forked from secondlife/action-autobuild
-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yaml
319 lines (291 loc) · 11.6 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
name: Autobuild
description: Build and package an autobuild project
inputs:
archive-format:
type: string
description: Autobuild package compression format (tbz2, tzst, etc.)
default: tzst
checkout:
type: boolean
description: Perform git checkout
default: true
checkout-build-variables:
type: boolean
description: Perform git checkout of build-variables
default: true
deploy-token:
type: string
description: Deploy key to access private submodules
default: ${{ github.token }}
setup-python:
type: boolean
description: Install python using actions/python
default: true
setup-autobuild:
type: boolean
description: Install autobuild using secondlife/setup-autobuild
default: true
configure-args:
type: string
description: Additional arguments passed to autobuild configure
build-args:
type: string
description: Additional arguments passed to autobuild build
addrsize:
type: string
description: AUTOBUILD_ADDRSIZE
default: "64"
token:
type: string
description: AUTOBUILD_GITHUB_TOKEN
build-variables-repo:
type: string
description: build-variables repository
default: secondlife/build-variables
build-variables-ref:
type: string
description: build-variables repository ref
default: viewer
build-id:
type: string
description: "Built id (default: commit sha)"
default: SHA
file:
type: string
description: "Target autobuild.xml file"
default: autobuild.xml
autobuild-version:
type: string
description: Version of autobuild to install
default: 3.*
pip-packages:
type: string
description: Additional pip packages to install
mysys2-packages:
type: string
description: Additional mysys2 packages to install
apt-packages:
type: string
description: Additional apt packages to install
brew-packages:
type: string
description: Additional homebrew packages to install
platform:
type: string
description: Autobuild platform
configuration:
type: string
description: Autobuild configuration
artifact-name:
type: string
description: Name of artifact to upload, defaults to the autobuild package name
setup-macos-codesign:
type: boolean
description: Enable apple code signing for artifacts
default: false
macos-p12-base64:
description: The certificates in a PKCS12 file encoded as a base64 string.
macos-p12-password:
description: The password used to import the PKCS12 file.
macos-p12-id:
description: The PKCS12 identifier.
macos-cert-id:
type: string
description: Name of artifact to upload, defaults to the autobuild package name
shallow:
type: boolean
description: Use shallow clone
default: false
outputs:
package-name:
value: ${{ steps.autobuild.outputs.package_name }}
package-filename:
value: ${{ steps.autobuild.outputs.package_filename }}
package-basename:
value: ${{ steps.autobuild.outputs.package_basename }}
package-platform:
value: ${{ steps.autobuild.outputs.package_platform }}
package-md5:
value: ${{ steps.autobuild.outputs.package_md5 }}
package-blake2b:
value: ${{ steps.autobuild.outputs.package_blake2b }}
package-sha1:
value: ${{ steps.autobuild.outputs.package_sha1 }}
package-sha256:
value: ${{ steps.autobuild.outputs.package_sha256 }}
runs:
using: composite
steps:
- name: Disable autocrlf
shell: bash
if: runner.os == 'Windows'
run: git config --global core.autocrlf input
- name: Checkout
uses: actions/checkout@v4
if: inputs.checkout
with:
# Work around the fact that in the context of a pull request github.sha
# references a dynamic merge commit rather than the branch head
# https://frontside.com/blog/2020-05-26-github-actions-pull_request/#how-does-pull_request-affect-actionscheckout
ref: ${{ github.event.pull_request.head.sha || github.sha }}
fetch-depth: ${{ fromJSON(inputs.shallow) && 1 || 0 }} # Fetch all history for SCM version
submodules: recursive
lfs: true
token: ${{ inputs.deploy-token }}
- name: Create short SHA
id: sha
shell: bash
env:
SHA: ${{ github.event.pull_request.head.sha || github.sha }}
run: |
echo "long=$SHA" >> $GITHUB_OUTPUT
echo "short=${SHA:0:7}" >> $GITHUB_OUTPUT
- name: Checkout build variables
uses: actions/checkout@v4
if: ${{ fromJSON(inputs.checkout-build-variables) }}
with:
repository: ${{ inputs.build-variables-repo }}
ref: ${{ inputs.build-variables-ref }}
path: .build-variables
- name: Setup python
uses: actions/setup-python@v5
if: ${{ fromJSON(inputs.setup-python) }}
with:
python-version: 3.x
- name: Setup autobuild
shell: bash
env:
VERSION: ${{ inputs.autobuild-version }}
if: ${{ fromJSON(inputs.setup-autobuild) }}
run: |
if [[ $VERSION =~ ^[0-9] ]]; then
pip install "autobuild==$VERSION"
else
pip install "autobuild @ git+https://github.com/secondlife/autobuild@$VERSION"
fi
- name: Setup pip packages
if: ${{ inputs.pip-packages }}
shell: bash
run: |
pip install ${{ inputs.pip-packages }}
- name: Setup mysys2
if: ${{ runner.os == 'Windows' && inputs.mysys2-packages }}
shell: bash
run: pacman -Sy --noconfirm ${{ inputs.mysys2-packages }}
- name: Setup Apt Packages
if: ${{ runner.os == 'Linux' && inputs.apt-packages }}
