Skip to content

Avoid potential panics due to indexing and blind unwraps #60

Avoid potential panics due to indexing and blind unwraps

Avoid potential panics due to indexing and blind unwraps #60

Workflow file for this run

name: Build, Test and Upload Artifact
on:
workflow_dispatch:
push:
branches:
- main
paths-ignore:
- '.github/**'
env:
CARGO_TERM_COLOR: always
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true
jobs:
release:
name: Create release and tag
runs-on: thevickypedia-lite
permissions:
contents: write
outputs:
release-id: ${{ steps.create-release.outputs.release_id }}
release-tag: ${{ steps.create-release.outputs.release_tag }}
release-flag: ${{ steps.set-release-flag.outputs.release_flag }}
pkg-name: ${{ steps.get-package-info.outputs.pkg_name }}
bin-name: ${{ steps.get-package-info.outputs.bin_name }}
steps:
- uses: actions/checkout@v4
- name: Get Package Name
id: get-package-info
run: |
pkg_name=$(cargo metadata --no-deps --format-version 1 | jq -r '.packages[0].name')
echo "Package Name: $pkg_name"
echo "pkg_name=$pkg_name" >> $GITHUB_ENV
echo "pkg_name=$pkg_name" >> "$GITHUB_OUTPUT"
bin_name=$(cargo metadata --no-deps --format-version 1 | jq -r '.packages[0].targets[] | select(.kind[] == "bin" or .crate_types[] == "bin") | .name')
echo "Bin Name: $bin_name"
echo "bin_name=$bin_name" >> $GITHUB_ENV
echo "bin_name=$bin_name" >> "$GITHUB_OUTPUT"
shell: bash
- name: Set Release Flag # Release flag is set only for a push on main branch
id: set-release-flag
run: |
current_version=$(cargo metadata --no-deps --format-version 1 | jq -r '.packages[0].version')
# latest_version=$(curl -s https://crates.io/api/v1/crates/${{ env.pkg_name }} | jq -r '.versions[0].num')
versions=$(curl -s https://crates.io/api/v1/crates/${{ env.pkg_name }} | jq -r '.versions | map(.num)')
latest_version=$(echo $versions | jq -r '.[0]')
echo "Current Package Version: ${current_version}"
echo "Latest Package Version: $latest_version"
version_exists=false
for version in $(echo "$versions" | jq -r '.[]'); do
trimmed=$(echo "$version" | awk '{$1=$1};1')
if [ "$trimmed" == "$current_version" ]; then
version_exists=true
break
fi
done
if [ "$version_exists" = true ]; then
echo "Version $current_version exists in crates.io, setting release flag to 'false'"
echo "release=false" >> $GITHUB_ENV
echo "release_flag=false" >> "$GITHUB_OUTPUT"
else
echo "Version $current_version does not exist in crates.io, setting release flag to 'true'"
echo "release=true" >> $GITHUB_ENV
echo "release_flag=true" >> "$GITHUB_OUTPUT"
fi
echo "pkg_version=$current_version" >> $GITHUB_ENV
shell: bash
- name: Create New Release
if: env.release == 'true'
id: create-release
run: |
release_tag="v${{ env.pkg_version }}"
echo "release_tag=v${{ env.pkg_version }}" >> "$GITHUB_OUTPUT"
cargo_prerelease=("alpha" "beta" "rc")
prerelease=false
for cargo_pre in "${cargo_prerelease[@]}"; do
if [[ $pkg_version == *"$cargo_pre"* ]]; then
prerelease=true
break
fi
done
echo "Release Tag: $release_tag"
latest_tag=$(curl -s -L https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r .tag_name)
commit_msg="**Full Changelog**: ${{ github.server_url }}/${{ github.repository }}/compare/$latest_tag...$release_tag"
