From b8f5bbc96ebad03704be43b1f66b7a9b002bb77f Mon Sep 17 00:00:00 2001 From: s3rj1k Date: Tue, 19 Mar 2024 23:27:50 +0100 Subject: [PATCH] WiP --- .../docker/debian/bullseye/amd64/Dockerfile | 67 ++++++++ .../docker/debian/bullseye/arm32v7/Dockerfile | 67 ++++++++ .github/workflows/build.yml | 147 ------------------ .github/workflows/cicd.yml | 49 ++++++ 4 files changed, 183 insertions(+), 147 deletions(-) create mode 100644 .github/docker/debian/bullseye/amd64/Dockerfile create mode 100644 .github/docker/debian/bullseye/arm32v7/Dockerfile delete mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/cicd.yml diff --git a/.github/docker/debian/bullseye/amd64/Dockerfile b/.github/docker/debian/bullseye/amd64/Dockerfile new file mode 100644 index 0000000..d011b44 --- /dev/null +++ b/.github/docker/debian/bullseye/amd64/Dockerfile @@ -0,0 +1,67 @@ +ARG BUILDER_IMAGE=debian:bullseye +ARG MAINTAINER="Andrey Volk " + +FROM ${BUILDER_IMAGE} AS builder + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR} +RUN git reset --hard HEAD && git clean -xfd + +RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ + chmod +x ~/.env + +RUN git config --global --add safe.directory '*' + +# Bootstrap and Build +RUN echo "export VERSION=$(dpkg-parsechangelog --show-field Version | cut -f1 -d'-')" | tee -a ~/.env +RUN . ~/.env && dch \ + --controlmaint \ + --distribution "${CODENAME}" \ + --force-bad-version \ + --force-distribution \ + --newversion "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + "Nightly build, ${GIT_SHA}" + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN debuild -b -us -uc && mkdir OUT && mv -v ../*.deb OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bullseye/arm32v7/Dockerfile b/.github/docker/debian/bullseye/arm32v7/Dockerfile new file mode 100644 index 0000000..2d96b53 --- /dev/null +++ b/.github/docker/debian/bullseye/arm32v7/Dockerfile @@ -0,0 +1,67 @@ +ARG BUILDER_IMAGE=arm32v7/debian:bullseye +ARG MAINTAINER="Andrey Volk " + +FROM ${BUILDER_IMAGE} AS builder + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR} +RUN git reset --hard HEAD && git clean -xfd + +RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ + chmod +x ~/.env + +RUN git config --global --add safe.directory '*' + +# Bootstrap and Build +RUN echo "export VERSION=$(dpkg-parsechangelog --show-field Version | cut -f1 -d'-')" | tee -a ~/.env +RUN . ~/.env && dch \ + --controlmaint \ + --distribution "${CODENAME}" \ + --force-bad-version \ + --force-distribution \ + --newversion "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + "Nightly build, ${GIT_SHA}" + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN debuild -b -us -uc && mkdir OUT && mv -v ../*.deb OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 02ccb47..0000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,147 +0,0 @@ -name: Build and Distribute - -on: - pull_request: - push: - branches: - - release - - master - paths: - - "**" - - "!debian/changelog" - workflow_dispatch: - -concurrency: - group: ${{ github.head_ref || github.ref }} - -jobs: - build_deb: - name: 'Build DEB' - uses: signalwire/actions-template/.github/workflows/ci-deb-packages-v2.yml@main - strategy: - fail-fast: false - matrix: - codename: - - bookworm - - bullseye - - buster - - stretch - platform: - - amd64 - - armhf - with: - PROJECT_NAME: libsilk - RUNNER: ubuntu-latest - BASE_IMAGE: signalwire/build-deb-action - DISTRO_CODENAME: ${{ matrix.codename }} - PLATFORM: ${{ matrix.platform }} - - generate_meta_deb: - if: (github.ref_type == 'branch' && github.base_ref == '') - name: 'Meta DEB' - needs: [ build_deb ] - strategy: - matrix: - os: - - deb - codename: - - bookworm - - bullseye - - buster - - stretch - platform: - - amd64 - - armhf - uses: signalwire/actions-template/.github/workflows/ci-libs-metadata-v2.