diff --git a/.github/workflows/benchmark_visualization.yml b/.github/workflows/benchmark_visualization.yml index 753857b4b..359a295dd 100644 --- a/.github/workflows/benchmark_visualization.yml +++ b/.github/workflows/benchmark_visualization.yml @@ -17,7 +17,7 @@ env: jobs: benchmark: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: Checkout main branch uses: actions/checkout@v4 @@ -37,7 +37,7 @@ jobs: path: ${{github.workspace}}/benchmark/performanceTest/output/results.json download-and-convert-benchmark-result-to-visualization-data: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 needs: benchmark steps: - name: Checkout main branch @@ -67,7 +67,7 @@ jobs: push-benchmark-result-gh-pages: name: Push benchmark result to Github-pages - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 needs: download-and-convert-benchmark-result-to-visualization-data strategy: matrix: diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5cca90164..d38487abe 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,7 +34,7 @@ jobs: # up a codebuild project. https://docs.aws.amazon.com/codebuild/latest/userguide/action-runner.html # Then, replace 'soci-snapshotter-instance' with the name of the project you created. name: Setup Build Matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: matrix: # We're using a matrix with a single entry so that we can define some config as YAML rather than diff --git a/.github/workflows/bump-deps.yml b/.github/workflows/bump-deps.yml index 5c5bdb92b..2bc57b8b0 100644 --- a/.github/workflows/bump-deps.yml +++ b/.github/workflows/bump-deps.yml @@ -20,7 +20,7 @@ jobs: # Don't bother bumping deps on forks. if: ${{ github.repository == 'awslabs/soci-snapshotter' || github.event_name == 'workflow_dispatch' }} - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/comparision-test.yml b/.github/workflows/comparision-test.yml index 256adb76d..c940fb880 100644 --- a/.github/workflows/comparision-test.yml +++ b/.github/workflows/comparision-test.yml @@ -9,7 +9,7 @@ env: jobs: check: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 diff --git a/.github/workflows/new-pull-requests.yml b/.github/workflows/new-pull-requests.yml index e0efff80f..b62877bad 100644 --- a/.github/workflows/new-pull-requests.yml +++ b/.github/workflows/new-pull-requests.yml @@ -13,7 +13,7 @@ permissions: jobs: label: if: github.event.pull_request.draft == false - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 permissions: pull-requests: write diff --git a/.github/workflows/prebuild.yml b/.github/workflows/prebuild.yml index 60f4a6635..ff0c6b535 100644 --- a/.github/workflows/prebuild.yml +++ b/.github/workflows/prebuild.yml @@ -12,7 +12,7 @@ env: jobs: check: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 with: @@ -32,7 +32,7 @@ jobs: - run: PATH=$PATH:$(pwd) ./scripts/check-flatc.sh git-secrets: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: Pull latest awslabs/git-secrets repo uses: actions/checkout@v4 @@ -54,7 +54,7 @@ jobs: strategy: matrix: working_dir: ['.', 'cmd'] - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - uses: golangci/golangci-lint-action@v6 @@ -64,13 +64,13 @@ jobs: yamllint: name: yamllint-lint - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - run: yamllint . shellcheck: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 container: koalaman/shellcheck-alpine:v0.10.0 steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml index f38fd34b6..bb92943bb 100644 --- a/.github/workflows/releases.yml +++ b/.github/workflows/releases.yml @@ -19,15 +19,13 @@ permissions: deployments: write jobs: - generate-artifacts: - runs-on: ubuntu-20.04 + setup-environment: + runs-on: ubuntu-22.04 env: - # Set during setup. RELEASE_TAG: '' DYNAMIC_BINARY_NAME: '' STATIC_BINARY_NAME: '' steps: - - uses: actions/checkout@v4 - name: Export cleaned release tag run: | export release_tag=${GITHUB_REF#refs/*/} # Strip down to raw tag name @@ -35,7 +33,6 @@ jobs: - name: Create dummy environment for release if: github.event_name == 'pull_request' run: | - touch THIRD_PARTY_LICENSES echo "RELEASE_TAG=v0.0.0" >> $GITHUB_ENV - name: Setup variables and release directories run: | @@ -43,36 +40,51 @@ jobs: export