mirror of
https://github.com/maplibre/martin.git
synced 2024-12-24 15:34:51 +03:00
edcb2203d2
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6 to 7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v7.0.0</h2> <p>✨ Now supports commit signing with bot-generated tokens! See "What's new" below. ✍️🤖</p> <h3>Behaviour changes</h3> <ul> <li>Action input <code>git-token</code> has been renamed <code>branch-token</code>, to be more clear about its purpose. The <code>branch-token</code> is the token that the action will use to create and update the branch.</li> <li>The action now handles requests that have been rate-limited by GitHub. Requests hitting a primary rate limit will retry twice, for a total of three attempts. Requests hitting a secondary rate limit will not be retried.</li> <li>The <code>pull-request-operation</code> output now returns <code>none</code> when no operation was executed.</li> <li>Removed deprecated output environment variable <code>PULL_REQUEST_NUMBER</code>. Please use the <code>pull-request-number</code> action output instead.</li> </ul> <h3>What's new</h3> <ul> <li>The action can now sign commits as <code>github-actions[bot]</code> when using <code>GITHUB_TOKEN</code>, or your own bot when using <a href="https://github.com/peter-evans/create-pull-request/blob/HEAD/docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens">GitHub App tokens</a>. See <a href="https://github.com/peter-evans/create-pull-request/blob/HEAD/docs/concepts-guidelines.md#commit-signature-verification-for-bots">commit signing</a> for details.</li> <li>Action input <code>draft</code> now accepts a new value <code>always-true</code>. This will set the pull request to draft status when the pull request is updated, as well as on creation.</li> <li>A new action input <code>maintainer-can-modify</code> indicates whether <a href="https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork">maintainers can modify</a> the pull request. The default is <code>true</code>, which retains the existing behaviour of the action.</li> <li>A new output <code>pull-request-commits-verified</code> returns <code>true</code> or <code>false</code>, indicating whether GitHub considers the signature of the branch's commits to be verified.</li> </ul> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.36 to 18.19.39 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3000">peter-evans/create-pull-request#3000</a></li> <li>build(deps-dev): bump ts-jest from 29.1.5 to 29.2.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3008">peter-evans/create-pull-request#3008</a></li> <li>build(deps-dev): bump prettier from 3.3.2 to 3.3.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3018">peter-evans/create-pull-request#3018</a></li> <li>build(deps-dev): bump ts-jest from 29.2.0 to 29.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3019">peter-evans/create-pull-request#3019</a></li> <li>build(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3035">peter-evans/create-pull-request#3035</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.39 to 18.19.41 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3037">peter-evans/create-pull-request#3037</a></li> <li>build(deps): bump undici from 6.19.2 to 6.19.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3036">peter-evans/create-pull-request#3036</a></li> <li>build(deps-dev): bump ts-jest from 29.2.2 to 29.2.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3038">peter-evans/create-pull-request#3038</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.41 to 18.19.42 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3070">peter-evans/create-pull-request#3070</a></li> <li>build(deps): bump undici from 6.19.4 to 6.19.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3086">peter-evans/create-pull-request#3086</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.42 to 18.19.43 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3087">peter-evans/create-pull-request#3087</a></li> <li>build(deps-dev): bump ts-jest from 29.2.3 to 29.2.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3088">peter-evans/create-pull-request#3088</a></li> <li>build(deps): bump undici from 6.19.5 to 6.19.