build cloudshell image #34
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: precompile | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: write | |
| jobs: | |
| linux-x86_64: | |
| # runs-on: ubuntu-latest | |
| runs-on: self-hosted-x86_64-linux-gnu | |
| env: | |
| HOST_TRIPLET: x86_64-linux-gnu | |
| DOCKER_PLATFORM: linux/amd64 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: | |
| - purecap | |
| - hybrid | |
| name: CheriBSDImage+QEMU+MorelloSDK@${{ matrix.arch }} / x86_64-linux-gnu | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Compile in Docker | |
| run: | | |
| GITHUB_REF="${{ github.ref_name }}" | |
| GIT_COMMIT="${GITHUB_REF##*-}" | |
| cp .github/scripts/*.sh ./ | |
| export DOCKER_PLATFORM="${{ env.DOCKER_PLATFORM }}" | |
| bash ./stage1.sh "${GIT_COMMIT}" "${{ matrix.arch }}" "image+sdk" "${{ env.HOST_TRIPLET }}" | |
| cp ./id_rsa cheribsd-morello-${{ matrix.arch }}-id_rsa | |
| cp ./id_rsa.pub cheribsd-morello-${{ matrix.arch }}-id_rsa.pub | |
| - name: Upload CheriBSD system image artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| files: | | |
| build/cheribsd-morello-${{ matrix.arch }}.img.xz | |
| build/cheribsd-morello-${{ matrix.arch }}.img.xz.sha256 | |
| build/cheribsd-minimal-morello-${{ matrix.arch }}.img.xz | |
| build/cheribsd-minimal-morello-${{ matrix.arch }}.img.xz.sha256 | |
| ./cheribsd-morello-${{ matrix.arch }}-id_rsa | |
| ./cheribsd-morello-${{ matrix.arch }}-id_rsa.pub | |
| - name: Upload QEMU artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') && matrix.arch == 'purecap' | |
| with: | |
| files: | | |
| build/qemu-${{ env.HOST_TRIPLET }}.tar.xz | |
| build/qemu-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| - name: Upload Morello SDK artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| files: | | |
| build/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz | |
| build/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| - name: Deploy | |
| if: startsWith(github.ref, 'refs/tags/') && github.repository == 'cocoa-xu/cheribuild' | |
| env: | |
| DEPLOY_CHERIBSD_HOOK_URL: ${{ secrets.DEPLOY_CHERIBSD_HOOK_URL }} | |
| run: | | |
| curl -sS --max-time 1200 --no-progress-meter "${DEPLOY_CHERIBSD_HOOK_URL}arch=${{ matrix.arch }}&version=${{ github.ref_name }}&platform=${{ env.HOST_TRIPLET }}" | |
| linux-aarch64: | |
| runs-on: ubicloud-standard-4-arm | |
| env: | |
| HOST_TRIPLET: aarch64-linux-gnu | |
| DOCKER_PLATFORM: linux/arm64 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: | |
| - purecap | |
| - hybrid | |
| name: QEMU+MorelloSDK@${{ matrix.arch }} / aarch64-linux-gnu | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install binfmt | |
| run: | | |
| sudo apt update | |
| sudo apt install -y binfmt-support qemu-user-static | |
| - name: Compile in Docker | |
| run: | | |
| GITHUB_REF="${{ github.ref_name }}" | |
| GIT_COMMIT="${GITHUB_REF##*-}" | |
| cp .github/scripts/*.sh ./ | |
| export DOCKER_PLATFORM="${{ env.DOCKER_PLATFORM }}" | |
| bash ./stage1.sh "${GIT_COMMIT}" "${{ matrix.arch }}" "sdk" "${{ env.HOST_TRIPLET }}" | |
| - name: Upload QEMU artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') && matrix.arch == 'purecap' | |
| with: | |
| files: | | |
| build/qemu-${{ env.HOST_TRIPLET }}.tar.xz | |
| build/qemu-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| - name: Upload Morello SDK artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| files: | | |
| build/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz | |
