-
Notifications
You must be signed in to change notification settings - Fork 34
142 lines (125 loc) · 5.12 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: release
on: workflow_dispatch
concurrency:
group: ${{ github.workflow }}-${{ github.event.after }}
cancel-in-progress: true
jobs:
build:
name: Build static retsnoop binary
runs-on: ubuntu-22.04
strategy:
matrix:
include:
- arch: amd64
file_str: x86-64
target: x86_64-unknown-linux-gnu
- arch: arm64
file_str: aarch64
target: aarch64-unknown-linux-gnu
steps:
# amd64 needs the dependencies to build retsnoop
- name: (amd64) Install dependencies
if: matrix.arch == 'amd64'
run: |
sudo apt-get update
sudo apt-get install -y cargo llvm libelf-dev
- name: Checkout retsnoop code
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
with:
submodules: recursive
path: 'retsnoop'
- name: (amd64) Build static retsnoop natively
if: matrix.arch == 'amd64'
working-directory: 'retsnoop'
run: |
CFLAGS=--static \
make -j -C src V=1
strip src/retsnoop
- name: (arm64) Pre-compile Rust sidecar binary, addr2line
if: matrix.arch == 'arm64'
working-directory: 'retsnoop/sidecar'
run: |
# It's too expensive to compile addr2line inside of the Docker
# container, below: Cargo's registry index update gets OOM-killed,
# and even if we worked around that, the build would take about three
# times as long as doing it on the host.
#
# We need the right toolchain and linker, then we can compile.
sudo apt-get update
sudo apt-get install -y gcc-aarch64-linux-gnu
rustup target add ${{ matrix.target }}
CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse \
cargo build --release --target ${{ matrix.target }} \
--config target.${{ matrix.target }}.linker=\"aarch64-linux-gnu-gcc\"
# Makefile expects the binary in retsnoop/sidecar/target/release/
mv target/${{ matrix.target }}/release/addr2line target/release/
- name: (arm64) Set up QEMU
uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
if: matrix.arch == 'arm64'
with:
platforms: ${{ matrix.arch }}
# The emulated build leverages Docker and Ubuntu 22.04 container image
# distribution to have all the needed arm64 packages.
- name: (arm64) Build static retsnoop for arm64 with emulation
if: matrix.arch == 'arm64'
run: |
docker run --platform linux/arm64 --rm -v $(pwd):/build ubuntu:22.04 \
bash -c "apt-get update && \
apt-get install -y clang llvm make pkg-config gcc \
libelf-dev zlib1g-dev && \
cd /build/retsnoop && \
CARGO=true \
CFLAGS=--static \
make -j -C src V=1 && \
strip src/retsnoop"
- name: Test retsnoop binary
working-directory: 'retsnoop/src'
run: |
file ./retsnoop | \
tee /dev/stderr | \
grep -q "${{ matrix.file_str }}"
./retsnoop --usage | grep -q Usage
ldd ./retsnoop 2>&1 | \
tee /dev/stderr | \
grep -q 'not a dynamic executable'
- name: Upload Artifact
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: ${{ format('retsnoop_{0}', matrix.arch) }}
path: retsnoop/src/retsnoop
draft-release:
name: Create a draft release
runs-on: ubuntu-22.04
needs: build
permissions:
contents: write
steps:
- name: Download artifacts from build
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- name: Rename binaries and compress
run: |
archive_amd64="retsnoop-${{ github.ref_name }}-amd64.tar.gz"
archive_arm64="retsnoop-${{ github.ref_name }}-arm64.tar.gz"
tar -C retsnoop_amd64 -I 'gzip -9' -cvf "${archive_amd64}" retsnoop
tar -C retsnoop_arm64 -I 'gzip -9' -cvf "${archive_arm64}" retsnoop
sha256sum "${archive_amd64}" > "${archive_amd64}.sha256sum"
sha256sum "${archive_arm64}" > "${archive_arm64}.sha256sum"
- name: Checkout retsnoop and submodules code
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
with:
submodules: recursive
path: 'retsnoop'
- name: Package source code including submodules
uses: qmonnet/git-archive-all-action@791fb850881cf58b1d1fcc9b06c01940080bba0a # v1.0.1
with:
output-files: >-
srcs-full-${{ github.ref_name }}.tar.gz
srcs-full-${{ github.ref_name }}.zip
base-repo: retsnoop
- name: Create draft release and add artifacts
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
with:
draft: true
files: |
retsnoop*
srcs-full-*