ivabus/pantry
1
0
Fork 0
mirror of https://github.com/ivabus/pantry synced 2024-09-20 08:40:50 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity
pantry/.github/workflows/build.yml
Max Howell ee504738cf fix making tar.xz bottles (#158)
2022-09-28 11:15:20 -04:00

240 lines
6.7 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

name: build
on:
workflow_call:
inputs:
projects:
required: true
type: string
jobs:
queue-builder:
runs-on: ubuntu-latest
steps:
- name: queue
run: |
curl https://app.tea.xyz/api/builder/enqueue \
-H "authorization: bearer ${{ secrets.TEA_API_TOKEN }}" \
-d "$GITHUB_SHA ${{ inputs.projects }}"
build:
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: macos-11
container: ~
- os: ubuntu-latest
container:
image: ghcr.io/teaxyz/infuser:main
options: --memory=16g
container: ${{ matrix.container }}
defaults:
run:
working-directory: pantry
outputs:
built: ${{ steps.build.outputs.pkgs }}
pkgs: ${{ steps.sorted.outputs.pkgs }} ${{ steps.sorted.outputs.pre-install }}
steps:
- name: co pantry
uses: actions/checkout@v3
with:
path: pantry
- name: co cli
uses: actions/checkout@v3
with:
path: cli
repository: teaxyz/cli
token: ${{ secrets.TEMP_JACOBS_GITHUB_PAT }}
- name: HACKS
run: |
case ${{ matrix.os }} in
ubuntu-latest)
rm -rf /opt/tea.xyz/var/pantry
ln -s $GITHUB_WORKSPACE/pantry /opt/tea.xyz/var/pantry
# no git in our image, needed for tea finding SRCROOT
mkdir .git ../cli/.git
#FIXME needed for gdk-pixbuf
apt --yes install shared-mime-info
#FIXME **we provide curl** but it fails, we must figure out why
apt --yes install curl
;;
macos-11)
# screws up a lot of build scripts
# TODO stop using GHA images or chroot or something
for x in /usr/local/*; do sudo mv $x /tmp; done
sudo mkdir -p /opt/tea.xyz/var
sudo chown -R $(whoami):staff /opt
ln -s $GITHUB_WORKSPACE/pantry /opt/tea.xyz/var/pantry
# HACKs for teaxyz/setup since it currently requires the working dir to be a srcroot
cp README.md ..
mkdir ../.git
# for scripts/fix-machos.rb
sudo gem install ruby-macho
;;
*)
exit 1
esac
touch /opt/.hack
- uses: teaxyz/setup@v0
env:
TEA_SECRET: ${{ secrets.TEA_SECRET }}
VERBOSE: 1
id: tea
with:
prefix: /opt
- name: sort topologically
run: scripts/sort.ts ${{ inputs.projects }}
id: sorted
- run: ../cli/scripts/install.ts ${{ steps.sorted.outputs.pre-install }}
- run: scripts/build.ts ${{ steps.sorted.outputs.pkgs }}
id: build
env:
# GITHUB_TOKEN doesn't have private access to teaxyz/cli.
# TODO restore to ${{ github.token }} when public
GITHUB_TOKEN: ${{ secrets.TEMP_JACOBS_GITHUB_PAT }}
FORCE_UNSAFE_CONFIGURE: 1 # some configure scripts refuse to run as root
- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.os }}
path: |
${{ steps.build.outputs.paths }}
${{ steps.tea.outputs.prefix }}/.hack
# ^^ so the uploaded artifacts keep eg. foo.com/v1.2.3 as prefixes
if-no-files-found: error
test:
needs: [build]
runs-on: ${{ matrix.os }}
defaults:
run:
working-directory: pantry
strategy:
matrix:
os:
- macos-11
- ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
path: pantry
- name: co cli
uses: actions/checkout@v3
with:
path: cli
repository: teaxyz/cli
token: ${{ secrets.TEMP_JACOBS_GITHUB_PAT }}
- name: HACKS
run: |
mkdir -p ~/opt/tea.xyz/var
ln -s $GITHUB_WORKSPACE/pantry ~/opt/tea.xyz/var/pantry
cp README.md ..
- uses: teaxyz/setup@v0
id: tea
env:
TEA_SECRET: ${{ secrets.TEA_SECRET }}
- uses: actions/download-artifact@v3
with:
name: ${{ matrix.os }}
path: ${{ steps.tea.outputs.prefix }}
- run: echo ${{ inputs.projects }} | xargs -tn1 scripts/test.ts
bottle:
defaults:
run:
working-directory: pantry
needs: [test, build]
runs-on: ${{ matrix.platform }}
strategy:
matrix:
platform:
- macos-11
- ubuntu-latest
compression:
- xz
- gz
steps:
- uses: actions/checkout@v3
with:
path: pantry
- name: co cli
uses: actions/checkout@v3
with:
path: cli
repository: teaxyz/cli
token: ${{ secrets.TEMP_JACOBS_GITHUB_PAT }}
- name: HACKS
run: |
mkdir -p ~/opt/tea.xyz/var
ln -s $GITHUB_WORKSPACE/pantry ~/opt/tea.xyz/var/pantry
cp README.md ..
- uses: teaxyz/setup@v0
id: tea
env:
TEA_SECRET: ${{ secrets.TEA_SECRET }}
- uses: actions/download-artifact@v3
with:
name: ${{ matrix.platform }}
path: ${{ steps.tea.outputs.prefix }}
- run: scripts/bottle.ts ${{ needs.build.outputs.built }}
id: bottle
env:
COMPRESSION: ${{ matrix.compression }}
- run: ls -la ${{ steps.bottle.outputs.bottles }}
- name: upload bottles
id: upload
run: scripts/upload.ts
--pkgs ${{ needs.build.outputs.built }}
--bottles ${{ steps.bottle.outputs.bottles }}
--checksums ${{ steps.bottle.outputs.checksums }}
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
#NOTE ideally wed invalidate all at once so this is atomic
# however GHA cant consolidate outputs from a matrix :/
- uses: chetan/invalidate-cloudfront-action@v2
env:
PATHS: ${{ steps.upload.outputs.cf-invalidation-paths }}
DISTRIBUTION: ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
AWS_REGION: us-east-1
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
notify:
if: always()
needs: [bottle]
runs-on: ubuntu-latest
steps:
- uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }}
SLACK_MESSAGE: build job for ${{ inputs.projects }} ${{ needs.verify-relocatable.result }}
SLACK_COLOR: $ {{ needs.verify-relocatable.result }}
Reference in a new issue View git blame Copy permalink