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3145">peter-evans/create-pull-request#3145</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.43 to 18.19.44 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3144">peter-evans/create-pull-request#3144</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3154">peter-evans/create-pull-request#3154</a></li> <li>build(deps): bump undici from 6.19.7 to 6.19.8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3213">peter-evans/create-pull-request#3213</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.44 to 18.19.45 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3214">peter-evans/create-pull-request#3214</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3221">peter-evans/create-pull-request#3221</a></li> <li>build(deps-dev): bump eslint-import-resolver-typescript from 3.6.1 to 3.6.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3255">peter-evans/create-pull-request#3255</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.45 to 18.19.46 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3254">peter-evans/create-pull-request#3254</a></li> <li>build(deps-dev): bump ts-jest from 29.2.4 to 29.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3256">peter-evans/create-pull-request#3256</a></li> <li>v7 - signed commits by <a href="https://github.com/peter-evans"><code>@peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3057">peter-evans/create-pull-request#3057</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/rustycl0ck"><code>@rustycl0ck</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3057">peter-evans/create-pull-request#3057</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.1.0...v7.0.0">https://github.com/peter-evans/create-pull-request/compare/v6.1.0...v7.0.0</a></p> <h2>Create Pull Request v6.1.0</h2> <p>✨ Adds <code>pull-request-branch</code> as an action output.</p> <h2>What's Changed</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="4320041ed3
"><code>4320041</code></a> feat: signed commits (v7) (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3057">#3057</a>)</li> <li><a href="0c2a66fe4a
"><code>0c2a66f</code></a> build(deps-dev): bump ts-jest from 29.2.4 to 29.2.5 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3256">#3256</a>)</li> <li><a href="17121bc5b5
"><code>17121bc</code></a> build(deps-dev): bump <code>@types/node</code> from 18.19.45 to 18.19.46 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3254">#3254</a>)</li> <li><a href="87b5d6d564
"><code>87b5d6d</code></a> build(deps-dev): bump eslint-import-resolver-typescript (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3255">#3255</a>)</li> <li><a href="00897e0bc2
"><code>00897e0</code></a> build: update distribution (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3221">#3221</a>)</li> <li><a href="4cfc1fc717
"><code>4cfc1fc</code></a> build(deps-dev): bump <code>@types/node</code> from 18.19.44 to 18.19.45 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3214">#3214</a>)</li> <li><a href="cb4ed6491a
"><code>cb4ed64</code></a> build(deps): bump undici from 6.19.7 to 6.19.8 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3213">#3213</a>)</li> <li><a href="4eb90b7bc7
"><code>4eb90b7</code></a> ci: separate test suite commands in pr comment</li> <li><a href="5308ecb864
"><code>5308ecb</code></a> ci: add sign-commits flag to test suite comment</li> <li><a href="ba864ad40c
"><code>ba864ad</code></a> build: update distribution (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3154">#3154</a>)</li> <li>Additional commits viewable in <a href="https://github.com/peter-evans/create-pull-request/compare/v6...v7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6&new-version=7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
702 lines
26 KiB
YAML
702 lines
26 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [ main ]
|
|
pull_request:
|
|
branches: [ main ]
|
|
paths-ignore:
|
|
- '**.md'
|
|
- 'demo/**'
|
|
- 'docs/**'
|
|
release:
|
|
types: [ published ]
|
|
workflow_dispatch:
|
|
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
|
|
jobs:
|
|
lint-debug-test:
|
|
name: Lint and Unit test
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
PGDATABASE: test
|
|
PGHOST: localhost
|
|
PGUSER: postgres
|
|
PGPASSWORD: postgres
|
|
services:
|
|
postgres:
|
|
image: postgis/postgis:16-3.4
|
|
ports:
|
|
# will assign a random free host port
|
|
- 5432/tcp
|
|
# Sadly there is currently no way to pass arguments to the service image other than this hack
|
|
# See also https://stackoverflow.com/a/62720566/177275
|
|
options: >-
|
|
-e POSTGRES_DB=test
|
|
-e POSTGRES_USER=postgres
|
|
