-
Notifications
You must be signed in to change notification settings - Fork 1.1k
140 lines (133 loc) 路 4.42 KB
/
ci-build-binaries.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: Build Binaries
permissions:
contents: read
on:
workflow_call:
inputs:
ref:
required: true
description: "GitHub ref to use"
type: string
os:
required: true
description: "Target OS (i.e.: GOOS)"
type: string
arch:
required: true
description: "Target Architecture (i.e.: GOARCH)"
type: string
build-platform:
required: false
default: ubuntu-latest
description: 'Build platform (i.e.: runs-on) for job'
type: string
dev-version:
required: false
description: "Dev version to bake into the binary"
type: string
version:
required: true
description: "Version to produce"
type: string
version-set:
required: true
description: "Set of language versions to use for builds, lints, releases, etc."
type: string
enable-coverage:
description: "Build coverage instrumented binaries"
default: false
required: false
type: boolean
enable-race-detection:
description: "Build binaries with race detection"
default: false
required: false
type: boolean
defaults:
run:
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
build:
name: ${{ inputs.os }}-${{ inputs.arch }}
runs-on: ${{ inputs.build-platform }}
permissions:
id-token: write
steps:
- name: "Windows cache workaround"
# https://github.com/actions/cache/issues/752#issuecomment-1222415717
# but only modify the path by adding tar.exe
if: ${{ runner.os == 'Windows' }}
env:
TOOL_BIN: ${{ runner.temp }}/tar-bin
run: |
set -x
mkdir -p "${TOOL_BIN}"
cp "C:/Program Files/Git/usr/bin/tar.exe" "${TOOL_BIN}"
PATH="${TOOL_BIN}:${PATH}"
echo "$TOOL_BIN" | tee -a "$GITHUB_PATH"
command -v tar
tar --version
- uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
- name: Configure Go Cache Key
env:
CACHE_KEY: "${{ fromJson(inputs.version-set).go }}-${{ runner.os }}-${{ runner.arch }}"
run: echo "$CACHE_KEY" > .gocache.tmp
- uses: actions/setup-go@v5
with:
go-version: ${{ fromJson(inputs.version-set).go }}
cache: true
cache-dependency-path: |
pkg/go.sum
.gocache.tmp
- name: Setup versioning env vars
run: |
./scripts/versions.sh | tee -a "${GITHUB_ENV}"
- name: Install GoReleaser
uses: goreleaser/goreleaser-action@v3
with:
install-only: true
distribution: goreleaser-pro
# TODO[pulumi/pulumi#13312: Change this to not pin to a version after
# addressing the root cause of why GoReleaser v1.19.0 fails to read
# the configuration.
version: v1.18.2
- name: Set up bin dir
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
GOOS: ${{ inputs.os }}
GOARCH: ${{ inputs.arch }}
run: ./scripts/prep-for-goreleaser.sh local
- name: Show files and permissions
if: ${{ runner.os != 'macOS'}}
run: find bin -type f -printf "%M %p/"\\n
- name: Show files and permissions
if: ${{ runner.os == 'macOS'}}
run: |
brew install findutils
gfind bin -type f -printf "%M %p/"\\n
- name: Package
shell: bash
env:
GORELEASER_CURRENT_TAG: v${{ inputs.version }}
PULUMI_VERSION: ${{ inputs.dev-version || inputs.version }}
PULUMI_BUILD_MODE: ${{ inputs.enable-coverage && 'coverage' || 'normal' }}
PULUMI_ENABLE_RACE_DETECTION: ${{ inputs.enable-race-detection && 'true' || 'false' }}
run: |
set -euxo pipefail
# Spurious, this command requires piping via stdin
# shellcheck disable=SC2002
cat .goreleaser.yml \
| go run github.com/t0yv0/goreleaser-filter@v0.3.0 -goos ${{ inputs.os }} -goarch ${{ inputs.arch }} \
| goreleaser release -f - -p 5 --skip-validate --clean --snapshot
- uses: actions/upload-artifact@v2
if: ${{ inputs.os != 'js' }}
with:
name: artifacts-cli-${{ inputs.os }}-${{ inputs.arch }}
retention-days: 1
path: |
goreleaser/*.tar.gz
goreleaser/*.zip