Skip to content

vz: add support for nested virtualization #3301

vz: add support for nested virtualization

vz: add support for nested virtualization #3301

Workflow file for this run

# Forked from https://github.com/containerd/nerdctl/blob/v0.8.1/.github/workflows/release.yml
# Apache License 2.0
name: Release
on:
push:
branches:
- 'master'
tags:
- 'v*'
pull_request:
branches:
- 'master'
env:
GO111MODULE: on
jobs:
artifacts-darwin:
name: Artifacts Darwin
runs-on: macos-12
timeout-minutes: 20
steps:
- name: "Show xcode and SDK version"
run: |
# Xcode version
xcodebuild -version
# macOS SDK version
xcrun --show-sdk-version
- uses: actions/checkout@v4
with:
fetch-depth: 1
- uses: actions/setup-go@v5
with:
go-version: 1.23.x
- name: Make darwin artifacts
run: make artifacts-darwin
- name: "Upload artifacts"
uses: actions/upload-artifact@v4
with:
name: artifacts-darwin
path: _artifacts/
release:
# An old release of Ubuntu is chosen for glibc compatibility
runs-on: ubuntu-20.04
needs: artifacts-darwin
timeout-minutes: 20
# The maximum access is "read" for PRs from public forked repos
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
permissions:
contents: write # for releases
id-token: write # for provenances
attestations: write # for provenances
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: artifacts-darwin
path: _artifacts/
- uses: actions/setup-go@v5
with:
go-version: 1.23.x
- name: Install gcc-x86-64-linux-gnu
run: |
sudo apt-get update
sudo apt-get install -y gcc-x86-64-linux-gnu
- name: Install gcc-aarch64-linux-gnu
run: |
sudo apt-get update
sudo apt-get install -y gcc-aarch64-linux-gnu
- name: "Compile binaries"
run: make artifacts-linux
- name: "Make misc artifacts"
run: make artifacts-misc
- name: "SHA256SUMS"
run: |
( cd _artifacts; sha256sum *.tar.gz ) | tee /tmp/SHA256SUMS
mv /tmp/SHA256SUMS _artifacts/SHA256SUMS
- name: "The sha256sum of the SHA256SUMS file"
run: (cd _artifacts; sha256sum SHA256SUMS)
- name: "Prepare the release note"
run: |
shasha=$(sha256sum _artifacts/SHA256SUMS | awk '{print $1}')
cat <<-EOF | tee /tmp/release-note.txt
(Changes to be documented)
## Usage
\`\`\`console
[macOS]$ limactl create
[macOS]$ limactl start
...
INFO[0029] READY. Run \`lima\` to open the shell.
[macOS]$ lima uname
Linux
\`\`\`
- - -
The binaries were built automatically on GitHub Actions.
The build log is available for 90 days: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
The sha256sum of the SHA256SUMS file itself is \`${shasha}\` .
- - -
Release manager: [ADD YOUR NAME HERE] (@[ADD YOUR GITHUB ID HERE])
EOF
- uses: actions/attest-build-provenance@v1
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
with:
subject-path: _artifacts/*
- name: "Create release"
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
tag="${GITHUB_REF##*/}"
gh release create -F /tmp/release-note.txt --draft --title "${tag}" "${tag}" _artifacts/*