GithubActions: Change build order #47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Building release binaries on Linux" | |
on: [push] | |
jobs: | |
Ubuntu2004-Build: | |
name: Ubuntu2004 | |
runs-on: ubuntu-20.04 | |
env: | |
YUBIHSMSDK_VERSION: 2021-08 | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
# download yubihsm-sdk installer from dev.y.c and install it | |
- name: install yubihsm-shell | |
run: | | |
set -e -o pipefail | |
set -x | |
cd .. | |
curl -L --max-redirs 2 -o - https://developers.yubico.com/YubiHSM2/Releases/yubihsm2-sdk-$YUBIHSMSDK_VERSION-ubuntu2004-amd64.tar.gz |\ | |
tar -xzvf - | |
cd yubihsm2-sdk | |
sudo dpkg -i ./libyubihsm*_amd64.deb | |
- name: clone yubihsmrs | |
run: | | |
set -e -o pipefail | |
set -x | |
cd .. | |
git clone https://github.com/Yubico/yubihsmrs.git | |
- name: Build yubihsm-setup | |
run: | | |
set -e -o pipefail | |
set -x | |
mkdir -p artifact/yubihsm-setup | |
cd .. | |
export PATH=$PATH:~/.cargo/bin | |
if [[ ! -x $(command -v rustc) ]]; then | |
curl -o rustup.sh https://sh.rustup.rs | |
bash ./rustup.sh -y | |
fi | |
cargo install cargo-deb | |
cd yubihsm-setup | |
YUBIHSM_LIB_DIR=$(dpkg -L libyubihsm1 | grep -e "libyubihsm.so.2$" | xargs dirname) cargo build --release | |
strip --strip-all target/release/yubihsm-setup | |
cargo deb --no-build | |
cp target/debian/*.deb artifact/yubihsm-setup/ | |
./target/release/yubihsm-setup --version | |
./target/release/yubihsm-setup --help | |
LICENSE_DIR="artifact/yubihsm-setup/share/yubihsm-setup" | |
mkdir -p $LICENSE_DIR | |
cp -r resources/release/licenses $LICENSE_DIR/ | |
for lf in $LICENSE_DIR/licenses/*; do | |
chmod 644 $lf | |
done | |
- name: Upload artifact | |
uses: actions/upload-artifact@v1 | |
with: | |
name: yubihsm-setup-ubuntu2004-amd64 | |
path: artifact | |
debian_based: | |
strategy: | |
fail-fast: false | |
matrix: | |
environment: [ | |
"ubuntu:23.04", | |
"ubuntu:22.04", | |
"ubuntu:20.04", | |
"ubuntu:18.04", | |
"debian:12", | |
"debian:11", | |
] | |
libyubihsm_tag : [ "2.4.0" ] | |
name: build on ${{ matrix.environment }} | |
runs-on: ubuntu-latest | |
container: ${{ matrix.environment }} | |
steps: | |
- name: clone the Yubico/yubihsm-setup repository | |
uses: actions/checkout@v3 | |
with: | |
path: yubihsm-setup | |
- name: extract platform name | |
env: | |
DOCKER_IMAGE: ${{ matrix.environment }} | |
run: | | |
# Remove everything from DOCKER_IMAGE that is not a letter or a number | |
PLATFORM=$(echo -n "$DOCKER_IMAGE" | sed -E 's/[^a-zA-Z0-9]//g') | |
echo "PLATFORM=$PLATFORM" >> $GITHUB_ENV | |
- name: install dependencies | |
env: | |
CC: ${{ matrix.cc }} | |
DEBIAN_FRONTEND: noninteractive | |
run: | | |
set -x | |
export DEBIAN_FRONTEND=noninteractive | |
apt-get update && apt-get dist-upgrade -y | |
apt-get install -y build-essential \ | |
chrpath \ | |
cmake \ | |
pkg-config \ | |
gengetopt \ | |
help2man \ | |
libedit-dev \ | |
libcurl4-openssl-dev \ | |
liblzma-dev \ | |
libssl-dev \ | |
libseccomp-dev \ | |
libusb-1.0.0-dev \ | |
dh-exec \ | |
git-buildpackage \ | |
curl \ | |
libpcsclite-dev \ | |
file \ | |
curl \ | |
jq | |
curl -o rustup.sh https://sh.rustup.rs | |
bash ./rustup.sh -y | |
export PATH=$PATH:$HOME/.cargo/bin | |
cargo install cargo-deb | |
- name: install libyubihsm | |
working-directory: yubihsm-setup | |
env: | |
LIBYUBIHSM_TAG: ${{ matrix.libyubihsm_tag }} | |
run: | | |
cd .. | |
git clone --branch $LIBYUBIHSM_TAG https://github.com/Yubico/yubihsm-shell.git | |
cd yubihsm-shell | |
mkdir build | |
cd build | |
cmake .. -DBUILD_ONLY_LIB=ON | |
make | |
- name: clone yubihsmrs | |
working-directory: yubihsm-setup | |
run: | | |
set -x | |
cd .. | |
git clone https://github.com/Yubico/yubihsmrs.git | |
- name: Build binary | |
working-directory: yubihsm-setup | |
env: | |
PLATFORM: ${{ env.PLATFORM }} | |
run: | | |
set -x | |
OUTPUT=$GITHUB_WORKSPACE/$PLATFORM/yubihsm-setup | |
mkdir -p $OUTPUT | |
export PATH=$PATH:$HOME/.cargo/bin | |
#YUBIHSM_LIB_DIR=$(dpkg -L libyubihsm1 | grep -e "libyubihsm.so.2$" | xargs dirname) cargo build --release | |
YUBIHSM_LIB_DIR=$GITHUB_WORKSPACE/yubihsm-shell/build/lib cargo build --release | |
LD_LIBRARY_PATH=$GITHUB_WORKSPACE/yubihsm-shell/build/lib cargo deb --no-build | |
strip --strip-all target/release/yubihsm-setup | |
cp target/debian/*.deb $OUTPUT/ | |
./target/release/yubihsm-setup version | |
./target/release/yubihsm-setup --help | |
LICESE_DIR="$OUTPUT/share/yubihsm-setup" | |
mkdir -p $LICESE_DIR | |
cp -r $GITHUB_WORKSPACE/yubihsm-setup/resources/release/licenses $LICESE_DIR/ | |
for lf in $LICESE_DIR/licenses/*; do | |
chmod 644 $lf | |
done | |
cd $OUTPUT | |
rm -f yubihsm-setup-$PLATFORM-amd64.tar.gz | |
tar -C .. -zcvf ../yubihsm-setup-$PLATFORM-amd64.tar.gz yubihsm-setup | |
rm -f *.deb | |
rm -rf licenses | |
rm -rf ../yubihsm-setup | |
- name: upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: "yubihsm-setup-${{ env.PLATFORM }}-amd64" | |
path: ${{ env.PLATFORM }} |