Merge pull request #33 from lifting-bits/rolling-release

Create Rolling Github Releases
lifting-bits · Aug 11, 2020 · 4e87e4f · 4e87e4f
2 parents 6a34316 + e4f8b48
commit 4e87e4f
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 0 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,8 +8,21 @@ on:
     # run CI every day even if no PRs/merges occur
     - cron:  '0 6 * * *'
 jobs:
+  VersionFile:
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.bump.outputs.VERSION }}
+    steps:
+    - id: bump
+      name: Bump Version Info For Release
+      run: |
+        curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/latest | jq -r '[.tag_name][0] | split(".") as $ver | $ver[-1]|tonumber as $last | $ver[:-1] as $first | $first + [$last+1] | map(tostring) |  join(".")' > VERSION
+        echo "::set-output name=VERSION::$(<VERSION)"
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   Docker_Linux:
     runs-on: ubuntu-latest
+    needs: [VersionFile]
     strategy:
       matrix:
         llvm: ["800", "900", "1000"]
@@ -18,6 +31,7 @@ jobs:
     - uses: actions/checkout@v2
     - name: Build LLVM ${{ matrix.llvm }} on ${{ matrix.ubuntu }}
       run: |
+        echo ${{needs.VersionFile.outputs.version}} > VERSION
         docker build . -t docker.pkg.github.com/lifting-bits/anvill/anvill-llvm${{ matrix.llvm }}-ubuntu${{ matrix.ubuntu }}-amd64:latest -f Dockerfile --build-arg UBUNTU_VERSION=${{ matrix.ubuntu }} --build-arg ARCH=amd64 --build-arg LLVM_VERSION=${{ matrix.llvm }}
     - name: Test LLVM ${{ matrix.llvm }} on ${{ matrix.ubuntu }}
       run: |
@@ -35,3 +49,35 @@ jobs:
         GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         DOCKER_HUB_USER: ${{  secrets.DOCKER_HUB_USER  }}
         DOCKER_HUB_TOKEN: ${{  secrets.DOCKER_HUB_TOKEN  }}
+    - name: Compress Artifacts LLVM ${{ matrix.llvm }} on ${{ matrix.ubuntu }}
+      if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+      run: |
+        mkdir -p artifacts
+        cp -v scripts/emit-artifact.sh ./artifacts/
+        docker run -v "$(pwd)/artifacts:/out" --rm --entrypoint /bin/bash docker.pkg.github.com/lifting-bits/anvill/anvill-llvm${{ matrix.llvm }}-ubuntu${{ matrix.ubuntu }}-amd64:latest -c "/out/emit-artifact.sh /out/anvill-llvm${{ matrix.llvm }}-ubuntu${{ matrix.ubuntu }}-amd64.tar.xz"
+        ls -l artifacts/
+    - uses: actions/upload-artifact@v1
+      if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+      with:
+        name: anvill-llvm${{ matrix.llvm }}-ubuntu${{ matrix.ubuntu }}-amd64.tar.xz
+        path: artifacts/anvill-llvm${{ matrix.llvm }}-ubuntu${{ matrix.ubuntu }}-amd64.tar.xz
+  CreateRelease:
+    needs: [Docker_Linux, VersionFile]
+    runs-on: ubuntu-latest
+    steps:
+    - name: Download all artifacts
+      if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+      uses: actions/download-artifact@v2
+      with:
+        path: releases
+    - name: Verify Artifact Downloads
+      if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+      run: ls -R
+    - name: Publish Release
+      if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+      uses: softprops/action-gh-release@v1
+      with:
+        tag_name: ${{ needs.VersionFile.outputs.version }}
+        files: releases/*/*.xz
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/scripts/emit-artifact.sh b/scripts/emit-artifact.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# This script is run inside Github Actions CI to create an archive of a fully-built project
+
+# install pixz for parallel xz
+apt-get update
+apt-get install -yqq pixz
+# compress /opt/trailofbits/{anvill,remill} and emit it to $1
+echo "Compressing to: ${1}"
+tar -Ipixz -cf "${1}" -C /opt/trailofbits anvill remill