blob: fc34a05bba58f27cc68ddf2598239f06124840b3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
name: Publish
on:
pull_request:
push:
branches:
- '*'
tags:
- '*'
jobs:
build_tarballs:
name: Build tarballs
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- uses: cachix/install-nix-action@v18
- name: Build tarballs
run: |
nix-build -A hydraJobs.tarball
install -D ./result/tarballs/*.tar.bz2 ./dist/patchelf-$(cat version).tar.bz2
install -D ./result/tarballs/*.tar.gz ./dist/patchelf-$(cat version).tar.gz
- uses: actions/upload-artifact@v3
with:
name: patchelf
path: dist/*
build_binaries:
name: Build static musl binaries
needs: [build_tarballs]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
platform: ["amd64", "i386", "ppc64le", "arm64v8", "arm32v7", "s390x"]
steps:
- name: Set up QEMU
if: matrix.platform != 'amd64'
uses: docker/setup-qemu-action@v2
- uses: actions/download-artifact@v3
with:
name: patchelf
path: dist
- name: Build binaries
env:
CXXFLAGS: "-D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Werror=format-security -O2 -static"
run: |
cat <<EOF > build.sh
set -e
set -x
apk add build-base
tar -xf dist/*.tar.bz2
rm -f dist/*
cd patchelf-*
./configure --prefix /patchelf
make check
make install-strip
cd -
tar -czf ./dist/patchelf-\$(cat patchelf-*/version)-\$(uname -m).tar.gz -C /patchelf .
EOF
if [ "${{ matrix.platform }}" == "i386" ]; then
ENTRYPOINT=linux32
else
ENTRYPOINT=
fi
docker run -e CXXFLAGS -v $(pwd):/gha ${{ matrix.platform }}/alpine:3.16 ${ENTRYPOINT} sh -ec "cd /gha && sh ./build.sh"
- name: Check binaries
run: |
cat <<EOF > check.sh
set -e
set -x
tar -xf ./dist/patchelf-*-*.tar.gz
./bin/patchelf --version
EOF
docker run -v $(pwd):/gha ${{ matrix.platform }}/debian:stable-slim sh -ec "cd /gha && sh ./check.sh"
- uses: actions/upload-artifact@v3
with:
name: patchelf
path: dist/*
publish:
name: Publish tarballs & binaries
needs: [build_tarballs, build_binaries]
if: github.event_name == 'push' && github.repository == 'NixOS/patchelf' && startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
- uses: actions/download-artifact@v3
with:
name: patchelf
path: dist
- name: Upload binaries to release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: dist/*
tag: ${{ github.ref }}
overwrite: true
file_glob: true
|