-
Notifications
You must be signed in to change notification settings - Fork 126
201 lines (182 loc) · 7.22 KB
/
firefox.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
name: Firefox
on:
workflow_dispatch:
# Don't run this as part of CI anymore; takes too many resources and fails too often.
# pull_request:
# branches: ["main"]
# types: [opened, synchronize, reopened, ready_for_review]
# paths-ignore: ["*.md", "*.png", "*.svg", "LICENSE-*"]
concurrency:
group: ${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
permissions:
contents: read
env:
FIREFOX: Firefox
jobs:
firefox:
name: Build Firefox
# if: ${{ github.event.pull_request.draft == false }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
type: [debug, release]
runs-on: ${{ matrix.os }}
defaults:
run:
shell: bash
env:
MOZBUILD_STATE_PATH: ${{ github.workspace }}/mozbuild
CARGO_HOME: ${{ github.workspace }}/cargo
steps:
- name: Check out Neqo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Maximize build space
if: ${{ runner.os == 'Linux' }}
run: |
sudo rm -rf /usr/local/lib/android || true
sudo rm -rf /usr/share/dotnet || true
sudo rm -rf /opt/ghc || true
sudo rm -rf /usr/local/.ghcup || true
sudo apt-get remove -y '^aspnetcore-.*' '^dotnet-.*' '^llvm-.*' 'php.*' '^mongodb-.*' '^mysql-.*' \
azure-cli google-chrome-stable firefox powershell mono-devel libgl1-mesa-dri google-cloud-sdk \
google-cloud-cli --fix-missing --quiet || true
sudo apt-get autoremove -y || true
sudo apt-get clean || true
sudo docker image prune --all --force || true
sudo rm -rf "$AGENT_TOOLSDIRECTORY" || true
df -h
- name: Check out Firefox
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: mozilla/gecko-dev
path: mozilla-unified
persist-credentials: false
- name: Install deps (Windows)
if: ${{ runner.os == 'Windows' }}
run: choco install -y mozillabuild --version 4.0.2
- name: Install Rust
uses: ./.github/actions/rust
with:
version: stable
token: ${{ secrets.GITHUB_TOKEN }}
- name: Bootstrap Firefox
run: |
cd mozilla-unified
{
echo "mk_add_options MOZ_OBJDIR=../$FIREFOX"
echo "ac_add_options --with-ccache=sccache"
echo "ac_add_options --enable-application=browser"
# Work around https://bugzilla.mozilla.org/show_bug.cgi?id=1894031
if [ "${{ runner.os }}" != "Windows" ] || [ "${{ matrix.type}}" != "debug" ]; then
echo "ac_add_options --disable-tests"
fi
echo "ac_add_options --enable-${{ matrix.type }}"
} >> mozconfig
./mach bootstrap --application-choice browser
- name: Plumb in Neqo
run: |
# Get qlog and mtu version used by neqo
cargo generate-lockfile
QLOG_VERSION=$(cargo pkgid qlog | cut -d@ -f2)
MTU_VERSION=$(cargo pkgid mtu | cut -d@ -f2)
rm Cargo.lock
cd mozilla-unified
{
echo '[[audits.qlog]]'
echo 'who = "CI"'
echo 'criteria = "safe-to-deploy"'
echo "version = \"$QLOG_VERSION\""
echo '[[audits.mtu]]'
echo 'who = "CI"'
echo 'criteria = "safe-to-deploy"'
echo "version = \"$MTU_VERSION\""
} >> supply-chain/audits.toml
sed -i'' -e "s/qlog =.*/qlog = \"$QLOG_VERSION\"/" netwerk/socket/neqo_glue/Cargo.toml
{
echo '[patch."https://github.com/mozilla/neqo"]'
echo 'neqo-http3 = { path = "../neqo-http3" }'
echo 'neqo-transport = { path = "../neqo-transport" }'
echo 'neqo-common = { path = "../neqo-common" }'
echo 'neqo-qpack = { path = "../neqo-qpack" }'
echo 'neqo-crypto = { path = "../neqo-crypto" }'
} >> Cargo.toml
{
echo '[[trusted.windows-bindgen]]'
echo 'criteria = "safe-to-deploy"'
echo 'user-id = 64539 # Kenny Kerr (kennykerr)'
echo 'start = "2021-11-15"'
echo 'end = "2024-09-12"'
echo '[[trusted.windows-metadata]]'
echo 'criteria = "safe-to-deploy"'
echo 'user-id = 64539 # Kenny Kerr (kennykerr)'
echo 'start = "2021-11-15"'
echo 'end = "2024-09-12"'
} >> supply-chain/audits.toml
cargo update neqo-http3 neqo-transport neqo-common neqo-qpack neqo-crypto
./mach vendor rust --ignore-modified
- name: Build Firefox
env:
NAME: ${{ runner.os == 'macOS' && 'Nightly' || 'bin' }}
TYPE: ${{ runner.os == 'macOS' && matrix.type == 'debug' && 'Debug' || '' }}
EXT: ${{ runner.os == 'macOS' && '.app' || '' }}
run: |
cd mozilla-unified
# Work around "ERROR: WINDOWSSDKDIR cannot be set when using the bootstrapped WINSYSROOT"
# (Capitalization "WindowsSdkDir" matters)
[ "${{ runner.os }}" == "Windows" ] && unset WindowsSdkDir
./mach build && tar -cf "../$FIREFOX.tar" -C "../$FIREFOX/dist" "$NAME$TYPE$EXT"
- name: Export binary
id: upload
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: ${{ runner.os }}-${{ env.FIREFOX }}-${{ matrix.type }}.tgz
path: ${{ env.FIREFOX }}.tar
compression-level: 9
- env:
ARTIFACT_URL: ${{ steps.upload.outputs.artifact-url }}
run: echo "$ARTIFACT_URL" >> artifact
- name: Export artifact URL
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: artifact-${{ runner.os }}-${{ env.FIREFOX }}-${{ matrix.type }}
path: artifact
retention-days: 1
comment:
name: Comment on PR
# if: ${{ github.event.pull_request.draft == false }}
needs: firefox
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
pattern: 'artifact-*'
path: artifacts
- run: |
{
echo "### Firefox builds for this PR"
echo "The following builds are available for testing. Crossed-out builds did not succeed."
for os in Linux macOS Windows; do
echo -n "* **$os**:"
for type in debug release; do
artifact="artifacts/artifact-$os-${{ env.FIREFOX }}-$type/artifact"
if [ -e "$artifact" ]; then
echo -n " [${type^}]($(cat $artifact))"
else
echo -n " ~~${type^}~~"
fi
done
echo
done
} > comment.md
cat comment.md > "$GITHUB_STEP_SUMMARY"
- uses: ./.github/actions/pr-comment-data-export
with:
name: ${{ github.workflow }}
contents: comment.md