diff --git a/.cirrus.yml b/.cirrus.yml index f2c079fc..66463e2a 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -22,10 +22,11 @@ task: meson install -C build cd $CIRRUS_WORKING_DIR/output tar cvfJ $CIRRUS_WORKING_DIR/"openSeaChest-$branchName-$(uname -s)-$(uname -r)-$(uname -m).tar.xz" * - $CIRRUS_WORKING_DIR/cirrus_ci_post_freebsd_release.sh + # Removing upload to use the VMActions freebsd build instead so we also get SLSA provenance. + # $CIRRUS_WORKING_DIR/cirrus_ci_post_freebsd_release.sh binaries_artifacts: path: openSeaChest-*.tar.xz - + task: name: windowsservercore:visualstudio2019 diff --git a/.github/workflows/meson.yml b/.github/workflows/meson.yml index 7c542086..f5203361 100644 --- a/.github/workflows/meson.yml +++ b/.github/workflows/meson.yml @@ -195,6 +195,149 @@ jobs: archive_command: "tar cvfJ", image: "vonericsen/muslcc@sha256:04b60fc27f45b69896855da46f5be09fa9816b00e9948bf86cc82e56b8ce4468" } + - { + name: "VMActions OmniOS Build", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "omnios_r151054-x86_64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "r151054", + vm_arch: "x86_64", + } + - { + name: "VMActions Solaris Build", + os: ubuntu-latest, + cc: "gcc", + cxx: "g++", + publish_release: true, + release_name: "solaris_11_4-x86_64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "11.4-gcc", + vm_arch: "x86_64", + } + - { + name: "VMActions FreeBSD 14.3 Build (x86_64)", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "freebsd_14_3-x86_64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "14.3", + vm_arch: "x86_64", + } + - { + name: "VMActions FreeBSD 13.5 Build (x86_64)", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "freebsd_13_5-x86_64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "13.5", + vm_arch: "x86_64", + } + - { + name: "VMActions FreeBSD 14.3 Build (aarch64)", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "freebsd_14_3-aarch64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "14.3", + vm_arch: "aarch64", + } + - { + name: "VMActions FreeBSD 13.5 Build (aarch64)", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "freebsd_13_5-aarch64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "13.5", + vm_arch: "aarch64", + } + - { + name: "VMActions DragonFlyBSD latest Build", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "dragonflybsd-x86_64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "", + vm_arch: "x86_64", + } + - { + name: "VMActions OpenBSD latest Build (x86_64)", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "openbsd-x86_64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "", + vm_arch: "x86_64", + } + - { + name: "VMActions OpenBSD latest Build (aarch64)", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "openbsd-aarch64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "", + vm_arch: "aarch64", + } + - { + name: "VMActions NetBSD latest Build (x86_64)", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "netbsd-x86_64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "", + vm_arch: "x86_64", + } + - { + name: "VMActions NetBSD latest Build (aarch64)", + os: ubuntu-latest, + cc: "", + cxx: "", + publish_release: true, + release_name: "netbsd-aarch64", + release_extension: ".tar.xz", + archive_command: "tar cvfJ", + vm_actions: true, + vm_release: "", + vm_arch: "aarch64", + } outputs: #where hashes need to be stored for slsa provenance #NOTE: Only doing this for builds with "publish_release: true" #format is hash-${{release_name}} for the zipped packages @@ -208,8 +351,19 @@ jobs: hash-linux-armv7l-portable: ${{ steps.hash.outputs.hash-linux-armv7l-portable }} hash-linux-armv6-portable: ${{ steps.hash.outputs.hash-linux-armv6-portable }} hash-linux-armv5l-portable: ${{ steps.hash.outputs.hash-linux-armv5l-portable }} - hash-linux-powerpc64-portable: ${{ steps.hash.outputs.hash-linux-powerpc64-portable }} + hash-linux-powerpc64-portable: ${{ steps.hash.outputs.hash-linux-powerpc64-portable }} hash-linux-powerpc64le-portable: ${{ steps.hash.outputs.hash-linux-powerpc64le-portable }} + hash-omnios_r151054-x86_64: ${{ steps.hash.outputs.hash-omnios_r151054-x86_64 }} + hash-solaris_11_4-x86_64: ${{ steps.hash.outputs.hash-solaris_11_4-x86_64 }} + hash-freebsd_14_3-x86_64: ${{ steps.hash.outputs.hash-freebsd_14_3-x86_64 }} + hash-freebsd_13_5-x86_64: ${{ steps.hash.outputs.hash-freebsd_13_5-x86_64 }} + hash-freebsd_14_3-aarch64: ${{ steps.hash.outputs.hash-freebsd_14_3-aarch64 }} + hash-freebsd_13_5-aarch64: ${{ steps.hash.outputs.hash-freebsd_13_5-aarch64 }} + hash-dragonflybsd-x86_64: ${{ steps.hash.outputs.hash-dragonflybsd-x86_64 }} + hash-openbsd-x86_64: ${{ steps.hash.outputs.hash-openbsd-x86_64 }} + hash-openbsd-aarch64: ${{ steps.hash.outputs.hash-openbsd-aarch64 }} + hash-netbsd-x86_64: ${{ steps.hash.outputs.hash-netbsd-x86_64 }} + hash-netbsd-aarch64: ${{ steps.hash.outputs.hash-netbsd-aarch64 }} steps: - uses: actions/checkout@v5 @@ -229,7 +383,7 @@ jobs: $latestRelease = Invoke-WebRequest -Headers $headers 'https://api.github.com/repos/llvm/llvm-project/releases/latest' $releaseData = $latestRelease.Content | ConvertFrom-Json $assets = $releaseData.assets | Where-Object { $_.name -like "*win64.exe" } - + if ($assets) { $downloadUrl = $assets.browser_download_url echo "LLVM_RELID=$($releaseData.id)" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append @@ -238,7 +392,7 @@ jobs: Write-Host "No current Windows build available for the latest release. Searching for previous releases..." $releases = Invoke-WebRequest -Headers $headers 'https://api.github.com/repos/llvm/llvm-project/releases' $found = $false - + foreach ($release in $releases.Content | ConvertFrom-Json) { $assets = $release.assets | Where-Object { $_.name -like "*win64.exe" } if ($assets) { @@ -249,7 +403,7 @@ jobs: break } } - + if (-not $found) { Write-Host "No Windows build available for any recent releases." exit 0 @@ -283,14 +437,14 @@ jobs: shell: bash - name: Install Meson and Ninja and Build (MUSL container) - if: matrix.config.image != '' + if: matrix.config.image != '' && matrix.config.vm_actions == false run: | meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ ${{ matrix.config.meson_opts }} --buildtype=release meson install -C build - name: Install Meson and Ninja and Build (Github runners) - if: matrix.config.image == '' + if: matrix.config.image == '' && matrix.config.vm_actions == false env: CC: ${{ matrix.config.cc }} CXX: ${{ matrix.config.cxx }} @@ -299,6 +453,130 @@ jobs: meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ ${{ matrix.config.meson_opts }} --buildtype=release meson install -C build + - name: Install Meson and Ninja and Build (VMActions OmniOS) + if: matrix.config.vm_actions == true && startsWith(matrix.config.name, 'VMActions OmniOS') + uses: vmactions/omnios-vm@v1 + with: + envs: 'DESTDIR' + release: ${{ matrix.config.vm_release }} + arch: ${{ matrix.config.vm_arch }} + usesh: true + prepare: | + pkg install pkg:/package/pkg + pkg update + pkg install socat + + run: | + pkg install bison build-essential flex ninja pkg-config + + python3 -m pip install --upgrade pip setuptools wheel --root-user-action=ignore + python3 -m pip install meson --root-user-action=ignore + meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ ${{ matrix.config.meson_opts }} --buildtype=release + meson install -C build + + - name: Install Meson and Ninja and Build (VMActions