| build/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| - name: Deploy | |
| if: startsWith(github.ref, 'refs/tags/') && github.repository == 'cocoa-xu/cheribuild' | |
| env: | |
| DEPLOY_CHERIBSD_HOOK_URL: ${{ secrets.DEPLOY_CHERIBSD_HOOK_URL }} | |
| run: | | |
| curl -sS --max-time 1200 --no-progress-meter "${DEPLOY_CHERIBSD_HOOK_URL}arch=${{ matrix.arch }}&version=${{ github.ref_name }}&platform=${{ env.HOST_TRIPLET }}" | |
| macos-x86_64: | |
| # runs-on: macos-12 | |
| runs-on: self-hosted-x86_64-apple-darwin | |
| env: | |
| HOST_TRIPLET: x86_64-apple-darwin | |
| XZ_OPT: "-e -T0 -9" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: | |
| - purecap | |
| - hybrid | |
| name: QEMU+MorelloSDK@${{ matrix.arch }} / x86_64-apple-darwin | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: | | |
| brew install cmake ninja libarchive git glib gnu-sed automake autoconf coreutils llvm make wget pixman pkg-config xz texinfo mercurial libtool samba socat dtc | |
| if [ -f "/usr/local/bin/python3" ]; then | |
| /usr/local/bin/python3 -m pip install -U --break-system-packages setuptools | |
| fi | |
| FIRST_PYTHON3="$(which python3)" | |
| ${FIRST_PYTHON3} -m pip install -U --break-system-packages setuptools | |
| - name: Compile QEMU and Morello SDK | |
| run: | | |
| ROOT_DIR="$(pwd)" | |
| BUILD_DIR="${ROOT_DIR}/build" | |
| mkdir -p "${BUILD_DIR}" | |
| GITHUB_REF="${{ github.ref_name }}" | |
| GIT_COMMIT="${GITHUB_REF##*-}" | |
| rm -rf cheribuild | |
| git clone https://github.com/CTSRD-CHERI/cheribuild.git | |
| cd cheribuild | |
| git checkout "$GIT_COMMIT" | |
| if [ "${{ matrix.arch }}" = "hybrid" ]; then | |
| python3 ./cheribuild.py --enable-hybrid-targets --shallow-clone --make-jobs "$(sysctl -n hw.ncpu)" "cheribsd-sdk-morello-${{ matrix.arch }}" -f | |
| else | |
| python3 ./cheribuild.py --shallow-clone --make-jobs "$(sysctl -n hw.ncpu)" "cheribsd-sdk-morello-${{ matrix.arch }}" -f | |
| fi | |
| if [ "${{ matrix.arch }}" = "purecap" ]; then | |
| tar -C "${HOME}/cheri/output" -cJf "$(pwd)/qemu-${{ env.HOST_TRIPLET }}.tar.xz" sdk | |
| mv "$(pwd)/qemu-${{ env.HOST_TRIPLET }}.tar.xz" "${BUILD_DIR}" | |
| fi | |
| tar -C "${HOME}/cheri/output" -cJf "$(pwd)/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz" morello-sdk | |
| mv "$(pwd)/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz" "${BUILD_DIR}" | |
| cd "${BUILD_DIR}" | |
| if [ "${{ matrix.arch }}" = "purecap" ]; then | |
| sha256sum qemu-${{ env.HOST_TRIPLET }}.tar.xz | tee qemu-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| fi | |
| sha256sum morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz | tee morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| ls -lah "${BUILD_DIR}" | |
| rm -rf "${HOME}/cheri/" | |
| - name: Upload QEMU artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') && matrix.arch == 'purecap' | |
| with: | |
| files: | | |
| build/qemu-${{ env.HOST_TRIPLET }}.tar.xz | |
| build/qemu-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| - name: Upload Morello SDK artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| files: | | |
| build/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz | |
| build/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| - name: Deploy | |
| if: startsWith(github.ref, 'refs/tags/') && github.repository == 'cocoa-xu/cheribuild' | |
| env: | |
| DEPLOY_CHERIBSD_HOOK_URL: ${{ secrets.DEPLOY_CHERIBSD_HOOK_URL }} | |
| run: | | |
