Skip to content

mbtiles: remove tls features, CI streamlining #1997

mbtiles: remove tls features, CI streamlining

mbtiles: remove tls features, CI streamlining #1997

Workflow file for this run

name: CI
on:
push:
branches: [ main ]
paths-ignore:
- '**.md'
- 'demo/**'
- 'docs/**'
- 'homebrew-formula/**'
pull_request:
branches: [ main ]
paths-ignore:
- '**.md'
- 'demo/**'
- 'docs/**'
- 'homebrew-formula/**'
release:
types: [ published ]
workflow_dispatch:
defaults:
run:
shell: bash
jobs:
build:
name: Build ${{ matrix.target }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: true
matrix:
include:
- target: aarch64-apple-darwin
os: macOS-latest
cross: 'true'
- target: aarch64-unknown-linux-gnu
os: ubuntu-latest
cross: 'true'
- target: debian-x86_64
os: ubuntu-latest
cross: 'true'
- target: x86_64-apple-darwin
os: macOS-latest
- target: x86_64-pc-windows-msvc
os: windows-latest
ext: '.exe'
- target: x86_64-unknown-linux-gnu
os: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Rust Versions
run: rustc --version && cargo --version
- name: Lint (Linux)
if: matrix.target == 'x86_64-unknown-linux-gnu'
run: |
set -x
cargo fmt --all -- --check
cargo clippy --package martin-tile-utils -- -D warnings
cargo clippy --package martin-mbtiles --no-default-features -- -D warnings
cargo clippy --package martin-mbtiles -- -D warnings
cargo clippy --package martin -- -D warnings
cargo clippy --package martin --features vendored-openssl -- -D warnings
cargo clippy --package martin --features bless-tests -- -D warnings
- name: Install OpenSSL (Windows)
if: runner.os == 'Windows'
shell: powershell
run: |
echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append
vcpkg install openssl:x64-windows-static-md
- name: Build (native)
if: matrix.cross != 'true'
run: |
cargo build --release --target ${{ matrix.target }} --package martin --features=ssl --package martin
cargo build --release --target ${{ matrix.target }} --package martin-mbtiles
- name: Build (cross - aarch64-apple-darwin)
if: matrix.target == 'aarch64-apple-darwin'
run: |
rustup target add "${{ matrix.target }}"
# compile without debug symbols because stripping them with `strip` does not work cross-platform
export RUSTFLAGS='-C link-arg=-s'
cargo build --release --target ${{ matrix.target }} --package martin --features=vendored-openssl
cargo build --release --target ${{ matrix.target }} --package martin-mbtiles
- name: Build (cross - aarch64-unknown-linux-gnu)
if: matrix.target == 'aarch64-unknown-linux-gnu'
run: |
sudo apt-get install -y gcc-aarch64-linux-gnu binutils-aarch64-linux-gnu
rustup target add "${{ matrix.target }}"
# compile without debug symbols because stripping them with `strip` does not work cross-platform
export RUSTFLAGS='-C link-arg=-s -C linker=aarch64-linux-gnu-gcc'
cargo build --release --target ${{ matrix.target }} --package martin --features=vendored-openssl
cargo build --release --target ${{ matrix.target }} --package martin-mbtiles
- name: Build (debian package)
if: matrix.target == 'debian-x86_64'
run: |
sudo apt-get install -y dpkg dpkg-dev liblzma-dev
cargo install cargo-deb
cargo deb -v -p martin --output target/debian/debian-x86_64.deb
- name: Move build artifacts
run: |
mkdir -p target_releases
if [[ "${{ matrix.target }}" == "debian-x86_64" ]]; then
mv target/debian/debian-x86_64.deb target_releases
else
mv target/${{ matrix.target }}/release/martin${{ matrix.ext }} target_releases
mv target/${{ matrix.target }}/release/mbtiles${{ matrix.ext }} target_releases
fi
- name: Save build artifacts to build-${{ matrix.target }}
uses: actions/upload-artifact@v3
with:
