Skip to content

ci: run cargo audit directly in release workflow #29

ci: run cargo audit directly in release workflow

ci: run cargo audit directly in release workflow #29

Workflow file for this run

name: Release
permissions:
contents: write
id-token: write
on:
push:
tags:
- v[0-9]+.*
jobs:
release-format-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run format check
run: cargo fmt --check
- name: Run cargo-readme check
run: cargo install cargo-readme && cargo readme > TMP_README.md && diff -b TMP_README.md README.md
security-audit:
needs: release-format-check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install cargo-audit
run: cargo install cargo-audit
- name: Run cargo audit
run: cargo audit
create-release:
needs: security-audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: taiki-e/create-gh-release-action@v1
with:
changelog: CHANGELOG.md
token: ${{ secrets.GITHUB_TOKEN }}
upload-assets:
needs: create-release
strategy:
matrix:
include:
- target: aarch64-unknown-linux-gnu
os: ubuntu-latest
- target: x86_64-unknown-linux-gnu
os: ubuntu-latest
- target: universal-apple-darwin
os: macos-latest
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: taiki-e/upload-rust-binary-action@v1
with:
bin: bgpkit-parser
checksum: sha256
features: cli
target: ${{ matrix.target }}
token: ${{ secrets.GITHUB_TOKEN }}
cargo-publish:
needs: upload-assets
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Publish to crates.io
run: >
cargo publish
--all-features
--verbose
--token ${{ secrets.CARGO_REGISTRY_TOKEN }}
npm-publish:
needs: cargo-publish
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
registry-url: https://registry.npmjs.org
scope: '@bgpkit'
- name: Install wasm-pack
run: cargo install wasm-pack
- name: Add wasm target
run: rustup target add wasm32-unknown-unknown
- name: Build WASM npm package
run: bash src/wasm/build.sh
- name: Upgrade npm for trusted publishing
run: npm install -g npm@latest
- name: Publish @bgpkit/parser to npm
working-directory: pkg
run: npm publish --access public --provenance