Attempt to fix build pipeline #36

Workflow file for this run

	name: Build
	on:
	workflow_dispatch:
	push:
	branches:
	- master
	tags:
	- v*

	jobs:
	package-sources:
	outputs:
	hashes: ${{ steps.hash.outputs.hashes }}
	runs-on: ubuntu-latest
	env:
	ARTIFACT_ZIP: src.zip
	ARTIFACT_TAR: src.tar.gz
	steps:
	- uses: actions/checkout@v4
	- name: Package sources
	run: \|
	git archive -o $ARTIFACT_ZIP HEAD
	git archive -o $ARTIFACT_TAR HEAD

	- name: Generate hashes
	id: hash
	run: \|
	# sha256sum generates sha256 hash for all artifacts.
	# base64 -w0 encodes to base64 and outputs on a single line.
	# sha256sum artifact1 artifact2 ... \| base64 -w0
	echo "hashes=$(sha256sum $ARTIFACT_ZIP $ARTIFACT_TAR \| base64 -w0)" >> "$GITHUB_OUTPUT"

	- name: Upload artifacts
	uses: actions/upload-artifact@v4
	with:
	path: \|
	${{env.ARTIFACT_ZIP}}
	${{env.ARTIFACT_TAR}}
	if-no-files-found: error
	name: sources


	build-win:
	outputs:
	hashes: ${{ steps.hash.outputs.hashes }}
	runs-on: windows-2019
	env:
	SOLUTION: Windows\supercan.sln
	MSBUILD_OPTIONS: -noLogo -m -t:Build -p:Configuration=Release
	ResourcesExtraDefines: SC_BUILD_NUMBER=$(GITHUB_RUN_NUMBER)
	VCVARS32: C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars32.bat
	VCVARS64: C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars64.bat
	SC_BUILD_QT_PLUGIN: 0
	ARTIFACT_7z: supercan-win.7z
	ARTIFACT_INSTALLER: supercan_inst.exe


	steps:
	- uses: actions/checkout@v4
	- uses: microsoft/setup-msbuild@v2
	- name: Build
	id: build
	shell: cmd
	# run: appveyor\windows.cmd

	run: \|
	set
	echo 1 >supercan-win.7z
	echo 2 >supercan_inst.exe

	- name: Generate hashes
	shell: bash
	id: hash
	run: \|
	# sha256sum generates sha256 hash for all artifacts.
	# base64 -w0 encodes to base64 and outputs on a single line.
	# sha256sum artifact1 artifact2 ... \| base64 -w0
	echo "hashes=$(sha256sum $ARTIFACT_7z $ARTIFACT_INSTALLER \| base64 -w0)" >> "$GITHUB_OUTPUT"

	- name: Upload artifacts
	uses: actions/upload-artifact@v4
	with:
	path: \|
	${{env.ARTIFACT_7z}}
	${{env.ARTIFACT_INSTALLER}}
	if-no-files-found: error
	name: windows

	build-firmware:
	outputs:
	hashes: ${{ steps.hash.outputs.hashes }}
	runs-on: ubuntu-20.04
	env:
	DEBIAN_FRONTEND: noninteractive
	ARTIFACT_FIRMWARE: supercan-firmware.tar.xz

	steps:
	# - uses: actions/checkout@v4
	# - name: Setup
	# run: \|
	# sudo apt-get update && sudo apt-get install -y dfu-util gcc-arm-none-eabi pixz python3
	# git submodule update --init --depth 1 --recursive

	- name: Build
	id: build
	# run: \|
	# env
	# $GITHUB_WORKSPACE/Boards/examples/device/supercan/build.sh
	# mv $GITHUB_WORKSPACE/Boards/examples/device/supercan/firmware/supercan-firmware.tar.xz $GITHUB_WORKSPACE


	run: \|
	set
	echo 1 >supercan-firmware.tar.xz


	- name: Generate hashes
	id: hash
	run: \|
	# sha256sum generates sha256 hash for all artifacts.
	# base64 -w0 encodes to base64 and outputs on a single line.
	# sha256sum artifact1 artifact2 ... \| base64 -w0
	echo "hashes=$(sha256sum $ARTIFACT_FIRMWARE \| base64 -w0)" >> "$GITHUB_OUTPUT"

