update core deps in preparation for 2.0 release (#291) #109

Workflow file for this run

.github/workflows/release.yml at 8c58fc3

	name: Make a new release
	on:
	push:
	tags:
	- v..*

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	env:
	SQLX_OFFLINE: "1"
	# sccache
	SCCACHE_GHA_ENABLED: "true"
	RUSTC_WRAPPER: "sccache"

	jobs:
	build-docker-release:
	# Ignore tags with -, like v1.0.0-alpha
	if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '-')
	name: Build Release Docker image
	uses: ./.github/workflows/build-docker.yml
	with:
	tags: \|
	type=semver,pattern={{version}}
	type=semver,pattern={{major}}.{{minor}}
	type=sha
	# Explicitly disable latest tag. It will be added otherwise.
	flavor: \|
	latest=false

	build-docker-prerelease:
	# Only build tags with -, like v1.0.0-alpha
	if: startsWith(github.ref, 'refs/tags/') && contains(github.ref, '-')
	name: Build Pre-release Docker image
	uses: ./.github/workflows/build-docker.yml
	with:
	tags: \|
	type=raw,value=pre-release
	type=semver,pattern={{version}}
	type=sha
	# Explicitly disable latest tag. It will be added otherwise.
	flavor: \|
	latest=false

	create-release:
	name: create-release
	runs-on: self-hosted
	outputs:
	upload_url: ${{ steps.release.outputs.upload_url }}
	steps:
	- name: Create GitHub release
	id: release
	uses: shogo82148/actions-create-release@v1
	with:
	draft: true
	generate_release_notes: true

	create-sbom:
	needs:
	- create-release
	- build-docker-release
	uses: ./.github/workflows/sbom.yml
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}

	build-binaries:
	needs:
	- create-release
	runs-on:
	- self-hosted
	- Linux
	- X64
	steps:
	# Store the version, stripping any v-prefix
	- name: Write release version
	run: \|
	VERSION=${GITHUB_REF_NAME#v}
	echo Version: $VERSION
	echo "VERSION=$VERSION" >> $GITHUB_ENV

	- name: Checkout
	uses: actions/checkout@v6
	with:
	submodules: recursive

	- name: Install NodeJS
	uses: actions/setup-node@v6
	with:
	node-version: 25

	- name: Install pnpm
	uses: pnpm/action-setup@v6
	with:
	cache: true
	version: 10

	- name: Build frontend
	working-directory: web
	run: \|
	pnpm install --ignore-scripts --frozen-lockfile
	pnpm build

	- name: Install Rust stable
	uses: dtolnay/rust-toolchain@stable
	with:
	targets: "aarch64-unknown-linux-gnu"

	- name: Run sccache-cache
	uses: mozilla-actions/sccache-action@v0.0.9

	- name: Build Linux x86_64 binary
	run: \|
	cargo build --locked --release --target x86_64-unknown-linux-gnu
	mv target/x86_64-unknown-linux-gnu/release/defguard-proxy defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu
	tar -zcf defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu.tar.gz \
	defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu

	- name: Build Linux aarch64 binary
	env:
	CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER: aarch64-linux-gnu-gcc
	PKG_CONFIG_SYSROOT_DIR: /usr/lib/aarch64-linux-gnu
	run: \|
	cargo build --locked --release --target aarch64-unknown-linux-gnu
	mv target/aarch64-unknown-linux-gnu/release/defguard-proxy defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu
	tar -zcf defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu.tar.gz \
	defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu

	- name: Build FreeBSD binary
	run: \|
	rsync -rlptxzH -e 'ssh -l root' --del ./ freebsd:work/edge/
	ssh root@freebsd 'cd work/edge && cargo build --locked --release'
	scp root@freebsd:work/edge/target/release/defguard-proxy defguard-proxy-${{ env.VERSION }}-x86_64-unknown-freebsd
	tar -zcf defguard-proxy-${{ env.VERSION }}-x86_64-unknown-freebsd.tar.gz \
	defguard-proxy-${{ env.VERSION }}-x86_64-unknown-freebsd

	- name: Build x86_64 DEB package
	uses: defGuard/fpm-action@main
	with:
	fpm_args:
	"defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu=/usr/bin/defguard-proxy
	linux/defguard-proxy.service=/usr/lib/systemd/system/defguard-proxy.service
	example-config.toml=/etc/defguard/proxy.toml"
	fpm_opts:
	"--architecture amd64
	--output-type deb
	--version ${{ env.VERSION }}
	--package defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu.deb
	--before-install linux/preinst
	--after-install linux/postinst
	--before-remove linux/prerm
	--after-remove linux/postrm"

