[ci][windows] sign executables using Azure #5238
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This file is part of BOINC. | |
# http://boinc.berkeley.edu | |
# Copyright (C) 2023 University of California | |
# | |
# BOINC is free software; you can redistribute it and/or modify it | |
# under the terms of the GNU Lesser General Public License | |
# as published by the Free Software Foundation, | |
# either version 3 of the License, or (at your option) any later version. | |
# | |
# BOINC is distributed in the hope that it will be useful, | |
# but WITHOUT ANY WARRANTY; without even the implied warranty of | |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
# See the GNU Lesser General Public License for more details. | |
# | |
# You should have received a copy of the GNU Lesser General Public License | |
# along with BOINC. If not, see <http://www.gnu.org/licenses/>. | |
name: Linux | |
on: | |
push: | |
branches: [ master, 'client_release/**' ] | |
tags: [ 'client_release/**', 'vboxwrapper/**', 'wrapper/**' ] | |
pull_request: | |
branches: [ master ] | |
schedule: | |
- cron: '0 0 * * *' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.S3_ACCESS_KEY }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.S3_SECRET_KEY }} | |
AWS_DEFAULT_REGION: us-west-2 | |
jobs: | |
build: | |
name: ${{ matrix.type }}-build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
type: [libs, client, apps, libs-vcpkg, client-vcpkg, apps-vcpkg, libs-cmake, libs-arm64, apps-arm64, manager-with-webview-vcpkg, server, manager-with-webview, manager-without-webview, unit-test, integration-test] | |
fail-fast: false | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
fetch-depth: 2 | |
- name: Install dependencies | |
run: | | |
sudo apt-get -qq update | |
sudo apt-get install -y autopoint libftgl-dev freeglut3-dev libcurl4-openssl-dev libxmu-dev libxi-dev libfcgi-dev libxss-dev libnotify-dev libxcb-util0-dev libgtk-3-dev libsecret-1-dev libgcrypt20-dev libsystemd-dev libwebkit2gtk-4.0-dev p7zip-full libxxf86vm-dev ocl-icd-opencl-dev zip | |
- name: Install dependencies for arm64 | |
if: success() && endsWith(matrix.type, 'arm64') | |
run: | | |
sudo apt-get install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu binutils-aarch64-linux-gnu | |
- name: Install dependencies for integration testing | |
if: success() && matrix.type == 'integration-test' | |
run: | | |
sudo apt-get install ansible | |
sudo service mysql stop | |
./integration_test/installTestSuite.sh | |
- name: Cache dependencies | |
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 | |
with: | |
path: | | |
3rdParty/buildCache | |
!3rdParty/buildCache/linux/vcpkgcache/ | |
key: linux-${{ matrix.type }}-${{ hashFiles('3rdParty/*Linux*.sh', 'linux/*.sh', '.github/workflows/linux.yml') }} | |
- name: Check if build is running from origin repo | |
if: ${{ success() && env.AWS_ACCESS_KEY_ID != 0 && env.AWS_SECRET_ACCESS_KEY != 0 }} | |
run: | | |
echo "VCPKG_BINARY_SOURCES=clear;x-aws,s3://vcpkg.cache.boinc/,readwrite" >> $GITHUB_ENV | |
- name: Check if build is running from fork | |
if: ${{ success() && (env.AWS_ACCESS_KEY_ID == 0 || env.AWS_SECRET_ACCESS_KEY == 0) }} | |
run: | | |
echo "VCPKG_BINARY_SOURCES=clear;x-aws-config,no-sign-request;x-aws,s3://vcpkg.cache.boinc/,read" >> $GITHUB_ENV | |
- name: Automake | |
if: success() | |
run: ./_autosetup | |
- name: Configure libs | |
if: success() && matrix.type == 'libs' | |
run: ./configure --disable-server --disable-client --disable-manager | |
- name: Configure client | |
if: success() && matrix.type == 'client' | |
