Release #1
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - 'v*.*.*' | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: 'Tag to release' | |
| required: true | |
| type: string | |
| env: | |
| CARGO_TERM_COLOR: always | |
| RUST_BACKTRACE: 1 | |
| jobs: | |
| create-release: | |
| name: Create Release | |
| runs-on: ubuntu-latest | |
| outputs: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| release_id: ${{ steps.create_release.outputs.id }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get version from tag | |
| id: get_version | |
| run: | | |
| if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then | |
| VERSION="${{ github.event.inputs.tag }}" | |
| else | |
| VERSION=${GITHUB_REF#refs/tags/} | |
| fi | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "version_number=${VERSION#v}" >> $GITHUB_OUTPUT | |
| - name: Generate changelog | |
| id: changelog | |
| run: | | |
| if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then | |
| TAG="${{ github.event.inputs.tag }}" | |
| else | |
| TAG=${GITHUB_REF#refs/tags/} | |
| fi | |
| # Get previous tag | |
| PREV_TAG=$(git describe --tags --abbrev=0 $TAG^ 2>/dev/null || echo "") | |
| if [ -n "$PREV_TAG" ]; then | |
| echo "## Changes since $PREV_TAG" > changelog.md | |
| echo "" >> changelog.md | |
| git log --pretty=format:"- %s (%h)" $PREV_TAG..$TAG >> changelog.md | |
| else | |
| echo "## Initial Release" > changelog.md | |
| echo "" >> changelog.md | |
| echo "First release of ClamReef Agent" >> changelog.md | |
| fi | |
| echo "" >> changelog.md | |
| echo "## Features" >> changelog.md | |
| echo "- 🔒 Comprehensive endpoint protection monitoring" >> changelog.md | |
| echo "- 📊 Rich host metrics with system information" >> changelog.md | |
| echo "- ⏱️ Performance analytics and scan duration tracking" >> changelog.md | |
| echo "- 🗓️ Automated ClamAV scanning with cron schedules" >> changelog.md | |
| echo "- 📡 OpenTelemetry integration for observability" >> changelog.md | |
| echo "- 🌐 Cross-platform support (Linux, macOS, Windows)" >> changelog.md | |
| echo "" >> changelog.md | |
| echo "## Installation" >> changelog.md | |
| echo '```bash' >> changelog.md | |
| echo "# Download and install" >> changelog.md | |
| echo "curl -LO https://github.com/${{ github.repository }}/releases/download/$TAG/clamreef-agent-\$(uname -s)-\$(uname -m)" >> changelog.md | |
| echo "chmod +x clamreef-agent-*" >> changelog.md | |
| echo "sudo mv clamreef-agent-* /usr/local/bin/clamreef-agent" >> changelog.md | |
| echo '```' >> changelog.md | |
| - name: Create Release | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ steps.get_version.outputs.version }} | |
| release_name: ClamReef Agent ${{ steps.get_version.outputs.version }} | |
| body_path: changelog.md | |
| draft: false | |
| prerelease: ${{ contains(steps.get_version.outputs.version, 'alpha') || contains(steps.get_version.outputs.version, 'beta') || contains(steps.get_version.outputs.version, 'rc') }} | |
| build: | |
| name: Build Release Binaries | |
| needs: create-release | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| include: | |
| # Linux targets | |
| - os: ubuntu-latest | |
| target: x86_64-unknown-linux-gnu | |
| artifact_name: clamreef-agent | |
| asset_name: clamreef-agent-Linux-x86_64 | |
| cross: false | |
| - os: ubuntu-latest | |
| target: x86_64-unknown-linux-musl | |
| artifact_name: clamreef-agent | |
| asset_name: clamreef-agent-Linux-x86_64-musl | |
| cross: true | |
| - os: ubuntu-latest | |
| target: aarch64-unknown-linux-gnu | |
| artifact_name: clamreef-agent | |
| asset_name: clamreef-agent-Linux-aarch64 | |
| cross: true | |
| - os: ubuntu-latest | |
| target: armv7-unknown-linux-gnueabihf | |
| artifact_name: clamreef-agent | |
| asset_name: clamreef-agent-Linux-armv7 | |
| cross: true | |
| # macOS targets | |
| - os: macos-latest | |
| target: x86_64-apple-darwin | |
| artifact_name: clamreef-agent | |
| asset_name: clamreef-agent-Darwin-x86_64 | |
| cross: false | |
| - os: macos-latest | |
| target: aarch64-apple-darwin | |
| artifact_name: clamreef-agent | |
| asset_name: clamreef-agent-Darwin-aarch64 | |
| cross: false | |
| # Windows targets | |
| - os: windows-latest | |
| target: x86_64-pc-windows-msvc | |
| artifact_name: clamreef-agent.exe | |
| asset_name: clamreef-agent-Windows-x86_64.exe | |
| cross: false | |
| - os: windows-latest | |
| target: i686-pc-windows-msvc | |
| artifact_name: clamreef-agent.exe | |
