More optblocker usage #583
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: .NET Package | |
on: | |
push: | |
branches: | |
- stable | |
- next | |
permissions: | |
id-token: write | |
attestations: write | |
contents: read | |
jobs: | |
build-windows-msvc: | |
runs-on: windows-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: buildbase.bat | |
run: buildbase.bat ..\vs2022\libsodium.sln 17 | |
working-directory: builds/msvc/build/ | |
shell: cmd | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-win-x64 | |
path: bin/x64/Release/v143/dynamic/libsodium.dll | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-win-x86 | |
path: bin/Win32/Release/v143/dynamic/libsodium.dll | |
build-others: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install Zig | |
uses: goto-bus-stop/setup-zig@2a9625d550eefc3a9b1a43d342ad655f563f8241 | |
with: | |
version: 0.12.0 | |
- uses: actions/checkout@v4 | |
- name: build-win-arm64 | |
run: | | |
rm -fr zig-out zig-cache; zig build -Doptimize=ReleaseFast -Dtarget=aarch64-windows | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-win-arm64 | |
path: zig-out/lib/libsodium.dll | |
- name: build-linux-x64 | |
run: | | |
rm -fr zig-out zig-cache; zig build -Doptimize=ReleaseFast -Dtarget=x86_64-linux-gnu.2.17 | |
- name: tests | |
run: cd zig-out/bin && ./run.sh | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-linux-x64 | |
path: zig-out/lib/libsodium.so | |
- name: Set up arm and aarch64 emulation environment | |
run: | | |
export DEBIAN_FRONTEND=noninteractive | |
sudo apt-get update | |
sudo apt-get install -y build-essential qemu binfmt-support qemu-user-static qemu-system-arm gcc-arm-linux-gnueabihf libc6-armhf-cross gcc-aarch64-linux-gnu libc6-arm64-cross | |
sudo dpkg --add-architecture armhf | |
sudo update-binfmts --enable qemu-arm | |
sudo update-binfmts --display | |
sudo ln -s /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.* /lib | |
sudo dpkg --add-architecture arm64 | |
sudo update-binfmts --enable qemu-aarch64 | |
sudo update-binfmts --display | |
sudo ln -s /usr/aarch64-linux-gnu/lib/ld-linux-aarch64.so.* /lib | |
- name: build-linux-arm | |
run: | | |
rm -fr zig-out zig-cache; zig build -Doptimize=ReleaseFast -Dtarget=arm-linux-gnueabihf.2.23 | |
- name: tests | |
run: | | |
cd zig-out/bin && env LD_LIBRARY_PATH=/usr/arm-linux-gnueabihf/lib ./run.sh | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-linux-arm | |
path: zig-out/lib/libsodium.so | |
- name: build-linux-arm64 | |
run: | | |
rm -fr zig-out zig-cache; zig build -Doptimize=ReleaseFast -Dtarget=aarch64-linux-gnu.2.23 | |
- name: tests | |
run: | | |
cd zig-out/bin && env LD_LIBRARY_PATH=/usr/aarch64-linux-gnu/lib ./run.sh | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-linux-arm64 | |
path: zig-out/lib/libsodium.so | |
- name: build-linux-musl-x64 | |
run: | | |
rm -fr zig-out zig-cache; zig build -Doptimize=ReleaseFast -Dtarget=x86_64-linux-musl | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-linux-musl-x64 | |
path: zig-out/lib/libsodium.so | |
- name: build-linux-musl-arm | |
run: | | |
rm -fr zig-out zig-cache; zig build -Doptimize=ReleaseFast -Dtarget=arm-linux-musleabihf | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-linux-musl-arm | |
path: zig-out/lib/libsodium.so | |
- name: build-linux-musl-arm64 | |
run: | | |
rm -fr zig-out zig-cache; zig build -Doptimize=ReleaseFast -Dtarget=aarch64-linux-musl | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-linux-musl-arm64 | |
path: zig-out/lib/libsodium.so | |
build-apple: | |
runs-on: macos-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: configure | |
run: ./configure | |
- name: build-xcframework | |
run: env LIBSODIUM_FULL_BUILD=1 LIBSODIUM_SKIP_SIMULATORS=1 dist-build/apple-xcframework.sh | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-macos | |
path: libsodium-apple/macos/lib/libsodium.dylib | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-ios | |
path: libsodium-apple/ios/lib/libsodium.a | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-tvos | |
path: libsodium-apple/tvos/lib/libsodium.a | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-maccatalyst | |
path: libsodium-apple/catalyst/lib/libsodium.a | |
pack: | |
runs-on: ubuntu-latest | |
needs: | |
- build-windows-msvc | |
- build-apple | |
- build-others | |
container: | |
image: mcr.microsoft.com/dotnet/sdk:6.0 | |
env: | |
DOTNET_CLI_TELEMETRY_OPTOUT: 1 | |
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1 | |
DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-win-x64 | |
path: .libsodium-pack/runtimes/win-x64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-win-x86 | |
path: .libsodium-pack/runtimes/win-x86/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-win-arm64 | |
path: .libsodium-pack/runtimes/win-arm64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-linux-x64 | |
path: .libsodium-pack/runtimes/linux-x64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-linux-arm64 | |
path: .libsodium-pack/runtimes/linux-arm64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-linux-arm | |
path: .libsodium-pack/runtimes/linux-arm/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-linux-musl-x64 | |
