add: icert/lcert to log #194
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
release: | |
types: | |
- created | |
- edited # can remove once CI is confirmed working | |
- prereleased | |
- released | |
- published | |
push: {} | |
pull_request: {} | |
name: Build | |
jobs: | |
build: | |
strategy: | |
matrix: | |
cmake-preset: | |
- linux # normal linux tests | |
- linux-openssl # tests compiling OpenSSL | |
- linux-sanitize | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Cache CMake build/dl folder | |
uses: actions/cache@v3 | |
with: | |
path: ./build/dl | |
key: ${{ runner.os }}-${{ matrix.cmake-preset }}-${{ hashFiles( 'lib/*' ) }} | |
- name: Configure | |
run: | | |
cmake --preset "${{ matrix.cmake-preset }}" | |
- name: Build | |
run: | | |
cmake --build --preset "${{ matrix.cmake-preset }}" | |
- name: Test | |
run: | | |
ctest --preset "${{ matrix.cmake-preset }}" --output-on-failure | |
- name: Install to ${{ runner.temp }}/brski-${{ matrix.cmake-preset }}/ | |
run: | | |
cmake --install "build/${{ matrix.cmake-preset }}" --prefix "${{ runner.temp }}/brski-${{ matrix.cmake-preset }}" | |
- name: Escape invalid chars in artifact name | |
id: escape_preset | |
run: | | |
preset='${{ matrix.cmake-preset }}' | |
# replace `/` with `-` | |
escaped_preset="${preset////-}" | |
echo "::set-output name=ESCAPED_CMAKE_PRESET::${escaped_preset}" | |
- name: Archive Install Output | |
uses: actions/upload-artifact@v3 | |
with: | |
name: brski-build-${{ steps.escape_preset.outputs.ESCAPED_CMAKE_PRESET }} | |
retention-days: 7 | |
path: | | |
${{ runner.temp }}/brski-${{ matrix.cmake-preset }}/ | |
build-deb: | |
name: Build Debian Package | |
# building a deb is super slow, but we're a public repo now, so it's free!! | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
architecture: [arm64, amd64] | |
distribution: | |
- jammy # uses libssl3 | |
permissions: | |
contents: write # needed for publishing release artifact | |
env: | |
OTHER_MIRROR: | |
deb [arch=arm64] http://ports.ubuntu.com/ubuntu-ports ${{ matrix.distribution }} main universe | deb [arch=amd64] http://archive.ubuntu.com/ubuntu ${{ matrix.distribution }} main universe | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Create pbuilder cache dir | |
# The actions/cache action does not have permissions to create the pbuilder | |
# cache folder if it doesn't exist | |
run: sudo mkdir -m777 -p /var/cache/pbuilder/ | |
- name: Cache pbuilder base | |
id: cache-pbuilder-base | |
uses: actions/cache@v3 | |
with: | |
path: | | |
/var/cache/pbuilder/base.tgz | |
key: ${{ runner.os }}-${{ matrix.distribution }}-${{ matrix.architecture }} | |
# Sometimes the cache step just freezes forever | |
# so put a limit on it so that we can restart it earlier on failure | |
timeout-minutes: 10 | |
- name: Install dependencies | |
run: | | |
sudo apt-get update && sudo apt-get install pbuilder debhelper -y | |
- name: Setup pdebuilderrc for cross-compiling | |
env: | |
PBUILDER_RC: | | |
# Enable network access, since `cmake` downloads dependencies | |
USENETWORK=yes | |
# Faster than default, and is requried if we want to do cross-compiling | |
PBUILDERSATISFYDEPENDSCMD="/usr/lib/pbuilder/pbuilder-satisfydepends-apt" | |
run: | | |
echo "$PBUILDER_RC" | sudo tee -a /etc/pbuilderrc | |
- name: Build pbuilder base.tgz | |
if: steps.cache-pbuilder-base.outputs.cache-hit != 'true' | |
run: | | |
sudo pbuilder create --debootstrapopts --variant=buildd --distribution ${{ matrix.distribution }} --mirror "" --othermirror "$OTHER_MIRROR" | |
- name: Build .deb | |
run: | | |
mkdir -p '${{ runner.temp }}/pbuilder/result' | |
pdebuild --buildresult '${{ runner.temp }}/pbuilder/result' --debbuildopts "-us -uc" -- --override-config --distribution ${{ matrix.distribution }} --mirror "" --othermirror "$OTHER_MIRROR" --host-arch ${{ matrix.architecture }} | |
- name: Archive built debs | |
uses: actions/upload-artifact@v3 | |
with: | |
name: brski-built-debs | |
retention-days: 7 | |
path: | | |
${{ runner.temp }}/pbuilder/result/*.deb | |
- name: Upload debs as Release Assets | |
# only run action if this is being run from a GitHub Release | |
if: ${{ github.event_name == 'release' }} | |
uses: actions/github-script@v6 | |
env: | |
PBUILDER_RESULT_DIR: '${{ runner.temp }}/pbuilder/result' | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
script: | | |
const fs = require('fs').promises; | |
const {basename, join} = require("path"); | |
const globber = await glob.create(join(process.env.PBUILDER_RESULT_DIR, "*.deb")); | |
const files = await globber.glob(); | |
for (const filePath of files) { | |
console.log(`Uploading ${filePath}`); | |
const filePromise = fs.readFile(filePath); | |
// Determine content-length for header to upload asset | |
const {size: contentLength} = await fs.stat(filePath); | |
// Setup headers for API call, see Octokit Documentation: | |
// https://octokit.github.io/rest.js/#octokit-routes-repos-upload-release-asset for more information | |
const headers = { | |
'content-type': "application/vnd.debian.binary-package", | |
'content-length': contentLength, | |
}; | |
// Upload a release asset | |
// API Documentation: https://developer.github.com/v3/repos/releases/#upload-a-release-asset | |
// Octokit Documentation: https://octokit.github.io/rest.js/v18#repos-upload-release-asset | |
try { | |
const uploadAssetResponse = await github.rest.repos.uploadReleaseAsset({ | |
url: context.payload.release.upload_url, | |
headers, | |
name: basename(filePath), | |
data: await filePromise, | |
}); | |
} catch (error) { | |
// upload errors are usually since the file already exists | |
console.error(`[skipped] Uploading ${basename(filePath)} failed: ${error}`); | |
} | |
} |