| asset_name: clamreef-agent-Windows-i686.exe | |
| cross: false | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| targets: ${{ matrix.target }} | |
| - name: Setup Rust cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| key: ${{ matrix.os }}-${{ matrix.target }} | |
| - name: Install cross-compilation dependencies (Linux) | |
| if: matrix.cross && matrix.os == 'ubuntu-latest' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc-multilib | |
| cargo install cross --git https://github.com/cross-rs/cross | |
| - name: Install additional dependencies (Ubuntu) | |
| if: matrix.os == 'ubuntu-latest' && !matrix.cross | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libssl-dev pkg-config | |
| - name: Install additional dependencies (macOS) | |
| if: matrix.os == 'macos-latest' | |
| run: | | |
| # No additional dependencies needed for macOS | |
| - name: Build binary (native) | |
| if: "!matrix.cross" | |
| run: | | |
| cargo build --release --target ${{ matrix.target }} --all-features | |
| - name: Build binary (cross-compiled) | |
| if: matrix.cross | |
| run: | | |
| cross build --release --target ${{ matrix.target }} --all-features | |
| - name: Strip binary (Unix) | |
| if: matrix.os != 'windows-latest' | |
| run: | | |
| strip target/${{ matrix.target }}/release/${{ matrix.artifact_name }} | |
| - name: Create archive (Unix) | |
| if: matrix.os != 'windows-latest' | |
| run: | | |
| cd target/${{ matrix.target }}/release | |
| tar czf ../../../${{ matrix.asset_name }}.tar.gz ${{ matrix.artifact_name }} | |
| cd ../../.. | |
| - name: Create archive (Windows) | |
| if: matrix.os == 'windows-latest' | |
| run: | | |
| cd target/${{ matrix.target }}/release | |
| 7z a ../../../${{ matrix.asset_name }}.zip ${{ matrix.artifact_name }} | |
| cd ../../.. | |
| - name: Upload binary to release (Unix) | |
| if: matrix.os != 'windows-latest' | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: ${{ matrix.asset_name }}.tar.gz | |
| asset_name: ${{ matrix.asset_name }}.tar.gz | |
| asset_content_type: application/gzip | |
| - name: Upload binary to release (Windows) | |
| if: matrix.os == 'windows-latest' | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: ${{ matrix.asset_name }}.zip | |
| asset_name: ${{ matrix.asset_name }}.zip | |
| asset_content_type: application/zip | |
| - name: Upload standalone binary (Unix) | |
| if: matrix.os != 'windows-latest' | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: target/${{ matrix.target }}/release/${{ matrix.artifact_name }} | |
| asset_name: ${{ matrix.asset_name }} | |
| asset_content_type: application/octet-stream | |
| - name: Upload standalone binary (Windows) | |
| if: matrix.os == 'windows-latest' | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: target/${{ matrix.target }}/release/${{ matrix.artifact_name }} | |
| asset_name: ${{ matrix.asset_name }} | |
| asset_content_type: application/octet-stream | |
| docker: | |
| name: Build and Push Docker Image | |
| needs: create-release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Get version from tag | |
| id: get_version | |
| run: | | |
| if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then | |
| VERSION="${{ github.event.inputs.tag }}" | |
| else | |
| VERSION=${GITHUB_REF#refs/tags/} | |
| fi | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "version_number=${VERSION#v}" >> $GITHUB_OUTPUT | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Docker Hub | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Log in to GitHub Container Registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| clamreef/agent | |
| ghcr.io/${{ github.repository }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| VERSION=${{ steps.get_version.outputs.version_number }} | |
| checksums: | |
| name: Generate Checksums | |
| needs: [create-release, build] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download all artifacts | |
| uses: actions/download-artifact@v3 | |
| - name: Generate checksums | |
| run: | | |
| find . -name "clamreef-agent-*" -type f | while read file; do | |
| if [[ "$file" == *.tar.gz ]] || [[ "$file" == *.zip ]] || [[ "$file" != *.* ]]; then | |
| sha256sum "$file" >> checksums.txt | |
| sha512sum "$file" >> checksums.txt | |
| fi | |
| done | |
| - name: Upload checksums | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: checksums.txt | |
| asset_name: checksums.txt | |
| asset_content_type: text/plain |