-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathneomake.yaml
More file actions
237 lines (235 loc) · 7.79 KB
/
neomake.yaml
File metadata and controls
237 lines (235 loc) · 7.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
version: "0.0"
env:
vars:
# SHELLOPTS: "errexit:nounset:pipefail:xtrace"
SHELLOPTS: "errexit:nounset:pipefail"
PROGRAM: "secenv"
nodes:
"build:docs":
description: "Builds the documentation."
tasks:
- script: |
cargo doc --no-deps --document-private-items
"build:program":
description: "Builds program."
env:
vars:
# unset features are allowed here
SHELLOPTS: "errexit:pipefail"
matrix:
parallel: false
dimensions:
- - {}
- env:
vars:
RELEASE: --release
tasks:
- script: |
set -e
export CARGO_FLAGS=""
echo cargo flags: \"$CARGO_FLAGS\"
cargo build $CARGO_FLAGS
"dependencies:upgrade":
description: "Upgrades all dependencies."
tasks:
- script: |
cargo upgrade -i --pinned
"test:program":
description: "Tests the program."
tasks:
- script: |
cargo test --no-fail-fast
"hook:pre-push":
description: "GIT pre-push hook."
pre:
- regex: "^build:"
- name: "test:program"
tasks: []
"release:init":
description: "Initializes release folder."
pre:
- regex: "^build:"
- name: "test:program"
tasks:
- script: |
rm -rf ./.release || true
mkdir ./.release
mkdir ./.release/temp
mkdir ./.release/assets
"release:asset:generate:compile":
description: "Compiles the application."
pre:
- name: "release:init"
matrix:
parallel: true
dimensions:
- - env:
vars:
TARGET: aarch64-apple-darwin
# - env:
# vars:
# TARGET: aarch64-unknown-linux-gnu
# - env:
# vars:
# TARGET: x86_64-unknown-linux-gnu
# - env:
# vars:
# TARGET: x86_64-unknown-linux-musl
tasks:
- script: |
if [[ "${TARGET}" == *"apple-darwin"* ]]; then
rustup target add ${TARGET} || true
cargo +stable build --release --target ${TARGET}
else
export DOCKER_DEFAULT_PLATFORM=linux/amd64
cross +stable build --release --target ${TARGET}
fi
cp ./target/${TARGET}/release/${PROGRAM} ./.release/assets/${PROGRAM}-${TARGET}
"release:asset:generate:manpages":
description: "Generates manpages."
pre:
- name: "release:init"
tasks:
- script: |
cargo run -- man -o ./.release/temp/manpages -f manpages
cd ./.release/temp/manpages
tar -czf ../../assets/docs-manpages.tar.gz .
"release:asset:generate:markdown":
description: "Generates manpages as markdown."
pre:
- name: "release:init"
tasks:
- script: |
cargo run -- man -o ./.release/temp/markdown -f markdown
cd ./.release/temp/markdown
tar -czf ../../assets/docs-markdown.tar.gz .
"release:asset:generate:shellcompletion":
description: "Generates shell completion files."
pre:
- name: "release:init"
matrix:
parallel: true
dimensions:
- - env:
vars:
LANGUAGE: bash
- env:
vars:
LANGUAGE: zsh
- env:
vars:
LANGUAGE: fish
- env:
vars:
LANGUAGE: elvish
- env:
vars:
LANGUAGE: powershell
tasks:
- script: |
mkdir -p "./.release/temp/shellcompletion"
cargo run -- autocomplete -o ./.release/temp/shellcompletion/${LANGUAGE} -s ${LANGUAGE}
cd ./.release/temp/shellcompletion/${LANGUAGE}
tar -czf ../../../assets/shell-completion-${LANGUAGE}.tar.gz .
"release:asset:hash":
description: "Hashes all assets."
pre:
- regex: "release:asset:generate:"
tasks:
- script: |
mkdir -p ./.release/temp/hashes
cd ./.release/assets
for file in ./*; do
echo "Hashing: ${file}"
sha256sum "${file}" > "./../temp/hashes/$(basename "${file}").sha256"
echo ""
done
"release:asset:sign":
description: "Signs all assets."
pre:
- regex: "^release:asset:generate:"
tasks:
- script: |
mkdir -p ./.release/temp/signatures
for file in ./.release/assets/*; do
echo "Signing: ${file}"
gpg --batch --yes --local-user "{{ signer }}" --armor --detach-sig --output "./.release/temp/signatures/$(basename "${file}").asc" "${file}"
echo ""
done
"release:asset:verify":
description: "Verifies all assets with their respective signatures."
pre:
- name: "release:asset:sign"
tasks:
- script: |
for sig in ./.release/temp/signatures/*.asc; do
file="./.release/assets/$(basename "${sig%.asc}")"
echo "Verifying: ${file} with signature ${sig}"
gpg --batch --yes --verify "${sig}" "${file}"
echo ""
done
"release:github:readme":
description: "Creates a README.md file for the release."
pre:
- regex: "^release:asset:"
tasks:
- script: |
mkdir -p ./.release/temp/github
printf '' > ./.release/temp/github/README.md
echo "## Assets\n" >> ./.release/temp/github/README.md
echo "### Binaries\n" >> ./.release/temp/github/README.md
for file in ./.release/assets/*; do
echo "- \`$(basename "${file}")\`" >> ./.release/temp/github/README.md
done
echo "\n### Signatures\n" >> ./.release/temp/github/README.md
echo "_Signer_: \`{{ signer }}\`\n" >> ./.release/temp/github/README.md
for file in ./.release/temp/signatures/*; do
echo "- \`$(basename "${file}")\`" >> ./.release/temp/github/README.md
done
echo "\n### Hashes\n" >> ./.release/temp/github/README.md
for file in ./.release/temp/hashes/*; do
echo "- \`$(basename "${file}")\`" >> ./.release/temp/github/README.md
done
echo "\n## Hashes\n" >> ./.release/temp/github/README.md
echo "| Asset | SHA256 Hash |" >> ./.release/temp/github/README.md
echo "| --- | --- |" >> ./.release/temp/github/README.md
for file in ./.release/temp/hashes/*; do
asset=$(basename "${file}" .sha256)
hash=$(cut -d' ' -f1 "${file}")
echo "| \`${asset}\` | \`${hash}\` |" >> ./.release/temp/github/README.md
done
"release:github":
description: "Releases to GitHub."
pre:
- regex: "^release:github:"
tasks:
- script: |
echo "=== === ==="
echo "Releasing ${PROGRAM} version: {{ version }}"
echo "--- --- ---"
- script: |
if ! [ -z "$(git status --porcelain)" ]; then
echo "Dirty repo. Please commit all changes before releasing."
exit 1
fi
- script: |
if ! gh auth status >/dev/null 2>&1; then
echo "You need to login: gh auth login"
exit 1
fi
- script: |
git tag release/v{{ version }}
git push
gh release create release/v{{ version }} --latest --target=master --title="Release {{ version }}" --notes-file ./.release/temp/github/README.md ./.release/assets/* ./.release/temp/hashes/* ./.release/temp/signatures/*
"release:cratesio":
description: "Releases to crates.io."
pre:
- regex: "^build:"
tasks:
- script: |
cargo publish -p secenv --dry-run
cp Cargo.toml Cargo.toml.bak
sed 's/version = "0.0.0"/version = "{{ version }}"/g' Cargo.toml > Cargo.toml.tmp
mv Cargo.toml.tmp Cargo.toml
cargo publish -p secenv --allow-dirty
mv Cargo.toml.bak Cargo.toml