libsignal-build #729
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: libsignal-build | |
on: | |
workflow_dispatch: | |
inputs: | |
libsignal-ref: | |
description: The branch, tag or SHA to checkout for libsignal | |
default: '' # Use the latest commit from the default branch | |
schedule: | |
- cron: '22 22 * * *' | |
jobs: | |
compare_releases: | |
outputs: | |
upstream_ver: ${{ steps.check_releases.outputs.upstream_ver }} | |
release_name: ${{ steps.check_releases.outputs.release_name }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout this repo sources | |
uses: actions/checkout@v4 | |
- name: Get libs data in json | |
id: dummy_matrix | |
run: python3 generate_matrix.py '0.0.0' | |
- name: Check the latest official version | |
id: check_releases | |
env: | |
MATRIX_JSON: ${{ steps.dummy_matrix.outputs.matrix }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
upstream_ver: ${{ github.event.inputs.libsignal-ref }} | |
run: | | |
LIB_REPO=$(echo "$MATRIX_JSON" | jq -j '.lib[].repo' ) | |
echo "LIB_REPO = $LIB_REPO" | |
[ -n "$upstream_ver" ] || upstream_ver=$(bash util.sh get_latest_release_name "$LIB_REPO") | |
echo "upstream_ver=$upstream_ver" | tee -a $GITHUB_OUTPUT | |
release_name=$(bash util.sh release_name "$LIB_REPO" "$upstream_ver") | |
this_repo_release=$(bash util.sh get_release_data "$release_name") | |
[ -z "$this_repo_release" ] || release_name='' | |
echo "release_name=$release_name" | tee -a $GITHUB_OUTPUT | |
new_release: | |
needs: | |
- compare_releases | |
if: ${{ needs.compare_releases.outputs.release_name }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout this repo sources | |
uses: actions/checkout@v4 | |
- name: Create a new release | |
id: create_release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITHUB_REF_NAME: ${{ github.ref_name }} | |
TAG_NAME: ${{ needs.compare_releases.outputs.release_name }} | |
run: | | |
gh release create \ | |
--target "$GITHUB_REF_NAME" \ | |
--title "$TAG_NAME" \ | |
--notes "Produced by GitHub actions run: https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" \ | |
"$TAG_NAME" | |
matrix_setup: | |
needs: | |
- new_release | |
- compare_releases | |
outputs: | |
matrix: ${{ steps.matrix.outputs.matrix }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout this repo sources | |
uses: actions/checkout@v4 | |
- name: Generate matrix | |
id: matrix | |
env: | |
LIBSIGNAL_VERSION: ${{ needs.compare_releases.outputs.upstream_ver }} | |
run: python3 generate_matrix.py "$LIBSIGNAL_VERSION" | |
build: | |
needs: | |
- matrix_setup | |
- compare_releases | |
strategy: | |
matrix: ${{ fromJSON(needs.matrix_setup.outputs.matrix) }} | |
fail-fast: false # do not abort all if some of the builds fail | |
name: build_${{ matrix.build-env.target || matrix.build-env.triple }} | |
runs-on: ${{ matrix.build-env.runner }} | |
container: ${{ matrix.build-env.container }} | |
env: | |
TARGET: ${{ matrix.build-env.target }} | |
THIS_REPO_DIR: _this_repo_checkout | |
defaults: | |
run: | |
shell: sh # Explicit for windows | |
# Ref: | |
# Upstream workflow: | |
# https://github.com/signalapp/libsignal-client/blob/master/.github/workflows/build_and_test.yml | |
# Signal-cli wiki: | |
# https://github.com/AsamK/signal-cli/wiki/Provide-native-lib-for-libsignal | |
steps: | |