name: build-${{ matrix.target }}
path: target_releases/*
test:
name: Test ${{ matrix.target }}
runs-on: ${{ matrix.os }}
needs: [ build ]
strategy:
fail-fast: true
matrix:
include:
- target: x86_64-apple-darwin
os: macOS-latest
- target: x86_64-pc-windows-msvc
os: windows-latest
ext: '.exe'
- target: x86_64-unknown-linux-gnu
os: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Start postgres
uses: nyurik/action-setup-postgis@v1
id: pg
with:
username: test
password: test
database: test
rights: --superuser
- name: Init database
run: |
echo "DATABASE_URL=$DATABASE_URL"
echo "Print the same in base64 to bypass Github's obfuscation (uses hardcoded password):"
echo "$DATABASE_URL" | base64
tests/fixtures/initdb.sh
env:
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }}
- name: Unit Tests (Linux)
if: matrix.target == 'x86_64-unknown-linux-gnu'
run: |
set -x
cargo test --package martin-tile-utils
cargo test --package martin-mbtiles --no-default-features
cargo test --package martin-mbtiles
cargo test --package martin
cargo test --package martin --features vendored-openssl
cargo test --doc
RUSTDOCFLAGS="-D warnings" cargo doc --no-deps --workspace
cargo clean
env:
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }}
- name: Download build artifact build-${{ matrix.target }}
uses: actions/download-artifact@v3
with:
name: build-${{ matrix.target }}
path: target/
- name: Integration Tests
run: |
export MARTIN_BUILD=-
export MARTIN_BIN=target/martin${{ matrix.ext }}
export MBTILES_BUILD=-
export MBTILES_BIN=target/mbtiles${{ matrix.ext }}
if [[ "${{ runner.os }}" != "Windows" ]]; then
chmod +x "$MARTIN_BIN" "$MBTILES_BIN"
fi
tests/test.sh
env:
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }}
- name: Compare test output results (Linux)
if: matrix.target == 'x86_64-unknown-linux-gnu'
run: diff --brief --recursive --new-file tests/output tests/expected
- name: Download Debian package (Linux)
if: matrix.target == 'x86_64-unknown-linux-gnu'
uses: actions/download-artifact@v3
with:
name: build-debian-x86_64
path: target/
- name: Tests Debian package (Linux)
if: matrix.target == 'x86_64-unknown-linux-gnu'
run: |
sudo dpkg -i target/debian-x86_64.deb
export MARTIN_BUILD=-
export MARTIN_BIN=/usr/bin/martin${{ matrix.ext }}
export MBTILES_BUILD=-
export MBTILES_BIN=/usr/bin/mbtiles${{ matrix.ext }}
tests/test.sh
env:
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }}
- name: Save test output on failure (Linux)
if: failure() && matrix.target == 'x86_64-unknown-linux-gnu'
uses: actions/upload-artifact@v3
with:
name: failed-test-output
path: tests/output/*
retention-days: 5
test-legacy:
name: Test Legacy DB
runs-on: ubuntu-latest
needs: [ build ]
strategy:
fail-fast: true
matrix:
include:
# These must match the versions of postgres used in the docker-compose.yml
- image: postgis/postgis:11-3.0-alpine
args: postgres
sslmode: disable
- image: postgis/postgis:14-3.3-alpine
args: postgres
sslmode: disable
# alpine images don't support SSL, so for this we use the debian images
- image: postgis/postgis:15-3.3
args: postgres -c ssl=on -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
sslmode: require
env:
# PG_* variables are used by psql
PGDATABASE: test
PGHOST: localhost
PGUSER: postgres
PGPASSWORD: postgres
services:
postgres:
image: ${{ matrix.image }}
ports:
# will assign a random free host port
- 5432/tcp
# Sadly there is currently no way to pass arguments to the service image other than this hack
# See also https://stackoverflow.com/a/62720566/177275
options: >-
-e POSTGRES_DB=test
-e POSTGRES_USER=postgres
-e POSTGRES_PASSWORD=postgres
-e PGDATABASE=test
