actions/install-action
1
0
Fork 0
mirror of https://github.com/taiki-e/install-action.git synced 2026-04-21 15:10:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Pass --disable-strategies compile to cargo-binstall and fallback to

Browse Source 
cargo-install
This commit is contained in:
Taiki Endo
2026-04-13 17:24:14 +09:00
parent 921a4027af
commit acc1621b44
4 changed files with 65 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/.cspell/project-dictionary.txt vendored
View File

@@ -36,6 +36,7 @@ sccache
SHASUMS SHASUMS
shortstat shortstat
sigstore sigstore
startswith
syft syft
tombi tombi
udeps udeps

11
.github/workflows/ci.yml vendored
View File

@@ -181,9 +181,12 @@ jobs:
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
fallback: include:
- none - fallback: none
- cargo-install - fallback: cargo-install
- fallback: cargo-binstall
- fallback: cargo-binstall
version: 0.3
runs-on: ubuntu-24.04-arm runs-on: ubuntu-24.04-arm
timeout-minutes: 60 timeout-minutes: 60
steps: steps:
@@ -195,7 +198,7 @@ jobs:
id: install id: install
continue-on-error: ${{ matrix.fallback == 'none' }} continue-on-error: ${{ matrix.fallback == 'none' }}
with: with:
tool: parse-changelog@0.4.6 tool: parse-changelog@${{ matrix.version || '0.4.6' }}
fallback: ${{ matrix.fallback }} fallback: ${{ matrix.fallback }}
- run: exit 1 - run: exit 1
if: matrix.fallback == 'none' && steps.install.outcome != 'failure' if: matrix.fallback == 'none' && steps.install.outcome != 'failure'

2
CHANGELOG.md
View File

@@ -10,6 +10,8 @@ Note: In this file, do not use the hard wrap in the middle of a sentence for com
## [Unreleased] ## [Unreleased]
- Enhance security when cargo-binstall fallback is enabled.
## [2.75.8] - 2026-04-13 ## [2.75.8] - 2026-04-13
- Update `vacuum@latest` to 0.25.8. - Update `vacuum@latest` to 0.25.8.

60
main.sh
View File

@@ -928,11 +928,61 @@ if [[ ${#unsupported_tools[@]} -gt 0 ]]; then
# By default, cargo-binstall enforce downloads over secure transports only. # By default, cargo-binstall enforce downloads over secure transports only.
# As a result, http will be disabled, and it will also set # As a result, http will be disabled, and it will also set
# min tls version to be 1.2 # min tls version to be 1.2
binstall_args=(--force --no-confirm --locked "${unsupported_tools[@]}") binstall_args=(
if [[ -n "${token}" ]]; then --force
cargo-binstall binstall --github-token "${token}" "${binstall_args[@]}" --no-confirm
else --locked
cargo-binstall binstall "${binstall_args[@]}" # Since the build script can access the token when `cargo install` is called
# within `cargo-binstall`, disables building from source in cargo-binstall
# and fallback to `cargo install` which doesn't need the token.
--disable-strategies compile
)
unsupported_tools2=()
for tool in "${unsupported_tools[@]}"; do
if [[ -n "${token}" ]]; then
if ! GITHUB_TOKEN="${token}" cargo-binstall binstall "${binstall_args[@]}" "${tool}"; then
warn "cargo-binstall fallback does not support prebuilt binaries for ${tool} on this platform (${host_arch}); use 'cargo-install' fallback instead"
unsupported_tools2+=("${tool}")
fi
else
if ! cargo-binstall binstall "${binstall_args[@]}" "${tool}"; then
warn "cargo-binstall fallback does not support prebuilt binaries for ${tool} on this platform (${host_arch}); use 'cargo-install' fallback instead"
unsupported_tools2+=("${tool}")
fi
fi
done
if [[ ${#unsupported_tools2[@]} -gt 0 ]]; then
for tool in "${unsupported_tools2[@]}"; do
cargo_args=(--locked)
if [[ "${tool}" == *"@"* ]]; then
version="${tool#*@}"
tool="${tool%@*}"
if [[ ! "${version}" =~ ^([1-9][0-9]*\.[0-9]+\.[0-9]+|0\.[1-9][0-9]*\.[0-9]+|^0\.0\.[0-9]+)(-[0-9A-Za-z\.-]+)?(\+[0-9A-Za-z\.-]+)?$|^latest$ ]]; then
if [[ ! "${version}" =~ ^([1-9][0-9]*(\.[0-9]+(\.[0-9]+)?)?|0\.[1-9][0-9]*(\.[0-9]+)?|^0\.0\.[0-9]+)(-[0-9A-Za-z\.-]+)?(\+[0-9A-Za-z\.-]+)?$|^latest$ ]]; then
bail "install-action does not support non-semver version: '${version}'"
fi
crate_info=$(retry curl --user-agent "${ACTION_USER_AGENT}" --proto '=https' --tlsv1.2 -fsSL --retry 10 "https://crates.io/api/v1/crates/${tool}")
if [[ ! "${version}" =~ ^[0-9]+(\.[0-9]+)?$ ]]; then
bail "install-action does not support non-semver version: '${version}'"
fi
# shellcheck disable=SC2207
versions=($(jq -r --arg start "${version}." '.versions[] | select(.num | startswith($start)) | select(.yanked == false) | .num' <<<"${crate_info}"))
full_version=''
for v in ${versions[@]+"${versions[@]}"}; do
if [[ "${v}" =~ ^[0-9]+\.[0-9]+\.[0-9]+(\+[0-9A-Za-z\.-]+)?$ ]]; then
full_version="${v}"
break
fi
done
if [[ -z "${full_version}" ]]; then
bail "no stable version found for ${tool} that match with '${version}.*'; if you want to install a pre-release version, please specify the full version"
fi
version="${full_version}"
fi
cargo_args+=(--version "${version}")
fi
cargo install "${cargo_args[@]}" "${tool}"
done
fi fi
if ! type -P cargo >/dev/null; then if ! type -P cargo >/dev/null; then
_bin_dir=$(canonicalize_windows_path "${home}/.cargo/bin") _bin_dir=$(canonicalize_windows_path "${home}/.cargo/bin")