Skip to content

cargo: bump aws-sdk-qldbsession from 0.19.0 to 0.24.0 #1208

cargo: bump aws-sdk-qldbsession from 0.19.0 to 0.24.0

cargo: bump aws-sdk-qldbsession from 0.19.0 to 0.24.0 #1208

Workflow file for this run

name: CI Release
on:
push:
branches:
- main
tags:
- "v*.*.*"
pull_request:
jobs:
test:
name: Test
if: startsWith(github.ref, 'refs/tags/')
strategy:
matrix:
os: [ubuntu-18.04, macOS-latest, windows-2019]
runs-on: ${{ matrix.os }}
steps:
- name: Remove MSys64 MingW64 Binaries
if: runner.os == 'Windows'
# remove this because there is a bad libclang.dll that confuses bindgen
run: Remove-Item -LiteralPath "C:\msys64\mingw64\bin" -Force -Recurse
- name: Install Dependencies
if: runner.os == 'Windows'
run: choco install llvm -y
- name: Git Checkout
uses: actions/checkout@v2
- name: Rust Toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- name: Cargo Build
uses: actions-rs/cargo@v1
with:
command: build
args: --verbose
- name: Cargo Test
uses: actions-rs/cargo@v1
with:
command: test
args: --verbose
release:
name: Release
needs: [test]
if: startsWith(github.ref, 'refs/tags/')
strategy:
matrix:
include:
- os: ubuntu-18.04
variant: linux
bin: qldb
- os: windows-2019
variant: windows
bin: qldb.exe
- os: macos-latest
variant: mac
bin: qldb
runs-on: ${{ matrix.os }}
steps:
- uses: aws-actions/configure-aws-credentials@v1
with:
role-skip-session-tagging: true
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-external-id: ${{ secrets.AWS_ROLE_EXTERNAL_ID }}
role-duration-seconds: 1800
- name: Remove MSys64 MingW64 Binaries
if: runner.os == 'Windows'
# remove this because there is a bad libclang.dll that confuses bindgen
run: Remove-Item -LiteralPath "C:\msys64\mingw64\bin" -Force -Recurse
- name: Install Dependencies
if: runner.os == 'Windows'
run: choco install llvm -y
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- name: Install ubuntu tools
if: matrix.os == 'ubuntu-18.04'
run: |
sudo apt-get install -y musl-tools pkg-config libssl-dev
- name: Checkout
uses: actions/checkout@v2
- name: Package
shell: bash
if: matrix.os == 'ubuntu-18.04' || matrix.os == 'macos-latest'
run: |
name=qldb
tag=$(git describe --tags --abbrev=0)
release_name="$name-$tag-${{ matrix.variant }}"
release_tar="${release_name}.tar.gz"
mkdir "$release_name"
cargo fetch && cargo build --release
if [ "${{ matrix.os }}" != "windows-2019" ]; then
strip "target/${{ matrix.target }}/release/${{ matrix.bin }}"
fi
cp "target/release/${{ matrix.bin }}" "$release_name/"
cp README.md LICENSE CHANGELOG.md "$release_name/"
tar czvf "$release_tar" "$release_name"
rm -r "$release_name"
echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256"
git tag -l -n --format="%(contents:subject)" $(git describe --tags --abbrev=0) > TAG-COMMENT.txt
- name: MSI
shell: powershell
if: matrix.os == 'windows-2019'
run: |
$name='qldb'
$tag=git describe --tags --abbrev=0
$release_name="$name-$tag"
cargo fetch
cargo build --release
cd target/release
# Push unsigned EXE to S3
$put_object_response=( aws s3api put-object --bucket ${{ secrets.AWS_UNSIGNED_BUCKET }} --key ${{ secrets.AWS_KEY_EXE }} --body ${{ matrix.bin }} --acl bucket-owner-full-control ) | ConvertFrom-Json
$version_id = $put_object_response.VersionId
$job_id = ""
$num_of_retries_to_get_job_id = 3
# Attempt to get Job ID from bucket tagging, will retry up to 3 times before exiting with a failure code.
# Will sleep for 5 seconds between retries.
for (($i = 0); $i -lt $num_of_retries_to_get_job_id; $i++)
{
$get_object_tagging_response=( aws s3api get-object-tagging --bucket ${{ secrets.AWS_UNSIGNED_BUCKET }} --key ${{ secrets.AWS_KEY_EXE }} --version-id $version_id ) | ConvertFrom-Json
$id = $get_object_tagging_response.TagSet[0].Value
if ($id)
{
$job_id = $id
break
}
Start-Sleep -s 5
}
if ($job_id -eq "")
{
echo "Exiting because unable to retrieve job ID"
exit 1
}
# Poll signed S3 bucket to see if the signed artifact is there
aws s3api wait object-exists --bucket ${{ secrets.AWS_SIGNED_BUCKET }} --key ${{ secrets.AWS_KEY_EXE }}-$job_id
# Get signed EXE from S3
aws s3api get-object --bucket ${{ secrets.AWS_SIGNED_BUCKET }} --key ${{ secrets.AWS_KEY_EXE }}-$job_id ${{ matrix.bin }}
cd ../../
# Install cargo-wix to compile main.wxs
cargo install cargo-wix
# Read the shell version from the cargo.toml file
$version = Get-Content .\Cargo.toml | Select-String -Pattern '^version\s*=\s*\"\d*\.\d*\.\d*'
# Convert $version to semantic version (removing characters at the end)
$semantic = 'semantic' + $version.Matches[0].Value + '"'
# Write the semantic version in the wix variable file
$content = '<?xml version="1.0" encoding="utf-8"?><Include><?define ' + $semantic + ' ?></Include>'
Set-Content -Path ./wixvariables.wxi $content
# Create MSI based on target/wix/main.wxs
cargo wix --nocapture
cd target/wix
mv amazon_qldb_shell*.msi ../../$release_name.msi
cd ../../
$complete_file_name = $release_name + ".msi"
# Push unsigned MSI to S3
$put_object_response=( aws s3api put-object --bucket ${{ secrets.AWS_UNSIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }} --body $complete_file_name --acl bucket-owner-full-control ) | ConvertFrom-Json
$version_id = $put_object_response.VersionId
$job_id = ""
$num_of_retries_to_get_job_id = 3
# Attempt to get Job ID from bucket tagging, will retry up to 3 times before exiting with a failure code.
# Will sleep for 5 seconds between retries.
for (($i = 0); $i -lt $num_of_retries_to_get_job_id; $i++)
{
$get_object_tagging_response=( aws s3api get-object-tagging --bucket ${{ secrets.AWS_UNSIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }} --version-id $version_id ) | ConvertFrom-Json
$id = $get_object_tagging_response.TagSet[0].Value
if ($id)
{
$job_id = $id
break
}
Start-Sleep -s 5
}
if ($job_id -eq "")
{
echo "Exiting because unable to retrieve job ID"
exit 1
}
# Poll signed S3 bucket to see if the signed artifact is there
aws s3api wait object-exists --bucket ${{ secrets.AWS_SIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }}-$job_id
# Get signed MSI from S3
aws s3api get-object --bucket ${{ secrets.AWS_SIGNED_BUCKET }} --key ${{ secrets.AWS_KEY }}-$job_id $complete_file_name
- name: Publish
uses: softprops/action-gh-release@v1
with:
draft: true
prerelease: true
files: "qldb*"
body_path: TAG-COMMENT.txt
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}