-
-
Notifications
You must be signed in to change notification settings - Fork 491
146 lines (137 loc) · 4.46 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
name: Publish
on:
pull_request:
push:
branches:
- '*'
tags:
- '*'
jobs:
build_tarballs:
name: Build tarballs
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: cachix/install-nix-action@v30
- name: Build tarballs
run: |
nix build -L .#hydraJobs.tarball
install -D ./result/tarballs/*.tar.bz2 ./dist/patchelf-$(cat version).tar.bz2
install -D ./result/tarballs/*.tar.gz ./dist/patchelf-$(cat version).tar.gz
- uses: actions/upload-artifact@v4
with:
name: patchelf-tarball
path: dist/*
build_windows:
name: Build windows executable
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: cachix/install-nix-action@v30
- name: Build windows executable
run: |
nix build -L .#patchelf-win32 .#patchelf-win64
install -D ./result/bin/patchelf.exe ./dist/patchelf-win32-$(cat version).exe
install -D ./result-1/bin/patchelf.exe ./dist/patchelf-win64-$(cat version).exe
- uses: actions/upload-artifact@v4
with:
name: patchelf-windows
path: dist/*
test_windows:
name: Test windows binaries
needs: [build_windows]
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: patchelf-windows
path: dist
- name: Show binaries
run: dir .\\dist
- name: Test windows 64-bit binary
run: .\\dist\\patchelf-win32-*.exe --version
- name: Test windows 32-bit binary
run: .\\dist\\patchelf-win64-*.exe --version
build_musl:
name: Build static musl binaries
needs: [build_tarballs]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
platform: ["amd64", "i386", "ppc64le", "arm64v8", "arm32v7", "s390x", "riscv64"]
steps:
- name: Set up QEMU
if: matrix.platform != 'amd64'
uses: docker/setup-qemu-action@v3
- name: Set docker arch
run: |
platform=${{ matrix.platform }}
if [[ $platform == arm64v8 ]]; then
platform=arm64
elif [[ $platform == arm32v7 ]]; then
platform=arm
fi
echo "DOCKER_PLATFORM=$platform" >> $GITHUB_ENV
- uses: actions/download-artifact@v4
with:
name: patchelf-tarball
path: dist
- name: Build binaries
env:
CXXFLAGS: "-D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Werror=format-security -O2 -static"
run: |
cat <<EOF > build.sh
set -e
set -x
apk add build-base
tar -xf dist/*.tar.bz2
rm -f dist/*
cd patchelf-*
./configure --prefix /patchelf
make check || (cat tests/test-suite.log; exit 1)
make install-strip
cd -
tar -czf ./dist/patchelf-\$(cat patchelf-*/version)-\$(uname -m).tar.gz -C /patchelf .
EOF
if [ "${{ matrix.platform }}" == "i386" ]; then
ENTRYPOINT=linux32
else
ENTRYPOINT=
fi
docker run --platform "$DOCKER_PLATFORM" -e CXXFLAGS -v $(pwd):/gha ${{ matrix.platform }}/alpine:edge ${ENTRYPOINT} sh -ec "cd /gha && sh ./build.sh"
- name: Check binaries
run: |
cat <<EOF > check.sh
set -e
set -x
tar -xf ./dist/patchelf-*-*.tar.gz
./bin/patchelf --version
EOF
docker run --platform "$DOCKER_PLATFORM" -v $(pwd):/gha ${{ matrix.platform }}/debian:unstable-slim sh -ec "cd /gha && sh ./check.sh"
- uses: actions/upload-artifact@v4
with:
name: patchelf-${{ matrix.platform }}
path: dist/*
publish:
name: Publish tarballs & binaries
needs: [build_tarballs, build_windows, build_musl]
if: github.event_name == 'push' && github.repository == 'NixOS/patchelf' && startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v4
with:
pattern: patchelf-*
merge-multiple: true
path: dist
- name: Upload binaries to release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: dist/*
tag: ${{ github.ref }}
overwrite: true
file_glob: true