Cross build packages #5319
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Cross build packages | |
| concurrency: | |
| group: build-packages-${{ github.event_name }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| on: | |
| workflow_call: | |
| inputs: | |
| profile: | |
| required: true | |
| type: string | |
| publish: | |
| required: true | |
| type: string | |
| otp_vsn: | |
| required: true | |
| type: string | |
| elixir_vsn: | |
| required: true | |
| type: string | |
| builder_vsn: | |
| required: true | |
| type: string | |
| secrets: | |
| AWS_ACCESS_KEY_ID: | |
| required: true | |
| AWS_SECRET_ACCESS_KEY: | |
| required: true | |
| AWS_DEFAULT_REGION: | |
| required: true | |
| AWS_S3_BUCKET: | |
| required: true | |
| AWS_CLOUDFRONT_ID: | |
| required: true | |
| APPLE_ID_PASSWORD: | |
| required: true | |
| APPLE_DEVELOPER_IDENTITY: | |
| required: true | |
| APPLE_DEVELOPER_ID_BUNDLE: | |
| required: true | |
| APPLE_DEVELOPER_ID_BUNDLE_PASSWORD: | |
| required: true | |
| workflow_dispatch: | |
| inputs: | |
| ref: | |
| required: false | |
| profile: | |
| required: false | |
| publish: | |
| required: false | |
| type: boolean | |
| default: false | |
| otp_vsn: | |
| required: false | |
| type: string | |
| default: '26.2.1-2' | |
| elixir_vsn: | |
| required: false | |
| type: string | |
| default: '1.15.7' | |
| builder_vsn: | |
| required: false | |
| type: string | |
| default: '5.3-2' | |
| permissions: | |
| contents: read | |
| jobs: | |
| mac: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| profile: | |
| - ${{ inputs.profile }} | |
| otp: | |
| - ${{ inputs.otp_vsn }} | |
| os: | |
| - macos-12 | |
| - macos-12-arm64 | |
| - macos-13 | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| ref: ${{ github.event.inputs.ref }} | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/package-macos | |
| with: | |
| profile: ${{ matrix.profile }} | |
| otp: ${{ matrix.otp }} | |
| os: ${{ matrix.os }} | |
| apple_id_password: ${{ secrets.APPLE_ID_PASSWORD }} | |
| apple_developer_identity: ${{ secrets.APPLE_DEVELOPER_IDENTITY }} | |
| apple_developer_id_bundle: ${{ secrets.APPLE_DEVELOPER_ID_BUNDLE }} | |
| apple_developer_id_bundle_password: ${{ secrets.APPLE_DEVELOPER_ID_BUNDLE_PASSWORD }} | |
| - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 | |
| if: success() | |
| with: | |
| name: ${{ matrix.profile }}-${{ matrix.otp }}-${{ matrix.os }} | |
| path: _packages/${{ matrix.profile }}/ | |
| retention-days: 7 | |
| compression-level: 0 | |
| linux: | |
| runs-on: [self-hosted, ephemeral, linux, "${{ matrix.arch }}"] | |
| # always run in builder container because the host might have the wrong OTP version etc. | |
| # otherwise buildx.sh does not run docker if arch and os matches the target arch and os. | |
| container: | |
| image: "ghcr.io/emqx/emqx-builder/${{ matrix.builder }}:${{ matrix.elixir }}-${{ matrix.otp }}-${{ matrix.os }}" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| profile: | |
| - ${{ inputs.profile }} | |
| otp: | |
| - ${{ inputs.otp_vsn }} | |
| arch: | |
| - x64 | |
| - arm64 | |
| os: | |
| - ubuntu22.04 | |
| - ubuntu20.04 | |
| - ubuntu18.04 | |
| - debian12 | |
| - debian11 | |
| - debian10 | |
