Skip to content

Add Fedora 38 and Rockylinux 8 and 9 #408

Add Fedora 38 and Rockylinux 8 and 9

Add Fedora 38 and Rockylinux 8 and 9 #408

Workflow file for this run

---
name: Builds
on:
push:
pull_request:
release:
tags:
- 'v*'
types: [published]
workflow_dispatch:
jobs:
source_dist:
name: "Source dist"
if: >
github.actor!='dependabot[bot]' &&
github.event_name!='pull_request' &&
( github.ref_type=='tag' || github.ref_type=='branch' )
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Save version info
run: |
git log -1 > ./git.info
- name: Fetch json-parser
run: |
make json-parser/configure
- name: debug
run: "env | sort"
- name: Get tag/branch name
run: |
if [ "$GITHUB_REF_TYPE" = 'branch' ]; then
echo -n "0+branch+$GITHUB_REF_NAME" > /tmp/version
elif [ "$GITHUB_REF_TYPE" = 'tag' ]; then
echo -n "$GITHUB_REF_NAME" > /tmp/version
else
exit 1
fi
export PWL_VERSION=$(cat /tmp/version | tr -C 'a-zA-Z0-9._+' '_')
echo PWL_VERSION=${PWL_VERSION} >> $GITHUB_ENV
echo SRC_FILE=pam-weblogin-${PWL_VERSION}.source.tar.xz >> $GITHUB_ENV
- name: Create source tarball
run: |
tar -cJ -f /tmp/${SRC_FILE} \
--transform "s,^\./,pam-weblogin-${PWL_VERSION}/," --sort=name \
--owner=0 --group=0 --mode=u=rwX,go=rX \
--exclude-vcs --exclude='**/.github' \
.
- name: Show what we are shipping
run: |
tar tvJf /tmp/${SRC_FILE}
- name: Create Artifact
uses: actions/upload-artifact@v3
with:
name: "dist-source"
path: "/tmp/${{env.SRC_FILE}}"
build_tests:
name: Build tests
if: always()
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- { os: ubuntu-20.04, compiler: gcc, version: 4.8 }
- { os: ubuntu-20.04, compiler: gcc, version: 5 }
- { os: ubuntu-20.04, compiler: gcc, version: 6 }
- { os: ubuntu-20.04, compiler: gcc, version: 7 }
- { os: ubuntu-20.04, compiler: gcc, version: 8 }
- { os: ubuntu-22.04, compiler: gcc, version: 9 }
- { os: ubuntu-22.04, compiler: gcc, version: 10 }
- { os: ubuntu-22.04, compiler: gcc, version: 11 }
- { os: ubuntu-22.04, compiler: gcc, version: 12 }
- { os: ubuntu-22.04, compiler: gcc, version: 13 }
- { os: ubuntu-20.04, compiler: clang, version: 9 }
- { os: ubuntu-20.04, compiler: clang, version: 10 }
- { os: ubuntu-20.04, compiler: clang, version: 11 }
- { os: ubuntu-20.04, compiler: clang, version: 12 }
- { os: ubuntu-22.04, compiler: clang, version: 13 }
- { os: ubuntu-22.04, compiler: clang, version: 14 }
- { os: ubuntu-22.04, compiler: clang, version: 15 }
- { os: ubuntu-22.04, compiler: clang, version: 16 }
- { os: macos-11, compiler: native }
- { os: macos-12, compiler: native }
# set CC to 'cc' for MacOS and the (e.g.) clang-12 for Linux
env:
CC: ${{ matrix.compiler == 'native' && 'cc' || format('{0}-{1}',matrix.compiler,matrix.version) }}
steps:
# - name: Housekeeping
# run: |
# sudo apt-get purge man-db
# if: runner.os == 'Linux'
- name: Add source for old gcc packages (ubuntu 18.04)
run: |
sudo tee "/etc/apt/sources.list.d/bionic.list" << EOF
deb http://azure.archive.ubuntu.com/ubuntu bionic main universe
deb http://azure.archive.ubuntu.com/ubuntu bionic-security main universe
EOF
cat /etc/apt/sources.list
ls -la /etc/apt/sources.list.d
sudo apt update
if: runner.os == 'Linux' && matrix.compiler == 'gcc' && matrix.version < 7
- name: Install gcc
run: |
sudo add-apt-repository --yes --update ppa:ubuntu-toolchain-r/test
