Tweak S3 uploads in GitHub Actions workflow #15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| - push | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| env: | |
| NIGHTLY_TOOLCHAIN: nightly-2023-12-30 | |
| jobs: | |
| test: | |
| name: Run tests | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install SQLx CLI | |
| run: | | |
| mkdir -p ~/.local/bin | |
| curl -L https://development-content.brioche.dev/tools/sqlx-cli_v0.7.1/sqlx -o ~/.local/bin/sqlx | |
| curl -L https://development-content.brioche.dev/tools/sqlx-cli_v0.7.1/cargo-sqlx -o ~/.local/bin/cargo-sqlx | |
| chmod +x ~/.local/bin/sqlx ~/.local/bin/cargo-sqlx | |
| echo "$HOME/.local/bin" >> $GITHUB_PATH | |
| - name: Check formatting | |
| run: cargo fmt -- --check | |
| - name: Check database schema | |
| run: make check-db-schema | |
| - name: Check Clippy | |
| run: cargo clippy --all -- -Dwarnings | |
| - name: Build runtime distribution | |
| run: | | |
| cd crates/brioche/runtime | |
| npm install | |
| npm run build | |
| - name: Run tests | |
| run: cargo test --all | |
| build: | |
| name: Build artifacts | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Rust nightly toolchain | |
| run: | | |
| rustup toolchain install "$NIGHTLY_TOOLCHAIN" \ | |
| --target x86_64-unknown-linux-musl \ | |
| --component rust-src | |
| - name: Build Brioche | |
| run: | | |
| cargo build \ | |
| --all \ | |
| --bin brioche \ | |
| --release \ | |
| --target=x86_64-unknown-linux-gnu | |
| - name: Build brioche-pack tools | |
| run: | | |
| cargo build \ | |
| --all \ | |
| --bin brioche-packer \ | |
| --bin brioche-ld \ | |
| --release \ | |
| --target=x86_64-unknown-linux-musl | |
| cargo +"$NIGHTLY_TOOLCHAIN" build \ | |
| --all \ | |
| --bin brioche-packed-exec \ | |
| --bin brioche-packed-userland-exec \ | |
| --profile=release-tiny \ | |
| --target=x86_64-unknown-linux-musl \ | |
| -Z 'build-std=std,panic_abort' \ | |
| -Z 'build-std-features=panic_immediate_abort' | |
| - name: Prepare artifact | |
| run: | | |
| mkdir -p artifacts/brioche/x86_64-linux/ | |
| mkdir -p artifacts/brioche-pack/x86_64-linux/ | |
| cp \ | |
| target/x86_64-unknown-linux-gnu/release/brioche \ | |
| artifacts/brioche/x86_64-linux/ | |
| cp \ | |
| target/x86_64-unknown-linux-musl/release/brioche-packer \ | |
| target/x86_64-unknown-linux-musl/release/brioche-ld \ | |
| target/x86_64-unknown-linux-musl/release-tiny/brioche-packed-exec \ | |
| target/x86_64-unknown-linux-musl/release-tiny/brioche-packed-userland-exec \ | |
| artifacts/brioche-pack/x86_64-linux/ | |
| (cd artifacts/brioche-pack/x86_64-linux/ && tar --zstd -cf ../../brioche/x86_64-linux/brioche-pack.tar.zstd .) | |
| tree --du -h artifacts/brioche-pack | |
| tree --du -h artifacts/brioche | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: brioche | |
| if-no-files-found: error | |
| path: artifacts/brioche | |
| push: | |
| name: Push artifacts | |
| if: github.repository == 'brioche-dev/brioche' | |
| needs: [test, build] | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: brioche | |
| path: artifacts/brioche | |
| # Prepare the upload for the current commit and branch: | |
| # - The current branch will be uploaded with all artifacts | |
| # - The current commit will be uploaded with most artifacts (with some | |
| # exceptions to avoid wasting space) | |
| # - The current files from the bucket will be downloaded first, | |
| # so that existing files are not overwritten. This is so that file | |
| # hashes never change under the commit e.g. if the GitHub Actions | |
| # workflow is re-run | |
| - name: Prepare upload | |
| run: | | |
| mkdir -p artifacts/uploads/commit artifacts/uploads/branch | |
| cp -r artifacts/brioche/* artifacts/uploads/commit/ | |
| cp -r artifacts/brioche/* artifacts/uploads/branch/ | |
| rm artifacts/uploads/commit/*/brioche | |
| aws s3 sync \ | |
| --endpoint "$S3_ENDPOINT" \ | |
| "s3://brioche-dev-development-content/github.com/brioche-dev/brioche/commits/$GITHUB_SHA/" \ | |
| artifacts/uploads/commit/ | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.R2_S3_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.R2_S3_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ vars.R2_S3_REGION }} | |
| S3_ENDPOINT: ${{ secrets.R2_S3_ENDPOINT }} | |
| - name: Upload to S3 | |
| run: | | |
| aws s3 sync \ | |
| --endpoint "$S3_ENDPOINT" \ | |
| --delete \ | |
| artifacts/uploads/branch/ \ | |
| "s3://brioche-dev-development-content/github.com/brioche-dev/brioche/branches/$GITHUB_REF_NAME/" | |
| aws s3 sync \ | |
| --endpoint "$S3_ENDPOINT" \ | |
| --delete \ | |
| artifacts/uploads/commit/ \ | |
| "s3://brioche-dev-development-content/github.com/brioche-dev/brioche/commits/$GITHUB_SHA/" | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.R2_S3_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.R2_S3_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ vars.R2_S3_REGION }} | |
| S3_ENDPOINT: ${{ secrets.R2_S3_ENDPOINT }} | |