Skip to content

Commit c9d4204

Browse files
committed
Add release CI
1 parent 4c42a57 commit c9d4204

1 file changed

Lines changed: 248 additions & 0 deletions

File tree

.github/workflows/release.yml

Lines changed: 248 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,248 @@
1+
# SPDX-FileCopyrightText: 2021 René de Hesselle <dehesselle@web.de>
2+
#
3+
# SPDX-License-Identifier: GPL-2.0-or-later
4+
5+
name: release
6+
on:
7+
push: # only run for tags
8+
tags:
9+
- 'v*'
10+
jobs:
11+
12+
# This workflow...
13+
#
14+
# ... deserves some documentation here :D
15+
#
16+
#
17+
18+
################################################################################
19+
20+
check_requirements:
21+
runs-on: macos-10.15
22+
steps:
23+
24+
- name: checkout jhb repository
25+
uses: actions/checkout@v2
26+
with:
27+
submodules: true
28+
29+
- name: fail on missing version tag
30+
if: ${{ !startsWith(github.ref, 'refs/tags/v') }}
31+
uses: actions/github-script@v3
32+
with:
33+
script: core.setFailed("version tag not found")
34+
35+
- name: get jhb version
36+
id: jhb
37+
env:
38+
SYS_IGNORE_USR_LOCAL: true
39+
run: |
40+
source etc/bootstrap.d/version.sh
41+
echo "::set-output name=version::$VERSION"
42+
43+
- name: get version tag
44+
id: tag
45+
run: echo "::set-output name=version::${GITHUB_REF##*v}"
46+
47+
# Once we have established that the jhb version (version.sh)
48+
# matches the git tag we can safely rely on the tag from here on.
49+
- name: fail on version mismatch
50+
if: ${{ !endsWith(github.ref, steps.jhb.outputs.version) }}
51+
uses: actions/github-script@v3
52+
with:
53+
script: core.setFailed("version tag mismatch")
54+
55+
- name: fail on missing secret SDK_DOWNLOAD_URL
56+
if: env.SDK_DOWNLOAD_URL == null
57+
env:
58+
SDK_DOWNLOAD_URL: ${{ secrets.SDK_DOWNLOAD_URL }}
59+
uses: actions/github-script@v3
60+
with:
61+
script: core.setFailed("SDK_DOWNLOAD_URL secret not found")
62+
63+
################################################################################
64+
65+
build:
66+
runs-on: macos-10.15
67+
needs: check_requirements
68+
env:
69+
WRK_DIR: /Users/Shared/work
70+
CCACHE_DIR: /Users/Shared/work/ccache
71+
steps:
72+
73+
#------------------------------------------------- prepare the environemnt
74+
75+
- name: checkout jhb repository
76+
uses: actions/checkout@v2
77+
with:
78+
submodules: true
79+
80+
- name: create cache id
81+
id: cache_id
82+
uses: nanzm/get-time-action@v1.1
83+
with:
84+
format: "YYYY-MM-DD-HH-mm-ss"
85+
86+
# Create a new cache, building ontop the most recent old one.
87+
- name: setup cache
88+
id: cache
89+
uses: actions/cache@v2
90+
with:
91+
path: ${{ env.CCACHE_DIR }}
92+
key: ccache-jhb-${{ steps.cache_id.outputs.time }}
93+
restore-keys: ccache-jhb-
94+
95+
# GitHub does not provide 10.11 SDK on their runners and no image older
96+
# than Catalina. See here for what you can expect in their Catalina image:
97+
# https://github.com/actions/virtual-environments/blob/main/images/macos/macos-10.15-Readme.md
98+
#
99+
# Official downloads from Apple are not accessible without a developer
100+
# account and I don't trust 3rd party sources (e.g. "phracker"). So I'm
101+
# using my own (non-public) source, but I'm providing the means to verify
102+
# what I'm doing, see here:
103+
# https://github.com/dehesselle/sdkchecksum
104+
#
105+
# In order to use your custom SDK_DOWNLOAD_URL, create a repository secret
106+
# of said name and proivide a link to a .tar.xz file.
107+
# At the moment, only 10.11.4 SDK is supported (hardcoded below).
108+
- name: install macOS SDK
109+
if: env.SDK_DOWNLOAD_URL != null
110+
env:
111+
SDK_DOWNLOAD_URL: ${{ secrets.SDK_DOWNLOAD_URL }}
112+
run: |
113+
mkdir -p $WRK_DIR
114+
curl -L ${{ secrets.SDK_DOWNLOAD_URL }} | tar -C $WRK_DIR -xJp
115+
echo "SDKROOT=$WRK_DIR/$(basename ${SDK_DOWNLOAD_URL%%.tar.xz*})" >> $GITHUB_ENV
116+
117+
# Checkout repository to verify SDK...
118+
- name: checkout sdkchecksum repository
119+
if: env.SDK_DOWNLOAD_URL != null
120+
env:
121+
SDK_DOWNLOAD_URL: ${{ secrets.SDK_DOWNLOAD_URL }}
