Skip to content

Build

Build #147

Workflow file for this run

name: Build
# Runs every Tuesday at 9 am UTC
on:
schedule:
- cron: '0 9 * * 2'
workflow_dispatch:
env:
GO111MODULE: on
permissions:
# This is required for configure-aws-credentials to request an OIDC JWT ID token to access AWS resources later on.
# More info: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings
id-token: write
contents: read # This is required for actions/checkout
jobs:
macos-arm64-build:
runs-on: [self-hosted, macos, arm64, 11, release]
timeout-minutes: 120
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
fetch-depth: 1
submodules: recursive
persist-credentials: false
- name: 'Fetch submodule tags'
run: |
git submodule foreach --recursive git fetch --tags
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: 1.20.x
- name: Install dependencies
# QEMU: required by Lima itself
# bash: required by test-example.sh (OS version of bash is too old)
# coreutils: required by test-example.sh for the "timeout" command
# autoconf: required for building vde
# automake: required for building vde
# FileMonitor: required to capture opened files by limactl and qemu-
run: |
brew update
brew install qemu bash coreutils
brew install autoconf automake
brew install cpanm
brew upgrade
sudo cpanm install JSON
curl -OL https://bitbucket.org/objective-see/deploy/downloads/FileMonitor_1.3.0.zip
rm -rf /Applications/FileMonitor.app
unzip FileMonitor_1.3.0.zip -d /Applications
shell: zsh {0}
- name: Make and release deps
run: |
(cd src/lima && git clean -f -d)
make -C src/lima PREFIX=/opt/homebrew all install
./bin/lima-and-qemu.pl
mv src/lima/lima-and-qemu.tar.gz src/lima/lima-and-qemu.macos-aarch64.tar.gz
shell: zsh {0}
- name: Upload MacOS build
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: lima-and-qemu.macos-arm64
path: ./src/lima/lima-and-qemu.macos*
if-no-files-found: error
- name: Make and release source code of dependencies
run: make download-sources
- name: Upload MacOS build
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: DependenciesSourceCode.tar.gz
path: ./downloads/dependency-sources.tar.gz
if-no-files-found: error
macos-x86-build:
runs-on: [self-hosted, macos, amd64, 11, release]
timeout-minutes: 120
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
fetch-depth: 1
submodules: recursive
persist-credentials: false
- name: 'Fetch submodule tags'
run: |
git submodule foreach --recursive git fetch --tags
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: 1.20.x
- name: Install dependencies
# QEMU: required by Lima itself
# bash: required by test-example.sh (OS version of bash is too old)
# coreutils: required by test-example.sh for the "timeout" command
# autoconf: required for building vde
# automake: required for building vde
# FileMonitor: required to capture opened files by limactl and qemu-
run: |
brew update
brew install qemu bash coreutils
brew install autoconf automake
brew install cpanm
brew upgrade
sudo cpanm install JSON
curl -OL https://bitbucket.org/objective-see/deploy/downloads/FileMonitor_1.3.0.zip
rm -rf /Applications/FileMonitor.app
unzip FileMonitor_1.3.0.zip -d /Applications
shell: zsh {0}
- name: Make and release deps
run: |
(cd src/lima && git clean -f -d)
make -C src/lima PREFIX=/usr/local all install
./bin/lima-and-qemu.pl
mv src/lima/lima-and-qemu.tar.gz src/lima/lima-and-qemu.macos-x86_64.tar.gz
shell: zsh {0}
- name: Upload MacOS build
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: lima-and-qemu.macos-x86
path: ./src/lima/lima-and-qemu.macos*
if-no-files-found: error
macos-arm64-ventura-build:
runs-on: [self-hosted, macos, arm64, 13, release]
timeout-minutes: 60
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
fetch-depth: 1
submodules: recursive
persist-credentials: false
- name: 'Fetch submodule tags'
run: |
git submodule foreach --recursive git fetch --tags