path: .libsodium-pack/runtimes/linux-musl-x64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-linux-musl-arm | |
path: .libsodium-pack/runtimes/linux-musl-arm/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-linux-musl-arm64 | |
path: .libsodium-pack/runtimes/linux-musl-arm64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-macos | |
path: .libsodium-pack/runtimes/osx-x64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-macos | |
path: .libsodium-pack/runtimes/osx-arm64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-ios | |
path: .libsodium-pack/runtimes/ios-arm64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-tvos | |
path: .libsodium-pack/runtimes/tvos-arm64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-maccatalyst | |
path: .libsodium-pack/runtimes/maccatalyst-x64/native/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build-maccatalyst | |
path: .libsodium-pack/runtimes/maccatalyst-arm64/native/ | |
- name: Copy files | |
run: cp AUTHORS ChangeLog LICENSE packaging/dotnet-core/libsodium.pkgproj .libsodium-pack/ | |
- name: Create NuGet package | |
run: dotnet pack -c Release .libsodium-pack/libsodium.pkgproj | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: nuget-package | |
path: .libsodium-pack/bin/Release/*.nupkg | |
- name: Attest Build Provenance | |
uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 | |
with: | |
subject-path: .libsodium-pack/bin/Release/*.nupkg | |
build-test-binaries: | |
runs-on: ubuntu-latest | |
needs: | |
- pack | |
container: | |
image: mcr.microsoft.com/dotnet/sdk:6.0 | |
env: | |
DOTNET_CLI_TELEMETRY_OPTOUT: 1 | |
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1 | |
DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: nuget-package | |
path: .libsodium-pack/ | |
- name: dotnet new | |
run: dotnet new console -n Tests -o .libsodium-test/ | |
- name: dotnet add package libsodium | |
run: dotnet add .libsodium-test/Tests.csproj package libsodium -s $PWD/.libsodium-pack | |
- name: Copy files | |
run: cp -f packaging/dotnet-core/test.cs .libsodium-test/Program.cs | |
- name: dotnet publish linux-x64 | |
run: dotnet publish -c Release -r linux-x64 --self-contained true -p:PublishTrimmed=true | |
working-directory: .libsodium-test/ | |
- name: dotnet publish linux-arm | |
run: dotnet publish -c Release -r linux-arm --self-contained true -p:PublishTrimmed=true | |
working-directory: .libsodium-test/ | |
- name: dotnet publish linux-arm64 | |
run: dotnet publish -c Release -r linux-arm64 --self-contained true -p:PublishTrimmed=true | |
working-directory: .libsodium-test/ | |
- name: Move Build Output | |
run: | | |
mkdir .libsodium-builds | |
mv .libsodium-test/bin/Release/net6.0/linux-arm/publish .libsodium-builds/linux-arm | |
mv .libsodium-test/bin/Release/net6.0/linux-arm64/publish .libsodium-builds/linux-arm64 | |
mv .libsodium-test/bin/Release/net6.0/linux-x64/publish .libsodium-builds/linux-x64 | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: test-builds | |
path: .libsodium-builds/* | |
include-hidden-files: true | |
run-test-binaries-os-versions: | |
runs-on: ubuntu-latest | |
needs: | |
- build-test-binaries | |
strategy: | |
matrix: | |
arch: [ 'centos:8', 'debian:10' ] | |
container: | |
image: ${{ matrix.arch }} | |
env: | |
DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1 | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
name: test-builds | |
path: .libsodium-builds/ | |
- name: Run x64 tests | |
run: | | |
chmod +x .libsodium-builds/linux-x64/Tests | |
.libsodium-builds/linux-x64/Tests | |
run-test-binaries-cross-plat: | |
runs-on: ubuntu-22.04 | |
needs: | |
- build-test-binaries | |
env: | |
DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: 1 | |
strategy: | |
matrix: | |
include: | |
- arch: x64 | |
libs: /usr/lib | |
- arch: arm | |
libs: /usr/arm-linux-gnueabihf/lib | |
- arch: arm64 | |
libs: /usr/aarch64-linux-gnu/lib | |
arch: [x64, arm, arm64] | |
steps: | |
- name: Set up build environment | |
run: | | |
export DEBIAN_FRONTEND=noninteractive | |
# On virtualization systems such as the one used by WSL2, the ARM crypto extensions | |
# don't work as expected. As a result, installing on Ubuntu fails during integrity | |
# checks. As a workaround, the following command disables hardware acceleration for | |
# gcrypt, which the apt-get command relies on. | |
sudo mkdir -p /etc/gcrypt && echo all | sudo tee /etc/gcrypt/hwf.deny | |
sudo apt-get update && sudo apt-get install -y qemu binfmt-support qemu-user-static qemu-system-arm gcc-arm-linux-gnueabihf gcc-aarch64-linux-gnu libc6-armhf-cross libc6-arm64-cross | |
sudo dpkg --add-architecture armhf | |
sudo dpkg --add-architecture arm64 | |
sudo update-binfmts --enable qemu-aarch64 | |
sudo update-binfmts --enable qemu-arm | |
sudo update-binfmts --display | |
sudo ln -s /usr/aarch64-linux-gnu/lib/ld-linux-aarch64.so.* /lib | |
sudo ln -s /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.* /lib | |
- uses: actions/download-artifact@v4 | |
with: | |
name: test-builds | |
path: .libsodium-builds/ | |
- name: Run ${{ matrix.arch }} | |
run: | | |
chmod +x .libsodium-builds/linux-${{ matrix.arch }}/Tests | |
env LD_LIBRARY_PATH=${{ matrix.libs }} .libsodium-builds/linux-${{ matrix.arch }}/Tests |