-e POSTGRES_PASSWORD=postgres
|
|
-e PGDATABASE=test
|
|
-e PGUSER=postgres
|
|
-e PGPASSWORD=postgres
|
|
--health-cmd pg_isready
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
--entrypoint sh
|
|
postgis/postgis:16-3.4
|
|
-c "exec docker-entrypoint.sh postgres -c ssl=on -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key"
|
|
steps:
|
|
- uses: taiki-e/install-action@v2
|
|
with: { tool: just }
|
|
- name: Checkout sources
|
|
uses: actions/checkout@v4
|
|
- uses: Swatinem/rust-cache@v2
|
|
if: github.event_name != 'release' && github.event_name != 'workflow_dispatch'
|
|
- run: just env-info
|
|
- run: just fmt
|
|
- run: just clippy
|
|
- run: just check
|
|
- run: just check-doc
|
|
- name: Check semver
|
|
uses: obi1kenobi/cargo-semver-checks-action@v2
|
|
- name: Init database
|
|
run: tests/fixtures/initdb.sh
|
|
env:
|
|
PGPORT: ${{ job.services.postgres.ports[5432] }}
|
|
- name: Run cargo test
|
|
run: |
|
|
set -x
|
|
cargo test --package martin-tile-utils
|
|
cargo test --package mbtiles --no-default-features
|
|
cargo test --package mbtiles
|
|
cargo test --package martin
|
|
cargo test --doc
|
|
env:
|
|
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=require
|
|
|
|
docker-build-test:
|
|
name: Build and test docker images
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
# PG_* variables are used by psql
|
|
PGDATABASE: test
|
|
PGHOST: localhost
|
|
PGUSER: postgres
|
|
PGPASSWORD: postgres
|
|
# TODO: aarch64-unknown-linux-gnu
|
|
services:
|
|
postgres:
|
|
image: postgis/postgis:15-3.3
|
|
ports:
|
|
- 5432/tcp
|
|
options: >-
|
|
-e POSTGRES_DB=test
|
|
-e POSTGRES_USER=postgres
|
|
-e POSTGRES_PASSWORD=postgres
|
|
-e PGDATABASE=test
|
|
-e PGUSER=postgres
|
|
-e PGPASSWORD=postgres
|
|
--health-cmd pg_isready
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
--entrypoint sh
|
|
postgis/postgis:15-3.3
|
|
-c "exec docker-entrypoint.sh postgres -c ssl=on -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key"
|
|
|
|
steps:
|
|
- uses: taiki-e/install-action@v2
|
|
with: { tool: cross }
|
|
- name: Checkout sources
|
|
uses: actions/checkout@v4
|
|
with:
|
|
set-safe-directory: false
|
|
- uses: Swatinem/rust-cache@v2
|
|
if: github.event_name != 'release' && github.event_name != 'workflow_dispatch'
|
|
- name: Init database
|
|
run: tests/fixtures/initdb.sh
|
|
env:
|
|
PGPORT: ${{ job.services.postgres.ports[5432] }}
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
# https://github.com/docker/setup-qemu-action
|
|
with:
|
|
platforms: linux/amd64,linux/arm64
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
# https://github.com/docker/setup-buildx-action
|
|
with:
|
|
install: true
|
|
platforms: linux/amd64,linux/arm64
|
|
- name: Set up AWS SAM
|
|
uses: aws-actions/setup-sam@v2
|
|
with:
|
|
use-installer: true
|
|
|
|
- name: Build targets
|
|
run: |
|
|
for target in "aarch64-unknown-linux-musl" "x86_64-unknown-linux-musl"; do
|
|
echo -e "\n----------------------------------------------"
|
|
echo "Building $target"
|
|
# See https://github.com/cross-rs/cross/issues/1526
|
|
# TODO: Remove this once a version after cross 0.2.5 is released
|
|
export CROSS_BUILD_OPTS="--output=type=docker"
|
|
export "CARGO_TARGET_$(echo $target | tr 'a-z-' 'A-Z_')_RUSTFLAGS"='-C strip=debuginfo'
|
|
cross build --release --target $target --workspace
|
|
mkdir -p target_releases/$target
|
|
mv target/$target/release/martin target_releases/$target
|
|
mv target/$target/release/martin-cp target_releases/$target
|
|
mv target/$target/release/mbtiles target_releases/$target
|
|
done
|
|
|
|
- name: Save build artifacts to build-${{ matrix.target }}
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: cross-build
|
|
path: target_releases/*
|
|
- name: Reorganize artifacts for docker build
|
|
run: |
|
|
mkdir -p target_releases/linux/arm64
|
|
mv target_releases/aarch64-unknown-linux-musl/* target_releases/linux/arm64/
|
|
mkdir -p target_releases/linux/amd64
|
|
mv target_releases/x86_64-unknown-linux-musl/* target_releases/linux/amd64/
|
|
- name: Start NGINX
|
|
uses: nyurik/action-setup-nginx@v1.1
|
|
id: nginx
|
|
with: { port: '5412', output-unix-paths: 'yes' }
|
|
- name: Copy static files
|
|
run: cp -r tests/fixtures/pmtiles2/* ${{ steps.nginx.outputs.html-dir }}
|
|
- name: Build linux/arm64 Docker image
|
|
uses: docker/build-push-action@v6
|
|
# https://github.com/docker/build-push-action
|
|
with:
|
|
context: .