	- name: Upload artifacts
	uses: actions/upload-artifact@v4
	with:
	path: ${{ env.ARTIFACT_FIRMWARE }}
	if-no-files-found: error
	name: firmware


	build-linux:
	runs-on: ubuntu-latest
	env:
	DEBIAN_FRONTEND: noninteractive

	steps:
	- uses: actions/checkout@v4
	- name: Setup
	run: \|
	sudo apt-get update && sudo apt-get install -y dkms
	git submodule update --init --recursive Linux

	- name: Build
	id: build
	run: \|
	uname -a
	export SUPERCAN_DIR=$(find "$GITHUB_WORKSPACE/Linux" -type d -name 'supercan_usb-*' \| head)
	env
	$GITHUB_WORKSPACE/Linux/dkms-init.sh
	make V=1 KERNELRELEASE=$(uname -r) -C /lib/modules/$(uname -r)/build M=$SUPERCAN_DIR


	collect:
	needs: [build-win, build-firmware, package-sources]
	runs-on: ubuntu-latest
	outputs:
	hashes: ${{ steps.sum.outputs.hashes }}
	steps:
	- name: Collect hashes
	id: sum
	run: \|
	echo ${{needs.package-sources.outputs.hashes}} \| base64 -d >>${{ runner.temp }}/hashes
	echo ${{needs.build-win.outputs.hashes}} \| base64 -d >>${{ runner.temp }}/hashes
	echo ${{needs.build-firmware.outputs.hashes}} \| base64 -d >>${{ runner.temp }}/hashes
	echo "hashes=$(cat ${{ runner.temp }}/hashes \| base64 -w0)" >> "$GITHUB_OUTPUT"


	provenance:
	needs: [collect]
	permissions:
	actions: read
	id-token: write
	contents: write

	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
	with:
	base64-subjects: "${{ needs.collect.outputs.hashes }}"
	# Upload provenance to a new release
	upload-assets: false
	provenance-name: supercan.intoto.jsonl


	latest:
	needs: [provenance]
	runs-on: ubuntu-latest
	# if: startsWith(github.ref, 'refs/heads/')
	steps:
	- name: Download artifacts
	id: download
	uses: actions/download-artifact@v4

	- name: Debugging
	run: \|
	find ${{ steps.download.outputs.download-path }}

	- name: Upload artifacts to release
	uses: softprops/action-gh-release@v1
	with:
	tag_name: latest-master
	files: \|
	${{ steps.download.outputs.download-path }}/sources/*
	${{ steps.download.outputs.download-path }}/windows/*
	${{ steps.download.outputs.download-path }}/firmware/*
	${{ steps.download.outputs.download-path }}/supercan.intoto.jsonl/*


	release:
	needs: [provenance]
	runs-on: ubuntu-latest
	if: startsWith(github.ref, 'refs/tags/')
	steps:
	- name: Download artifacts
	id: download
	uses: actions/download-artifact@v4

	- name: Debugging
	run: \|
	find ${{ steps.download.outputs.download-path }}
	echo ${{ github.ref }}
	echo ${{ github.ref_name }}

	- name: Create release
	id: create_release
	uses: actions/create-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
	with:
	tag_name: ${{ github.ref }}
	release_name: SuperCAN ${{ github.ref }}
	draft: true
	prerelease: true

	- name: Upload firmware asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ github.token }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: ${{ steps.download.outputs.download-path }}/firmware/supercan-firmware.tar.xz
	asset_name: supercan-firmware.tar.xz
	asset_content_type: application/x-xz

	- name: Upload Windows binaries asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ github.token }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: ${{ steps.download.outputs.download-path }}/windows/supercan-win.7z
	asset_name: supercan-win.7z
	asset_content_type: application/x-7z-compressed

	- name: Upload Windows installer asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ github.token }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: ${{ steps.download.outputs.download-path }}/windows/supercan_inst.exe
	asset_name: supercan_inst.exe
	asset_content_type: application/vnd.microsoft.portable-executable

	- name: Upload SLSA provenance
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ github.token }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: ${{ steps.download.outputs.download-path }}/supercan.intoto.jsonl/supercan.intoto.jsonl
	asset_name: supercan.intoto.jsonl
	asset_content_type: application/octet-stream

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Attempt to fix build pipeline #36

Workflow file

Attempt to fix build pipeline #36

Jobs

Run details

Workflow file for this run