shell: bash
run: |
sudo apt-get update
sudo apt-get -y install ${{ inputs.apt-packages }}
- name: Select Xcode 16.0
if: ${{ runner.os == 'macOS' }}
shell: bash
run: sudo xcode-select -s /Applications/Xcode_16.0.app/Contents/Developer
- name: Setup Homebrew Packages
if: ${{ runner.os == 'macOS' && inputs.brew-packages }}
shell: bash
run: brew install ${{ inputs.brew-packages }}
- name: Set up macOS code signing
id: mac-keychain
if: ${{ runner.os == 'macOS' && fromJSON(inputs.setup-macos-codesign) && inputs.macos-p12-base64 && inputs.macos-p12-password }}
env:
BUILD_CERTIFICATE_BASE64: ${{ inputs.macos-p12-base64 }}
BUILD_CERTIFICATE_PASSWORD: ${{ inputs.macos-p12-password }}
shell: bash
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
KEYCHAIN_PASSWORD=$(openssl rand -hex 32)
echo "::add-mask::$KEYCHAIN_PASSWORD"
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH > /dev/null 2>&1
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH > /dev/null 2>&1
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH > /dev/null 2>&1
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH > /dev/null 2>&1
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$BUILD_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH > /dev/null 2>&1
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH > /dev/null 2>&1
security list-keychain -d user -s $KEYCHAIN_PATH > /dev/null 2>&1
echo "keychain-path=${KEYCHAIN_PATH}" >> $GITHUB_OUTPUT
- name: Cache installables
uses: actions/cache@v4
id: cache-installables
with:
path: ${{ github.workspace }}/.autobuild-installables
key: ${{ runner.os }}-${{ runner.arch }}-${{ inputs.configuration }}-${{ hashFiles('autobuild.xml') }}
- name: Determine branch
id: which-branch
shell: bash
run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
- name: Run autobuild
shell: bash
id: autobuild
env:
AUTOBUILD: autobuild # Expected by some 3p build scripts
AUTOBUILD_ADDRSIZE: ${{ inputs.addrsize }}
AUTOBUILD_BUILD_ID: ${{ github.run_id }}
AUTOBUILD_CONFIG_FILE: ${{ inputs.file }}
AUTOBUILD_GITHUB_TOKEN: ${{ inputs.token }}
AUTOBUILD_INSTALLABLE_CACHE: ${{ github.workspace }}/.autobuild-installables
AUTOBUILD_KEYCHAIN_PATH: ${{ steps.mac-keychain.outputs.keychain-path }}
AUTOBUILD_KEYCHAIN_ID: ${{ inputs.macos-p12-id }}
AUTOBUILD_VARIABLES_FILE: ${{ github.workspace }}/.build-variables/variables
AUTOBUILD_VCS_BRANCH: ${{ steps.which-branch.outputs.branch || github.ref_name }}
AUTOBUILD_VCS_INFO: "true"
AUTOBUILD_VCS_REVISION: ${{ steps.sha.outputs.long }}
AUTOBUILD_VCS_URL: ${{ github.repositoryUrl }}
BUILD_ID: ${{ inputs.build-id }}
CONFIGURATION: ${{ inputs.configuration }}
MSYS2_ARG_CONV_EXCL: "*" # Disable MSYS2 path conversion
PLATFORM: ${{ inputs.platform }}
SHORT_SHA: ${{ steps.sha.outputs.short }}
WINDOWS: ${{ runner.os == 'Windows' }}
WORKSPACE: ${{ github.workspace }}
run: |
use_scm_version="$(autobuild print --json | jq -j .package_description.use_scm_version)"
use_scm_version="$(echo $use_scm_version | tr '[:upper:]' '[:lower:]')"
if [[ ! -z "$CONFIGURATION" ]]; then
export AUTOBUILD_CONFIGURATION="$CONFIGURATION"
fi
if [[ ! -z "$PLATFORM" ]]; then
export AUTOBUILD_PLATFORM="$PLATFORM"
fi
autobuild install
autobuild configure ${{ inputs.configure-args }}
autobuild build --no-configure ${{ inputs.build-args }}
autobuild package --results-file autobuild-results.json --archive-format ${{ inputs.archive-format }}
autobuild graph --type mermaid > autobuild-graph.mermaid
- name: Read results
id: results
shell: bash
run: |
package_filename="$(cat autobuild-results.json | jq -j .autobuild_package_filename)"
package_md5="$(cat autobuild-results.json | jq -j .autobuild_package_md5)"
package_sha1="$(cat autobuild-results.json | jq -j .autobuild_package_sha1)"
package_sha256="$(cat autobuild-results.json | jq -j .autobuild_package_sha256)"
package_blake2b="$(cat autobuild-results.json | jq -j .autobuild_package_blake2b)"
package_platform="$(cat autobuild-results.json | jq -j .autobuild_package_platform)"
package_name="$(cat autobuild-results.json | jq -j .autobuild_package_name)"
# Get basename of package (needs to work for windows and *nix)
package_basename="${package_filename##*/}"
package_basename="${package_basename##*\\}"
package_basename_no_ext="$(basename $package_basename .tar.zst)"
echo "package_basename=$package_basename" >> $GITHUB_OUTPUT
echo "package_basename_no_ext=$package_basename_no_ext" >> $GITHUB_OUTPUT
echo "package_filename=$package_filename" >> $GITHUB_OUTPUT
echo "package_md5=$package_md5" >> $GITHUB_OUTPUT
echo "package_sha1=$package_sha1" >> $GITHUB_OUTPUT
echo "package_sha256=$package_sha256" >> $GITHUB_OUTPUT
echo "package_blake2b=$package_blake2b" >> $GITHUB_OUTPUT
echo "package_name=$package_name" >> $GITHUB_OUTPUT
echo "package_platform=$package_platform" >> $GITHUB_OUTPUT
- uses: actions/upload-artifact@v4
with:
name: ${{ inputs.artifact-name || steps.results.outputs.package_basename_no_ext }}
path: |
${{ steps.results.outputs.package_filename }}
autobuild-results.json
autobuild-graph.mermaid