release_version=${release_tag/v/} # Remove v from tag name echo "DYNAMIC_BINARY_NAME=soci-snapshotter-${release_version}-linux-amd64.tar.gz" >> $GITHUB_ENV echo "STATIC_BINARY_NAME=soci-snapshotter-${release_version}-linux-amd64-static.tar.gz" >> $GITHUB_ENV + outputs: + release_tag: ${{ env.RELEASE_TAG }} + dynamic_binary_name: ${{ env.DYNAMIC_BINARY_NAME }} + static_binary_name: ${{ env.STATIC_BINARY_NAME }} - mkdir release + generate-artifacts: + needs: setup-environment + runs-on: ubuntu-22.04 + container: + image: public.ecr.aws/ubuntu/ubuntu:20.04 + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version: ${{ env.GO_VERSION }} + - name: install build dependencies + run: bash scripts/install-build-dependencies.sh + - name: Create dummy THIRD_PARTY_LICENSES file for pull request + if: github.event_name == 'pull_request' + run: | + touch THIRD_PARTY_LICENSES - name: Create release binaries - run: make RELEASE_TAG=${{ env.RELEASE_TAG }} release + shell: bash + run: make RELEASE_TAG=${{ needs.setup-environment.outputs.RELEASE_TAG }} release - uses: actions/upload-artifact@v4 with: name: artifacts path: release/ if-no-files-found: error - outputs: - release_tag: ${{ env.RELEASE_TAG }} - dynamic_binary_name: ${{ env.DYNAMIC_BINARY_NAME }} - static_binary_name: ${{ env.STATIC_BINARY_NAME }} - validate-artifacts: - needs: generate-artifacts - runs-on: ubuntu-20.04 + needs: [setup-environment, generate-artifacts] + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - uses: actions/download-artifact@v4 with: name: artifacts path: release/ - - run: bash scripts/verify-release-artifacts.sh ${{ needs.generate-artifacts.outputs.release_tag }} + - run: bash scripts/verify-release-artifacts.sh ${{ needs.setup-environment.outputs.release_tag }} create-release: if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') - needs: [generate-artifacts, validate-artifacts] - runs-on: ubuntu-20.04 + needs: [setup-environment, validate-artifacts] + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - uses: actions/download-artifact@v4 @@ -84,7 +96,7 @@ jobs: prerelease: false generate_release_notes: false files: | - ${{ needs.generate-artifacts.outputs.dynamic_binary_name }} - ${{ needs.generate-artifacts.outputs.dynamic_binary_name }}.sha256sum - ${{ needs.generate-artifacts.outputs.static_binary_name }} - ${{ needs.generate-artifacts.outputs.static_binary_name }}.sha256sum + ${{ needs.setup-environment.outputs.dynamic_binary_name }} + ${{ needs.setup-environment.outputs.dynamic_binary_name }}.sha256sum + ${{ needs.setup-environment.outputs.static_binary_name }} + ${{ needs.setup-environment.outputs.static_binary_name }}.sha256sum diff --git a/.github/workflows/review-dependencies.yml b/.github/workflows/review-dependencies.yml index 9c31e8c26..972627d6f 100644 --- a/.github/workflows/review-dependencies.yml +++ b/.github/workflows/review-dependencies.yml @@ -9,7 +9,7 @@ on: jobs: review: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: # Write permissions needed to comment review results on PR. diff --git a/.github/workflows/update-getting-started-guide.yml b/.github/workflows/update-getting-started-guide.yml index f5e915327..5eff142d1 100644 --- a/.github/workflows/update-getting-started-guide.yml +++ b/.github/workflows/update-getting-started-guide.yml @@ -17,7 +17,7 @@ on: jobs: test-update-version: if: github.event_name == 'pull_request' - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 permissions: contents: read @@ -35,7 +35,7 @@ jobs: update-version: if: github.event_name == 'release' - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 permissions: # Write permissions needed to create pull request. diff --git a/scripts/install-build-dependencies.sh b/scripts/install-build-dependencies.sh new file mode 100755 index 000000000..4d25f6caa --- /dev/null +++ b/scripts/install-build-dependencies.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# Copyright The Soci Snapshotter Authors. + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# A script to install the build dependencies needed to build SOCI in a +# Ubuntu 20.04 container. +# +# Usage: bash install-build-dependencies.sh + +apt update && apt install -y \ + git \ + make