shrub/.github/workflows/vere.yml
fang 00f9908cb6
ci: remove the mingw build flow
As discussed internally at the end of last year, we are discontinuing
Windows support for vere.

The tldr is that we presently don't have the resources to support
non-*nix systems at the level of quality we want to deliver. Notably
Windows is already very much a second-class citizen (#5822 and others).
Windows users may want to run Urbit through WSL instead.

As such, the Window build step should be removed from our CI.
2023-01-05 18:53:44 +01:00

195 lines
5.4 KiB
YAML

name: vere
on:
workflow_call:
inputs:
upload:
description: 'upload binaries to gcp'
type: boolean
default: false
required: false
pace:
description: 'release pace'
type: string
default: 'edge'
required: false
secrets:
CACHIX_AUTH_TOKEN:
required: false
GCP_CREDENTIALS:
required: false
GCS_SERVICE_ACCOUNT_KEY:
required: false
GCS_PROJECT:
required: false
workflow_dispatch:
inputs:
upload:
description: 'upload binaries to gcp'
type: boolean
default: false
required: false
pace:
description: 'release pace'
type: choice
options:
- edge
- soon
- live
env:
UPLOAD_BASE: bootstrap.urbit.org/vere
VERE_PACE: ${{ inputs.pace }}
VERSION_TYPE: ${{ (inputs.pace == 'soon' || inputs.pace == 'live') && 'real' || 'hash' }}
jobs:
urbit:
strategy:
fail-fast: false
matrix:
include:
- { os: ubuntu-latest, type: linux }
- { os: macos-latest, type: macos }
- { os: buildjet-4vcpu-ubuntu-2204-arm, type: linux }
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2
# We only want the extra nix config on linux, where it is necessary
# for the docker build. We don't want in on Mac, where it isn't but
# it breaks the nix install. The two `if` clauses should be mutually
# exclusive
- uses: cachix/install-nix-action@v16
with:
extra_nix_config: |
system-features = nixos-test benchmark big-parallel kvm
if: ${{ matrix.type == 'linux' }}
- uses: cachix/install-nix-action@v16
if: ${{ matrix.os != 'ubuntu-latest' }}
- uses: cachix/cachix-action@v10
with:
name: ares
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
# run unit tests early on linux (x-compilation will skip them)
- name: build dynamic binary (and run tests)
if: ${{ matrix.type == 'linux' }}
run: nix-build -A urbit
- name: build static binary
run: |
nix-build -A urbit \
--arg enableStatic true \
--argstr verePace ${{ env.VERE_PACE }} > ./urbit-derivation
cat ./urbit-derivation
echo -n "urbit_static=" >> $GITHUB_ENV
cat ./urbit-derivation >> $GITHUB_ENV
cat ./urbit-derivation
- name: confirm binary is mostly static
if: matrix.type == 'macos'
run: |
bin="${{ env.urbit_static }}/bin/urbit"
if [ ! -f "$bin" ]; then
echo "no binary at $bin"
exit 1;
fi
libs="$(otool -L "${{ env.urbit_static }}/bin/urbit" | tail -n +2)"
# XX CoreFoundation?
if [ -z "$(echo "$libs" | grep -v libSystem)" ]; then
echo "it's mostly static"
echo "$libs"
exit 0
else
echo "dynamic links found:"
echo "$libs"
exit 1
fi
- name: get version string
run: |
if [ "real" == "$VERSION_TYPE" ]; then
version="$(cat ./pkg/urbit/version)"
else
version="${GITHUB_SHA:0:9}"
fi
echo -n "$version" > ./version-string
- name: upload version string artifact
if: matrix.type == 'linux'
uses: actions/upload-artifact@v3
with:
name: version-string
path: version-string
- uses: google-github-actions/auth@v1
with:
credentials_json: ${{ secrets.GCP_CREDENTIALS }}
- uses: google-github-actions/setup-gcloud@v1
if: inputs.upload
with:
project_id: ${{ secrets.GCS_PROJECT }}
- name: upload binary to bootstrap.urbit.org
if: inputs.upload
run: |
version="$(cat ./version-string)"
system="$(nix-instantiate --eval --expr 'builtins.currentSystem')"
system=${system:1:${#system}-2}
target="gs://${UPLOAD_BASE}/${VERE_PACE}/${version}/vere-v${version}-${system}"
gsutil cp -n "${{ env.urbit_static }}/bin/urbit" "$target"
exitcode=$?
test $exitcode -eq 0 &&
echo "upload to $target complete." ||
echo "upload to $target failed.";
exit $exitcode
- if: ${{ matrix.os == 'ubuntu-latest' }}
run: nix-build -A urbit-tests
- if: ${{ matrix.os == 'ubuntu-latest' }}
run: nix-build -A docker-image
after:
runs-on: ubuntu-latest
needs: [urbit]
if: inputs.upload
steps:
- uses: google-github-actions/setup-gcloud@v0.2.0
with:
version: '290.0.1'
service_account_key: ${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}
project_id: ${{ secrets.GCS_PROJECT }}
export_default_credentials: true
- name: download version-string
uses: actions/download-artifact@v3
with:
name: version-string
- name: update latest deployed version
run: |
target="gs://${UPLOAD_BASE}/${VERE_PACE}/last"
# *not* -n, as we want to overwrite the latest version-string
#
gsutil cp ./version-string "$target"
exitcode=$?
test $exitcode -eq 0 &&
echo "upload to $target complete." ||
echo "upload to $target failed.";
exit $exitcode