Skip to content
zizmor binary releases for GitHub 🐙

v1.11.1-rc1 #24

Sign in to view logs

v1.11.1-rc1

v1.11.1-rc1 #24

Workflow file for this run

.github/workflows/release-binaries.yml at 3255874
name: zizmor binary releases for GitHub 🐙
on:
release:
types: [published]
permissions: {}
jobs:
build:
name: Build for ${{ matrix.target }} on ${{ matrix.runner }}
runs-on: ${{ matrix.runner }}
strategy:
matrix:
include:
- runner: ubuntu-latest
target: x86_64-unknown-linux-gnu
- runner: ubuntu-24.04-arm
target: aarch64-unknown-linux-gnu
- runner: macos-latest
target: x86_64-apple-darwin
- runner: macos-latest
target: aarch64-apple-darwin
- runner: windows-latest
target: x86_64-pc-windows-msvc
- runner: windows-latest
target: i686-pc-windows-msvc
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Rust toolchain and target information
run: |
rustup show
- name: Install Rust target for ${{ matrix.target }}
run: rustup target add "${TARGET}"
env:
TARGET: ${{ matrix.target }}
shell: bash
- name: Build release
run: cargo build --release --target "${TARGET}"
env:
TARGET: ${{ matrix.target }}
shell: bash
- name: Archive release
id: archive-release
run: |
./support/archive-release.sh
env:
TARGET: ${{ matrix.target }}
shell: bash
- name: Upload artifact
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: artifacts-${{ matrix.target }}
path: ${{ steps.archive-release.outputs.filename }}
if-no-files-found: error
release:
name: Release binaries
runs-on: ubuntu-latest
needs: build
permissions:
id-token: write # for attestations
attestations: write # for attestations
contents: write # for release artifacts
steps:
- name: Download artifacts
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
with:
pattern: artifacts-*
path: distrib/
merge-multiple: true
- name: List artifacts
run: ls -l distrib/
- name: Attest to artifacts
uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
with:
subject-path: "distrib/*"
- name: Upload to release
run: |
gh release upload --repo zizmorcore/zizmor "${GITHUB_REF_NAME}" distrib/*
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
shell: bash