|
|
file: .github/files/multi-platform.Dockerfile
|
|
load: true
|
|
tags: ${{ github.repository }}:linux-arm64
|
|
platforms: linux/arm64
|
|
|
|
- name: Test linux/arm64 Docker image
|
|
run: |
|
|
PLATFORM=linux/arm64
|
|
TAG=${{ github.repository }}:linux-arm64
|
|
export MARTIN_BUILD_ALL=-
|
|
export MARTIN_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests $TAG"
|
|
export MARTIN_CP_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests --entrypoint /usr/local/bin/martin-cp $TAG"
|
|
export MBTILES_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests --entrypoint /usr/local/bin/mbtiles $TAG"
|
|
tests/test.sh
|
|
env:
|
|
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=require
|
|
|
|
- name: Build linux/amd64 Docker image
|
|
uses: docker/build-push-action@v6
|
|
# https://github.com/docker/build-push-action
|
|
with:
|
|
context: .
|
|
file: .github/files/multi-platform.Dockerfile
|
|
load: true
|
|
tags: ${{ github.repository }}:linux-amd64
|
|
platforms: linux/amd64
|
|
- name: Test linux/amd64 Docker image
|
|
run: |
|
|
PLATFORM=linux/amd64
|
|
TAG=${{ github.repository }}:linux-amd64
|
|
export MARTIN_BUILD_ALL=-
|
|
export MARTIN_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests $TAG"
|
|
export MARTIN_CP_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests --entrypoint /usr/local/bin/martin-cp $TAG"
|
|
export MBTILES_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests --entrypoint /usr/local/bin/mbtiles $TAG"
|
|
tests/test.sh
|
|
env:
|
|
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=require
|
|
|
|
- name: Login to GitHub Docker registry
|
|
if: github.event_name != 'pull_request'
|
|
uses: docker/login-action@v3
|
|
# https://github.com/docker/login-action
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Docker meta
|
|
id: docker_meta
|
|
uses: docker/metadata-action@v5
|
|
# https://github.com/docker/metadata-action
|
|
with:
|
|
images: ghcr.io/${{ github.repository }}
|
|
- name: Push the Docker image
|
|
if: github.event_name != 'pull_request'
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: .
|
|
file: .github/files/multi-platform.Dockerfile
|
|
push: true
|
|
tags: ${{ steps.docker_meta.outputs.tags }}
|
|
labels: ${{ steps.docker_meta.outputs.labels }}
|
|
platforms: linux/amd64,linux/arm64
|
|
|
|
build:
|
|
name: Build ${{ matrix.target }}
|
|
runs-on: ${{ matrix.os }}
|
|
strategy:
|
|
fail-fast: true
|
|
matrix:
|
|
include:
|
|
- target: aarch64-apple-darwin
|
|
os: macos-14 # M1 CPU
|
|
- target: debian-x86_64
|
|
os: ubuntu-latest
|
|
- target: x86_64-apple-darwin
|
|
os: macos-13 # x64 CPU
|
|
- target: x86_64-pc-windows-msvc
|
|
os: windows-latest
|
|
ext: '.exe'
|
|
- target: x86_64-unknown-linux-gnu
|
|
os: ubuntu-latest
|
|
steps:
|
|
- name: Checkout sources
|
|
uses: actions/checkout@v4
|
|
- name: Rust Versions
|
|
run: rustc --version && cargo --version
|
|
- uses: Swatinem/rust-cache@v2
|
|
if: github.event_name != 'release' && github.event_name != 'workflow_dispatch'
|
|
- name: Install NASM for rustls/aws-lc-rs on Windows
|
|
if: runner.os == 'Windows'
|
|
uses: ilammy/setup-nasm@v1
|
|
- name: Build (.deb)
|
|
if: matrix.target == 'debian-x86_64'
|
|
run: |
|
|
set -x
|
|
sudo apt-get install -y dpkg dpkg-dev liblzma-dev
|
|
cargo install cargo-deb --locked
|
|
cargo deb -v -p martin --output target/debian/debian-x86_64.deb
|
|
mkdir -p target_releases
|
|
mv target/debian/debian-x86_64.deb target_releases/
|
|
- name: Build
|
|
if: matrix.target != 'debian-x86_64'
|
|
run: |
|
|
set -x
|
|
rustup target add "${{ matrix.target }}"
|
|
export RUSTFLAGS='-C strip=debuginfo'
|
|
cargo build --release --target ${{ matrix.target }} --package mbtiles
|
|
cargo build --release --target ${{ matrix.target }} --package martin
|
|
mkdir -p target_releases
|