sudo apt-get install --yes gcc-${{matrix.version}}
if: runner.os == 'Linux' && matrix.compiler == 'gcc'
- name: Install clang
run: |
wget https://apt.llvm.org/llvm.sh
sudo bash ./llvm.sh ${{ matrix.version }}
if: runner.os == 'Linux' && matrix.compiler == 'clang'
- name: Show compiler version
run: $CC --version
- name: Install dependencies
run: |
sudo apt-get install --yes libpam0g-dev libcurl4-openssl-dev
if: runner.os == 'Linux'
- name: Checkout
uses: actions/checkout@v3
- name: Test compilation
run: |
make all
- name: Test make clean
run: |
make clean
make clean
rm -rf json-parser/
make clean
build_rpm:
name: Build RPMs
needs:
- source_dist
strategy:
fail-fast: false
matrix:
include:
- { name: "centos7", container: "centos:7" }
- { name: "fedora37", container: "fedora:37" }
- { name: "fedora38", container: "fedora:38" }
- { name: "rockylinux8", container: "rockylinux:8" }
- { name: "rockylinux9", container: "rockylinux:9" }
runs-on: "ubuntu-latest"
steps:
- name: Get tag/branch name
run: |
if [ "$GITHUB_REF_TYPE" = 'branch' ]; then
echo -n "0+branch+$GITHUB_REF_NAME" > /tmp/version
elif [ "$GITHUB_REF_TYPE" = 'tag' ]; then
echo -n "$GITHUB_REF_NAME" > /tmp/version
else
exit 1
fi
export PWL_VERSION=$(cat /tmp/version | tr -C 'a-zA-Z0-9._+' '_')
echo PWL_VERSION=${PWL_VERSION} >> $GITHUB_ENV
echo SRC_FILE=pam-weblogin-${PWL_VERSION}.source.tar.xz >> $GITHUB_ENV
- name: Fetch source
id: fetch_source
uses: actions/download-artifact@v3
with:
name: "dist-source"
path: "."
- name: Show source-dist
run: |
ls -la ${{steps.fetch_source.outputs.download-path}}
sha1sum ${{steps.fetch_source.outputs.download-path}}/* || true
sha256sum ${{steps.fetch_source.outputs.download-path}}/* || true
- name: Prepare build dir
run: |
mkdir -p rpmbuild/SOURCES
cp -v ${{steps.fetch_source.outputs.download-path}}/${SRC_FILE} rpmbuild/SOURCES
ls -la rpmbuild/SOURCES
tar -xvJ --wildcards --strip-components 1 -f ${{steps.fetch_source.outputs.download-path}}/${SRC_FILE} '*.spec'
- name: Prepare container image
run: >
echo "
FROM ${{matrix.container}}
RUN yum install -y epel-release || true
RUN yum install -y rpm-build pandoc
COPY pam-weblogin.spec /tmp/pwl.spec
RUN command -v dnf && dnf install -y 'dnf-command(builddep)' || true
RUN command -v dnf && dnf builddep -y /tmp/pwl.spec || yum-builddep -y /tmp/pwl.spec
RUN rm /tmp/pwl.spec
RUN gcc --version
" > Dockerfile;
docker build -f Dockerfile -t pwl-${{matrix.name}} .
- name: build RPM package
run: >
docker run -v `pwd`/rpmbuild:/root/rpmbuild/ \
-v $(pwd)/pam-weblogin.spec:/pam-weblogin.spec \
pwl-${{matrix.name}} \
/bin/sh -c '
rpmbuild -ba --define "pwl_version ${{env.PWL_VERSION}}" --define "pwl_distro ${{matrix.name}}" pam-weblogin.spec;
rpm -qlp rpmbuild/RPMS/x86_64/*.rpm
'
- name: debug
run: ls -laR rpmbuild
- name: gather generated rpms
run: |
mkdir results
cp rpmbuild/RPMS/x86_64/*.rpm rpmbuild/SRPMS/*.rpm results/
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: rpm_${{matrix.name}}
path: "results/*"
build_deb:
name: Build DEBs
needs:
- source_dist
strategy:
fail-fast: false
matrix:
include:
- { name: "debian12", container: "debian:12" }
- { name: "debian11", container: "debian:11" }
- { name: "debian10", container: "debian:10" }
- { name: "ubuntu2204", container: "ubuntu:22.04" }
runs-on: "ubuntu-latest"
steps:
- name: Install dependencies