-e PGUSER=postgres
-e PGPASSWORD=postgres
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
--entrypoint sh
${{ matrix.image }}
-c "exec docker-entrypoint.sh ${{ matrix.args }}"
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Setup database
run: tests/fixtures/initdb.sh
env:
PGPORT: ${{ job.services.postgres.ports[5432] }}
- name: Download build artifact build-x86_64-unknown-linux-gnu
uses: actions/download-artifact@v3
with:
name: build-x86_64-unknown-linux-gnu
path: target_releases/
- name: Integration Tests
run: |
export MARTIN_BUILD=-
export MARTIN_BIN=target_releases/martin
export MBTILES_BUILD=-
export MBTILES_BIN=target_releases/mbtiles
chmod +x "$MARTIN_BIN" "$MBTILES_BIN"
tests/test.sh
rm -rf target_releases
env:
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=${{ matrix.sslmode }}
- name: Download Debian package
uses: actions/download-artifact@v3
with:
name: build-debian-x86_64
path: target_releases/
- name: Tests Debian package
run: |
sudo dpkg -i target_releases/debian-x86_64.deb
export MARTIN_BUILD=-
export MARTIN_BIN=/usr/bin/martin
export MBTILES_BUILD=-
export MBTILES_BIN=/usr/bin/mbtiles
tests/test.sh
sudo dpkg -P martin
rm -rf target_releases
env:
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=${{ matrix.sslmode }}
- name: Unit Tests
run: |
echo "Running unit tests, connecting to DATABASE_URL=$DATABASE_URL"
echo "Same but as base64 to prevent GitHub obfuscation (this is not a secret):"
echo "$DATABASE_URL" | base64
set -x
cargo test --package martin
cargo clean
env:
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=${{ matrix.sslmode }}
- name: On error, save test output
if: failure()
uses: actions/upload-artifact@v3
with:
name: test-output
path: tests/output/*
retention-days: 5
docker:
name: Build docker images
runs-on: ubuntu-latest
needs: [ build ]
env:
# PG_* variables are used by psql
PGDATABASE: test
PGHOST: localhost
PGUSER: postgres
PGPASSWORD: postgres
services:
postgres:
image: postgis/postgis:15-3.3
ports:
# will assign a random free host port
- 5432/tcp
# Sadly there is currently no way to pass arguments to the service image other than this hack
# See also https://stackoverflow.com/a/62720566/177275
options: >-
-e POSTGRES_DB=test
-e POSTGRES_USER=postgres
-e POSTGRES_PASSWORD=postgres
-e PGDATABASE=test
-e PGUSER=postgres
-e PGPASSWORD=postgres
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
--entrypoint sh
postgis/postgis:15-3.3
-c "exec docker-entrypoint.sh postgres -c ssl=on -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key"
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Setup database
run: tests/fixtures/initdb.sh
env:
PGPORT: ${{ job.services.postgres.ports[5432] }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# https://github.com/docker/setup-qemu-action
with:
platforms: linux/amd64,linux/arm64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# https://github.com/docker/setup-buildx-action
with:
install: true
platforms: linux/amd64,linux/arm64
- run: rm -rf target_releases
- name: Download build artifact build-aarch64-unknown-linux-gnu
uses: actions/download-artifact@v3
with:
name: build-aarch64-unknown-linux-gnu
path: target_releases/linux/arm64
- name: Download build artifact build-x86_64-unknown-linux-gnu
uses: actions/download-artifact@v3
with:
name: build-x86_64-unknown-linux-gnu
path: target_releases/linux/amd64
- name: Reset permissions
run: chmod -R +x target_releases/
- name: Build linux/arm64 Docker image
id: docker_aarch64-unknown-linux-gnu
uses: docker/build-push-action@v5
# https://github.com/docker/build-push-action
with:
context: .