| - el9 | |
| - el8 | |
| - el7 | |
| - amzn2 | |
| - amzn2023 | |
| builder: | |
| - ${{ inputs.builder_vsn }} | |
| elixir: | |
| - ${{ inputs.elixir_vsn }} | |
| with_elixir: | |
| - 'no' | |
| include: | |
| - profile: emqx | |
| otp: ${{ inputs.otp_vsn }} | |
| arch: x64 | |
| os: ubuntu22.04 | |
| builder: ${{ inputs.builder_vsn }} | |
| elixir: ${{ inputs.elixir_vsn }} | |
| with_elixir: 'yes' | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| with: | |
| ref: ${{ github.event.inputs.ref }} | |
| fetch-depth: 0 | |
| - name: fix workdir | |
| run: | | |
| set -eu | |
| git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
| # Align path for CMake caches | |
| if [ ! "$PWD" = "/emqx" ]; then | |
| ln -s $PWD /emqx | |
| cd /emqx | |
| fi | |
| echo "pwd is $PWD" | |
| - name: build emqx packages | |
| env: | |
| PROFILE: ${{ matrix.profile }} | |
| IS_ELIXIR: ${{ matrix.with_elixir }} | |
| ACLOCAL_PATH: "/usr/share/aclocal:/usr/local/share/aclocal" | |
| run: | | |
| set -eu | |
| if [ "${IS_ELIXIR:-}" == 'yes' ]; then | |
| make "${PROFILE}-elixir-tgz" | |
| else | |
| make "${PROFILE}-tgz" | |
| make "${PROFILE}-pkg" | |
| fi | |
| - name: test emqx packages | |
| env: | |
| PROFILE: ${{ matrix.profile }} | |
| IS_ELIXIR: ${{ matrix.with_elixir }} | |
| run: | | |
| set -eu | |
| if [ "${IS_ELIXIR:-}" == 'yes' ]; then | |
| ./scripts/pkg-tests.sh "${PROFILE}-elixir-tgz" | |
| else | |
| ./scripts/pkg-tests.sh "${PROFILE}-tgz" | |
| ./scripts/pkg-tests.sh "${PROFILE}-pkg" | |
| fi | |
| - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
| with: | |
| name: ${{ matrix.profile }}-${{ matrix.otp }}-${{ matrix.arch }}-${{ matrix.os }}-${{ matrix.with_elixir == 'yes' && 'elixir' || 'erlang' }} | |
| path: _packages/${{ matrix.profile }}/ | |
| retention-days: 7 | |
| publish_artifacts: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - mac | |
| - linux | |
| if: inputs.publish == 'true' || inputs.publish | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| profile: | |
| - ${{ inputs.profile }} | |
| steps: | |
| - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 | |
| with: | |
| pattern: ${{ matrix.profile }}-* | |
| path: packages/${{ matrix.profile }} | |
| merge-multiple: true | |
| - name: install dos2unix | |
| run: sudo apt-get update -y && sudo apt install -y dos2unix | |
| - name: get packages | |
| run: | | |
| set -eu | |
| cd packages/${{ matrix.profile }} | |
| # fix the .sha256 file format | |
| for var in $(ls | grep emqx | grep -v sha256); do | |
| dos2unix $var.sha256 | |
| echo "$(cat $var.sha256) $var" | sha256sum -c || exit 1 | |
| done | |
| cd - | |
| - uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
| - name: upload to aws s3 | |
| env: | |
| PROFILE: ${{ matrix.profile }} | |
| run: | | |
| set -eu | |
| if [ $PROFILE = 'emqx' ]; then | |
| s3dir='emqx-ce' | |
| elif [ $PROFILE = 'emqx-enterprise' ]; then | |
| s3dir='emqx-ee' | |
| else | |
| echo "unknown profile $PROFILE" | |
| exit 1 | |
| fi | |
| aws s3 cp --recursive packages/$PROFILE s3://${{ secrets.AWS_S3_BUCKET }}/$s3dir/${{ github.ref_name }} | |
| aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_CLOUDFRONT_ID }} --paths "/$s3dir/${{ github.ref_name }}/*" |