|
mv target/${{ matrix.target }}/release/martin${{ matrix.ext }} target_releases/
|
|
mv target/${{ matrix.target }}/release/martin-cp${{ matrix.ext }} target_releases/
|
|
mv target/${{ matrix.target }}/release/mbtiles${{ matrix.ext }} target_releases/
|
|
- name: Save build artifacts to build-${{ matrix.target }}
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: build-${{ matrix.target }}
|
|
path: target_releases/*
|
|
|
|
test-aws-lambda:
|
|
name: Test AWS Lambda
|
|
runs-on: ubuntu-latest
|
|
needs: [ docker-build-test ]
|
|
steps:
|
|
- name: Checkout sources
|
|
uses: actions/checkout@v4
|
|
- name: Download build artifact cross-build
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: cross-build
|
|
- run: tests/test-aws-lambda.sh
|
|
env:
|
|
MARTIN_BIN: x86_64-unknown-linux-musl/martin
|
|
|
|
|
|
test-multi-os:
|
|
name: Test on ${{ matrix.os }}
|
|
runs-on: ${{ matrix.os }}
|
|
needs: [ build ]
|
|
strategy:
|
|
fail-fast: true
|
|
matrix:
|
|
include:
|
|
- target: x86_64-apple-darwin
|
|
os: macos-13
|
|
- target: x86_64-pc-windows-msvc
|
|
os: windows-latest
|
|
ext: '.exe'
|
|
- target: x86_64-unknown-linux-gnu
|
|
os: ubuntu-latest
|
|
steps:
|
|
- name: Install and run Postgis
|
|
uses: nyurik/action-setup-postgis@v2
|
|
id: pg
|
|
with: { username: 'test', password: 'test', database: 'test' }
|
|
- name: Start NGINX
|
|
uses: nyurik/action-setup-nginx@v1.1
|
|
id: nginx
|
|
with: { port: '5412', output-unix-paths: 'yes' }
|
|
- name: Checkout sources
|
|
uses: actions/checkout@v4
|
|
- name: Init database
|
|
run: |
|
|
echo "DATABASE_URL=${{ steps.pg.outputs.connection-uri }}"
|
|
echo "Print the same in base64 to bypass Github's obfuscation (uses hardcoded password):"
|
|
echo "${{ steps.pg.outputs.connection-uri }}" | base64
|
|
tests/fixtures/initdb.sh
|
|
env:
|
|
PGSERVICE: ${{ steps.pg.outputs.service-name }}
|
|
- name: Copy static files
|
|
run: cp -r tests/fixtures/pmtiles2/* ${{ steps.nginx.outputs.html-dir }}
|
|
- name: Download build artifact build-${{ matrix.target }}
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-${{ matrix.target }}
|
|
path: target/
|
|
- name: Integration Tests
|
|
run: |
|
|
export MARTIN_BUILD_ALL=-
|
|
export MARTIN_BIN=target/martin${{ matrix.ext }}
|
|
export MARTIN_CP_BIN=target/martin-cp${{ matrix.ext }}
|
|
export MBTILES_BIN=target/mbtiles${{ matrix.ext }}
|
|
if [[ "${{ runner.os }}" != "Windows" ]]; then
|
|
chmod +x "$MARTIN_BIN" "$MARTIN_CP_BIN" "$MBTILES_BIN"
|
|
fi
|
|
tests/test.sh
|
|
env:
|
|
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }}
|
|
- name: Compare test output results (Linux)
|
|
if: matrix.target == 'x86_64-unknown-linux-gnu'
|
|
run: diff --brief --recursive --new-file tests/output tests/expected
|
|
- name: Download Debian package (Linux)
|
|
if: matrix.target == 'x86_64-unknown-linux-gnu'
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-debian-x86_64
|
|
path: target/
|
|
- name: Tests Debian package (Linux)
|
|
if: matrix.target == 'x86_64-unknown-linux-gnu'
|
|
run: |
|
|
sudo dpkg -i target/debian-x86_64.deb
|
|
export MARTIN_BUILD_ALL=-
|
|
export MARTIN_BIN=/usr/bin/martin${{ matrix.ext }}
|
|
export MARTIN_CP_BIN=/usr/bin/martin-cp${{ matrix.ext }}
|
|
export MBTILES_BIN=/usr/bin/mbtiles${{ matrix.ext }}
|
|
tests/test.sh
|
|
env:
|
|
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }}
|
|
- name: Save test output (on error)
|
|
if: failure()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: failed-test-output-${{ runner.os }}
|
|
path: |
|
|
tests/output/*
|
|
target/test_logs/*
|
|
retention-days: 5
|
|
|
|
test-with-svc:
|
|
name: Test postgis:${{ matrix.img_ver }} sslmode=${{ matrix.sslmode }}
|
|
runs-on: ubuntu-latest
|
|
needs: [ build, docker-build-test ]
|
|
strategy:
|
|
fail-fast: true
|
|
matrix:
|
|
include:
