", "binstalk",
"binstalk-manifests", "binstalk-manifests",

2
crates/bin/Cargo.toml
View file

@ -3,7 +3,7 @@ name = "cargo-binstall"
description = "Rust binary package installer for CI integration" description = "Rust binary package installer for CI integration"
repository = "https://github.com/cargo-bins/cargo-binstall" repository = "https://github.com/cargo-bins/cargo-binstall"
documentation = "https://docs.rs/cargo-binstall" documentation = "https://docs.rs/cargo-binstall"
version = "1.4.0" version = "1.3.1"
rust-version = "1.65.0" rust-version = "1.65.0"
authors = ["ryan <ryan@kurte.nz>"] authors = ["ryan <ryan@kurte.nz>"]
edition = "2021" edition = "2021"

2
crates/bin/windows.manifest
View file

@ -3,7 +3,7 @@
<assemblyIdentity <assemblyIdentity
type="win32" type="win32"
name="Binstall.Cli.binstall" name="Binstall.Cli.binstall"
version="1.4.0.0" version="1.3.1.0"
/> />
<trustInfo> <trustInfo>

1
justfile
View file

@ -289,6 +289,7 @@ package-dir:
mkdir -p packages/prep mkdir -p packages/prep
cp crates/bin/LICENSE packages/prep cp crates/bin/LICENSE packages/prep
cp README.md packages/prep cp README.md packages/prep
-cp minisign.pub packages/prep
[macos] [macos]
package-prepare: build package-dir package-prepare: build package-dir