Build #99
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
# Runs every Tuesday at 9 am UTC | |
on: | |
schedule: | |
- cron: '0 9 * * 2' | |
workflow_dispatch: | |
env: | |
GO111MODULE: on | |
permissions: | |
# This is required for configure-aws-credentials to request an OIDC JWT ID token to access AWS resources later on. | |
# More info: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings | |
id-token: write | |
contents: read # This is required for actions/checkout | |
jobs: | |
macos-arm64-build: | |
runs-on: [self-hosted, macos, arm64, 11, release] | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
submodules: recursive | |
persist-credentials: false | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 1.20.x | |
- name: Install dependencies | |
# QEMU: required by Lima itself | |
# bash: required by test-example.sh (OS version of bash is too old) | |
# coreutils: required by test-example.sh for the "timeout" command | |
# autoconf: required for building vde | |
# automake: required for building vde | |
# FileMonitor: required to capture opened files by limactl and qemu- | |
run: | | |
brew update | |
brew install qemu bash coreutils | |
brew install autoconf automake | |
brew install cpanm | |
brew upgrade | |
sudo cpanm install JSON | |
curl -OL https://bitbucket.org/objective-see/deploy/downloads/FileMonitor_1.3.0.zip | |
rm -rf /Applications/FileMonitor.app | |
unzip FileMonitor_1.3.0.zip -d /Applications | |
shell: zsh {0} | |
- name: Make and release deps | |
run: | | |
(cd src/lima && git clean -f -d) | |
make -C src/lima PREFIX=/opt/homebrew all install | |
./bin/lima-and-qemu.pl | |
mv src/lima/lima-and-qemu.tar.gz src/lima/lima-and-qemu.macos-aarch64.tar.gz | |
shell: zsh {0} | |
- name: Upload MacOS build | |
uses: actions/upload-artifact@v3 | |
with: | |
name: lima-and-qemu.macos-arm64 | |
path: ./src/lima/lima-and-qemu.macos* | |
if-no-files-found: error | |
- name: Make and release source code of dependencies | |
run: make download-sources | |
- name: Upload MacOS build | |
uses: actions/upload-artifact@v3 | |
with: | |
name: DependenciesSourceCode.tar.gz | |
path: ./downloads/dependency-sources.tar.gz | |
if-no-files-found: error | |
macos-x86-build: | |
runs-on: [self-hosted, macos, amd64, 11, release] | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
submodules: recursive | |
persist-credentials: false | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 1.20.x | |
- name: Install dependencies | |
# QEMU: required by Lima itself | |
# bash: required by test-example.sh (OS version of bash is too old) | |
# coreutils: required by test-example.sh for the "timeout" command | |
# autoconf: required for building vde | |
# automake: required for building vde | |
# FileMonitor: required to capture opened files by limactl and qemu- | |
run: | | |
brew update | |
brew install qemu bash coreutils | |
brew install autoconf automake | |
brew install cpanm | |
brew upgrade | |
sudo cpanm install JSON | |
curl -OL https://bitbucket.org/objective-see/deploy/downloads/FileMonitor_1.3.0.zip | |
rm -rf /Applications/FileMonitor.app | |
unzip FileMonitor_1.3.0.zip -d /Applications | |
shell: zsh {0} | |
- name: Make and release deps | |
run: | | |
(cd src/lima && git clean -f -d) | |
make -C src/lima PREFIX=/usr/local all install | |
./bin/lima-and-qemu.pl | |
mv src/lima/lima-and-qemu.tar.gz src/lima/lima-and-qemu.macos-x86_64.tar.gz | |
shell: zsh {0} | |
- name: Upload MacOS build | |
uses: actions/upload-artifact@v3 | |
with: | |
name: lima-and-qemu.macos-x86 | |
path: ./src/lima/lima-and-qemu.macos* | |
if-no-files-found: error | |
macos-arm64-ventura-build: | |
runs-on: [self-hosted, macos, arm64, 13, release] | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
submodules: recursive | |
persist-credentials: false | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 1.20.x | |
- name: Create Ventura limactl tarball | |