| curl -sS --max-time 1200 --no-progress-meter "${DEPLOY_CHERIBSD_HOOK_URL}arch=${{ matrix.arch }}&version=${{ github.ref_name }}&platform=${{ env.HOST_TRIPLET }}" | |
| macos-aarch64: | |
| runs-on: macos-14 | |
| # runs-on: self-hosted-aarch64-apple-darwin | |
| env: | |
| HOST_TRIPLET: aarch64-apple-darwin | |
| XZ_OPT: "-e -T0 -9" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: | |
| - purecap | |
| - hybrid | |
| name: QEMU+MorelloSDK@${{ matrix.arch }} / aarch64-apple-darwin | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: | | |
| export PATH="/opt/homebrew/bin:$PATH" | |
| brew install cmake ninja libarchive git glib gnu-sed automake autoconf coreutils llvm make wget pixman pkg-config xz texinfo mercurial libtool samba socat dtc | |
| if [ -f "/usr/local/bin/python3" ]; then | |
| /usr/local/bin/python3 -m pip install -U --break-system-packages setuptools | |
| fi | |
| FIRST_PYTHON3="$(which python3)" | |
| ${FIRST_PYTHON3} -m pip install -U --break-system-packages setuptools | |
| - name: Compile QEMU and Morello SDK | |
| run: | | |
| export PATH="/opt/homebrew/bin:$PATH" | |
| ROOT_DIR="$(pwd)" | |
| BUILD_DIR="${ROOT_DIR}/build" | |
| rm -rf "${BUILD_DIR}" | |
| mkdir -p "${BUILD_DIR}" | |
| GITHUB_REF="${{ github.ref_name }}" | |
| GIT_COMMIT="${GITHUB_REF##*-}" | |
| rm -rf cheribuild | |
| git clone https://github.com/CTSRD-CHERI/cheribuild.git | |
| cd cheribuild | |
| git checkout "$GIT_COMMIT" | |
| if [ "${{ matrix.arch }}" = "hybrid" ]; then | |
| python3 ./cheribuild.py --enable-hybrid-targets --shallow-clone --make-jobs "$(sysctl -n hw.ncpu)" "cheribsd-sdk-morello-${{ matrix.arch }}" -f | |
| else | |
| python3 ./cheribuild.py --shallow-clone --make-jobs "$(sysctl -n hw.ncpu)" "cheribsd-sdk-morello-${{ matrix.arch }}" -f | |
| fi | |
| if [ "${{ matrix.arch }}" = "purecap" ]; then | |
| tar -C "${HOME}/cheri/output" -cJf "$(pwd)/qemu-${{ env.HOST_TRIPLET }}.tar.xz" sdk | |
| mv "$(pwd)/qemu-${{ env.HOST_TRIPLET }}.tar.xz" "${BUILD_DIR}" | |
| fi | |
| tar -C "${HOME}/cheri/output" -cJf "$(pwd)/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz" morello-sdk | |
| mv "$(pwd)/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz" "${BUILD_DIR}" | |
| cd "${BUILD_DIR}" | |
| if [ "${{ matrix.arch }}" = "purecap" ]; then | |
| sha256sum qemu-${{ env.HOST_TRIPLET }}.tar.xz | tee qemu-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| fi | |
| sha256sum morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz | tee morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| ls -lah "${BUILD_DIR}" | |
| rm -rf "${HOME}/cheri/" | |
| - name: Upload QEMU artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') && matrix.arch == 'purecap' | |
| with: | |
| files: | | |
| build/qemu-${{ env.HOST_TRIPLET }}.tar.xz | |
| build/qemu-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| - name: Upload Morello SDK artifacts | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| files: | | |
| build/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz | |
| build/morello-sdk-${{ matrix.arch }}-${{ env.HOST_TRIPLET }}.tar.xz.sha256 | |
| - name: Deploy | |
| if: startsWith(github.ref, 'refs/tags/') && github.repository == 'cocoa-xu/cheribuild' | |
| env: | |
| DEPLOY_CHERIBSD_HOOK_URL: ${{ secrets.DEPLOY_CHERIBSD_HOOK_URL }} | |
| run: | | |
| curl -sS --max-time 1200 --no-progress-meter "${DEPLOY_CHERIBSD_HOOK_URL}arch=${{ matrix.arch }}&version=${{ github.ref_name }}&platform=${{ env.HOST_TRIPLET }}" | |
| docker-image: | |
| runs-on: ubuntu-latest | |
| env: | |