- name: Dump strategy and matrix contexts | |
run: | | |
echo '${{ toJSON(strategy) }}' | |
echo '${{ toJSON(matrix) }}' | |
- name: Checkout this repo sources | |
uses: actions/checkout@v4 | |
- name: Install required packages | |
if: ${{ matrix.build-env.req-pkg }} | |
env: | |
INSTALL_CMD: ${{ matrix.build-env.install-cmd }} | |
PKGS: ${{ matrix.build-env.req-pkg }} | |
run: | | |
sh -c "$INSTALL_CMD $PKGS" | |
- name: Run setup commands | |
if: ${{ matrix.build-env.setup-cmds }} | |
env: | |
SETUP_CMDS: ${{ matrix.build-env.setup-cmds }} | |
SETUP_ENV: ${{ matrix.build-env.setup-env }} | |
run: | | |
env -S "$SETUP_ENV" sh -c "$SETUP_CMDS" | |
- name: Generate file names for the current matrix item | |
id: filenames | |
env: | |
MATRIX_RUN: ${{ toJSON(matrix) }} | |
run: python3 filename_for_matrix_item.py "$MATRIX_RUN" | |
- name: Clone upstream source | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ matrix.lib.repo }} | |
ref: ${{ matrix.lib.ref }} | |
- name: Install Rust toolchain | |
run: rustup toolchain install nightly --profile minimal | |
# Why nightly: https://github.com/signalapp/libsignal/issues/141#issuecomment-1211192153 | |
- name: Add target to rust toolchain | |
if: ${{ matrix.build-env.target }} | |
run: rustup target add $TARGET | |
- name: Add linker to cargo config | |
# Alternatively can add to rust flags | |
#RUSTFLAGS: -C linker=${{ matrix.build-env.linker }} | |
if: ${{ matrix.build-env.linker }} | |
env: | |
LINKER: ${{ matrix.build-env.linker }} | |
run: | | |
cat >> $CARGO_HOME/config.toml <<EOF | |
[target.$TARGET] | |
linker = "$LINKER" | |
EOF | |
- name: Cargo build | |
env: | |
RUSTFLAGS: -C link-arg=-s ${{ matrix.build-env.rust-flags }} | |
CARGO_FLAGS: ${{ matrix.lib.cargo-flags }} | |
BUILD_ENV_VARS: ${{ matrix.build-env.build-env-vars }} | |
run: | | |
if [ -n "$TARGET" ]; then | |
export CARGO_BUILD_TARGET=$TARGET | |
fi | |
env -S "$BUILD_ENV_VARS" cargo build --release --verbose $CARGO_FLAGS | |
- name: Inspect built file | |
env: | |
FILENAME: ${{ steps.filenames.outputs.lib_filename }} | |
working-directory: target/${{ matrix.build-env.target }}/release | |
run: | | |
file $FILENAME | |
readelf --arch-specific $FILENAME || : | |
ldd -v $FILENAME || ldd $FILENAME || : | |
objdump -T $FILENAME | grep LIBC || : | |
readelf -V libsignal_jni.so | grep -o ' GLIBC_[^ ]*' | sort -V | tail -n 1 || : | |
openssl sha256 $FILENAME | |
- name: Create archive | |
env: | |
DIR: target/${{ matrix.build-env.target }}/release | |
FILENAME: ${{ steps.filenames.outputs.lib_filename }} | |
ARCHIVE_NAME: ${{ steps.filenames.outputs.archive_name }} | |
run: tar -czvf ${ARCHIVE_NAME}.tar.gz --directory ${DIR} ${FILENAME} | |
- name: Checkout this repo | |
# (for gh cli) | |
uses: actions/checkout@v4 | |
with: | |
path: ${{ env.THIS_REPO_DIR }} | |
clean: false | |
- name: Upload release asset | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ needs.compare_releases.outputs.release_name }} | |
FILENAME: ${{ steps.filenames.outputs.archive_name }}.tar.gz | |
working-directory: ${{ env.THIS_REPO_DIR }} | |
run: gh release upload "$TAG_NAME" "${GITHUB_WORKSPACE}/${FILENAME}" |