working-directory: src/lima | |
run: | | |
make clean && make exe codesign | |
tar cfz limactl.ventura.arm64.tar.gz -C _output/bin limactl | |
- name: Upload Ventura build | |
uses: actions/upload-artifact@v3 | |
with: | |
name: limactl.ventura.arm64 | |
path: src/lima/limactl.ventura.arm64.tar.gz | |
if-no-files-found: error | |
macos-x86_64-ventura-build: | |
runs-on: [self-hosted, macos, amd64, 13, release] | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
submodules: recursive | |
persist-credentials: false | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 1.20.x | |
- name: Create Ventura limactl tarball | |
working-directory: src/lima | |
run: | | |
make clean && make exe codesign | |
tar cfz limactl.ventura.x86_64.tar.gz -C _output/bin limactl | |
- name: Upload Ventura build | |
uses: actions/upload-artifact@v3 | |
with: | |
name: limactl.ventura.x86_64 | |
path: src/lima/limactl.ventura.x86_64.tar.gz | |
if-no-files-found: error | |
release: | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
needs: | |
- macos-x86-build | |
- macos-arm64-build | |
- macos-x86_64-ventura-build | |
- macos-arm64-ventura-build | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
persist-credentials: false | |
- name: configure aws credentials | |
uses: aws-actions/configure-aws-credentials@v3 | |
with: | |
role-to-assume: ${{ secrets.ROLE }} | |
role-session-name: dependency-upload-session | |
aws-region: ${{ secrets.REGION }} | |
- name: Download MacOS ARM64 build | |
uses: actions/download-artifact@v3 | |
with: | |
name: lima-and-qemu.macos-arm64 | |
path: build | |
- name: Download MacOS x86_64 build | |
uses: actions/download-artifact@v3 | |
with: | |
name: lima-and-qemu.macos-x86 | |
path: build | |
- name: Download MacOS ARM64 Ventura build | |
uses: actions/download-artifact@v3 | |
with: | |
name: limactl.ventura.arm64 | |
path: build | |
- name: Download MacOS x86_64 Ventura build | |
uses: actions/download-artifact@v3 | |
with: | |
name: limactl.ventura.x86_64 | |
path: build | |
- name: Generate Timestamp | |
id: timestamp | |
run: echo "::set-output name=value::$(date +%s)" | |
- name: Add Ventura builds to tarballs | |
run: | | |
timestamp=${{ steps.timestamp.outputs.value }} | |
mkdir -p build/lima-and-qemu.macos-aarch64/bin | |
tar -xzf build/lima-and-qemu.macos-aarch64.tar.gz -C build/lima-and-qemu.macos-aarch64 | |
tar -xzf build/limactl.ventura.arm64.tar.gz -C build/lima-and-qemu.macos-aarch64/bin | |
tar -czf build/lima-and-qemu.macos-aarch64.${timestamp}.tar.gz -C build/lima-and-qemu.macos-aarch64 . | |
sha512sum build/lima-and-qemu.macos-aarch64.${timestamp}.tar.gz | cut -d " " -f 1 > build/lima-and-qemu.macos-aarch64.${timestamp}.tar.gz.sha512sum | |
mkdir -p build/lima-and-qemu.macos-x86_64/bin | |
tar -xzf build/lima-and-qemu.macos-x86_64.tar.gz -C build/lima-and-qemu.macos-x86_64 | |
tar -xzf build/limactl.ventura.x86_64.tar.gz -C build/lima-and-qemu.macos-x86_64/bin | |
tar -czf build/lima-and-qemu.macos-x86_64.${timestamp}.tar.gz -C build/lima-and-qemu.macos-x86_64 . | |
sha512sum build/lima-and-qemu.macos-x86_64.${timestamp}.tar.gz | cut -d " " -f 1 > build/lima-and-qemu.macos-x86_64.${timestamp}.tar.gz.sha512sum | |
- name: Download MacOS dependencies' sources | |
uses: actions/download-artifact@v3 | |
with: | |
name: DependenciesSourceCode.tar.gz | |
path: build | |
- name: "Upload to S3" | |
run: | | |
timestamp=${{ steps.timestamp.outputs.value }} | |
aws s3 cp ./build/ s3://${{ secrets.DEPENDENCY_BUCKET_NAME }}/aarch64/ --recursive --exclude "*" --include "lima-and-qemu.macos-aarch64.${timestamp}.tar.gz*" | |
aws s3 cp ./build/ s3://${{ secrets.DEPENDENCY_BUCKET_NAME }}/x86-64/ --recursive --exclude "*" --include "lima-and-qemu.macos-x86_64.${timestamp}.tar.gz*" | |
aws s3 cp ./build/ s3://${{ secrets.DEPENDENCY_BUCKET_NAME }} --recursive --exclude "*" --include "dependency-sources.tar.gz" |