mirror of
https://github.com/urbit/shrub.git
synced 2024-12-25 13:04:17 +03:00
00f9908cb6
As discussed internally at the end of last year, we are discontinuing Windows support for vere. The tldr is that we presently don't have the resources to support non-*nix systems at the level of quality we want to deliver. Notably Windows is already very much a second-class citizen (#5822 and others). Windows users may want to run Urbit through WSL instead. As such, the Window build step should be removed from our CI.
195 lines
5.4 KiB
YAML
195 lines
5.4 KiB
YAML
|
|
name: vere
|
|
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
upload:
|
|
description: 'upload binaries to gcp'
|
|
type: boolean
|
|
default: false
|
|
required: false
|
|
pace:
|
|
description: 'release pace'
|
|
type: string
|
|
default: 'edge'
|
|
required: false
|
|
secrets:
|
|
CACHIX_AUTH_TOKEN:
|
|
required: false
|
|
GCP_CREDENTIALS:
|
|
required: false
|
|
GCS_SERVICE_ACCOUNT_KEY:
|
|
required: false
|
|
GCS_PROJECT:
|
|
required: false
|
|
|
|
workflow_dispatch:
|
|
inputs:
|
|
upload:
|
|
description: 'upload binaries to gcp'
|
|
type: boolean
|
|
default: false
|
|
required: false
|
|
pace:
|
|
description: 'release pace'
|
|
type: choice
|
|
options:
|
|
- edge
|
|
- soon
|
|
- live
|
|
|
|
env:
|
|
UPLOAD_BASE: bootstrap.urbit.org/vere
|
|
VERE_PACE: ${{ inputs.pace }}
|
|
VERSION_TYPE: ${{ (inputs.pace == 'soon' || inputs.pace == 'live') && 'real' || 'hash' }}
|
|
|
|
jobs:
|
|
urbit:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- { os: ubuntu-latest, type: linux }
|
|
- { os: macos-latest, type: macos }
|
|
- { os: buildjet-4vcpu-ubuntu-2204-arm, type: linux }
|
|
|
|
runs-on: ${{ matrix.os }}
|
|
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
|
|
# We only want the extra nix config on linux, where it is necessary
|
|
# for the docker build. We don't want in on Mac, where it isn't but
|
|
# it breaks the nix install. The two `if` clauses should be mutually
|
|
# exclusive
|
|
- uses: cachix/install-nix-action@v16
|
|
with:
|
|
extra_nix_config: |
|
|
system-features = nixos-test benchmark big-parallel kvm
|
|
if: ${{ matrix.type == 'linux' }}
|
|
- uses: cachix/install-nix-action@v16
|
|
if: ${{ matrix.os != 'ubuntu-latest' }}
|
|
|
|
- uses: cachix/cachix-action@v10
|
|
with:
|
|
name: ares
|
|
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
|
|
|
|
# run unit tests early on linux (x-compilation will skip them)
|
|
- name: build dynamic binary (and run tests)
|
|
if: ${{ matrix.type == 'linux' }}
|
|
run: nix-build -A urbit
|
|
|
|
- name: build static binary
|
|
run: |
|
|
nix-build -A urbit \
|
|
--arg enableStatic true \
|
|
--argstr verePace ${{ env.VERE_PACE }} > ./urbit-derivation
|
|
cat ./urbit-derivation
|
|
echo -n "urbit_static=" >> $GITHUB_ENV
|
|
cat ./urbit-derivation >> $GITHUB_ENV
|
|
cat ./urbit-derivation
|
|
|
|
- name: confirm binary is mostly static
|
|
if: matrix.type == 'macos'
|
|
run: |
|
|
bin="${{ env.urbit_static }}/bin/urbit"
|
|
|
|
if [ ! -f "$bin" ]; then
|
|
echo "no binary at $bin"
|
|
exit 1;
|
|
fi
|
|
|
|
libs="$(otool -L "${{ env.urbit_static }}/bin/urbit" | tail -n +2)"
|
|
|
|
# XX CoreFoundation?
|
|
if [ -z "$(echo "$libs" | grep -v libSystem)" ]; then
|
|
echo "it's mostly static"
|
|
echo "$libs"
|
|
exit 0
|
|
else
|
|
echo "dynamic links found:"
|
|
echo "$libs"
|
|
exit 1
|
|
fi
|
|
|
|
- name: get version string
|
|
run: |
|
|
if [ "real" == "$VERSION_TYPE" ]; then
|
|
version="$(cat ./pkg/urbit/version)"
|
|
else
|
|
version="${GITHUB_SHA:0:9}"
|
|
fi
|
|
|
|
echo -n "$version" > ./version-string
|
|
|
|
- name: upload version string artifact
|
|
if: matrix.type == 'linux'
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: version-string
|
|
path: version-string
|
|
|
|
- uses: google-github-actions/auth@v1
|
|
with:
|
|
credentials_json: ${{ secrets.GCP_CREDENTIALS }}
|
|
|
|
- uses: google-github-actions/setup-gcloud@v1
|
|
if: inputs.upload
|
|
with:
|
|
project_id: ${{ secrets.GCS_PROJECT }}
|
|
|
|
- name: upload binary to bootstrap.urbit.org
|
|
if: inputs.upload
|
|
run: |
|
|
version="$(cat ./version-string)"
|
|
system="$(nix-instantiate --eval --expr 'builtins.currentSystem')"
|
|
system=${system:1:${#system}-2}
|
|
target="gs://${UPLOAD_BASE}/${VERE_PACE}/${version}/vere-v${version}-${system}"
|
|
|
|
gsutil cp -n "${{ env.urbit_static }}/bin/urbit" "$target"
|
|
exitcode=$?
|
|
|
|
test $exitcode -eq 0 &&
|
|
echo "upload to $target complete." ||
|
|
echo "upload to $target failed.";
|
|
exit $exitcode
|
|
|
|
- if: ${{ matrix.os == 'ubuntu-latest' }}
|
|
run: nix-build -A urbit-tests
|
|
|
|
- if: ${{ matrix.os == 'ubuntu-latest' }}
|
|
run: nix-build -A docker-image
|
|
|
|
after:
|
|
runs-on: ubuntu-latest
|
|
needs: [urbit]
|
|
if: inputs.upload
|
|
steps:
|
|
- uses: google-github-actions/setup-gcloud@v0.2.0
|
|
with:
|
|
version: '290.0.1'
|
|
service_account_key: ${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}
|
|
project_id: ${{ secrets.GCS_PROJECT }}
|
|
export_default_credentials: true
|
|
|
|
- name: download version-string
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: version-string
|
|
|
|
- name: update latest deployed version
|
|
run: |
|
|
target="gs://${UPLOAD_BASE}/${VERE_PACE}/last"
|
|
|
|
# *not* -n, as we want to overwrite the latest version-string
|
|
#
|
|
gsutil cp ./version-string "$target"
|
|
exitcode=$?
|
|
|
|
test $exitcode -eq 0 &&
|
|
echo "upload to $target complete." ||
|
|
echo "upload to $target failed.";
|
|
exit $exitcode
|