Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update release workflows #15

Merged
merged 33 commits into from
Aug 15, 2024
+522 −168
Merged

Update release workflows #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
eed5212
Update release scripts
aveenismail Aug 10, 2023
daad503
Githubactions: Build release binaries with containers
aveenismail Aug 10, 2023
77c2c20
Githubactions: Fix syntax error
aveenismail Aug 10, 2023
910e35f
Githubactions: Fix libyubihsm path
aveenismail Aug 10, 2023
a21600f
Githubactions: Remove Ubuntu 18.04 build
aveenismail Aug 10, 2023
f0c1bd2
Githubactions: Fix debug output
aveenismail Aug 11, 2023
9a966c6
Githubactions: Add more debug output
aveenismail Aug 11, 2023
770b80f
Githubactions: Install cargo via apt
aveenismail Aug 11, 2023
9ce3de7
Githubactions: Install cargo from source
aveenismail Aug 11, 2023
6e7e30d
Githubactions: Add cargo to PATH
aveenismail Aug 11, 2023
8c3d800
Githubactions: Install more dependencies
aveenismail Aug 11, 2023
8c11171
Githubactions: Fix path to libyubihsm
aveenismail Aug 11, 2023
61f6027
Githubactions: Fix debug output
aveenismail Aug 11, 2023
9b02d6c
Githubactions: Fix PATH
aveenismail Aug 11, 2023
0ef7369
Githubactions: Set LD_LIBRARY_PATH
aveenismail Aug 11, 2023
8d1238e
Githubactions: Install libyubihsm
aveenismail Aug 11, 2023
47b304f
GithubActions: Change build order
aveenismail Aug 11, 2023
3adb245
GithubActions: Install libyubihsm as den package
aveenismail Aug 11, 2023
87b0fe1
GithubActions: Fix merge conflict
aveenismail Aug 11, 2023
800a010
Githubactions: Install libyubihsm as .deb package
aveenismail Aug 11, 2023
c3ec4c8
Githubactions: Fix Bad substitution
aveenismail Aug 11, 2023
e1fa1d4
Githubactions: Fix Bad substitution
aveenismail Aug 11, 2023
36b892b
Githubactions: Add debug output
aveenismail Aug 11, 2023
f687655
Githubactions: Fix version test command
aveenismail Aug 11, 2023
1062339
Update release script
aveenismail Aug 12, 2024
aa6947d
Update githubactions workflows
aveenismail Aug 14, 2024
1dcecbb
Update githubactions workflows
aveenismail Aug 14, 2024
8c48da8
Update githubactions workflows
aveenismail Aug 15, 2024
c855691
Update githubactions workflows
aveenismail Aug 15, 2024
633af5f
Update githubactions workflows
aveenismail Aug 15, 2024
4495037
Update githubactions workflows
aveenismail Aug 15, 2024
ee6b5a9
Update githubactions workflows
aveenismail Aug 15, 2024
004c313
Update githubactions workflows
aveenismail Aug 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
274 changes: 187 additions & 87 deletions .github/workflows/release_linux.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,134 +4,234 @@ on: [push]

jobs:

Ubuntu1804-Build:
name: Ubuntu1804
runs-on: ubuntu-18.04
env:
YUBIHSMSDK_VERSION: 2021-08
debian_based:
strategy:
fail-fast: false
matrix:
environment: [
"ubuntu:24.04",
"ubuntu:22.04",
"ubuntu:20.04",
"debian:12",
"debian:11",
]
libyubihsm_tag : [ "2.5.0" ]

name: build on ${{ matrix.environment }}
runs-on: ubuntu-latest
container: ${{ matrix.environment }}

steps:
- name: Checkout repository
uses: actions/checkout@v2

# download yubihsm-sdk installer from dev.y.c and install it
- name: install yubihsm-shell
- name: clone the Yubico/yubihsm-setup repository
uses: actions/checkout@v3
with:
path: yubihsm-setup

- name: extract platform name
env:
DOCKER_IMAGE: ${{ matrix.environment }}
run: |
# Remove everything from DOCKER_IMAGE that is not a letter or a number
PLATFORM=$(echo -n "$DOCKER_IMAGE" | sed -E 's/[^a-zA-Z0-9]//g')
echo "PLATFORM=$PLATFORM" >> $GITHUB_ENV