| PLATFORMS: "linux/amd64,linux/arm64" | |
| name: Create and Push Docker Images | |
| needs: linux-x86_64 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [purecap, hybrid] | |
| disk_image: [normal, minimal] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push Normal CheriBSD Image | |
| if: ${{ matrix.disk_image }} == 'normal' | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: .github/docker | |
| file: .github/docker/Dockerfile | |
| platforms: ${{ env.PLATFORMS }} | |
| push: true | |
| tags: cocoaxu/cheribsd-${{ matrix.arch }}:latest,cocoaxu/cheribsd-${{ matrix.arch }}:${{ github.ref_name }} | |
| build-args: | | |
| architecture=${{ matrix.arch }} | |
| version=${{ github.ref_name }} | |
| disk_image=${{ matrix.disk_image }} | |
| - name: Build and push Minimal CheriBSD Image | |
| if: ${{ matrix.disk_image }} == 'minimal' | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: .github/docker | |
| file: .github/docker/Dockerfile | |
| platforms: ${{ env.PLATFORMS }} | |
| push: true | |
| tags: cocoaxu/cheribsd-${{ matrix.disk_image }}-${{ matrix.arch }}:latest,cocoaxu/cheribsd-${{ matrix.disk_image }}-${{ matrix.arch }}:${{ github.ref_name }} | |
| build-args: | | |
| architecture=${{ matrix.arch }} | |
| version=${{ github.ref_name }} | |
| disk_image=${{ matrix.disk_image }} | |
| build-cloudshell: | |
| runs-on: macos-14 | |
| # needs linux-x86_64 to build the base image | |
| # and macos-aarch64 for the qemu binary | |
| needs: [linux-x86_64, macos-aarch64] | |
| env: | |
| HOST_TRIPLET: aarch64-apple-darwin | |
| XZ_OPT: "-e -T0 -9" | |
| NODE_ENV: production | |
| name: cloudshell-cheribuild-purecap | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: | | |
| brew install cmake ninja libarchive git glib gnu-sed automake autoconf coreutils llvm make wget pixman pkg-config xz texinfo mercurial libtool samba socat dtc | |
| if [ -f "/usr/local/bin/python3" ]; then | |
| /usr/local/bin/python3 -m pip install -U --break-system-packages setuptools | |
| fi | |
| FIRST_PYTHON3="$(which python3)" | |
| ${FIRST_PYTHON3} -m pip install -U --break-system-packages setuptools | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Generate CloudShell image for cheri.run | |
| id: cloudshell | |
| run: | | |
| ROOT_DIR="$(pwd)" | |
| BUILD_DIR="${ROOT_DIR}/build" | |
| mkdir -p "${BUILD_DIR}" | |
| git clone --depth=1 https://github.com/shinohara-rin/cloudshell.git | |
| cd cloudshell/backend | |
| npm i | |
| node image-manager.js | |
| IMAGE_FULLNAME="$(find . -name 'cheribsd*.img')" | |
| IMAGE_NAME=${IMAGE_FULLNAME##./} | |
| IMAGE_NAME=${IMAGE_NAME%%.img} | |
| IMAGE_TAG=${IMAGE_NAME##cheribsd-morello-purecap-} | |
| CLOUDSHELL_IMAGE_NAME="cloudshell" | |
| CLOUDSHELL_IMAGE_FULLNAME="${CLOUDSHELL_IMAGE_NAME}.img" | |
| mv "${IMAGE_FULLNAME}" "${CLOUDSHELL_IMAGE_FULLNAME}" | |
| tar -cJf "${CLOUDSHELL_IMAGE_NAME}.img.xz" "${CLOUDSHELL_IMAGE_FULLNAME}" | |
| sha256sum "${CLOUDSHELL_IMAGE_NAME}.img.xz" | tee "${CLOUDSHELL_IMAGE_NAME}.img.xz.sha256" | |
| mv "${CLOUDSHELL_IMAGE_NAME}.img.xz" "${BUILD_DIR}" | |
| mv "${CLOUDSHELL_IMAGE_NAME}.img.xz.sha256" "${BUILD_DIR}" | |
| ls -lah "${BUILD_DIR}" | |
| echo "tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT | |
| - name: Upload CloudShell image | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| tag_name: ${{ steps.cloudshell.outputs.tag }} | |
| name: ${{ steps.cloudshell.outputs.tag }} | |
| files: | | |
| build/cloudshell.img.xz | |
| build/cloudshell.img.xz.sha256 |