Solaris) + if: matrix.config.vm_actions == true && startsWith(matrix.config.name, 'VMActions Solaris') + uses: vmactions/solaris-vm@v1 + with: + envs: 'DESTDIR' + release: ${{ matrix.config.vm_release }} + arch: ${{ matrix.config.vm_arch }} + usesh: true + prepare: | + pkg update --accept || true + pkgutil -y -i socat + + ntpdate -u pool.ntp.org + + run: | + pkg install --accept developer/build/meson + + meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ ${{ matrix.config.meson_opts }} --buildtype=release + meson install -C build + + - name: Install Meson and Ninja and Build (VMActions FreeBSD) + if: matrix.config.vm_actions == true && startsWith(matrix.config.name, 'VMActions FreeBSD') + uses: vmactions/freebsd-vm@v1 + with: + envs: 'DESTDIR' + release: ${{ matrix.config.vm_release }} + arch: ${{ matrix.config.vm_arch }} + usesh: true + prepare: | + pkg update + pkg install -y curl + pkg install -y ntp + ntpdate -u pool.ntp.org + + run: | + pkg install -y meson + + meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ ${{ matrix.config.meson_opts }} --buildtype=release + meson install -C build + + - name: Install Meson and Ninja and Build (VMActions DragonFlyBSD) + if: matrix.config.vm_actions == true && startsWith(matrix.config.name, 'VMActions DragonFlyBSD') + uses: vmactions/dragonflybsd-vm@v1 + with: + envs: 'DESTDIR' + release: ${{ matrix.config.vm_release }} + arch: ${{ matrix.config.vm_arch }} + usesh: true + prepare: | + pkg update + pkg install -y socat + /usr/sbin/dntpd -s + + run: | + pkg install -y meson + + meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ ${{ matrix.config.meson_opts }} --buildtype=release + meson install -C build + + - name: Install Meson and Ninja and Build (VMActions OpenBSD) + if: matrix.config.vm_actions == true && startsWith(matrix.config.name, 'VMActions OpenBSD') + uses: vmactions/openbsd-vm@v1 + with: + envs: 'DESTDIR' + release: ${{ matrix.config.vm_release }} + arch: ${{ matrix.config.vm_arch }} + usesh: true + prepare: | + pkg_add curl + + # force a sync in the VM + ntpctl -s status || true + + + run: | + pkg_add meson + + meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ ${{ matrix.config.meson_opts }} --buildtype=release + meson install -C build + + - name: Install Meson and Ninja and Build (VMActions NetBSD) + if: matrix.config.vm_actions == true && startsWith(matrix.config.name, 'VMActions NetBSD') + uses: vmactions/netbsd-vm@v1 + with: + envs: 'DESTDIR' + release: ${{ matrix.config.vm_release }} + arch: ${{ matrix.config.vm_arch }} + usesh: true + prepare: | + /usr/sbin/pkg_add curl + /usr/sbin/pkg_add ntp + + # Removed for now because this crashes from errors in a config file for unknown reasons. + # /usr/pkg/sbin/ntpd -gq + + run: | + /usr/sbin/pkg_add meson + + meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ ${{ matrix.config.meson_opts }} --buildtype=release + meson install -C build + + + # add `GOBIN` to the `PATH` otherwise nfpm in next step can't be found - uses: actions/setup-go@v6 if: ${{ matrix.config.create_package }} @@ -335,6 +613,7 @@ jobs: ARCHIVE_EXT: ${{ matrix.config.release_extension }} run: | cd build + ls -la if [[ "${{ matrix.config.os }}" != "windows-latest" ]]; then if [[ -z "${{ matrix.config.image }}" ]]; then sudo ${{ matrix.config.archive_command }} "${DESTDIR}${ARCHIVE_EXT}" $DESTDIR @@ -354,7 +633,7 @@ jobs: else chown root:root build/"${DESTDIR}${ARCHIVE_EXT}" fi - + - name: Generate Hashes if: ${{ matrix.config.publish_release }} diff --git a/.github/workflows/vmactions.yml b/.github/workflows/vmactions.yml deleted file mode 100644 index 97a9dbcd..00000000 --- a/.github/workflows/vmactions.yml +++ /dev/null @@ -1,177 +0,0 @@ -# SPDX-License-Identifier: MPL-2.0 -name: VMActions CI for meson build - -on: [push] - -jobs: - omnios: - runs-on: ubuntu-latest - name: Build openSeaChest for omnios - steps: - - uses: actions/checkout@v5 - with: - submodules: recursive - - name: Build openSeaChest for OmniOS - id: omni - uses: vmactions/omnios-vm@v1 - with: - usesh: true - prepare: | - pkg install pkg:/package/pkg - pkg update - pkg install socat - - run: | - pkg install bison build-essential flex ninja pkg-config - - python3 -m pip install --upgrade pip setuptools wheel - python3 -m pip install meson - meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ --buildtype=release - meson install -C build - - solaris: - runs-on: ubuntu-latest - name: Build openSeaChest for Solaris - steps: - - uses: actions/checkout@v5 - with: - submodules: recursive - - name: Build openSeaChest for Solaris - id: sol - uses: vmactions/solaris-vm@v1 - with: - release: "11.4-gcc" - usesh: true - prepare: | - pkg update --accept || true - pkgutil -y -i socat - - ntpdate -u pool.ntp.org - - run: | - pkg install --accept developer/build/meson - - meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ --buildtype=release - meson install -C build - - freebsd: - runs-on: ubuntu-latest - name: Build openSeaChest for FreeBSD - strategy: - fail-fast: false - matrix: - config: - - { - name: "FreeBSD 14.3", - releasename: "14.3", - arch: "x86_64", - } - # - { - # name: "FreeBSD 15.0", - # releasename: "15.0", - # arch: "x86_64", - # } - - { - name: "FreeBSD 13.5", - releasename: "13.5", - arch: "x86_64", - } - steps: - - uses: actions/checkout@v5 - with: - submodules: recursive - - name: Build openSeaChest for ${{ matrix.config.name }} - id: freebsd - uses: vmactions/freebsd-vm@v1 - with: - release: ${{ matrix.config.releasename }} - arch: ${{ matrix.config.arch }} - usesh: true - prepare: | - pkg update - pkg install -y curl - pkg install -y ntp - ntpdate -u pool.ntp.org - - run: | - pkg install -y meson - - meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ --buildtype=release - meson install -C build - - dragonflybsd: - runs-on: ubuntu-latest - name: Build openSeaChest for DragonflyBSD - steps: - - uses: actions/checkout@v5 - with: - submodules: recursive - - name: Build openSeaChest for DragonflyBSD - id: dragonfly - uses: vmactions/dragonflybsd-vm@v1 - with: - usesh: true - prepare: | - pkg update - pkg install -y socat - /usr/sbin/dntpd -s - - run: | - pkg install -y meson - - meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ --buildtype=release - meson install -C build - - openbsd: - runs-on: ubuntu-latest - name: Build openSeaChest for OpenBSD - strategy: - fail-fast: false - steps: - - uses: actions/checkout@v5 - with: - submodules: recursive - - name: Build openSeaChest for OpenBSD - id: openbsd - uses: vmactions/openbsd-vm@v1 - with: - usesh: true - prepare: | - pkg_add curl - - # force a sync in the VM - ntpctl -s status || true - - - run: | - pkg_add meson - - meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ --buildtype=release - meson install -C build - - netbsd: - runs-on: ubuntu-latest - name: Build openSeaChest for NetBSD - strategy: - fail-fast: false - steps: - - uses: actions/checkout@v5 - with: - submodules: recursive - - name: Build openSeaChest for NetBSD - id: netbsd - uses: vmactions/netbsd-vm@v1 - with: - usesh: true - prepare: | - /usr/sbin/pkg_add curl - /usr/sbin/pkg_add ntp - - # Removed for now because this crashes from errors in a config file for unknown reasons. - # /usr/pkg/sbin/ntpd -gq - - run: | - /usr/sbin/pkg_add meson - - meson setup build -Dprefix=/ -Dmandir=/man -Dbindir=/ --buildtype=release - meson install -C build \ No newline at end of file