run: ./configure --disable-server --enable-client --disable-manager | |
- name: Configure apps | |
if: success() && matrix.type == 'apps' | |
run: ./configure --enable-apps --enable-apps-vbox --enable-apps-gui --disable-server --disable-client --disable-manager | |
- name: Configure libs with vcpkg | |
if: success() && matrix.type == 'libs-vcpkg' | |
run: linux/ci_configure_libs.sh | |
- name: Configure client with vcpkg | |
if: success() && matrix.type == 'client-vcpkg' | |
run: linux/ci_configure_client.sh | |
- name: Configure apps with vcpkg | |
if: success() && matrix.type == 'apps-vcpkg' | |
run: linux/ci_configure_apps.sh | |
- name: Configure libs with cmake vcpkg | |
if: success() && matrix.type == 'libs-cmake' | |
run: linux/ci_configure_libs_cmake.sh | |
- name: Configure manager with webview and vcpkg | |
if: success() && matrix.type == 'manager-with-webview-vcpkg' | |
run: linux/ci_configure_manager.sh | |
- name: Configure server | |
if: success() && matrix.type == 'server' | |
run: ./configure --enable-server --disable-client --disable-manager | |
- name: Configure manager with webview | |
if: success() && matrix.type == 'manager-with-webview' | |
run: ./3rdParty/buildLinuxDependencies.sh && ./configure --disable-server --disable-client --with-wx-prefix=${GITHUB_WORKSPACE}/3rdParty/buildCache/linux | |
- name: Configure manager without webview | |
if: success() && matrix.type == 'manager-without-webview' | |
run: ./3rdParty/buildLinuxDependencies.sh --disable-webview && ./configure --disable-server --disable-client --with-wx-prefix=${GITHUB_WORKSPACE}/3rdParty/buildCache/linux | |
- name: Configure server for unit testing | |
if: success() && matrix.type == 'unit-test' | |
run: ./3rdParty/buildLinuxDependencies.sh --gtest-only && ./configure --disable-client --disable-manager --enable-unit-tests CFLAGS="-g -O0" CXXFLAGS="-g -O0" | |
- name: Make | |
if: success() && ! contains(matrix.type, 'integration-test') && ! endsWith(matrix.type, 'cmake') && ! endsWith(matrix.type, 'arm64') | |
run: make | |
- name: Make for cmake | |
if: success() && endsWith(matrix.type, 'cmake') | |
run: | |
cmake --build build | |
- name: Build libraries for arm64 | |
if: success() && matrix.type == 'libs-arm64' | |
run: | | |
./linux/arm64/build_libraries_arm64.sh | |
- name: Build apps for arm64 | |
if: success() && matrix.type == 'apps-arm64' | |
run: | | |
export CI=yes | |
./linux/arm64/build_libraries_arm64.sh | |
./linux/arm64/build_openssl_arm64.sh | |
./linux/arm64/build_curl_arm64.sh | |
./linux/arm64/build_example_arm64.sh | |
- name: Execute unit-test and report coverage | |
if: success() && matrix.type == 'unit-test' | |
run: ./tests/executeUnitTests.sh --report-coverage --report-xml | |
- name: Execute integration-test | |
if: success() && matrix.type == 'integration-test' | |
run: ./integration_test/executeTestSuite.sh | |
- name: Prepare logs on failure | |
if: ${{ failure() }} | |
run: python ./deploy/prepare_deployment.py logs | |
- name: Upload logs on failure | |
if: ${{ failure() }} | |
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b | |
with: | |
name: linux_logs_${{ matrix.type }}_${{ github.event.pull_request.head.sha }} | |
path: deploy/logs.7z | |
- name: Prepare artifacts for deploy | |
if: success() && ! contains(matrix.type, 'libs') && ! contains(matrix.type, 'server') && ! contains(matrix.type, 'test') | |
run: python ./deploy/prepare_deployment.py linux_${{ matrix.type }} | |
- name: Upload artifacts | |
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b | |
if: ${{ ! contains(matrix.type, 'libs') && ! contains(matrix.type, 'server') && ! contains(matrix.type, 'test') }} | |