	- name: Build aarch64 DEB package
	uses: defGuard/fpm-action@main
	with:
	fpm_args:
	"defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu=/usr/bin/defguard-proxy
	linux/defguard-proxy.service=/usr/lib/systemd/system/defguard-proxy.service
	example-config.toml=/etc/defguard/proxy.toml"
	fpm_opts:
	"--architecture arm64
	--output-type deb
	--version ${{ env.VERSION }}
	--package defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu.deb
	--before-install linux/preinst
	--after-install linux/postinst
	--before-remove linux/prerm
	--after-remove linux/postrm"

	- name: Build x86_64 RPM package
	uses: defGuard/fpm-action@main
	with:
	fpm_args:
	"defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu=/usr/bin/defguard-proxy
	linux/defguard-proxy.service=/usr/lib/systemd/system/defguard-proxy.service
	example-config.toml=/etc/defguard/proxy.toml"
	fpm_opts:
	"--architecture amd64
	--output-type rpm
	--version ${{ env.VERSION }}
	--package defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu.rpm
	--before-install linux/preinst
	--after-install linux/postinst
	--before-remove linux/prerm
	--after-remove linux/postrm"

	- name: Build aarch64 RPM package
	uses: defGuard/fpm-action@main
	with:
	fpm_args:
	"defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu=/usr/bin/defguard-proxy
	linux/defguard-proxy.service=/usr/lib/systemd/system/defguard-proxy.service
	example-config.toml=/etc/defguard/proxy.toml"
	fpm_opts:
	"--architecture arm64
	--output-type rpm
	--version ${{ env.VERSION }}
	--package defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu.rpm
	--before-install linux/preinst
	--after-install linux/postinst
	--before-remove linux/prerm
	--after-remove linux/postrm"

	- name: Build FreeBSD package
	uses: defGuard/fpm-action@main
	with:
	fpm_args:
	"defguard-proxy-${{ env.VERSION }}-x86_64-unknown-freebsd=/usr/local/bin/defguard-proxy
	freebsd/defguard-proxy=/usr/local/etc/rc.d/defguard-proxy
	example-config.toml=/etc/defguard/proxy.toml"
	fpm_opts:
	"--architecture amd64
	--output-type freebsd
	--version ${{ env.VERSION }}
	--package defguard-proxy-${{ env.VERSION }}_x86_64-unknown-freebsd.pkg
	--freebsd-osversion '*'
	--depends openssl"

	- name: Upload Linux x86_64 archive
	uses: shogo82148/actions-upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}
	asset_path: defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu.tar.gz
	asset_content_type: application/gzip
	overwrite: true

	- name: Upload Linux aarch64 archive
	uses: shogo82148/actions-upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}
	asset_path: defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu.tar.gz
	asset_content_type: application/gzip
	overwrite: true

	- name: Upload FreeBSD x86_64 archive
	uses: shogo82148/actions-upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}
	asset_path: defguard-proxy-${{ env.VERSION }}-x86_64-unknown-freebsd.tar.gz
	asset_content_type: application/gzip
	overwrite: true

	- name: Upload Linux x86_64 DEB
	uses: shogo82148/actions-upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}
	asset_path: defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu.deb
	asset_content_type: application/gzip
	overwrite: true

	- name: Upload Linux aarch64 DEB
	uses: shogo82148/actions-upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}
	asset_path: defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu.deb
	asset_content_type: application/gzip
	overwrite: true

	- name: Upload Linux x86_64 RPM
	uses: shogo82148/actions-upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}
	asset_path: defguard-proxy-${{ env.VERSION }}-x86_64-unknown-linux-gnu.rpm
	asset_content_type: application/gzip
	overwrite: true

	- name: Upload Linux aarch64 RPM
	uses: shogo82148/actions-upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}
	asset_path: defguard-proxy-${{ env.VERSION }}-aarch64-unknown-linux-gnu.rpm
	asset_content_type: application/gzip
	overwrite: true

	- name: Upload FreeBSD package
	uses: shogo82148/actions-upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ needs.create-release.outputs.upload_url }}
	asset_path: defguard-proxy-${{ env.VERSION }}_x86_64-unknown-freebsd.pkg
	asset_content_type: application/x-pkg
	overwrite: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

update core deps in preparation for 2.0 release (#291) #109

Workflow file

update core deps in preparation for 2.0 release (#291) #109

Uh oh!

Workflow file for this run