release #10
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: workflow_dispatch | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.after }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
name: Build static retsnoop binary | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
include: | |
- arch: amd64 | |
file_str: x86-64 | |
target: x86_64-unknown-linux-gnu | |
- arch: arm64 | |
file_str: aarch64 | |
target: aarch64-unknown-linux-gnu | |
steps: | |
# amd64 needs the dependencies to build retsnoop | |
- name: (amd64) Install dependencies | |
if: matrix.arch == 'amd64' | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y cargo llvm libelf-dev | |
- name: Checkout retsnoop code | |
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 | |
with: | |
submodules: recursive | |
path: 'retsnoop' | |
- name: (amd64) Build static retsnoop natively | |
if: matrix.arch == 'amd64' | |
working-directory: 'retsnoop' | |
run: | | |
CFLAGS=--static \ | |
make -j -C src V=1 | |
strip src/retsnoop | |
- name: (arm64) Pre-compile Rust sidecar binary, addr2line | |
if: matrix.arch == 'arm64' | |
working-directory: 'retsnoop/sidecar' | |
run: | | |
# It's too expensive to compile addr2line inside of the Docker | |
# container, below: Cargo's registry index update gets OOM-killed, | |
# and even if we worked around that, the build would take about three | |
# times as long as doing it on the host. | |
# | |
# We need the right toolchain and linker, then we can compile. | |
sudo apt-get update | |
sudo apt-get install -y gcc-aarch64-linux-gnu | |
rustup target add ${{ matrix.target }} | |
CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | |
cargo build --release --target ${{ matrix.target }} \ | |
--config target.${{ matrix.target }}.linker=\"aarch64-linux-gnu-gcc\" | |
# Makefile expects the binary in retsnoop/sidecar/target/release/ | |
mv target/${{ matrix.target }}/release/addr2line target/release/ | |
- name: (arm64) Set up QEMU | |
uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0 | |
if: matrix.arch == 'arm64' | |
with: | |
platforms: ${{ matrix.arch }} | |
# The emulated build leverages Docker and Ubuntu 22.04 container image | |
# distribution to have all the needed arm64 packages. | |
- name: (arm64) Build static retsnoop for arm64 with emulation | |
if: matrix.arch == 'arm64' | |
run: | | |
docker run --platform linux/arm64 --rm -v $(pwd):/build ubuntu:22.04 \ | |
bash -c "apt-get update && \ | |
apt-get install -y clang llvm make pkg-config gcc \ | |
libelf-dev zlib1g-dev && \ | |
cd /build/retsnoop && \ | |
CARGO=true \ | |
CFLAGS=--static \ | |
make -j -C src V=1 && \ | |
strip src/retsnoop" | |
- name: Test retsnoop binary | |
working-directory: 'retsnoop/src' | |
run: | | |
file ./retsnoop | \ | |
tee /dev/stderr | \ | |
grep -q "${{ matrix.file_str }}" | |
./retsnoop --usage | grep -q Usage | |
ldd ./retsnoop 2>&1 | \ | |
tee /dev/stderr | \ | |
grep -q 'not a dynamic executable' | |
- name: Upload Artifact | |
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: ${{ format('retsnoop_{0}', matrix.arch) }} | |
path: retsnoop/src/retsnoop | |
draft-release: | |
name: Create a draft release | |
runs-on: ubuntu-22.04 | |
needs: build | |
permissions: | |
contents: write | |
steps: | |
- name: Download artifacts from build | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
- name: Rename binaries and compress | |
run: | | |
archive_amd64="retsnoop-${{ github.ref_name }}-amd64.tar.gz" | |
archive_arm64="retsnoop-${{ github.ref_name }}-arm64.tar.gz" | |
tar -C retsnoop_amd64 -I 'gzip -9' -cvf "${archive_amd64}" retsnoop | |
tar -C retsnoop_arm64 -I 'gzip -9' -cvf "${archive_arm64}" retsnoop | |
sha256sum "${archive_amd64}" > "${archive_amd64}.sha256sum" | |
sha256sum "${archive_arm64}" > "${archive_arm64}.sha256sum" | |
- name: Checkout retsnoop and submodules code | |
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 | |
with: | |
submodules: recursive | |
path: 'retsnoop' | |
- name: Package source code including submodules | |
uses: qmonnet/git-archive-all-action@791fb850881cf58b1d1fcc9b06c01940080bba0a # v1.0.1 | |
with: | |
output-files: >- | |
srcs-full-${{ github.ref_name }}.tar.gz | |
srcs-full-${{ github.ref_name }}.zip | |
base-repo: retsnoop | |
- name: Create draft release and add artifacts | |
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15 | |
with: | |
draft: true | |
files: | | |
retsnoop* | |
srcs-full-* |