|
|
# These must match the versions of postgres used in the docker-compose.yml
|
|
- img_ver: 11-3.0-alpine
|
|
args: postgres
|
|
sslmode: disable
|
|
- img_ver: 14-3.3-alpine
|
|
args: postgres
|
|
sslmode: disable
|
|
# alpine images don't support SSL, so for this we use the debian images
|
|
- img_ver: 15-3.3
|
|
args: postgres -c ssl=on -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
|
|
sslmode: require
|
|
#
|
|
# FIXME!
|
|
# DISABLED because Rustls fails to validate name (CN?) with the NotValidForName error
|
|
#- img_ver: 15-3.3
|
|
# args: postgres -c ssl=on -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
|
|
# sslmode: verify-ca
|
|
#- img_ver: 15-3.3
|
|
# args: postgres -c ssl=on -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
|
|
# sslmode: verify-full
|
|
env:
|
|
PGDATABASE: test
|
|
PGHOST: localhost
|
|
PGUSER: postgres
|
|
PGPASSWORD: postgres
|
|
services:
|
|
postgres:
|
|
image: postgis/postgis:${{ matrix.img_ver }}
|
|
ports:
|
|
- 5432/tcp
|
|
options: >-
|
|
-e POSTGRES_DB=test
|
|
-e POSTGRES_USER=postgres
|
|
-e POSTGRES_PASSWORD=postgres
|
|
-e PGDATABASE=test
|
|
-e PGUSER=postgres
|
|
-e PGPASSWORD=postgres
|
|
--health-cmd pg_isready
|
|
--health-interval 10s
|
|
--health-timeout 5s
|
|
--health-retries 5
|
|
--entrypoint sh
|
|
postgis/postgis:${{ matrix.img_ver }}
|
|
-c "exec docker-entrypoint.sh ${{ matrix.args }}"
|
|
steps:
|
|
- name: Checkout sources
|
|
uses: actions/checkout@v4
|
|
- uses: Swatinem/rust-cache@v2
|
|
if: github.event_name != 'release' && github.event_name != 'workflow_dispatch'
|
|
- name: Run NGINX
|
|
uses: nyurik/action-setup-nginx@v1.1
|
|
id: nginx
|
|
with: { port: '5412', output-unix-paths: 'yes' }
|
|
- name: Copy static files
|
|
run: cp -r tests/fixtures/pmtiles2/* ${{ steps.nginx.outputs.html-dir }}
|
|
- name: Init database
|
|
run: tests/fixtures/initdb.sh
|
|
env:
|
|
PGPORT: ${{ job.services.postgres.ports[5432] }}
|
|
- name: Get DB SSL cert (sslmode=verify-*)
|
|
if: matrix.sslmode == 'verify-ca' || matrix.sslmode == 'verify-full'
|
|
run: |
|
|
set -x
|
|
mkdir -p target/certs
|
|
docker cp ${{ job.services.postgres.id }}:/etc/ssl/certs/ssl-cert-snakeoil.pem target/certs/server.crt
|
|
docker cp ${{ job.services.postgres.id }}:/etc/ssl/private/ssl-cert-snakeoil.key target/certs/server.key
|
|
- name: Download build artifact build-x86_64-unknown-linux-gnu
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-x86_64-unknown-linux-gnu
|
|
path: target_releases/
|
|
- name: Integration Tests
|
|
run: |
|
|
if [[ "${{ matrix.sslmode }}" == "verify-ca" || "${{ matrix.sslmode }}" == "verify-full" ]]; then
|
|
export PGSSLROOTCERT=target/certs/server.crt
|
|
fi
|
|
export MARTIN_BUILD_ALL=-
|
|
export MARTIN_BIN=target_releases/martin
|
|
export MARTIN_CP_BIN=target_releases/martin-cp
|
|
export MBTILES_BIN=target_releases/mbtiles
|
|
chmod +x "$MARTIN_BIN" "$MARTIN_CP_BIN" "$MBTILES_BIN"
|
|
tests/test.sh
|
|
rm -rf target_releases
|
|
env:
|
|
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=${{ matrix.sslmode }}
|
|
- name: Download Debian package
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-debian-x86_64
|
|
path: target_releases/
|
|
- name: Tests Debian package
|
|
run: |
|
|
sudo dpkg -i target_releases/debian-x86_64.deb