122+
uses: actions/checkout@v2
123+
with:
124+
repository: dehesselle/sdkchecksum
125+
path: sdkchecksum
126+
clean: false
127+
128+
# ...and use it to verify
129+
- name: verify SDK
130+
if: env.SDK_DOWNLOAD_URL != null
131+
env:
132+
SDK_DOWNLOAD_URL: ${{ secrets.SDK_DOWNLOAD_URL }}
133+
run: |
134+
shasum -a 256 sdkchecksum/MacOSX10.11.4.sdk.sha256
135+
cd $WRK_DIR
136+
if shasum -s -c $GITHUB_WORKSPACE/sdkchecksum/MacOSX10.11.4.sdk.sha256; then
137+
echo "ok - SDK verified"
138+
exit 0
139+
else
140+
echo "error - SDK verification failed"
141+
exit 1
142+
fi
143+
144+
# GitHub does not provide a clean macOS installation. We need to move the
145+
# pre-installed components out of the way so we don't pick them up by
146+
# accident.
147+
- name: disable /usr/local
148+
run: |
149+
cd /usr/local
150+
for dir in include lib share; do sudo mv $dir $dir.disabled; done
151+
152+
#------------------------------------------------------------------- build
153+
154+
- name: bootstrap JHBuild
155+
run: usr/bin/bootstrap
156+
157+
- name: create archive
158+
id: jhb
159+
run: |
160+
source etc/bootstrap.d/version.sh
161+
tar -C $WRK_DIR -cp jhb-$VERSION | XZ_OPT=-T0 $WRK_DIR/jhb-$VERSION/bin/xz > $GITHUB_WORKSPACE/jhb_v$VERSION.tar.xz
162+
shasum -a 256 $GITHUB_WORKSPACE/jhb_v$VERSION.tar.xz > $GITHUB_WORKSPACE/jhb_v$VERSION.tar.xz.sha256
163+
cat $GITHUB_WORKSPACE/jhb_v$VERSION.tar.xz.sha256
164+
echo "::set-output name=version::$VERSION"
165+
166+
#-------------------------------------------------------- upload artifacts
167+
168+
# Restore /usr/local, GitHub actions depend on these.
169+
- name: restore /usr/local
170+
run: for dir in /usr/local/*.disabled; do sudo mv $dir ${dir/.disabled/}; done
171+
172+
- name: upload archive
173+
uses: actions/upload-artifact@v2
174+
with:
175+
name: jhb_archive
176+
path: jhb_v${{ steps.jhb.outputs.version }}.tar.xz
177+
178+
- name: upload archive checksum
179+
uses: actions/upload-artifact@v2
180+
with:
181+
name: jhb_archive.sha256
182+
path: jhb_v${{ steps.jhb.outputs.version }}.tar.xz.sha256
183+
184+
185+
################################################################################
186+
187+
create_release:
188+
runs-on: macos-10.15
189+
needs: build
190+
env:
191+
WRK_DIR: /Users/Shared/work
192+
steps:
193+
194+
#--------------------------------------------------- prepare the environment
195+
196+
- name: checkout repository
197+
uses: actions/checkout@v2
198+
with:
199+
submodules: true
200+
201+
- name: download artifact
202+
uses: actions/download-artifact@v2
203+
with:
204+
name: jhb_archive
205+
206+
- name: download artifact checksum
207+
uses: actions/download-artifact@v2
208+
with:
209+
name: jhb_archive.sha256
210+
211+
- name: get jhb version
212+
id: jhb
213+
run: |
214+
echo "::set-output name=tag::${GITHUB_REF##*/}"
215+
echo "::set-output name=version::${GITHUB_REF##*v}"
216+
217+
#------------------------------------------------------------ create release
218+
219+
- name: create release
220+
id: release
221+
uses: actions/create-release@v1
222+
env:
223+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
224+
with:
225+
tag_name: ${{ github.ref }}
226+
release_name: jhb ${{ github.ref }}
227+
draft: true
228+
prerelease: false
229+
230+
- name: upload archive to release
231+
uses: actions/upload-release-asset@v1
232+
env:
233+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
234+
with:
235+
upload_url: ${{ steps.release.outputs.upload_url }}
236+
asset_path: jhb_${{ steps.jhb.outputs.tag }}.tar.xz
237+
asset_name: jhb_${{ steps.jhb.outputs.tag }}.tar.xz
238+
asset_content_type: application/octet-stream
239+
240+
- name: upload toolset checksum to release
241+
uses: actions/upload-release-asset@v1
242+
env:
243+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
244+
with:
245+
upload_url: ${{ steps.release.outputs.upload_url }}
246+
asset_path: jhb_${{ steps.jhb.outputs.tag }}.tar.xz.sha256
247+
asset_name: jhb_${{ steps.jhb.outputs.tag }}.tar.xz.sha256
248+
asset_content_type: text/plain

0 commit comments

Comments
 (0)