file: multi-platform.Dockerfile
load: true
tags: ${{ github.repository }}:linux-arm64
platforms: linux/arm64
- name: Test linux/arm64 Docker image
run: |
PLATFORM=linux/arm64
TAG=${{ github.repository }}:linux-arm64
export MBTILES_BUILD=-
export MBTILES_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests --entrypoint /usr/local/bin/mbtiles $TAG"
export MARTIN_BUILD=-
export MARTIN_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests $TAG"
tests/test.sh
env:
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=require
- name: Build linux/amd64 Docker image
id: docker_x86_64-unknown-linux-gnu
uses: docker/build-push-action@v5
# https://github.com/docker/build-push-action
with:
context: .
file: multi-platform.Dockerfile
load: true
tags: ${{ github.repository }}:linux-amd64
platforms: linux/amd64
- name: Test linux/amd64 Docker image
run: |
PLATFORM=linux/amd64
TAG=${{ github.repository }}:linux-amd64
export MBTILES_BUILD=-
export MBTILES_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests --entrypoint /usr/local/bin/mbtiles $TAG"
export MARTIN_BUILD=-
export MARTIN_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests $TAG"
tests/test.sh
env:
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=require
- name: Login to GitHub Docker registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
# https://github.com/docker/login-action
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
# https://github.com/docker/metadata-action
with:
images: ghcr.io/${{ github.repository }}
- name: Push the Docker image
if: github.event_name != 'pull_request'
uses: docker/build-push-action@v5
with:
context: .
file: multi-platform.Dockerfile
push: true
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
package:
name: Package ${{ matrix.target }}
runs-on: ${{ matrix.os }}
needs: [ test, test-legacy ]
strategy:
fail-fast: true
matrix:
include:
- target: aarch64-apple-darwin
os: ubuntu-latest
name: martin-Darwin-aarch64.tar.gz
cross: 'true'
sha: 'true'
- target: aarch64-unknown-linux-gnu
os: ubuntu-latest
name: martin-Linux-aarch64.tar.gz
cross: 'true'
- target: x86_64-apple-darwin
os: macOS-latest
name: martin-Darwin-x86_64.tar.gz
sha: 'true'
- target: x86_64-pc-windows-msvc
os: windows-latest
name: martin-Windows-x86_64.zip
ext: '.exe'
- target: x86_64-unknown-linux-gnu
os: ubuntu-latest
name: martin-Linux-x86_64.tar.gz
- target: debian-x86_64
os: ubuntu-latest
name: martin-Debian-x86_64.deb
cross: 'true'
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Download build artifact build-${{ matrix.target }}
uses: actions/download-artifact@v3
with:
name: build-${{ matrix.target }}
path: target/
- name: Strip symbols
# Symbol stripping does not work cross-platform
# For cross, symbols were already removed during build
if: matrix.cross != 'true'
run: |
cd target/
strip martin${{ matrix.ext }}
strip mbtiles${{ matrix.ext }}
- name: Package
run: |
cd target/
if [[ "${{ runner.os }}" == "Windows" ]]; then
7z a ../${{ matrix.name }} martin${{ matrix.ext }} mbtiles${{ matrix.ext }}
elif [[ "${{ matrix.target }}" == "debian-x86_64" ]]; then
mv debian-x86_64.deb ../${{ matrix.name }}
else
tar czvf ../${{ matrix.name }} martin${{ matrix.ext }} mbtiles${{ matrix.ext }}
fi
- name: Generate SHA-256 (MacOS)
if: matrix.sha == 'true'
run: shasum -a 256 ${{ matrix.name }}
- name: Publish
if: startsWith(github.ref, 'refs/tags/')
uses: softprops/action-gh-release@v1
with:
draft: true
files: 'martin*'
body_path: CHANGELOG.md
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# This final step is needed to mark the whole workflow as successful
# Don't change its name - it is used by the merge protection rules
done:
name: CI Finished
runs-on: ubuntu-latest
needs: [ docker, package ]
steps:
- name: Finished
run: echo "CI finished successfully"