libsignal-build #399
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: libsignal-build | |
on: | |
workflow_dispatch: | |
inputs: | |
libsignal-ref: | |
description: The branch, tag or SHA to checkout for libsignal | |
default: '' # Use the latest commit from the default branch | |
schedule: | |
- cron: '33 3 * * *' | |
defaults: | |
run: | |
shell: bash # Explicit for windows | |
jobs: | |
compare_releases: | |
outputs: | |
upstream_ver: ${{ steps.check_releases.outputs.upstream_ver }} | |
release_name: ${{ steps.check_releases.outputs.release_name }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout this repo sources | |
uses: actions/checkout@v3 | |
- name: Get libs data in json | |
id: dummy_matrix | |
run: python3 generate_matrix.py '0.0.0' | |
- name: Check the latest official version | |
id: check_releases | |
env: | |
MATRIX_JSON: ${{ steps.dummy_matrix.outputs.matrix }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
upstream_ver: ${{ github.event.inputs.libsignal-ref }} | |
run: | | |
LIB_REPO=$(echo "$MATRIX_JSON" | jq -j '.lib[].repo' ) | |
echo "LIB_REPO = $LIB_REPO" | |
[ -n "$upstream_ver" ] || upstream_ver=$(bash util.sh get_latest_release_name "$LIB_REPO") | |
echo "upstream_ver=$upstream_ver" | tee -a $GITHUB_OUTPUT | |
release_name=$(bash util.sh release_name "$LIB_REPO" "$upstream_ver") | |
this_repo_release=$(bash util.sh get_release_data "$release_name") | |
[ -z "$this_repo_release" ] || release_name='' | |
echo "release_name=$release_name" | tee -a $GITHUB_OUTPUT | |
new_release: | |
needs: | |
- compare_releases | |
if: ${{ needs.compare_releases.outputs.release_name }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout this repo sources | |
uses: actions/checkout@v3 | |
- name: Create a new release | |
id: create_release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITHUB_REF_NAME: ${{ github.ref_name }} | |
TAG_NAME: ${{ needs.compare_releases.outputs.release_name }} | |
run: | | |
gh release create \ | |
--target "$GITHUB_REF_NAME" \ | |
-n "Produced by GitHub actions run: https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" \ | |
"$TAG_NAME" | |
matrix_setup: | |
needs: | |
- new_release | |
- compare_releases | |
outputs: | |
matrix: ${{ steps.matrix.outputs.matrix }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout this repo sources | |
uses: actions/checkout@v3 | |
- name: Generate matrix | |
id: matrix | |
env: | |
LIBSIGNAL_VERSION: ${{ needs.compare_releases.outputs.upstream_ver }} | |
run: python3 generate_matrix.py "$LIBSIGNAL_VERSION" | |
build: | |
needs: | |
- matrix_setup | |
- compare_releases | |
strategy: | |
matrix: ${{ fromJSON(needs.matrix_setup.outputs.matrix) }} | |
fail-fast: false # do not abort all if some of the builds fail | |
name: build_${{ matrix.build-env.target || matrix.build-env.triple }} | |
runs-on: ${{ matrix.build-env.runner }} | |
container: ${{ matrix.build-env.container }} | |
env: | |
TARGET: ${{ matrix.build-env.target }} | |
THIS_REPO_DIR: _this_repo_checkout | |
# Ref: | |
# Upstream workflow: | |
# https://github.com/signalapp/libsignal-client/blob/master/.github/workflows/build_and_test.yml | |
# Signal-cli wiki: | |
# https://github.com/AsamK/signal-cli/wiki/Provide-native-lib-for-libsignal | |
steps: | |
- name: Dump strategy and matrix contexts | |
run: | | |
echo '${{ toJSON(strategy) }}' | |
echo '${{ toJSON(matrix) }}' | |
- name: Checkout this repo sources | |
