diff --git a/.github/workflows/dev-publish.yaml b/.github/workflows/dev-publish.yaml index ce58b94..2284706 100644 --- a/.github/workflows/dev-publish.yaml +++ b/.github/workflows/dev-publish.yaml @@ -16,7 +16,7 @@ jobs: name: Preflight runs-on: ubuntu-latest outputs: - rust-version: ${{ steps.versions.outputs.rust-version }} + rust-toolchain: ${{ steps.versions.outputs.rust-toolchain }} git-sha: ${{ steps.versions.outputs.git-sha }} git-sha-short: ${{ steps.versions.outputs.git-sha-short }} git-date: ${{ steps.versions.outputs.git-date }} @@ -27,7 +27,7 @@ jobs: run: | set -euo pipefail - echo "rust-version=$(yq -r '.toolchain.channel' rust-toolchain.toml)" | tee -a "${GITHUB_OUTPUT}" + echo "rust-toolchain=$(yq -r '.toolchain.channel' rust-toolchain.toml)" | tee -a "${GITHUB_OUTPUT}" git_commit=$(gh api repos/bytecodealliance/wasmtime/commits/${{ inputs.git-ref || 'refs/tags/dev' }} --template '{{.sha}} {{.commit.committer.date}}') git_sha="$(echo "${git_commit}" | cut -d' ' -f1)" @@ -46,7 +46,7 @@ jobs: needs: preflight uses: ./.github/workflows/publish.yaml with: - rust-version: "${{ needs.preflight.outputs.rust-version }}" + rust-toolchain: "${{ needs.preflight.outputs.rust-toolchain }}" wasmtime-git-sha: ${{ needs.preflight.outputs.git-sha }} repository: dev tag: dev-${{ needs.preflight.outputs.git-sha }} diff --git a/.github/workflows/manual-publish.yaml b/.github/workflows/manual-publish.yaml index 629cbc8..bb94e8b 100644 --- a/.github/workflows/manual-publish.yaml +++ b/.github/workflows/manual-publish.yaml @@ -24,8 +24,8 @@ on: description: force overwriting an existing image type: boolean default: false - rust-version: - description: rust version to build + rust-toolchain: + description: rust toolchain to build with type: string jobs: @@ -34,7 +34,7 @@ jobs: name: Preflight runs-on: ubuntu-latest outputs: - rust-version: ${{ steps.versions.outputs.rust-version }} + rust-toolchain: ${{ steps.versions.outputs.rust-toolchain }} wasmtime-git-sha: ${{ steps.versions.outputs.wasmtime-git-sha }} additional-tags: ${{ steps.versions.outputs.additional-tags }} steps: @@ -44,7 +44,7 @@ jobs: run: | set -euo pipefail - echo "rust-version=${{ inputs.rust-version || '$(yq -r ''.toolchain.channel'' rust-toolchain.toml)' }}" | tee -a "${GITHUB_OUTPUT}" + echo "rust-toolchain=${{ inputs.rust-toolchain || '$(yq -r ''.toolchain.channel'' rust-toolchain.toml)' }}" | tee -a "${GITHUB_OUTPUT}" wasmtime_git_sha="$(gh api "repos/bytecodealliance/wasmtime/commits/${{ inputs.wasmtime-git-ref }}" --template '{{.sha}}')" echo "wasmtime-git-sha=${wasmtime_git_sha}" | tee -a "${GITHUB_OUTPUT}" @@ -64,7 +64,7 @@ jobs: needs: preflight uses: ./.github/workflows/publish.yaml with: - rust-version: "${{ needs.preflight.outputs.rust-version }}" + rust-toolchain: "${{ needs.preflight.outputs.rust-toolchain }}" wasmtime-crate: "${{ inputs.wasmtime-crate }}" wasmtime-git-sha: "${{ needs.preflight.outputs.wasmtime-git-sha }}" repository: "${{ inputs.repository }}" diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 6f5098e..2c4d26e 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -10,8 +10,8 @@ on: description: wasmtime git sha to build required: true type: string - rust-version: - description: rust version to build + rust-toolchain: + description: rust toolchain to build with required: true type: string repository: @@ -115,7 +115,7 @@ jobs: --build-arg "wasmtime_git_rev=${{ inputs.wasmtime-git-sha }}" \ --build-arg "cargo_auditable_version=${{ needs.preflight.outputs.cargo-auditable-version }}" \ --build-arg "from_base=${{ needs.preflight.outputs.base }}@${{ needs.preflight.outputs.base-digest }}" \ - --build-arg "from_build=rust:${{ inputs.rust-version }}" \ + --build-arg "rust_toolchain=${{ inputs.rust-toolchain }}" \ --label org.opencontainers.image.authors="Bytecode Alliance " \ --label