|
|
if [[ "${{ matrix.sslmode }}" == "verify-ca" || "${{ matrix.sslmode }}" == "verify-full" ]]; then
|
|
export PGSSLROOTCERT=target/certs/server.crt
|
|
fi
|
|
export MARTIN_BUILD_ALL=-
|
|
export MARTIN_BIN=/usr/bin/martin
|
|
export MARTIN_CP_BIN=/usr/bin/martin-cp
|
|
export MBTILES_BIN=/usr/bin/mbtiles
|
|
tests/test.sh
|
|
sudo dpkg -P martin
|
|
rm -rf target_releases
|
|
env:
|
|
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=${{ matrix.sslmode }}
|
|
- name: Unit Tests
|
|
if: matrix.sslmode != 'verify-ca' && matrix.sslmode != 'verify-full'
|
|
run: |
|
|
echo "Running unit tests, connecting to DATABASE_URL=$DATABASE_URL"
|
|
echo "Same but as base64 to prevent GitHub obfuscation (this is not a secret):"
|
|
echo "$DATABASE_URL" | base64
|
|
set -x
|
|
cargo test --package martin
|
|
cargo clean
|
|
env:
|
|
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=${{ matrix.sslmode }}
|
|
- name: Save test output (on error)
|
|
if: failure()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: test-output
|
|
path: |
|
|
tests/output/*
|
|
target/test_logs/*
|
|
retention-days: 5
|
|
|
|
package:
|
|
name: Package
|
|
runs-on: ubuntu-latest
|
|
needs: [ lint-debug-test, docker-build-test, test-multi-os, test-with-svc ]
|
|
steps:
|
|
- name: Checkout sources
|
|
uses: actions/checkout@v4
|
|
- name: Download build artifact build-aarch64-apple-darwin
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-aarch64-apple-darwin
|
|
path: target/aarch64-apple-darwin
|
|
- name: Download build artifact build-x86_64-apple-darwin
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-x86_64-apple-darwin
|
|
path: target/x86_64-apple-darwin
|
|
- name: Download build artifact build-x86_64-unknown-linux-gnu
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-x86_64-unknown-linux-gnu
|
|
path: target/x86_64-unknown-linux-gnu
|
|
|
|
- name: Download cross-build artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: cross-build
|
|
path: target/cross
|
|
|
|
- name: Download build artifact build-x86_64-pc-windows-msvc
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-x86_64-pc-windows-msvc
|
|
path: target/x86_64-pc-windows-msvc
|
|
- name: Download build artifact build-debian-x86_64
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: build-debian-x86_64
|
|
path: target/debian-x86_64
|
|
|
|
- name: Package
|
|
run: |
|
|
set -x
|
|
|
|
cd target
|
|
mkdir files
|
|
mv cross/* .
|
|
|
|
cd aarch64-apple-darwin
|
|
chmod +x martin martin-cp mbtiles
|
|
tar czvf ../files/martin-aarch64-apple-darwin.tar.gz martin martin-cp mbtiles
|
|
cd ..
|
|
|
|
cd x86_64-apple-darwin
|
|
chmod +x martin martin-cp mbtiles
|
|
tar czvf ../files/martin-x86_64-apple-darwin.tar.gz martin martin-cp mbtiles
|
|
cd ..
|
|
|
|
cd x86_64-unknown-linux-gnu
|
|
chmod +x martin martin-cp mbtiles
|
|
tar czvf ../files/martin-x86_64-unknown-linux-gnu.tar.gz martin martin-cp mbtiles
|
|
cd ..
|
|
|
|
cd aarch64-unknown-linux-musl
|
|
chmod +x martin martin-cp mbtiles
|
|
tar czvf ../files/martin-aarch64-unknown-linux-musl.tar.gz martin martin-cp mbtiles
|
|
cd ..
|
|
|
|
cd x86_64-unknown-linux-musl
|
|
chmod +x martin martin-cp mbtiles
|
|
tar czvf ../files/martin-x86_64-unknown-linux-musl.tar.gz martin martin-cp mbtiles
|
|
cd ..
