Skip to content
.github/workflows/release.yaml

fix(ci): build-args is a list #2

Sign in to view logs

fix(ci): build-args is a list

fix(ci): build-args is a list #2

Workflow file for this run

.github/workflows/release.yaml at e51cd65
name: Release

Check failure on line 1 in .github/workflows/release.yaml

View workflow run for this annotation

GitHub Actions / .github/workflows/release.yaml

Invalid workflow file 

(Line: 167, Col: 11): A sequence was not expected
on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
env:
DIST: dist-${{ github.ref_name }}
jobs:
# TODO: attestation is missing from this :(
publish-crates:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
attestations: write
environment:
name: production
steps:
- uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable
- name: Authenticate with crates.io
id: auth
uses: rust-lang/crates-io-auth-action@v1
- name: Publish crates
env:
CARGO_REGISTRY_TOKEN: ${{ steps.auth.outputs.token }}
run: |
set -euo pipefail
publish() {
echo "Publishing $1"
(cd "$1" && cargo publish --locked)
echo "Waiting for crates.io index to update..."
sleep 25
}
publish idl/spec
#publish idl
#publish lang/syn
#publish lang/derive/accounts
#publish lang/derive/serde
#publish lang/derive/space
#publish lang/attribute/access-control
#publish lang/attribute/account
#publish lang/attribute/constant
#publish lang/attribute/error
#publish lang/attribute/program
#publish lang/attribute/event
#publish lang
#publish spl
#publish client
#publish cli
publish-npmjs:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
environment:
name: production
env:
NODE_ENV: production
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "24"
registry-url: "https://registry.npmjs.org"
- name: Enable corepack (yarn)
run: corepack enable
- run: |
set -euo pipefail
publish() {
local dir="$1"
local name
name="$(basename "$dir")"
echo "Publishing $dir"
pushd "$dir" >/dev/null
yarn
if [[ "$name" == spl-* ]]; then
yarn build:npm
else
yarn build
fi
npm publish
popd >/dev/null
}
base="ts/packages"
publish "$base/spl-associated-token-account"
#publish "$base/spl-binary-option"
#publish "$base/spl-binary-oracle-pair"
#publish "$base/spl-feature-proposal"
#publish "$base/spl-governance"
#publish "$base/spl-memo"
#publish "$base/spl-name-service"
#publish "$base/spl-record"
#publish "$base/spl-stake-pool"
#publish "$base/spl-stateless-asks"
#publish "$base/spl-token"
#publish "$base/spl-token-lending"
#publish "$base/spl-token-swap"
#publish "$base/borsh"
#publish "$base/anchor-errors"
#publish "$base/anchor"
# TODO: typedocs
publish-dockerhub:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
attestations: write
artifact-metadata: write
environment:
name: production
env:
IMAGE_NAME: trixterosec/anchor
steps:
- uses: actions/checkout@v4
# TODO: figure out if OIDC is possible
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE_NAME }}
tags: |
type=ref,event=tag
type=sha
- name: Build and push
id: build
uses: docker/build-push-action@v6
with:
context: docker/build
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args:
- SOLANA_CLI=v2.3.0
- ANCHOR_CLI=${{ github.ref_name }}
provenance: mode=max
sbom: true
- name: Attest
uses: actions/attest-build-provenance@v3
with:
subject-name: ${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.build.outputs.digest }}
push-to-registry: true
# build:
# name: Build
# runs-on: ${{ matrix.os }}
# strategy:
# matrix:
# target:
# - aarch64-apple-darwin
# - x86_64-unknown-linux-gnu
# - x86_64-apple-darwin
# - x86_64-pc-windows-msvc
# include:
# - target: aarch64-apple-darwin
# os: macos-latest
# - target: x86_64-unknown-linux-gnu
# os: ubuntu-latest
# - target: x86_64-apple-darwin
# os: macos-latest
# - target: x86_64-pc-windows-msvc
# os: windows-latest
# steps:
# - uses: actions/checkout@v4
# - uses: dtolnay/rust-toolchain@master
# with:
# toolchain: stable
# target: ${{ matrix.target }}
# - name: Install dependencies (Linux)
# if: runner.os == 'Linux'
# run: sudo apt-get update && sudo apt-get install -y libudev-dev
# - name: Build release binary
# run: cargo build --package anchor-cli --release --locked --target ${{ matrix.target }}
# - name: Prepare
# if: startsWith(github.ref, 'refs/tags/')
# id: prepare
# shell: bash
# run: |
# version=$(echo $GITHUB_REF_NAME | cut -dv -f2)
# ext=""
# [[ "${{ matrix.os }}" == windows-latest ]] && ext=".exe"
# mkdir $DIST
# mv "target/${{ matrix.target }}/release/anchor$ext" $DIST/anchor-$version-${{ matrix.target }}$ext
# echo "version=$version" >> $GITHUB_OUTPUT
# - uses: actions/upload-artifact@v4
# if: startsWith(github.ref, 'refs/tags/')
# with:
# name: anchor-${{ steps.prepare.outputs.version }}-${{ matrix.target }}
# path: ${{ env.DIST }}
# overwrite: true
# retention-days: 1
# upload:
# name: Upload binaries to release
# if: startsWith(github.ref, 'refs/tags/')
# needs: [build]
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v4
# - uses: actions/download-artifact@v4
# with:
# path: ${{ env.DIST }}
# - name: Upload
# shell: bash
# run: GH_TOKEN=${{ secrets.GITHUB_TOKEN }} gh release upload $GITHUB_REF_NAME $DIST/*/* --clobber