org.opencontainers.image.base.digest="${{ needs.preflight.outputs.base-digest }}" \ --label org.opencontainers.image.base.name="${{ needs.preflight.outputs.base }}" \ @@ -280,7 +280,7 @@ jobs: "${{ env.repository }}@${{ needs.test.outputs.digest }}" \ "${tag}" done <<< "${additional_tags}" - - name: Primary tags + - name: Primary tag run: | crane tag \ "${{ env.repository }}@${{ needs.test.outputs.digest }}" \ diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index ed32393..6fcdeab 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -11,7 +11,7 @@ jobs: permissions: pull-requests: read outputs: - rust-version: ${{ steps.versions.outputs.rust-version }} + rust-toolchain: ${{ steps.versions.outputs.rust-toolchain }} wasmtime-stable-changed: ${{ steps.filter.outputs.wasmtime-stable }} wasmtime-stable-git-sha: ${{ steps.versions.outputs.wasmtime-stable-git-sha }} wasmtime-stable-version: ${{ steps.versions.outputs.wasmtime-stable-version }} @@ -50,7 +50,7 @@ jobs: run: | set -euo pipefail - echo "rust-version=$(yq -r '.toolchain.channel' rust-toolchain.toml)" | tee -a "${GITHUB_OUTPUT}" + echo "rust-toolchain=$(yq -r '.toolchain.channel' rust-toolchain.toml)" | tee -a "${GITHUB_OUTPUT}" # stable wasmtime_stable_version="$(cd versions/stable ; yq -p toml -oj -r '.package[] | select(.name == "wasmtime-cli") | .version' Cargo.lock)" @@ -115,7 +115,7 @@ jobs: force: ${{ needs.preflight.outputs.common-changed == 'true' }} uses: ./.github/workflows/publish.yaml with: - rust-version: "${{ needs.preflight.outputs.rust-version }}" + rust-toolchain: "${{ needs.preflight.outputs.rust-toolchain }}" wasmtime-crate: "${{ matrix.wasmtime-crate }}" wasmtime-git-sha: "${{ matrix.wasmtime-git-sha }}" tag: "${{ matrix.tag }}" diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index 9b1746d..5b8956b 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -12,7 +12,7 @@ jobs: name: Preflight runs-on: ubuntu-latest outputs: - rust-version: ${{ steps.versions.outputs.rust-version }} + rust-toolchain: ${{ steps.versions.outputs.rust-toolchain }} wasmtime-stable-git-sha: ${{ steps.versions.outputs.wasmtime-stable-git-sha }} wasmtime-stable-version: ${{ steps.versions.outputs.wasmtime-stable-version }} wasmtime-stable-version-major: ${{ steps.versions.outputs.wasmtime-stable-version-major }} @@ -36,7 +36,7 @@ jobs: run: | set -euo pipefail - echo "rust-version=$(yq -r '.toolchain.channel' rust-toolchain.toml)" | tee -a "${GITHUB_OUTPUT}" + echo "rust-toolchain=$(yq -r '.toolchain.channel' rust-toolchain.toml)" | tee -a "${GITHUB_OUTPUT}" # stable wasmtime_stable_version="$(cd versions/stable ; yq -p toml -oj -r '.package[] | select(.name == "wasmtime-cli") | .version' Cargo.lock)" @@ -114,7 +114,7 @@ jobs: lts-1 uses: ./.github/workflows/publish.yaml with: - rust-version: "${{ needs.preflight.outputs.rust-version }}" + rust-toolchain: "${{ needs.preflight.outputs.rust-toolchain }}" wasmtime-crate: "${{ matrix.wasmtime-crate }}" wasmtime-git-sha: "${{ matrix.wasmtime-git-sha }}" tag: "${{ matrix.tag }}" diff --git a/Dockerfile b/Dockerfile index f143173..2c06bcc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,9 @@ -ARG from_build from_base -FROM ${from_build} AS build -ARG wasmtime_crate wasmtime_git_rev cargo_auditable_version +ARG from_base +FROM rust:latest AS build +ARG wasmtime_crate wasmtime_git_rev cargo_auditable_version rust_toolchain RUN \ + set -euo pipefail ; \ + rustup default "${rust_toolchain}" ; \ cargo install --locked "cargo-auditable@${cargo_auditable_version}" ; \ if [ "${wasmtime_crate}" = "" ] ; then \ # work around https://github.com/rust-secure-code/cargo-auditable/issues/124#issuecomment-1693428978 diff --git a/rust-toolchain.toml b/rust-toolchain.toml index f25b5b1..0f87b44 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,2 +1,2 @@ [toolchain] -channel = "1.95.0" +channel = "1.96.0"