- name: install dependencies
env:
CC: ${{ matrix.cc }}
DEBIAN_FRONTEND: noninteractive
run: |
set -e -o pipefail
set -x
export DEBIAN_FRONTEND=noninteractive

apt-get update && apt-get dist-upgrade -y
apt-get install -y build-essential \
chrpath \
cmake \
pkg-config \
gengetopt \
help2man \
libedit-dev \
libcurl4-openssl-dev \
liblzma-dev \
libssl-dev \
libseccomp-dev \
libusb-1.0.0-dev \
dh-exec \
git-buildpackage \
curl \
libpcsclite-dev \
file \
curl \
jq

curl -o rustup.sh https://sh.rustup.rs
bash ./rustup.sh -y
export PATH=$PATH:$HOME/.cargo/bin
cargo install cargo-deb


- name: install libyubihsm
working-directory: yubihsm-setup
env:
LIBYUBIHSM_TAG: ${{ matrix.libyubihsm_tag }}
PLATFORM: ${{ env.PLATFORM }}
run: |
set -x

echo "platform = $PLATFORM"

cd ..
curl -L --max-redirs 2 -o - https://developers.yubico.com/YubiHSM2/Releases/yubihsm2-sdk-$YUBIHSMSDK_VERSION-ubuntu1804-amd64.tar.gz |\
tar -xzvf -
cd yubihsm2-sdk
sudo dpkg -i ./libyubihsm*_amd64.deb

#git clone --branch $LIBYUBIHSM_TAG https://github.com/Yubico/yubihsm-shell.git
git clone https://github.com/Yubico/yubihsm-shell.git
cd yubihsm-shell

if [ "$PLATFORM" = "ubuntu2404" ]; then
# ubuntu 24.04 comes with _FORTIFY_SOURCE already set
sed -i 's/add_definitions (-D_FORTIFY_SOURCE=2)/add_definitions (-D_FORTIFY_SOURCE=3)/' cmake/SecurityFlags.cmake
fi

if [ "$PLATFORM" = "debian11" ]; then
dpkg-buildpackage -b --no-sign
else
dpkg-buildpackage
fi
dpkg -i ../libyubihsm*_amd64.deb

- name: clone yubihsmrs
working-directory: yubihsm-setup
run: |
set -e -o pipefail
set -x

cd ..
git clone https://github.com/Yubico/yubihsmrs.git

- name: Build yubihsm-setup
- name: Build binary
working-directory: yubihsm-setup
env:
PLATFORM: ${{ env.PLATFORM }}
run: |
set -e -o pipefail
set -x
mkdir -p artifact/yubihsm-setup

cd ..
export PATH=$PATH:~/.cargo/bin
if [[ ! -x $(command -v rustc) ]]; then
curl -o rustup.sh https://sh.rustup.rs
bash ./rustup.sh -y
fi
cargo install cargo-deb
OUTPUT=$GITHUB_WORKSPACE/$PLATFORM/yubihsm-setup
mkdir -p $OUTPUT

cd yubihsm-setup
YUBIHSM_LIB_DIR=$(dpkg -L libyubihsm1 | grep -e "libyubihsm.so.2$" | xargs dirname) cargo build --release
export PATH=$PATH:$HOME/.cargo/bin

#YUBIHSM_LIB_DIR=$(dpkg -L libyubihsm1 | grep -e "libyubihsm.so.2$" | xargs dirname) cargo build --release
YUBIHSM_LIB_DIR=/usr/lib/x86_64-linux-gnu cargo build --release
strip --strip-all target/release/yubihsm-setup
cargo deb --no-build
cp target/debian/*.deb artifact/yubihsm-setup/
cp target/debian/*.deb $OUTPUT/

./target/release/yubihsm-setup --version
./target/release/yubihsm-setup --help

LICENSE_DIR="artifact/yubihsm-setup/share/yubihsm-setup"
mkdir -p $LICENSE_DIR
cp -r resources/release/licenses $LICENSE_DIR/
for lf in $LICENSE_DIR/licenses/*; do
LICESE_DIR="$OUTPUT/share/yubihsm-setup"
mkdir -p $LICESE_DIR
cp -r $GITHUB_WORKSPACE/yubihsm-setup/resources/release/licenses $LICESE_DIR/
for lf in $LICESE_DIR/licenses/*; do
chmod 644 $lf
done

- name: Upload artifact
uses: actions/upload-artifact@v1
with:
name: yubihsm-setup-ubuntu1804-amd64
path: artifact
cd $OUTPUT
rm -f yubihsm-setup-$PLATFORM-amd64.tar.gz
tar -C .. -zcvf ../yubihsm-setup-$PLATFORM-amd64.tar.gz yubihsm-setup
rm -f *.deb
rm -rf licenses
rm -rf ../yubihsm-setup


