pantry/.github/workflows/build.yml
2022-10-27 18:23:32 -04:00

258 lines
7.8 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

name: build
on:
workflow_call:
inputs:
projects:
required: true
type: string
upload:
required: false
type: boolean
default: false
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: macos-11
- os: ubuntu-latest
container:
image: debian:buster-slim
options: --memory=16g
- os: [self-hosted, macOS, ARM64]
tag: darwin-aarch64
- os: [self-hosted, linux, ARM64]
tag: linux-aarch64
container: ${{ matrix.container }}
outputs:
built: ${{ steps.build.outputs.pkgs }}
srcs: ${{ steps.build.outputs.srcs }}
pkgs: ${{ steps.sorted.outputs.pkgs }} ${{ steps.sorted.outputs.pre-install }}
steps:
- name: co pantry
uses: actions/checkout@v3
with:
path: pantry
- name: co cli
uses: actions/checkout@v3
with:
path: cli
repository: teaxyz/cli
token: ${{ secrets.TEMP_JACOBS_GITHUB_PAT }}
- uses: teaxyz/setup@v0
id: tea
with:
srcroot: /opt/tea.xyz/var/pantry
prefix: /opt
- name: HACKS
run: |
case ${{ matrix.os }} in
ubuntu-latest)
#FIXME our LLVM doesn't provide c/c++ headers for some reason
apt-get update
apt-get --yes install libc-dev libstdc++-8-dev libgcc-8-dev
;;
macos-11)
#FIXME we need a clean install of macOS for builds
#TODO stop using GHA images or chroot or something
for x in /usr/local/*; do sudo mv $x /tmp; done
;;
esac
- run: |
find $GITHUB_WORKSPACE/pantry \
-not -type l \
-mindepth 1 \
-maxdepth 1 \
-print0 | \
xargs -0 -I{} cp -Rv {} /opt/tea.xyz/var/pantry
cp -a cli /opt/tea.xyz/var/
- run: /opt/tea.xyz/var/pantry/scripts/sort.ts ${{ inputs.projects }}
id: sorted
- run: cli/scripts/install.ts ${{ steps.sorted.outputs.pre-install }}
- run: cat /opt/tea.xyz/var/pantry/projects/zlib.net/package.yml
- run: /opt/tea.xyz/var/pantry/scripts/build.ts ${{ steps.sorted.outputs.pkgs }}
id: build
env:
# GITHUB_TOKEN doesn't have private access to teaxyz/cli.
# TODO restore to ${{ github.token }} when public
GITHUB_TOKEN: ${{ secrets.TEMP_JACOBS_GITHUB_PAT }}
FORCE_UNSAFE_CONFIGURE: 1 # some configure scripts refuse to run as root
# tarring ourselves ∵ GHA-artifacts (ludicrously) lose permissions
# /ref https://github.com/actions/upload-artifact/issues/38
- run:
tar czf $GITHUB_WORKSPACE/artifacts.tgz
${{ steps.build.outputs.relative-paths }}
${{ steps.build.outputs.srcs-relative-paths }}
working-directory: ${{ steps.tea.outputs.prefix }}
- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.tag || matrix.os }}
path: artifacts.tgz
if-no-files-found: error
test:
needs: [build]
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: macos-11
- os: ubuntu-latest
- os: ubuntu-latest
container: ghcr.io/teaxyz/infuser:slim-latest
- os: ubuntu-latest
container: debian:buster-slim
- os: [self-hosted, macOS, ARM64]
tag: darwin-aarch64
- os: [self-hosted, linux, ARM64]
tag: linux-aarch64
container: ${{ matrix.container }}
steps:
- uses: actions/checkout@v3
with:
path: pantry
- uses: actions/checkout@v3
with:
path: tea.xyz/var/cli
repository: teaxyz/cli
token: ${{ secrets.TEMP_JACOBS_GITHUB_PAT }}
- run: |
apt-get update
apt-get --yes install libc-dev libstdc++-8-dev libgcc-8-dev
if: ${{ matrix.container != '' }}
- uses: teaxyz/setup@v0
id: tea
with:
srcroot: tea.xyz/var/pantry
prefix: ${{ github.workspace }}
- name: overlay our pantry
run: |
find pantry \
-not -type l \
-mindepth 1 \
-maxdepth 1 \
-print0 | \
xargs -0 -I{} cp -Rv {} tea.xyz/var/pantry
- uses: actions/download-artifact@v3
with:
name: ${{ matrix.tag || matrix.os }}
- run: tar xzf artifacts.tgz
# script comes from pantry.core, which _might_not_be_this_pantry_
- run: tea.xyz/var/pantry/scripts/test.ts ${{ inputs.projects }}
bottle:
needs: [test, build]
runs-on: ${{ matrix.platform.os }}
defaults:
run:
working-directory: tea.xyz/var/pantry
strategy:
matrix:
platform:
- os: macos-11
- os: ubuntu-latest
- os: [self-hosted, macOS, ARM64]
tag: darwin-aarch64
- os: [self-hosted, linux, ARM64]
tag: linux-aarch64
steps:
- uses: actions/checkout@v3
with:
path: pantry
- uses: actions/checkout@v3
with:
path: tea.xyz/var/cli
repository: teaxyz/cli
token: ${{ secrets.TEMP_JACOBS_GITHUB_PAT }}
- uses: teaxyz/setup@v0
id: tea
with:
srcroot: tea.xyz/var/pantry
prefix: ${{ github.workspace }}
- name: overlay our pantry
run: |
find $GITHUB_WORKSPACE/pantry \
-not -type l \
-mindepth 1 \
-maxdepth 1 \
-print0 | \
xargs -0 -I{} cp -Rv {} .
- uses: actions/download-artifact@v3
with:
name: ${{ matrix.platform.tag || matrix.platform.os }}
path: ${{ steps.tea.outputs.prefix }}
- run: tar xzf artifacts.tgz
working-directory: ${{ steps.tea.outputs.prefix }}
- run: scripts/bottle.ts ${{ needs.build.outputs.built }}
id: bottle-xz
env:
COMPRESSION: xz
- run: scripts/bottle.ts ${{ needs.build.outputs.built }}
id: bottle-gz
env:
COMPRESSION: gz
- name: upload bottles
id: upload
if: ${{ inputs.upload }}
run: scripts/upload.ts
--pkgs ${{ needs.build.outputs.built }} ${{ needs.build.outputs.built }}
--srcs ${{ needs.build.outputs.srcs }} ${{ needs.build.outputs.srcs }}
--bottles ${{ steps.bottle-gz.outputs.bottles }} ${{ steps.bottle-xz.outputs.bottles }}
--checksums ${{ steps.bottle-gz.outputs.checksums }} ${{ steps.bottle-xz.outputs.checksums }}
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
#NOTE ideally wed invalidate all at once so this is atomic
# however GHA cant consolidate outputs from a matrix :/
- uses: chetan/invalidate-cloudfront-action@v2
if: ${{ inputs.upload }}
env:
PATHS: ${{ steps.upload.outputs.cf-invalidation-paths }}
DISTRIBUTION: ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
AWS_REGION: us-east-1
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
notify:
if: always()
needs: [bottle]
runs-on: ubuntu-latest
steps:
- uses: martialonline/workflow-status@v3
id: status
- uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }}
SLACK_MESSAGE: build job for ${{ inputs.projects }} ${{ steps.status.outputs.status }}
SLACK_COLOR: ${{ steps.status.outputs.status }}