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.codename }}-${{ matrix.platform }}-artifact - OS_PLATFORM: ${{ matrix.os }}-${{ matrix.codename }}-${{ matrix.platform }} - RUNNER: ubuntu-latest - FILE_PATH_PREFIX: /var/www/libsilk-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }} - - distribute_matrix_deb: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy to remote DEB' - needs: [ build_deb ] - strategy: - matrix: - os: - - deb - codename: - - bookworm - - bullseye - - buster - - stretch - platform: - - amd64 - - armhf - uses: signalwire/actions-template/.github/workflows/cd-scp.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.codename }}-${{ matrix.platform }}-artifact - TARGET_FOLDER: /var/www/libsilk-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }} - RUNNER: ubuntu-latest - FILES: '*.tar.gz' - CREATE_DESTINATION_FOLDERS: true - secrets: - # Explicit define secrets for better understanding but it could be just inherit - PROXY_URL: ${{ secrets.PROXY_URL }} - USERNAME: ${{ secrets.USERNAME }} - HOSTNAME: ${{ secrets.HOSTNAME }} - TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} - - distribute_meta_deb: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy meta to remote DEB' - needs: [ generate_meta_deb ] - strategy: - max-parallel: 1 - matrix: - os: - - deb - codename: - - bookworm - - bullseye - - buster - - stretch - platform: - - amd64 - - armhf - uses: signalwire/actions-template/.github/workflows/cd-libs-metadata.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.codename }}-${{ matrix.platform }}-meta - LIB_NAME: libsilk - SOURCE_BRANCH: ${{ github.ref_name }} - TARGET_OS: ${{ matrix.os }} - TARGET_PLATFORM: ${{ matrix.platform }} - RUNNER: ubuntu-latest - TARGET_REPO: signalwire/bamboo_gha_trigger - secrets: - GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} - concurrency: - group: libsilk-${{ matrix.os }}-${{ matrix.platform }} - cancel-in-progress: true - - distribute_hash_deb: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy hash to remote DEB' - needs: [ distribute_meta_deb ] - uses: signalwire/actions-template/.github/workflows/cd-scp.yml@main - strategy: - matrix: - os: - - deb - platform: - - amd64 - - armhf - with: - RUNNER: ubuntu-latest - CREATE_DESTINATION_FOLDERS: false - EXEC_COMMANDS: 'echo "${{ github.sha }}" > /var/www/libsilk-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }}/hash.txt' - secrets: - PROXY_URL: ${{ secrets.PROXY_URL }} - USERNAME: ${{ secrets.USERNAME }} - HOSTNAME: ${{ secrets.HOSTNAME }} - TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml new file mode 100644 index 0000000..4eaa1e1 --- /dev/null +++ b/.github/workflows/cicd.yml @@ -0,0 +1,49 @@ +name: Build and Distribute + +on: + pull_request: + push: + branches: + - release + - master + paths: + - "**" + workflow_dispatch: + +concurrency: + group: ${{ github.head_ref || github.ref }} + +jobs: + deb: + name: 'DEB' + permissions: + id-token: write + contents: read + uses: signalwire/actions-template/.github/workflows/cicd-docker-build-and-distribute.yml@s3rj1k + strategy: + # max-parallel: 1 + fail-fast: false + matrix: + os: + - debian + version: + - bullseye + platform: + - amd64 + - arm32v7 + with: + ARTIFACTS_PATTERN: '.*\.(deb)$' + DOCKERFILE: .github/docker/${{ matrix.os }}/${{ matrix.version }}/${{ matrix.platform }}/Dockerfile + MAINTAINER: 'Andrey Volk ' + META_FILE_PATH_PREFIX: /var/www/libsilk/${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }} + PLATFORM: ${{ matrix.platform }} + TARGET_ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform }}-artifact + UPLOAD_BUILD_ARTIFACTS: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} + META_REPO: signalwire/bamboo_gha_trigger + META_REPO_BRANCH: libsilk/${{ github.ref_name }}/${{ matrix.os }}/${{ matrix.platform }} + secrets: + HOSTNAME: ${{ secrets.HOSTNAME }} + PROXY_URL: ${{ secrets.PROXY_URL }} + USERNAME: ${{ secrets.USERNAME }} + TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} + GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }}