feat: fully functional deduplicated backups #10
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: ['v*'] | |
| permissions: | |
| contents: write | |
| packages: write | |
| id-token: write | |
| attestations: write | |
| jobs: | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| cache: true | |
| check-latest: true | |
| - name: Download dependencies | |
| run: go mod download | |
| - name: Download rustic binaries | |
| run: make download-rustic | |
| - name: Build release binaries | |
| env: | |
| CGO_ENABLED: 0 | |
| run: | | |
| VERSION=${GITHUB_REF#refs/tags/} | |
| mkdir -p dist | |
| # Build for multiple platforms | |
| for GOOS in linux; do | |
| for GOARCH in amd64 arm64; do | |
| echo "Building ${GOOS}/${GOARCH}..." | |
| env GOOS=${GOOS} GOARCH=${GOARCH} go build -v -trimpath \ | |
| -ldflags="-s -w -X github.com/pyrohost/elytra/src/system.Version=${VERSION}" \ | |
| -o dist/elytra_${GOOS}_${GOARCH} \ | |
| ./src/cmd/elytra | |
| done | |
| done | |
| # Make binaries executable | |
| chmod +x dist/* | |
| - name: Generate checksums | |
| run: | | |
| cd dist | |
| sha256sum * > checksums.txt | |
| cat checksums.txt | |
| - name: Generate attestations | |
| uses: actions/attest-build-provenance@v1 | |
| with: | |
| subject-path: 'dist/*' | |
| - name: Create release | |
| uses: softprops/action-gh-release@v2 | |
| if: github.ref_type == 'tag' | |
| with: | |
| draft: false | |
| generate_release_notes: true | |
| files: | | |
| dist/* | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| docker: | |
| name: Docker Release | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| attestations: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Download rustic binaries | |
| run: make download-rustic | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/pyrohost/elytra | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=raw,value=latest | |
| - name: Build and push | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: VERSION=${{ github.ref_name }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| provenance: true | |
| sbom: true | |
| - name: Generate attestation | |
| uses: actions/attest-build-provenance@v1 | |
| with: | |
| subject-name: ghcr.io/pyrohost/elytra | |
| subject-digest: ${{ steps.build.outputs.digest }} | |
| push-to-registry: true |