diff --git a/.cargo/config b/.cargo/config new file mode 100644 index 00000000..b5d9af5b --- /dev/null +++ b/.cargo/config @@ -0,0 +1,12 @@ +# Due to an issue with linking when cross-compiling, specify the +# linker and archiver for cross-compiled targets. +# +# More information: https://github.com/rust-lang/cargo/issues/4133 + +[target.x86_64-unknown-linux-musl] +linker = "x86_64-linux-musl-ld" +ar = "x86_64-linux-musl-ar" + +[target.aarch64-unknown-linux-musl] +linker = "aarch64-linux-musl-ld" +ar = "aarch64-linux-musl-ar" \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6d7e5600..a5204a96 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,127 +1,124 @@ name: kwctl release - on: push: tags: - 'v*' - env: CARGO_TERM_COLOR: always - BUILD_TARGET: x86_64-unknown-linux-musl - BINARY_NAME: kwctl - BINARY_FULL_NAME: kwctl-linux-amd64 jobs: - test: - name: Test Suite - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: stable - override: true - # Speed-up runs by using GH cache - - uses: actions/cache@v1 - with: - path: ~/.cargo/registry/index - key: index-${{ runner.os }}-${{ github.run_number }} - restore-keys: | - index-${{ runner.os }}- - - uses: actions-rs/cargo@v1 - with: - command: generate-lockfile - - uses: actions/cache@v1 - with: - path: ~/.cargo/registry/cache - key: registry-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - - uses: actions-rs/cargo@v1 - with: - command: fetch - - uses: actions/cache@v1 - with: - path: target - key: target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} + ci: + # A branch is required, and cannot be dynamic - https://github.com/actions/runner/issues/1493 + uses: kubewarden/kwctl/.github/workflows/tests.yml@main - - uses: actions-rs/cargo@v1 - with: - command: test - args: --workspace - - build: - name: Build Release - needs: test + build-linux-x86_64: + name: Build linux (x86_64) binary runs-on: ubuntu-latest + needs: + - ci steps: - uses: actions/checkout@v2 - - # Speed-up runs by using GH cache - - uses: actions/cache@v1 - with: - path: ~/.cargo/registry/index - key: index-${{ runner.os }}-${{ github.run_number }} - restore-keys: | - index-${{ runner.os }}- - - uses: actions-rs/cargo@v1 + - name: Setup rust toolchain + uses: actions-rs/toolchain@v1 with: - command: generate-lockfile - - uses: actions/cache@v1 + toolchain: stable + - name: Setup musl for x86_64 + run: | + curl https://musl.cc/x86_64-linux-musl-cross.tgz | tar -xz + echo "$PWD/x86_64-linux-musl-cross/bin" >> $GITHUB_PATH + - run: rustup target add x86_64-unknown-linux-musl + - name: Build kwctl + env: + CC: x86_64-linux-musl-gcc + run: cargo build --target=x86_64-unknown-linux-musl --release + - run: mv target/x86_64-unknown-linux-musl/release/kwctl kwctl-linux-x86_64 + - name: Upload binary + uses: actions/upload-artifact@v2 with: - path: ~/.cargo/registry/cache - key: registry-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - - uses: actions-rs/cargo@v1 + name: kwctl-linux-x86_64 + path: kwctl-linux-x86_64 + + build-linux-aarch64: + name: Build linux (aarch64) binary + runs-on: ubuntu-latest + needs: + - ci + steps: + - uses: actions/checkout@v2 + - name: Setup rust toolchain + uses: actions-rs/toolchain@v1 with: - command: fetch - - uses: actions/cache@v1 + toolchain: stable + - name: Setup musl for aarch64 + run: | + curl https://musl.cc/aarch64-linux-musl-cross.tgz | tar -xz + echo "$PWD/aarch64-linux-musl-cross/bin" >> $GITHUB_PATH + - run: rustup target add aarch64-unknown-linux-musl + - name: Build kwctl + env: + CC: aarch64-linux-musl-gcc + run: cargo build --target=aarch64-unknown-linux-musl --release + - run: mv target/aarch64-unknown-linux-musl/release/kwctl kwctl-linux-aarch64 + - name: Upload binary + uses: actions/upload-artifact@v2 with: - path: target - key: target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} + name: kwctl-linux-aarch64 + path: kwctl-linux-aarch64 - - name: Build-musl - uses: gmiam/rust-musl-action@master + build-darwin-x86_64: + name: Build darwin (x86_64) binary + runs-on: macos-latest + needs: + - ci + steps: + - uses: actions/checkout@v2 + - name: Setup rust toolchain + uses: actions-rs/toolchain@v1 with: - args: cargo build --target $BUILD_TARGET --release --bin ${{ env.BINARY_NAME }} - - - name: upload kwctl as an artifact + toolchain: stable + - run: rustup target add x86_64-apple-darwin + - name: Build kwctl + run: cargo build --target=x86_64-apple-darwin --release + - run: mv target/x86_64-apple-darwin/release/kwctl kwctl-darwin-x86_64 + - name: Upload binary uses: actions/upload-artifact@v2 with: - name: ${{ env.BINARY_NAME }} - path: target/x86_64-unknown-linux-musl/release/${{ env.BINARY_NAME }} - if-no-files-found: error + name: kwctl-darwin-x86_64 + path: kwctl-darwin-x86_64 - e2e: - name: Run e2e tests against release binary - needs: build - runs-on: ubuntu-latest + build-windows-x86_64: + name: Build windows (x86_64) binary + runs-on: windows-latest + needs: + - ci steps: - uses: actions/checkout@v2 - - name: Download artifact - uses: actions/download-artifact@v2 + - name: Setup rust toolchain + uses: actions-rs/toolchain@v1 with: - name: ${{ env.BINARY_NAME }} - - - name: Run e2e tests - run: | - chmod 755 ${{ env.BINARY_NAME }} - PATH=${PWD}:${PATH} make e2e-tests + toolchain: stable + - run: rustup target add x86_64-pc-windows-msvc + - name: Build kwctl + run: cargo build --target=x86_64-pc-windows-msvc --release + - run: mv target/x86_64-pc-windows-msvc/release/kwctl.exe kwctl-windows-x86_64.exe + - name: Upload binary + uses: actions/upload-artifact@v2 + with: + name: kwctl-windows-x86_64 + path: kwctl-windows-x86_64.exe release: - name: Release - needs: e2e + name: Create release runs-on: ubuntu-latest + needs: + - build-linux-x86_64 + - build-linux-aarch64 + - build-darwin-x86_64 + - build-windows-x86_64 steps: - - name: Download artifact - uses: actions/download-artifact@v2 - with: - name: ${{ env.BINARY_NAME }} - - - name: Compress binary - run: | - zip -9j ${{ env.BINARY_FULL_NAME }}.zip ${{ env.BINARY_NAME }} - name: Create Release - id: create_release + id: create-release uses: actions/create-release@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -131,13 +128,58 @@ jobs: draft: false prerelease: false - - name: Upload Release Asset - id: upload-release-asset + - name: Download linux-x86_64 binary + uses: actions/download-artifact@v2 + with: + name: kwctl-linux-x86_64 + - name: Publish linux-x86_64 binary + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create-release.outputs.upload_url }} + asset_name: kwctl-linux-x86_64 + asset_path: kwctl-linux-x86_64 + asset_content_type: application/octet-stream + + - name: Download linux-aarch64 binary + uses: actions/download-artifact@v2 + with: + name: kwctl-linux-aarch64 + - name: Publish linux-aarch64 binary + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create-release.outputs.upload_url }} + asset_name: kwctl-linux-aarch64 + asset_path: kwctl-linux-aarch64 + asset_content_type: application/octet-stream + + - name: Download darwin-x86_64 binary + uses: actions/download-artifact@v2 + with: + name: kwctl-darwin-x86_64 + - name: Publish darwin-x86_64 binary + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create-release.outputs.upload_url }} + asset_name: kwctl-darwin-x86_64 + asset_path: kwctl-darwin-x86_64 + asset_content_type: application/octet-stream + + - name: Download windows-x86_64 binary + uses: actions/download-artifact@v2 + with: + name: kwctl-windows-x86_64 + - name: Publish windows-x86_64 binary uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: ${{ env.BINARY_FULL_NAME }}.zip - asset_name: ${{ env.BINARY_FULL_NAME }}.zip + upload_url: ${{ steps.create-release.outputs.upload_url }} + asset_name: kwctl-windows-x86_64.exe + asset_path: kwctl-windows-x86_64.exe asset_content_type: application/octet-stream diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index d012ea6a..00acbffc 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -1,7 +1,8 @@ -on: [push, pull_request] - name: Continuous integration - +on: + - push + - pull_request + - workflow_call jobs: check: name: Check @@ -16,7 +17,6 @@ jobs: - uses: actions-rs/cargo@v1 with: command: check - test: name: Test Suite runs-on: ubuntu-latest @@ -31,7 +31,6 @@ jobs: with: command: test args: --workspace - fmt: name: Rustfmt runs-on: ubuntu-latest @@ -47,7 +46,6 @@ jobs: with: command: fmt args: --all -- --check - clippy: name: Clippy runs-on: ubuntu-latest @@ -63,7 +61,6 @@ jobs: with: command: clippy args: -- -D warnings - e2e: name: e2e tests runs-on: ubuntu-latest diff --git a/.gitignore b/.gitignore index 5da0ad85..c41cc9e3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1 @@ -/target -/.cargo \ No newline at end of file +/target \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index a6d652af..019ed639 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -362,7 +362,7 @@ checksum = "8f1e260c3a9040a7c19a12468758f4c16f31a81a1fe087482be9570ec864bb6c" [[package]] name = "burrego" version = "0.1.2" -source = "git+https://github.com/kubewarden/policy-evaluator?tag=v0.2.9#843b60f4d5509be89b53b9b6c3b04efcdeb17507" +source = "git+https://github.com/kubewarden/policy-evaluator?tag=v0.2.10#cdb46478a4336091d375357612fe99a6104208cb" dependencies = [ "anyhow", "base64", @@ -1892,9 +1892,9 @@ dependencies = [ [[package]] name = "kubewarden-policy-sdk" -version = "0.2.4" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61a46677c118ebeff46e1d3b09450715270366482a5b0cbeb8ef04152f7b4605" +checksum = "9f866fd0ab46019965538c69370bb9c72ac904d66f78f5469c3d56d4d299e1f5" dependencies = [ "anyhow", "k8s-openapi 0.11.0", @@ -1926,7 +1926,6 @@ dependencies = [ "itertools", "k8s-openapi 0.13.1", "kube", - "kubewarden-policy-sdk", "lazy_static", "mdcat", "policy-evaluator", @@ -2565,8 +2564,8 @@ dependencies = [ [[package]] name = "policy-evaluator" -version = "0.2.9" -source = "git+https://github.com/kubewarden/policy-evaluator?tag=v0.2.9#843b60f4d5509be89b53b9b6c3b04efcdeb17507" +version = "0.2.10" +source = "git+https://github.com/kubewarden/policy-evaluator?tag=v0.2.10#cdb46478a4336091d375357612fe99a6104208cb" dependencies = [ "anyhow", "base64", diff --git a/Cargo.toml b/Cargo.toml index 0197eda7..2b2d49a9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,10 +17,9 @@ directories = "3.0.2" itertools = "0.10.1" k8s-openapi = { version = "0.13.0", default-features = false, features = ["v1_22"] } kube = { version = "0.64.0", default-features = false, features = ["client", "rustls-tls"] } -kubewarden-policy-sdk = "0.2.3" lazy_static = "1.4.0" mdcat = "0.24" -policy-evaluator = { git = "https://github.com/kubewarden/policy-evaluator", tag = "v0.2.9" } +policy-evaluator = { git = "https://github.com/kubewarden/policy-evaluator", tag = "v0.2.10" } policy-fetcher = { git = "https://github.com/kubewarden/policy-fetcher", tag = "v0.3.0" } pretty-bytes = "0.2.2" prettytable-rs = "^0.8" @@ -40,4 +39,4 @@ walrus = "0.19.0" wasmparser = "0.80.0" [dev-dependencies] -tempfile = "3.2.0" +tempfile = "3.2.0" \ No newline at end of file diff --git a/src/annotate.rs b/src/annotate.rs index c7583845..de17deae 100644 --- a/src/annotate.rs +++ b/src/annotate.rs @@ -1,7 +1,6 @@ use crate::backend::{Backend, BackendDetector}; use anyhow::{anyhow, Result}; -use kubewarden_policy_sdk::metadata::ProtocolVersion; -use policy_evaluator::{constants::*, policy_metadata::Metadata}; +use policy_evaluator::{constants::*, policy_metadata::Metadata, ProtocolVersion}; use std::fs::File; use std::path::PathBuf; use validator::Validate; diff --git a/src/backend.rs b/src/backend.rs index 465b4ecc..ebab3e13 100644 --- a/src/backend.rs +++ b/src/backend.rs @@ -1,8 +1,7 @@ use anyhow::{anyhow, Result}; -use kubewarden_policy_sdk::metadata::ProtocolVersion; use policy_evaluator::{ policy_evaluator::PolicyExecutionMode, policy_evaluator_builder::PolicyEvaluatorBuilder, - policy_metadata::Metadata, + policy_metadata::Metadata, ProtocolVersion, }; use std::path::{Path, PathBuf}; diff --git a/src/run.rs b/src/run.rs index 175ef18f..b057cfc6 100644 --- a/src/run.rs +++ b/src/run.rs @@ -217,7 +217,7 @@ fn determine_execution_mode( #[cfg(test)] mod tests { use super::*; - use kubewarden_policy_sdk::metadata::ProtocolVersion; + use policy_evaluator::ProtocolVersion; use std::path::PathBuf; fn mock_protocol_version_detector_v1(_wasm_path: PathBuf) -> Result {