|
|
|
|
#
|
|
# Special case for Windows
|
|
#
|
|
cd x86_64-pc-windows-msvc
|
|
7z a ../files/martin-x86_64-pc-windows-msvc.zip martin.exe martin-cp.exe mbtiles.exe
|
|
cd ..
|
|
|
|
#
|
|
# Special case for Debian .deb package
|
|
#
|
|
cd debian-x86_64
|
|
mv debian-x86_64.deb ../files/martin-Debian-x86_64.deb
|
|
cd ..
|
|
|
|
- name: Create Homebrew config
|
|
run: |
|
|
set -x
|
|
|
|
# Extract Github release version only without the "v" prefix
|
|
MARTIN_VERSION=$(echo "${{ github.ref }}" | sed -e 's/refs\/tags\/v//')
|
|
|
|
mkdir -p target/homebrew
|
|
cd target
|
|
|
|
cat << EOF > homebrew_config.yaml
|
|
version: "$MARTIN_VERSION"
|
|
macos_arm_sha256: "$(shasum -a 256 files/martin-aarch64-apple-darwin.tar.gz | cut -d' ' -f1)"
|
|
macos_intel_sha256: "$(shasum -a 256 files/martin-x86_64-apple-darwin.tar.gz | cut -d' ' -f1)"
|
|
linux_arm_sha256: "$(shasum -a 256 files/martin-aarch64-unknown-linux-musl.tar.gz | cut -d' ' -f1)"
|
|
linux_intel_sha256: "$(shasum -a 256 files/martin-x86_64-unknown-linux-musl.tar.gz | cut -d' ' -f1)"
|
|
EOF
|
|
|
|
- name: Save Homebrew Config
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: homebrew-config
|
|
path: target/homebrew_config.yaml
|
|
|
|
- name: Publish
|
|
if: startsWith(github.ref, 'refs/tags/')
|
|
uses: softprops/action-gh-release@v2
|
|
with:
|
|
draft: true
|
|
files: 'target/files/*'
|
|
body_path: CHANGELOG.md
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Checkout maplibre/homebrew-martin
|
|
if: startsWith(github.ref, 'refs/tags/')
|
|
uses: actions/checkout@v4
|
|
with:
|
|
repository: maplibre/homebrew-martin
|
|
token: ${{ secrets.GH_HOMEBREW_MARTIN_TOKEN }}
|
|
path: target/homebrew
|
|
|
|
- name: Create Homebrew formula
|
|
uses: cuchi/jinja2-action@master
|
|
with:
|
|
template: .github/files/homebrew.martin.rb.j2
|
|
output_file: target/homebrew/martin.rb
|
|
data_file: target/homebrew_config.yaml
|
|
|
|
- name: Create a PR for maplibre/homebrew-martin
|
|
if: startsWith(github.ref, 'refs/tags/')
|
|
uses: peter-evans/create-pull-request@v7
|
|
with:
|
|
# Create a personal access token
|
|
# Gen: https://github.com/settings/personal-access-tokens/new
|
|
# Set: https://github.com/maplibre/martin/settings/secrets/actions/GH_HOMEBREW_MARTIN_TOKEN
|
|
# Docs: https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-fine-grained-personal-access-token
|
|
# Name: anything descriptive
|
|
# One year long (sadly that's max)
|
|
# Repository owner and repo: maplibre/homebrew-martin
|
|
# Access Contents: Read and write
|
|
# Access Metadata: Read-only
|
|
# Access Pull requests: Read and write
|
|
token: ${{ secrets.GH_HOMEBREW_MARTIN_TOKEN }}
|
|
commit-message: 'Update to ${{ github.ref }}'
|
|
title: 'Update to ${{ github.ref }}'
|
|
body: 'Update to ${{ github.ref }}'
|
|
branch: 'update-to-${{ github.ref }}'
|
|
branch-suffix: timestamp
|
|
base: 'main'
|
|
labels: 'auto-update'
|
|
assignees: 'nyurik'
|
|
draft: false
|
|
delete-branch: true
|
|
path: target/homebrew
|
|
|
|
# This final step is needed to mark the whole workflow as successful
|
|
# Don't change its name - it is used by the merge protection rules
|
|
done:
|
|
name: CI Finished
|
|
runs-on: ubuntu-latest
|
|
needs: [ package ]
|
|
steps:
|
|
- name: Finished
|
|
run: echo "CI finished successfully"
|