diff options
Diffstat (limited to '.github')
-rw-r--r-- | .github/pull_request_template.md | 2 | ||||
-rw-r--r-- | .github/workflows/ci.yml | 19 | ||||
-rw-r--r-- | .github/workflows/publish.yml | 100 |
3 files changed, 116 insertions, 5 deletions
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 92ee467..1354622 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,4 +1,4 @@ Thank you! Please do your best to include [a regression test](https://github.com/NixOS/patchelf/blob/master/tests/build-id.sh) -so that the quality of future releases can be perserved. +so that the quality of future releases can be preserved. diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e162a66..db236d4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,11 +3,22 @@ on: pull_request: push: jobs: - tests: + nix: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - uses: cachix/install-nix-action@v12 - with: - skip_adding_nixpkgs_channel: true + - uses: cachix/install-nix-action@v13 - run: nix-build -A hydraJobs.release + ubuntu: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: get toolchain version + run: | + c++ --version + ld --version + autoconf --version + - run: | + ./bootstrap.sh + ./configure --with-asan --with-ubsan + make -j$(nproc) check diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..b6d6685 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,100 @@ +name: Publish +on: + pull_request: + push: + branches: + - '*' + tags: + - '*' + +jobs: + build_tarballs: + name: Build tarballs + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + - uses: cachix/install-nix-action@v13 + - name: Build tarballs + run: | + nix-build -A hydraJobs.tarball + install -D ./result/tarballs/*.tar.bz2 ./dist/patchelf-$(cat version).tar.bz2 + install -D ./result/tarballs/*.tar.gz ./dist/patchelf-$(cat version).tar.gz + - uses: actions/upload-artifact@v2 + with: + name: patchelf + path: dist/* + + build_binaries: + name: Build static musl binaries + needs: [build_tarballs] + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + platform: ["amd64", "i386", "ppc64le", "arm64v8", "arm32v7", "s390x"] + steps: + - name: Set up QEMU + if: matrix.platform != 'amd64' + uses: docker/setup-qemu-action@v1 + + - uses: actions/download-artifact@v2 + with: + name: patchelf + path: dist + - name: Build binaries + env: + CXXFLAGS: "-D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Werror=format-security -O2 -static" + run: | + cat <<EOF > build.sh + set -e + set -x + apk add build-base + tar -xf dist/*.tar.bz2 + rm -f dist/* + cd patchelf-* + ./configure --prefix /patchelf + make check + make install-strip + cd - + tar -czf ./dist/patchelf-\$(cat patchelf-*/version)-\$(uname -m).tar.gz -C /patchelf . + EOF + + if [ "${{ matrix.platform }}" == "i386" ]; then + ENTRYPOINT=linux32 + else + ENTRYPOINT= + fi + docker run -e CXXFLAGS -v $(pwd):/gha ${{ matrix.platform }}/alpine:3.15 ${ENTRYPOINT} sh -ec "cd /gha && sh ./build.sh" + - name: Check binaries + run: | + cat <<EOF > check.sh + set -e + set -x + tar -xf ./dist/patchelf-*-*.tar.gz + ./bin/patchelf --version + EOF + docker run -v $(pwd):/gha ${{ matrix.platform }}/debian:stable-slim sh -ec "cd /gha && sh ./check.sh" + - uses: actions/upload-artifact@v2 + with: + name: patchelf + path: dist/* + + publish: + name: Publish tarballs & binaries + needs: [build_tarballs, build_binaries] + if: github.event_name == 'push' && github.repository == 'NixOS/patchelf' && startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-latest + steps: + - uses: actions/download-artifact@v2 + with: + name: patchelf + path: dist + - name: Upload binaries to release + uses: svenstaro/upload-release-action@v2 + with: + repo_token: ${{ secrets.GITHUB_TOKEN }} + file: dist/* + tag: ${{ github.ref }} + overwrite: true + file_glob: true |