Skip to content

feat: notification channel watchdog - alert other channels when one g… #68

feat: notification channel watchdog - alert other channels when one g…

feat: notification channel watchdog - alert other channels when one g… #68

Workflow file for this run

name: CI
# Checks run on pushes to main and on pull requests. A tag additionally builds
# and pushes the image and publishes the release. The image is built only on tags
# (never twice for one commit) - push main and the tag separately for one run each.
on:
pull_request:
push:
branches: [main]
tags: ["v*"]
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: dtolnay/rust-toolchain@stable
with:
components: clippy, rustfmt
- uses: Swatinem/rust-cache@v2
- name: Install build dependencies (aws-lc-rs)
run: sudo apt-get update && sudo apt-get install -y cmake clang libclang-dev
- name: Format
run: cargo fmt --all -- --check
- name: Clippy
run: cargo clippy --workspace --all-targets --locked -- -D warnings
- name: Test
run: cargo test --workspace --locked
deny:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: EmbarkStudios/cargo-deny-action@v2
# Build & publish the image once checks pass - tags only, so it builds once.
# RustSec advisory scanning lives in audit.yml (path-filtered + scheduled);
# releases stay gated on advisories regardless, since `deny` checks the same
# database on every run.
docker:
needs: [check, deny]
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v6
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v4
- name: Log in to GHCR
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Image metadata
id: meta
uses: docker/metadata-action@v6
with:
images: ghcr.io/${{ github.repository_owner }}/hora
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha
- name: Build and push
uses: docker/build-push-action@v7
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
# Publish the GitHub release once the image is out, with notes from CHANGELOG.md.
release:
needs: [docker]
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v6
- uses: taiki-e/create-gh-release-action@v1
with:
changelog: CHANGELOG.md
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}