run: |
sudo apt-get install --yes pandoc
- name: Get tag/branch name
run: |
if [ "$GITHUB_REF_TYPE" = 'branch' ]; then
echo -n "0+branch+$GITHUB_REF_NAME" > /tmp/version
elif [ "$GITHUB_REF_TYPE" = 'tag' ]; then
echo -n "$GITHUB_REF_NAME" > /tmp/version
else
exit 1
fi
export PWL_VERSION=$(cat /tmp/version | tr -C 'a-zA-Z0-9.+' '-')
echo PWL_VERSION=${PWL_VERSION} >> $GITHUB_ENV
echo BUILD_DIR=libpam-weblogin_${PWL_VERSION}-${{matrix.name}}-1_amd64 >> $GITHUB_ENV
echo SRC_FILE=pam-weblogin-${PWL_VERSION}.source.tar.xz >> $GITHUB_ENV
echo BUILD_ARCH=$(dpkg-architecture -q DEB_BUILD_MULTIARCH) >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v3
with:
path: pwl-checkout
- name: Prepare container image
run: >
echo "
FROM ${{matrix.container}}
RUN apt update; apt upgrade -y
RUN apt-get install -y build-essential git libpam0g-dev libcurl4-openssl-dev
RUN gcc --version
" > Dockerfile;
docker build -f Dockerfile -t pwl-${{matrix.name}} .
- name: Build binaries
run: >
docker run -v `pwd`/pwl-checkout:/root/pam-weblogin \
pwl-${{matrix.name}} \
/bin/sh -c 'cd /root/pam-weblogin; make'
- name: Debug
run: ls -laR pwl-checkout/src/*.so
- name: Prepare build dir
run: |
mkdir -p ${BUILD_DIR}/DEBIAN
mkdir -p ${BUILD_DIR}/etc/pam.d
mkdir -p ${BUILD_DIR}/lib/${BUILD_ARCH}/security/
mkdir -p ${BUILD_DIR}/usr/share/doc/pam-weblogin/
cp pwl-checkout/src/pam_weblogin.so ${BUILD_DIR}/lib/${BUILD_ARCH}/security/pam_weblogin.so
cp pwl-checkout/pam-weblogin.conf.sample ${BUILD_DIR}/etc/pam-weblogin.conf
pandoc pwl-checkout/README.md -t plain > ${BUILD_DIR}/usr/share/doc/pam-weblogin/README
echo "Package: libpam-weblogin
Version: ${PWL_VERSION}
Section: custom
Priority: optional
Architecture: amd64
Depends: libcurl3-gnutls, libpam0g
Maintainer: SURF <[email protected]>
Description: Pam weblogin module" > ${BUILD_DIR}/DEBIAN/control
cat ${BUILD_DIR}/DEBIAN/control
- name: Build debs in container
run: |
docker run \
-v `pwd`:/work/ \
pwl-${{matrix.name}} \
/bin/sh -c "
cd /work &&
dpkg-deb --build --root-owner-group ${BUILD_DIR}
dpkg -c *.deb
"
- name: Gather generated debs
run: |
mkdir results
cp *.deb results/
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: deb_${{matrix.name}}
path: "results/*"
release:
name: Release
runs-on: ubuntu-latest
needs:
- build_tests
- source_dist
- build_rpm
- build_deb
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Fetch artifacts
id: fetch_artifact
uses: actions/download-artifact@v3
with:
path: "artifacts/"
- name: Gather artifacts for release
run: |
mkdir to_release
cp -v artifacts/**/* to_release/
- name: Create Release
if: "github.ref_type=='tag'"
uses: softprops/action-gh-release@v1
with:
files: "to_release/*"
- name: Advance latest tag
if: "github.ref_type=='branch'"
uses: EndBug/latest-tag@v1
with:
ref: "branch+${{github.ref_name}}"
description: "Latest commit in the main branch"
- name: Remove all previous "latest" releases
if: "github.ref_type=='branch'"
uses: dev-drprasad/[email protected]
with:
keep_latest: 0
delete_tag_pattern: "branch+${{github.ref_name}}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release for branch
if: "github.ref_type=='branch'"
uses: softprops/action-gh-release@v1
with:
name: "Latest from branch ${{github.ref_name}}"
tag_name: "branch+${{github.ref_name}}"
prerelease: true
files: "to_release/*"