-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdist-workspace.toml
More file actions
44 lines (42 loc) · 2.35 KB
/
Copy pathdist-workspace.toml
File metadata and controls
44 lines (42 loc) · 2.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
[workspace]
members = ["cargo:."]
# Config for 'dist'
[dist]
# The preferred dist version to use in CI (Cargo.toml SemVer syntax)
cargo-dist-version = "0.32.0"
# CI backends to support
ci = "github"
# The installers to generate for each app
installers = ["shell", "powershell", "homebrew"]
# Target platforms to build apps for (Rust target-triple syntax)
targets = ["aarch64-apple-darwin", "aarch64-unknown-linux-gnu", "aarch64-unknown-linux-musl", "x86_64-apple-darwin", "x86_64-unknown-linux-gnu", "x86_64-unknown-linux-musl", "x86_64-pc-windows-msvc"]
# Path that installers should place binaries in
install-path = "CARGO_HOME"
# Where to host releases
hosting = "github"
# Whether to install an updater program
install-updater = false
# Homebrew tap repository to publish the formula to. The "homebrew"
# entry is deliberately omitted from publish-jobs until CI has a PAT
# with contents:write on the tap repo — without that secret, the
# formula push step would fail CI on every release. The formula
# itself is still generated and attached to each GitHub Release.
# Until that's wired, run
# `just release-update-homebrew-tap VERSION TAP_PATH` to push the
# formula to quicknode/homebrew-tap manually.
tap = "quicknode/homebrew-tap"
# Override the Homebrew formula name so `brew install quicknode/tap/qn` works
# (default would derive it from the package name `quicknode-cli`).
formula = "qn"
publish-jobs = ["./publish-crates", "./publish-docker", "./publish-deb", "./publish-copr"]
# Emit SLSA build attestations for every binary archive. Critical for a credential-handling tool.
github-attestations = true
# The repo is `internal`, so the reusable workflow's auto-minted
# GITHUB_TOKEN needs explicit contents:read to checkout the source.
# Without this the actions/checkout step in each publish workflow
# fails with `Repository not found` (a 404 masquerading as a missing
# auth claim on a private repo). Granting the permission here widens
# the calling job's permission grant so the called workflow can also
# declare contents:read without exceeding the caller. publish-deb
# needs contents: write so it can `gh release upload` the .deb files.
github-custom-job-permissions = { "publish-crates" = { contents = "read" }, "publish-docker" = { contents = "read", packages = "write", "id-token" = "write" }, "publish-deb" = { contents = "write" }, "publish-copr" = { contents = "read" } }