release_data="{\"tag_name\":\"$release_tag\",\"name\":\"$release_tag\",\"body\":\"$commit_msg\",\"draft\":false,\"prerelease\":$prerelease}"
response=$(curl -X POST -H "Authorization: token ${{ secrets.GIT_TOKEN }}" \
-d "$release_data" \
"https://api.github.com/repos/${{ github.repository }}/releases")
echo "Response: $response"
release_id=$(echo $response | jq -r .id)
if [ "$release_id" = "null" ] || [ -z "$release_id" ]; then
echo "Error: release_id is null. Exiting with code 1."
exit 1
fi
echo "Release ID: $release_id"
echo "release_id=$release_id" >> "$GITHUB_OUTPUT"
shell: bash
build-and-test:
name: Build and test (no release)
needs: release
if: needs.release.outputs.release-flag == 'false'
# Unix like systems don't require additional OpenSSL configuration like Windows
# Making them much more suitable for non-release build and tests
runs-on:
- thevickypedia-lite
- posix
steps:
- name: Build (no release)
run: cargo build
shell: bash
- name: Run tests (no release)
run: cargo test --no-run
shell: bash
build-and-upload-artifact:
needs: release
outputs:
release-flag: ${{ steps.release-id-check.outputs.release_flag }}
strategy:
matrix:
platform:
- release_for: Linux-x86_64
os: linux-x64
bin: ${{ needs.release.outputs.bin-name }}
name: ${{ needs.release.outputs.pkg-name }}-Linux-x86_64.tar.gz
- release_for: Windows-x86_64
os: windows-x64
bin: ${{ needs.release.outputs.bin-name }}.exe
name: ${{ needs.release.outputs.pkg-name }}-Windows-x86_64.zip
- release_for: macOS-x86_64
os: darwin-x64
bin: ${{ needs.release.outputs.bin-name }}
name: ${{ needs.release.outputs.pkg-name }}-Darwin-x86_64.tar.gz
- release_for: macOS-arm64
os: darwin-arm64
bin: ${{ needs.release.outputs.bin-name }}
name: ${{ needs.release.outputs.pkg-name }}-Darwin-arm64.tar.gz
name: Build, test and upload artifact for ${{ matrix.platform.release_for }}
if: needs.release.outputs.release-flag == 'true'
runs-on: ${{ matrix.platform.os }}
permissions:
contents: write
steps:
- name: Release ID Propagation
id: release-id-check
run: |
if [ -n "${{ needs.release.outputs.release-id }}" ]; then
echo "Release ID propagated: ${{ needs.release.outputs.release-id }}"
else
echo "Release ID propagation failed. Exiting.."
exit 1
fi
echo "release_flag=true" >> "$GITHUB_OUTPUT"
echo "start_time=$(date +%s)" >> "$GITHUB_ENV"
shell: bash
- name: Checkout Repo
uses: actions/checkout@v4
- name: Update Rust
# print it with style
run: |
printf '*%.0s' {1..60} && printf "\n"
echo "Existing rust version: $(rustc --version)"
printf '*%.0s' {1..60} && printf "\n\n"
rustup default 1.81.0 && printf "\n"
printf '*%.0s' {1..60} && printf "\n"
echo "Updated rust version: $(rustc --version)"
printf '*%.0s' {1..60} && printf "\n"
shell: bash
- name: Check OpenSSL (Windows)
if: startsWith(matrix.platform.os, 'windows')
run: |
$VCPKG_DIR = "$env:USERPROFILE\Tools\vcpkg"
$VCPKG_ROOT = "$VCPKG_DIR\installed\x64-windows-static"
if (Test-Path $VCPKG_ROOT) {
Write-Host "Installed vcpkg found at '$VCPKG_DIR'"
Add-Content -Path $env:GITHUB_ENV -Value ("vcpkg_dir=" + $VCPKG_DIR)
} else {
Write-Host "Installing vcpkg"
Add-Content -Path $env:GITHUB_ENV -Value "install_vcpkg=true"
}
shell: pwsh
- name: Install OpenSSL (Windows)
# https://github.com/sfackler/rust-openssl/issues/1086
if: startsWith(matrix.platform.os, 'windows') && env.install_vcpkg == 'true'
