-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
avoid security issue with github actions
- Loading branch information
Showing
1 changed file
with
13 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -30,7 +30,7 @@ jobs: | |
# Apparently, this is the right way to get a tag name. Really? | ||
# | ||
# See: https://github.community/t5/GitHub-Actions/How-to-get-just-the-tag-name/m-p/32167/highlight/true#M1027 | ||
echo "::set-env name=MINOS_VERSION::${GITHUB_REF#refs/tags/v}" | ||
echo "MINOS_VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_ENV | ||
echo "version is: ${{ env.MINOS_VERSION }}" | ||
- name: Create GitHub release | ||
id: release | ||
|
@@ -61,7 +61,7 @@ jobs: | |
- build: linux | ||
os: ubuntu-18.04 | ||
rust: nightly | ||
target: x86_64-unknown-linux-musl | ||
target: x86_64-unknown-linux-gnu | ||
- build: macos | ||
os: macos-latest | ||
rust: nightly | ||
|
@@ -85,22 +85,20 @@ jobs: | |
override: true | ||
target: ${{ matrix.target }} | ||
|
||
# To install C libraries like backtrace-sys | ||
# - name: Install and configure Cross | ||
# if: matrix.target != '' | ||
# run: | | ||
# # FIXME: to work around bugs in latest cross release, install master. | ||
# # See: https://github.com/rust-embedded/cross/issues/357 | ||
# cargo install --git https://github.com/rust-embedded/cross | ||
# echo "::set-env name=CARGO::cross" | ||
# echo "::set-env name=TARGET_FLAGS::--target ${{ matrix.target }}" | ||
- name: Use Cross | ||
if: matrix.target != '' | ||
run: | | ||
cargo install cross | ||
echo "CARGO=cross" >> $GITHUB_ENV | ||
echo "TARGET_FLAGS=--target ${{ matrix.target }}" >> $GITHUB_ENV | ||
echo "TARGET_DIR=./target/${{ matrix.target }}" >> $GITHUB_ENV | ||
- name: Install musl-gcc for backtrace-sys and openssl dev not sure why. | ||
if: matrix.build == 'linux' | ||
run: sudo apt-get install musl-tools pkg-config libssl-dev | ||
|
||
- name: Set TARGET flags | ||
run: echo "::set-env name=TARGET_FLAGS::--target ${{ matrix.target }}" | ||
run: echo "TARGET_FLAGS=--target ${{ matrix.target }}" >> $GITHUB_ENV | ||
|
||
- name: Get release download URL | ||
uses: actions/download-artifact@v1 | ||
|
@@ -112,7 +110,7 @@ jobs: | |
shell: bash | ||
run: | | ||
release_upload_url="$(cat artifacts/release-upload-url)" | ||
echo "::set-env name=RELEASE_UPLOAD_URL::$release_upload_url" | ||
echo "RELEASE_UPLOAD_URL=$release_upload_url" >> $GITHUB_ENV | ||
echo "release upload url: $RELEASE_UPLOAD_URL" | ||
- name: Build release binary | ||
run: cargo build --release ${{ env.TARGET_FLAGS }} | ||
|
@@ -129,11 +127,11 @@ jobs: | |
if [ "${{ matrix.build }}" = "windows" ]; then | ||
cp "target/${{ matrix.target }}/release/minos.exe" "$staging/" | ||
7z a "$staging.zip" "$staging" | ||
echo "::set-env name=ASSET::$staging.zip" | ||
echo "ASSET=$staging.zip" >> $GITHUB_ENV | ||
else | ||
cp "target/${{ matrix.target }}/release/minos" "$staging/" | ||
tar czf "$staging.tar.gz" "$staging" | ||
echo "::set-env name=ASSET::$staging.tar.gz" | ||
echo "ASSET=$staging.tar.gz" >> $GITHUB_ENV | ||
fi | ||
- name: Upload release archive | ||
uses: actions/[email protected] | ||
|