Skip to content

Sign main branch Unified container builds with cosign and perform security scanning #2302

Sign main branch Unified container builds with cosign and perform security scanning

Sign main branch Unified container builds with cosign and perform security scanning #2302

name: Build Rust Cross Platform
on:
workflow_call:
workflow_dispatch:
push:
branches:
- main
- rc
- hotfix-rc
pull_request:
jobs:
build_rust:
name: Build for ${{ matrix.settings.os }} ${{ matrix.settings.target }}
runs-on: ${{ matrix.settings.os }}
strategy:
fail-fast: false
matrix:
settings:
- os: macos-13
target: x86_64-apple-darwin
- os: macos-13
target: aarch64-apple-darwin
- os: windows-2022
target: x86_64-pc-windows-msvc
- os: windows-2022
target: x86_64-pc-windows-gnu
# caution: updating the linux runner OS version for GNU
# targets will likely break libbitwarden_c for older OS versions.
# prefer using oldest supported runner for for these targets
- os: ubuntu-22.04
target: x86_64-unknown-linux-gnu
- os: ubuntu-22.04
target: x86_64-unknown-linux-musl
- os: ubuntu-22.04
target: aarch64-unknown-linux-musl
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install rust
uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable
with:
toolchain: stable
- name: Cache cargo registry
uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
- uses: goto-bus-stop/setup-zig@abea47f85e598557f500fa1fd2ab7464fcb39406 # v2.2.1
if: ${{ contains(matrix.settings.target, 'musl') }}
with:
version: 0.12.0
- name: Install Zigbuild
if: ${{ contains(matrix.settings.target, 'musl') }}
run: cargo install cargo-zigbuild --locked --git https://github.com/rust-cross/cargo-zigbuild --rev 6f7e1336c9cd13cf1b3704f93c40fcf84caaed6b # 0.18.4
- name: Add build architecture
run: rustup target add ${{ matrix.settings.target }}
# Build Rust for musl
- name: Build Rust for - ${{ matrix.settings.target }}
if: ${{ contains(matrix.settings.target, 'musl') }}
env:
RUSTFLAGS: "-D warnings"
run: cargo zigbuild -p bitwarden-c --target ${{ matrix.settings.target }} --release
# Build Rust for windows-gnu
- name: Build Rust for - ${{ matrix.settings.target }}
if: ${{ matrix.settings.target == 'x86_64-pc-windows-gnu' }}
env:
RUSTFLAGS: "-D warnings"
run: cargo build -p bitwarden-c --target ${{ matrix.settings.target }} --profile=release-windows
# Build Rust for !musl && !windows-gnu
- name: Build Rust for - ${{ matrix.settings.target }}
if: ${{ !contains(matrix.settings.target, 'musl') && matrix.settings.target != 'x86_64-pc-windows-gnu' }}
env:
RUSTFLAGS: "-D warnings"
MACOSX_DEPLOYMENT_TARGET: "10.14" # allows using new macos runner versions while still supporting older systems
run: cargo build -p bitwarden-c --target ${{ matrix.settings.target }} --release
- name: Upload Artifact
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: libbitwarden_c_files-${{ matrix.settings.target }}
path: target/${{ matrix.settings.target }}/release/*bitwarden_c*
- name: Upload Artifact
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: libbitwarden_c_files-${{ matrix.settings.target }}
path: target/${{ matrix.settings.target }}/release-windows/*bitwarden_c*