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: 1.20.x
- name: Create Ventura limactl tarball
working-directory: src/lima
run: |
make clean && make exe codesign
tar cfz limactl.ventura.arm64.tar.gz -C _output/bin limactl
- name: Upload Ventura build
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: limactl.ventura.arm64
path: src/lima/limactl.ventura.arm64.tar.gz
if-no-files-found: error
macos-x86_64-ventura-build:
runs-on: [self-hosted, macos, amd64, 13, release]
timeout-minutes: 60
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
fetch-depth: 1
submodules: recursive
persist-credentials: false
- name: 'Fetch submodule tags'
run: |
git submodule foreach --recursive git fetch --tags
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: 1.20.x
- name: Create Ventura limactl tarball
working-directory: src/lima
run: |
make clean && make exe codesign
tar cfz limactl.ventura.x86_64.tar.gz -C _output/bin limactl
- name: Upload Ventura build
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: limactl.ventura.x86_64
path: src/lima/limactl.ventura.x86_64.tar.gz
if-no-files-found: error
release:
runs-on: ubuntu-latest
timeout-minutes: 10
needs:
- macos-x86-build
- macos-arm64-build
- macos-x86_64-ventura-build
- macos-arm64-ventura-build
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
fetch-depth: 1
persist-credentials: false
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ secrets.ROLE }}
role-session-name: dependency-upload-session
aws-region: ${{ secrets.REGION }}
- name: Download MacOS ARM64 build
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.2v3
with:
name: lima-and-qemu.macos-arm64
path: build
- name: Download MacOS x86_64 build
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.2v3
with:
name: lima-and-qemu.macos-x86
path: build
- name: Download MacOS ARM64 Ventura build
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.2v3
with:
name: limactl.ventura.arm64
path: build
- name: Download MacOS x86_64 Ventura build
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.2v3
with:
name: limactl.ventura.x86_64
path: build
- name: Generate Timestamp
id: timestamp
run: echo "::set-output name=value::$(date +%s)"
- name: Add Ventura builds to tarballs
run: |
timestamp=${{ steps.timestamp.outputs.value }}
mkdir -p build/lima-and-qemu.macos-aarch64/bin
tar -xzf build/lima-and-qemu.macos-aarch64.tar.gz -C build/lima-and-qemu.macos-aarch64
tar -xzf build/limactl.ventura.arm64.tar.gz -C build/lima-and-qemu.macos-aarch64/bin
tar -czf build/lima-and-qemu.macos-aarch64.${timestamp}.tar.gz -C build/lima-and-qemu.macos-aarch64 .
sha512sum build/lima-and-qemu.macos-aarch64.${timestamp}.tar.gz | cut -d " " -f 1 > build/lima-and-qemu.macos-aarch64.${timestamp}.tar.gz.sha512sum
mkdir -p build/lima-and-qemu.macos-x86_64/bin
tar -xzf build/lima-and-qemu.macos-x86_64.tar.gz -C build/lima-and-qemu.macos-x86_64
tar -xzf build/limactl.ventura.x86_64.tar.gz -C build/lima-and-qemu.macos-x86_64/bin
tar -czf build/lima-and-qemu.macos-x86_64.${timestamp}.tar.gz -C build/lima-and-qemu.macos-x86_64 .
sha512sum build/lima-and-qemu.macos-x86_64.${timestamp}.tar.gz | cut -d " " -f 1 > build/lima-and-qemu.macos-x86_64.${timestamp}.tar.gz.sha512sum
- name: Download MacOS dependencies' sources
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.2v3
with:
name: DependenciesSourceCode.tar.gz
path: build
- name: 'Upload to S3'
run: |
timestamp=${{ steps.timestamp.outputs.value }}
aws s3 cp ./build/ s3://${{ secrets.DEPENDENCY_BUCKET_NAME }}/aarch64/ --recursive --exclude "*" --include "lima-and-qemu.macos-aarch64.${timestamp}.tar.gz*"
aws s3 cp ./build/ s3://${{ secrets.DEPENDENCY_BUCKET_NAME }}/x86-64/ --recursive --exclude "*" --include "lima-and-qemu.macos-x86_64.${timestamp}.tar.gz*"
aws s3 cp ./build/ s3://${{ secrets.DEPENDENCY_BUCKET_NAME }} --recursive --exclude "*" --include "dependency-sources.tar.gz"