uses: actions/checkout@v3 | |
- name: Install required packages | |
if: ${{ matrix.build-env.req-pkg }} | |
env: | |
INSTALL_CMD: ${{ matrix.build-env.install-cmd }} | |
PKGS: ${{ matrix.build-env.req-pkg }} | |
run: | | |
bash -c "$INSTALL_CMD $PKGS" | |
- name: Generate file names for the current matrix item | |
id: filenames | |
env: | |
MATRIX_RUN: ${{ toJSON(matrix) }} | |
run: python3 filename_for_matrix_item.py "$MATRIX_RUN" | |
- name: Clone upstream source | |
uses: actions/checkout@v3 | |
with: | |
repository: ${{ matrix.lib.repo }} | |
ref: ${{ matrix.lib.ref }} | |
- name: Install Rust toolchain | |
run: rustup toolchain install nightly --profile minimal | |
# Why nightly: https://github.com/signalapp/libsignal/issues/141#issuecomment-1211192153 | |
- name: Add target to rust toolchain | |
if: ${{ matrix.build-env.target }} | |
run: rustup target add $TARGET | |
- name: Add linker to cargo config | |
# Alternatively can add to rust flags | |
#RUSTFLAGS: -C linker=${{ matrix.build-env.linker }} | |
if: ${{ matrix.build-env.linker }} | |
env: | |
LINKER: ${{ matrix.build-env.linker }} | |
run: | | |
cat >> $CARGO_HOME/config.toml <<EOF | |
[target.$TARGET] | |
linker = "$LINKER" | |
EOF | |
- name: Setup rust cache | |
if: false # Not using cache | |
# On macos-latest cache does not work properly: | |
# https://github.com/actions/cache/issues/403 | |
# https://github.com/rust-lang/cargo/issues/8603 | |
# https://github.com/Swatinem/rust-cache | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-rust | |
with: | |
path: | | |
~/.cargo | |
./target | |
key: ${{ env.cache-name }}-${{ runner.os }}-${{ matrix.build-env.target }}-${{ matrix.lib.name }}-${{ hashFiles('Cargo.lock') }} | |
restore-keys: | | |
${{ env.cache-name }}-${{ runner.os }}-${{ matrix.build-env.target }}-${{ matrix.lib.name }}- | |
${{ env.cache-name }}-${{ runner.os }}-${{ matrix.build-env.target }}- | |
- name: Cargo build | |
env: | |
RUSTFLAGS: -C link-arg=-s ${{ matrix.build-env.rust-flags }} | |
CARGO_FLAGS: ${{ matrix.lib.cargo-flags }} | |
BUILD_ENV_VARS: ${{ matrix.build-env.build-env-vars }} | |
run: | | |
if [[ -n $TARGET ]]; then | |
export CARGO_BUILD_TARGET=$TARGET | |
fi | |
env $BUILD_ENV_VARS cargo build --release --verbose $CARGO_FLAGS | |
- name: Inspect built file | |
env: | |
FILENAME: ${{ steps.filenames.outputs.lib_filename }} | |
working-directory: target/${{ matrix.build-env.target }}/release | |
run: | | |
file $FILENAME | |
readelf --arch-specific $FILENAME || : | |
ldd -v $FILENAME || : | |
objdump -T $FILENAME | grep LIBC || : | |
objdump -T $FILENAME | grep LIBC | cut -d'_' -f2 | sort -V | tail -n1 | cut -d ' ' -f1 || : | |
openssl sha256 $FILENAME | |
- name: Create archive | |
env: | |
DIR: target/${{ matrix.build-env.target }}/release | |
FILENAME: ${{ steps.filenames.outputs.lib_filename }} | |
ARCHIVE_NAME: ${{ steps.filenames.outputs.archive_name }} | |
run: tar -czvf ${ARCHIVE_NAME}.tar.gz --directory ${DIR} ${FILENAME} | |
- name: Checkout this repo | |
# (for gh cli) | |
uses: actions/checkout@v3 | |
with: | |
path: ${{ env.THIS_REPO_DIR }} | |
clean: false | |
- name: Upload release asset | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ needs.compare_releases.outputs.release_name }} | |
FILENAME: ${{ steps.filenames.outputs.archive_name }}.tar.gz | |
working-directory: ${{ env.THIS_REPO_DIR }} | |
run: gh release upload "$TAG_NAME" "${GITHUB_WORKSPACE}/${FILENAME}" |