Ubuntu2004-Build:
name: Ubuntu2004
runs-on: ubuntu-20.04
env:
YUBIHSMSDK_VERSION: 2021-08
- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: "yubihsm-setup-${{ env.PLATFORM }}-amd64"
path: ${{ env.PLATFORM }}

redhat_based:
strategy:
fail-fast: false
matrix:
environment: [
"fedora:39",
"fedora:40",
]

name: build on ${{ matrix.environment }}
runs-on: ubuntu-latest
container: ${{ matrix.environment }}

steps:
- name: Checkout repository
uses: actions/checkout@v2

# download yubihsm-sdk installer from dev.y.c and install it
- name: install yubihsm-shell
run: |
set -e -o pipefail
set -x
- name: clone the Yubico/yubihsm-setup repository
uses: actions/checkout@v3
with:
path: yubihsm-setup

cd ..
curl -L --max-redirs 2 -o - https://developers.yubico.com/YubiHSM2/Releases/yubihsm2-sdk-$YUBIHSMSDK_VERSION-ubuntu2004-amd64.tar.gz |\
tar -xzvf -
cd yubihsm2-sdk
sudo dpkg -i ./libyubihsm*_amd64.deb
- name: extract platform name
env:
DOCKER_IMAGE: ${{ matrix.environment }}
run: |
# Remove everything from DOCKER_IMAGE that is not a letter or a number
PLATFORM=$(echo -n "$DOCKER_IMAGE" | sed -E 's/[^a-zA-Z0-9]//g')
echo "PLATFORM=$PLATFORM" >> $GITHUB_ENV

- name: clone yubihsmrs
- name: install dependencies
env:
PLATFORM: ${{ env.PLATFORM }}
run: |
set -e -o pipefail
set -x
dnf -y update
dnf -y install binutils \
gcc \
gcc-c++ \
git \
chrpath \
cmake \
openssl-devel \
libedit-devel \
libcurl-devel \
rpmdevtools \
pcsc-lite-devel \
libusb1-devel \

curl -o rustup.sh https://sh.rustup.rs
bash ./rustup.sh -y

cd ..
git clone https://github.com/Yubico/yubihsmrs.git
- name: install libyubihsm
run: |
git clone https://github.com/Yubico/yubihsm-shell.git
cd yubihsm-shell
mkdir build
cd build
cmake .. -DBUILD_ONLY_LIB=ON
make

- name: Build yubihsm-setup
- name: clone yubihsmrs
run: |
set -e -o pipefail
set -x
mkdir -p artifact/yubihsm-setup
git clone https://github.com/Yubico/yubihsmrs.git

cd ..
- name: build release binary
working-directory: yubihsm-setup
env:
PLATFORM: ${{ env.PLATFORM }}
run: |

export PATH=$PATH:~/.cargo/bin
if [[ ! -x $(command -v rustc) ]]; then
curl -o rustup.sh https://sh.rustup.rs
bash ./rustup.sh -y
fi
cargo install cargo-deb

cd yubihsm-setup
YUBIHSM_LIB_DIR=$(dpkg -L libyubihsm1 | grep -e "libyubihsm.so.2$" | xargs dirname) cargo build --release
strip --strip-all target/release/yubihsm-setup
cargo deb --no-build
cp target/debian/*.deb artifact/yubihsm-setup/

./target/release/yubihsm-setup --version
./target/release/yubihsm-setup --help

LICENSE_DIR="artifact/yubihsm-setup/share/yubihsm-setup"
mkdir -p $LICENSE_DIR
cp -r resources/release/licenses $LICENSE_DIR/
for lf in $LICENSE_DIR/licenses/*; do
chmod 644 $lf
done

- name: Upload artifact
uses: actions/upload-artifact@v1
OUTPUT=$GITHUB_WORKSPACE/$PLATFORM/yubihsm-setup
mkdir -p $OUTPUT

cargo install cargo-rpm
cargo rpm init
YUBIHSM_LIB_DIR=$GITHUB_WORKSPACE/yubihsm-shell/build/lib cargo build --release
YUBIHSM_LIB_DIR=$GITHUB_WORKSPACE/yubihsm-shell-$LIBYUBIHSM_VERSION/build/lib cargo rpm build
cp target/release/rpmbuild/RPMS/x86_64/*.rpm $OUTPUT/

- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: yubihsm-setup-ubuntu2004-amd64
path: artifact
name: "yubihsm-setup-${{ env.PLATFORM }}-amd64"
path: ${{ env.PLATFORM }}
Loading
Loading