diff --git a/.github/workflows/release_linux.yml b/.github/workflows/release_linux.yml index 66562ab..04961e0 100644 --- a/.github/workflows/release_linux.yml +++ b/.github/workflows/release_linux.yml @@ -78,11 +78,10 @@ jobs: "ubuntu:23.04", "ubuntu:22.04", "ubuntu:20.04", - "ubuntu:18.04", "debian:12", "debian:11", ] - libyubihsm_tag : [ "2.4.0" ] + libyubihsm_tag : [ "2.5.0" ] name: build on ${{ matrix.environment }} runs-on: ubuntu-latest @@ -150,7 +149,8 @@ jobs: cd .. - git clone --branch $LIBYUBIHSM_TAG https://github.com/Yubico/yubihsm-shell.git + #git clone --branch $LIBYUBIHSM_TAG https://github.com/Yubico/yubihsm-shell.git + git clone https://github.com/Yubico/yubihsm-shell.git cd yubihsm-shell if [ "$PLATFORM" = "debian11" ] || [ "$PLATFORM" = "ubuntu1804" ]; then @@ -206,4 +206,79 @@ jobs: uses: actions/upload-artifact@v3 with: name: "yubihsm-setup-${{ env.PLATFORM }}-amd64" - path: ${{ env.PLATFORM }} \ No newline at end of file + path: ${{ env.PLATFORM }} + + redhat_based: + strategy: + fail-fast: false + matrix: + environment: [ + "fedora:39", + "fedora:40", + ] + + name: build on ${{ matrix.environment }} + runs-on: ubuntu-latest + container: ${{ matrix.environment }} + + steps: + + - name: clone the Yubico/yubihsm-setup repository + uses: actions/checkout@v3 + with: + path: yubihsm-setup + + - name: extract platform name + env: + DOCKER_IMAGE: ${{ matrix.environment }} + run: | + # Remove everything from DOCKER_IMAGE that is not a letter or a number + PLATFORM=$(echo -n "$DOCKER_IMAGE" | sed -E 's/[^a-zA-Z0-9]//g') + echo "PLATFORM=$PLATFORM" >> $GITHUB_ENV + + - name: install dependencies + env: + PLATFORM: ${{ env.PLATFORM }} + run: | + dnf -y update + dnf -y install binutils \ + git \ + cmake \ + openssl-devel \ + libusb1-devel \ + libcurl-devel \ + rpmdevtools \ + pcsc-lite-devel + + curl -o rustup.sh https://sh.rustup.rs + bash ./rustup.sh -y + + - name: install libyubihsm + run: | + git clone https://github.com/Yubico/yubihsm-shell.git + cd yubihsm-shell + mkdir build + cd build + cmake .. -DBUILD_ONLY_LIB=ON + make + + - name: clone yubihsmrs + run: | + git clone https://github.com/Yubico/yubihsmrs.git + + - name: build release binary + working-directory: yubihsm-setup + env: + PLATFORM: ${{ env.PLATFORM }} + run: | + cargo install cargo-rpm + cargo rpm init + YUBIHSM_LIB_DIR=$GITHUB_WORKSPACE/yubihsm-shell/build/lib cargo build --release + YUBIHSM_LIB_DIR=$GITHUB_WORKSPACE/yubihsm-shell-$LIBYUBIHSM_VERSION/build/lib cargo rpm build + cp target/release/rpmbuild/RPMS/x86_64/*.rpm $GITHUB_WORKSPACE/$PLATFORM/yubihsm-setup/ + + - name: upload artifacts + uses: actions/upload-artifact@v3 + with: + name: "yubihsm-setup-${{ env.PLATFORM }}-amd64" + path: ${{ env.PLATFORM }} diff --git a/.github/workflows/release_macos.yml b/.github/workflows/release_macos.yml index 2f711a4..c6f117e 100644 --- a/.github/workflows/release_macos.yml +++ b/.github/workflows/release_macos.yml @@ -5,30 +5,51 @@ on: [push] jobs: MacOS-Build: - runs-on: macos-10.15 + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + include: + - os: macos-latest + arch: amd + - os: macos-latest-xlarge + arch: arm env: + VERSION: 2.6.0 + SO_VERSION: 2 YUBIHSMSDK_VERSION: 2021-08 steps: - - name: Checkout repository - uses: actions/checkout@v2 + - name: Checkout the Yubico/yubihsm-setup repository + uses: actions/checkout@v3 - # download yubihsm-sdk installer from dev.y.c and install it - - name: install yubihsm-shell + - name: Install dependecies run: | set -e -o pipefail set -x - cd .. - curl -L --max-redirs 2 -o yubihsm-sdk-installer.pkg https://developers.yubico.com/YubiHSM2/Releases/yubihsm2-sdk-$YUBIHSMSDK_VERSION-darwin-amd64.pkg - sudo installer -verbose -store -pkg yubihsm-sdk-installer.pkg -target / + brew update + brew install cmake pkg-config gengetopt help2man libusb + brew reinstall openssl@3 - - name: clone yubihsmrs + export PATH=$PATH:~/.cargo/bin + if [[ ! -x $(command -v rustc) ]]; then + curl -o rustup.sh https://sh.rustup.rs + bash ./rustup.sh -y + fi + + + - name: install libyubihsm run: | - set -e -o pipefail - set -x + git clone https://github.com/Yubico/yubihsm-shell.git + cd yubihsm-shell + mkdir build + cd build + cmake .. -DBUILD_ONLY_LIB=ON + make - cd .. + - name: clone yubihsmrs + run: | git clone https://github.com/Yubico/yubihsmrs.git - name: Build yubihsm-setup @@ -37,18 +58,10 @@ jobs: set -x mkdir artifact - cd .. - brew install libusb - export PATH=$PATH:~/.cargo/bin - if [[ ! -x $(command -v rustc) ]]; then - curl -o rustup.sh https://sh.rustup.rs - bash ./rustup.sh -y - fi - cd yubihsm-setup - RUSTFLAGS="-C link-args=-Wl,-rpath,\$ORIGIN/../lib" YUBIHSM_LIB_DIR=/usr/local/lib cargo build --release + RUSTFLAGS="-C link-args=-Wl,-rpath,\$ORIGIN/../lib" YUBIHSM_LIB_DIR=$GITHUB_WORKSPACE/yubihsm-shell/build/lib cargo build --release strip -u -r target/release/yubihsm-setup - install target/release/yubihsm-setup artifact + install target/release/yubihsm-setup ../artifact otool -L target/release/yubihsm-setup @@ -56,7 +69,7 @@ jobs: ./target/release/yubihsm-setup --help - name: Upload artifact - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: - name: yubihsm-setup + name: yubihsm-setup-darwin-${{ matrix.arch }}64 path: artifact \ No newline at end of file