run: |
if (-Not (Test-Path -Path $env:USERPROFILE\Tools)) {
mkdir $env:USERPROFILE\Tools
}
cd $env:USERPROFILE\Tools
if (-Not (Test-Path -Path .\vcpkg)) {
git clone https://github.com/Microsoft/vcpkg.git
}
cd vcpkg
Add-Content -Path $env:GITHUB_ENV -Value ("vcpkg_dir=" + $pwd)
if (-Not (Test-Path -Path .\vcpkg.exe)) {
.\bootstrap-vcpkg.bat
}
.\vcpkg.exe install openssl:x64-windows-static
shell: pwsh
- name: Build
run: |
if [[ "${{ matrix.platform.os }}" =~ ^windows ]]; then
echo "Setting vcpkg env vars for OpenSSL in Windows"
export OPENSSL_STATIC="Yes"
export VCPKG_ROOT="${{ env.vcpkg_dir }}\installed\x64-windows-static"
export OPENSSL_DIR="${{ env.vcpkg_dir }}\installed\x64-windows-static"
fi
cargo build --release
shell: bash
- name: Run tests
run: |
if [[ "${{ matrix.platform.os }}" =~ ^windows ]]; then
echo "Setting vcpkg env vars for OpenSSL in Windows"
export OPENSSL_STATIC="Yes"
export VCPKG_ROOT="${{ env.vcpkg_dir }}\installed\x64-windows-static"
export OPENSSL_DIR="${{ env.vcpkg_dir }}\installed\x64-windows-static"
fi
cargo test --no-run
shell: bash
- name: Compress and Copy Artifact (Windows)
if: startsWith(matrix.platform.os, 'windows')
run: |
mkdir -p ${{ needs.release.outputs.pkg-name }}
cp target/release/${{ matrix.platform.bin }} ${{ needs.release.outputs.pkg-name }}/${{ matrix.platform.bin }}
Compress-Archive -DestinationPath ${{ matrix.platform.name }} -Path ${{ needs.release.outputs.pkg-name }}/
shell: pwsh
- name: Compress and Copy Artifact (macOS/Ubuntu)
if: "!startsWith(matrix.platform.os, 'windows')"
run: |
mkdir -p ${{ needs.release.outputs.pkg-name }}
cp target/release/${{ matrix.platform.bin }} ${{ needs.release.outputs.pkg-name }}/${{ matrix.platform.bin }}
tar -zcvf ${{ matrix.platform.name }} ${{ needs.release.outputs.pkg-name }}/
shell: bash
- name: Upload Asset to Release
run: |
curl -X POST -H "Authorization: token ${{ secrets.GIT_TOKEN }}" \
-H "Content-Type: application/octet-stream" \
--data-binary @"${{ matrix.platform.name }}" \
"https://uploads.github.com/repos/${{ github.repository }}/releases/${{ needs.release.outputs.release-id }}/assets?name=${{ matrix.platform.name }}"
shell: bash
- name: Runtime Analyzer
run: |
start=${{ env.start_time }}
end=$(date +%s)
time_taken=$((end-start))
url="${{ github.server_url }}/${{ github.repository }}/releases/download/${{ needs.release.outputs.release-tag }}/${{ matrix.platform.name }}"
hyperlink="[${{ matrix.platform.release_for }}]($url)"
echo "🚀 Built for $hyperlink in $time_taken seconds" >> $GITHUB_STEP_SUMMARY
shell: bash
publish-crate:
name: Publish crate
needs:
- build-and-upload-artifact
if: needs.build-and-upload-artifact.outputs.release-flag == 'true'
runs-on: thevickypedia-lite
steps:
- uses: actions/checkout@v4
- name: Update Rust
run: |
printf '*%.0s' {1..60} && printf "\n"
echo "Existing rust version: $(rustc --version)"
printf '*%.0s' {1..60} && printf "\n\n"
rustup default 1.81.0 && printf "\n"
printf '*%.0s' {1..60} && printf "\n"
echo "Updated rust version: $(rustc --version)"
printf '*%.0s' {1..60} && printf "\n"
shell: bash
- name: Release Crate
run: |
cargo login ${{ secrets.CRATES_TOKEN }}
cargo publish --allow-dirty # Set allow-dirty since building will create a /target folder that will be uncommitted in git
shell: bash