with: | |
name: linux_${{ matrix.type }}_${{ github.event.pull_request.head.sha }} | |
path: deploy/linux_${{ matrix.type }}.7z | |
- name: Upload Google Tests Results | |
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b | |
if: always() && matrix.type == 'unit-test' # run this step even if previous step failed | |
with: | |
name: Linux_tests_results | |
path: "tests/gtest/**/*_xml_report.xml" | |
- name: Upload coverage report | |
if: success() && matrix.type == 'unit-test' | |
uses: codecov/codecov-action@1e68e06f1dbfde0e4cefc87efeba9e4643565303 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
build-release: | |
name: ${{ matrix.type }}-build-release | |
runs-on: ubuntu-latest | |
container: | |
image: debian:buster | |
strategy: | |
matrix: | |
type: [apps, apps-x86, apps-arm64] | |
fail-fast: false | |
env: | |
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true | |
steps: | |
- name: Install dependencies | |
run: | | |
apt-get -qq update | |
apt-get install -y make build-essential m4 pkg-config autoconf libtool git p7zip-full python3 | |
- name: Install dependencies for x86 | |
if: success() && matrix.type == 'apps-x86' | |
run: | | |
dpkg --add-architecture i386 | |
apt-get update | |
apt-get install -y gcc-multilib g++-multilib libcurl4-openssl-dev:i386 libssl-dev:i386 | |
- name: Install dependencies for x64 | |
if: success() && matrix.type == 'apps' | |
run: | | |
apt-get install -y libcurl4-openssl-dev libssl-dev | |
- name: Install dependencies for arm64 | |
if: success() && matrix.type == 'apps-arm64' | |
run: | | |
apt-get install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu binutils-aarch64-linux-gnu wget ca-certificates | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
fetch-depth: 2 | |
- name: Automake | |
if: success() | |
run: ./_autosetup | |
- name: Make x64 apps | |
if: success() && matrix.type == 'apps' | |
run: | | |
export CFLAGS="-O3" | |
export CXXFLAGS="-O3 -std=c++11" | |
export LDFLAGS="-static-libstdc++ -s" | |
export RELEASE_ARCH=x86_64 | |
./configure --enable-apps --enable-apps-vbox --disable-server --disable-client --disable-manager | |
make -j $(nproc --all) | |
- name: Make x86 apps | |
if: success() && matrix.type == 'apps-x86' | |
run: | | |
export CFLAGS="-O3 -m32" | |
export CXXFLAGS="-O3 -m32 -std=c++11" | |
export LDFLAGS="-static-libstdc++ -s -m32" | |
export RELEASE_ARCH=i686 | |
./configure --enable-apps --enable-apps-vbox --disable-server --disable-client --disable-manager --host=i686-linux-gnu | |
make -j $(nproc --all) | |
- name: Make arm64 apps | |
if: success() && matrix.type == 'apps-arm64' | |
run: | | |
export CI=yes | |
export RELEASE=yes | |
export RELEASE_ARCH=arm64 | |
./linux/arm64/build_libraries_arm64.sh | |
./linux/arm64/build_openssl_arm64.sh | |
./linux/arm64/build_curl_arm64.sh | |
./linux/arm64/build_example_arm64.sh | |
- name: Prepare logs on failure | |
if: ${{ failure() }} | |
run: python3 ./deploy/prepare_deployment.py logs | |
- name: Upload logs on failure | |
if: ${{ failure() }} | |
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b | |
with: | |
name: linux_release_logs_${{ matrix.type }}_${{ github.event.pull_request.head.sha }} | |
path: deploy/logs.7z | |
- name: Prepare artifacts for deploy | |
if: success() | |
run: python3 ./deploy/prepare_deployment.py linux_apps | |
- name: Upload wrapper artifacts | |
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b | |
if: success() | |
with: | |
name: linux_release_${{ matrix.type }}_${{ github.event.pull_request.head.sha }} | |
path: deploy/linux_apps.7z |