-
-
Notifications
You must be signed in to change notification settings - Fork 34
205 lines (185 loc) · 6.95 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
name: CI
on:
push:
branches:
- main
tags:
- "*"
pull_request:
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
test:
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: windows-latest
rust: "1.70" # MSRV
args: --exclude macos-certificate-truster
- os: macos-latest
rust: "1.70"
args: --exclude windows-redirector
- os: ubuntu-latest
rust: stable
args: --exclude windows-redirector --exclude macos-certificate-truster
steps:
- uses: actions/checkout@v4
- name: Set up Rust toolchain
run: rustup toolchain install ${{ matrix.rust }} --profile minimal
- uses: Swatinem/rust-cache@3cf7f8cc28d1b4e7d01e3783be10a97d55d483c8 # v2.7.1
timeout-minutes: 2
continue-on-error: true
# PyO3 wants recent Python on Windows.
- uses: actions/setup-python@v4
with:
python-version-file: .github/python-version.txt
- name: Run "cargo check"
# the action-rs/cargo action adds inline annotations for "cargo check" output
uses: actions-rs/cargo@9e120dd99b0fbad1c065f686657e914e76bd7b72
with:
toolchain: ${{ matrix.rust }}
command: check
args: --workspace --verbose ${{ matrix.args }}
- name: Run "cargo test"
# the action-rs/cargo action adds inline annotations for "cargo test" output
uses: actions-rs/cargo@9e120dd99b0fbad1c065f686657e914e76bd7b72
with:
toolchain: ${{ matrix.rust }}
command: test
args: --workspace --verbose ${{ matrix.args }}
build:
strategy:
matrix:
include:
- os: windows-latest
- os: ubuntu-latest
args: --compatibility manylinux2014 --zig --sdist
- os: ubuntu-latest
target: aarch64-unknown-linux-gnu
args: --compatibility manylinux2014 --zig --target aarch64-unknown-linux-gnu
- os: macos-latest
target: aarch64-apple-darwin
args: --target universal2-apple-darwin
runs-on: ${{ matrix.os }}
name: build mitmproxy-rs (${{ matrix.os }}, ${{ matrix.target || 'x64' }})
steps:
- uses: actions/checkout@v4
- run: rustup toolchain install stable --profile minimal
- run: rustup default stable
- if: matrix.target
run: rustup target add ${{ matrix.target }}
- run: rustup show
- uses: Swatinem/rust-cache@3cf7f8cc28d1b4e7d01e3783be10a97d55d483c8 # v2.7.1
timeout-minutes: 2
continue-on-error: true
- uses: actions/setup-python@v4
with:
python-version-file: .github/python-version.txt
- if: runner.os == 'Linux'
name: Install maturin[zig] from PyPI
uses: install-pinned/maturin-with-zig@1c81abaaee669d7c37cd893e1037216ecf5df7e0
- if: runner.os != 'Linux'
name: Install maturin from PyPI
uses: install-pinned/maturin@63688f9ac50926e464a1968e2383270d2d18c07c
- if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
run: python .github/scripts/pin-versions.py
- run: maturin build --release ${{ matrix.args }}
working-directory: ./mitmproxy-rs
# ensure that sdist is building.
# We do this here instead of a separate job because we don't want to wait for the entire matrix.
- if: contains(matrix.args, 'sdist')
run: pip install target/wheels/*.tar.gz
- uses: actions/upload-artifact@v3
with:
name: wheels
path: target/wheels
build-macos-app:
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v3
id: cache-app
with:
path: mitmproxy-macos/redirector/dist/
key: macos-${{ hashFiles('mitmproxy-macos/redirector/**', '.github/scripts/build-macos-redirector.sh') }}
- if: steps.cache-app.outputs.cache-hit != 'true'
run: $GITHUB_WORKSPACE/.github/scripts/build-macos-redirector.sh
working-directory: mitmproxy-macos/redirector
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_APP_PASSWORD: ${{ secrets.APPLE_APP_PASSWORD }}
APPLE_PROVISIONING_PROFILE_APP: ${{ secrets.APPLE_PROVISIONING_PROFILE_APP }}
APPLE_PROVISIONING_PROFILE_EXT: ${{ secrets.APPLE_PROVISIONING_PROFILE_EXT }}
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
- uses: actions/upload-artifact@v3
with:
name: macos-app
path: mitmproxy-macos/redirector/dist/
build-os-wheels:
needs: build-macos-app
strategy:
matrix:
include:
- os: windows
build-rust: --package windows-redirector
- os: macos
build-rust: --package macos-certificate-truster
runs-on: ${{ matrix.os }}-latest
name: build mitmproxy-${{ matrix.os }}
steps:
- uses: actions/checkout@v4
# Build Rust
- uses: Swatinem/rust-cache@3cf7f8cc28d1b4e7d01e3783be10a97d55d483c8 # v2.7.1
timeout-minutes: 2
continue-on-error: true
- run: rustup toolchain install stable --profile minimal
- run: rustup default stable
- if: runner.os == 'macOS'
run: rustup target add aarch64-apple-darwin
- if: runner.os == 'macOS'
run: |
cargo build --release ${{ matrix.build-rust }} --target x86_64-apple-darwin
cargo build --release ${{ matrix.build-rust }} --target aarch64-apple-darwin
lipo -create -output target/release/macos-certificate-truster target/x86_64-apple-darwin/release/macos-certificate-truster target/aarch64-apple-darwin/release/macos-certificate-truster
- if: runner.os != 'macOS'
run: cargo build --release ${{ matrix.build-rust }}
# Download macOS app
- if: runner.os == 'macOS'
uses: actions/download-artifact@v3
with:
name: macos-app
path: mitmproxy-macos/redirector/dist/
# Build & upload wheel
- uses: actions/setup-python@v4
with:
python-version-file: .github/python-version.txt
- name: Install build from PyPI
uses: install-pinned/build@8abfe6b59c77f639a26f11c0ce295f9940f7865f
- run: python -m build --wheel ./mitmproxy-${{ matrix.os }} --outdir target/wheels/
- uses: actions/upload-artifact@v3
with:
name: wheels
path: target/wheels
check:
if: always()
needs:
- test
- build
- build-os-wheels
uses: mhils/workflows/.github/workflows/alls-green.yml@main
with:
jobs: ${{ toJSON(needs) }}
deploy:
uses: mhils/workflows/.github/workflows/python-deploy.yml@main
needs: check
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
with:
artifact: wheels
# repository: testpypi
# environment: deploy-testpypi
secrets:
password: ${{ secrets.PYPI_TOKEN }}