Packaging #796
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Packaging | |
on: | |
push: | |
# Don't run on dev branches because when testing changes we may want to | |
# run with the single_job argument set to speed up testing and avoid | |
# wasting resources, but the automatic run will just run all of the jobs. | |
branches: | |
- 'main' | |
workflow_dispatch: | |
inputs: | |
single_job: | |
description: 'Run only the specified job' | |
required: false | |
type: string | |
default: '' | |
schedule: | |
- cron: '0 0 * * 0' | |
# TODO: Use a matrix here for the different permutations of settings to invoke the reusable workflow with? | |
jobs: | |
full: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'full' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: full_ | |
strict_mode: true | |
cross_build_rules: pkg/rules/cross-build-rules.yml | |
cross_build_args: --no-default-features | |
docker_org: ximoneighteen | |
docker_repo: ploutos-testing_full | |
docker_build_rules: pkg/rules/docker-build-rules.yml | |
package_build_rules: | | |
image: | |
- "ubuntu:bionic" | |
- "ubuntu:jammy" # ubuntu/22.04 | |
- "debian:stretch" | |
- "debian:buster" | |
- "debian:bullseye" | |
- "debian:bookworm" | |
- "centos:7" | |
- "rockylinux:8" # compatible with RHEL/CentOS 8 | |
- "rockylinux:9" # compatible with RHEL 9 | |
target: x86_64 | |
include: | |
# package for the Raspberry Pi 1b as an ARMv6 cross compiled variant of the Debian Buster upon which | |
# Raspbian 10 is based. | |
- image: "debian:buster" | |
target: "arm-unknown-linux-gnueabihf" | |
deb_extra_lintian_args: "--suppress-tags binary-without-manpage,changelog-not-compressed-with-max-compression" | |
- image: "centos:7" | |
systemd_service_unit_file: "pkg/common/mytest.mytest.*" | |
target: "x86_64" | |
# CentOS 8 became EOL and is in theory still usable as a build container as there is still a Docker image | |
# available, and package installation can be done by switching the yum config in the container to use packages | |
# from the CentOS 8 vault rather than the now offline actual CentOS 8 repository. However, due to experiencing | |
# lots of timed out connections to the vault we will build the CentOS 8 compatible package in a Rocky Linux | |
# container instead, as Rocky Linux is 100% compatible with CentOS 8. The server at packages.nlnetlabs.nl | |
# however has a repo for CentOS 8, not Rocky Linux, and determines the repo to publish in based on the name of | |
# the archive that we produce below which is in turn based by default on the container image used to build. We | |
# therefore in this case need to specify that the O/S we are building for has a different name than the Docker | |
# image we are building it in. | |
- image: "rockylinux:8" | |
systemd_service_unit_file: "pkg/common/mytest.mytest.*" | |
target: "x86_64" | |
os: "centos:8" | |
rpm_rpmlint_check_filters: "no-documentation no-manual-page-for-binary" | |
- image: "rockylinux:9" | |
systemd_service_unit_file: "pkg/common/mytest.mytest.*" | |
target: "x86_64" | |
rpm_rpmlint_check_filters: "no-documentation no-manual-page-for-binary" | |
- image: "ubuntu:bionic" | |
deb_extra_lintian_args: "--suppress-tags binary-without-manpage,changelog-not-compressed-with-max-compression" | |
- image: "ubuntu:jammy" | |
deb_extra_lintian_args: "--suppress-tags no-manual-page,changelog-not-compressed-with-max-compression" | |
- image: "debian:stretch" | |
deb_extra_lintian_args: "--suppress-tags binary-without-manpage,changelog-not-compressed-with-max-compression" | |
- image: "debian:buster" | |
deb_extra_lintian_args: "--suppress-tags binary-without-manpage,changelog-not-compressed-with-max-compression" | |
- image: "debian:bullseye" | |
deb_extra_lintian_args: "--suppress-tags binary-without-manpage,changelog-not-compressed-with-max-compression" | |
- image: "debian:bookworm" | |
deb_extra_lintian_args: "--suppress-tags binary-without-manpage,changelog-not-compressed-with-max-compression" | |
package_test_rules: pkg/rules/package-test-rules.yml | |
package_test_scripts_path: pkg/test-scripts/test-<package>.sh | |
deb_extra_build_packages: libssl-dev | |
deb_apt_key_url: "https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/apt-key.asc" | |
deb_apt_source: "deb https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/${OS_NAME}/ ${OS_REL} main" | |
rpm_scriptlets_path: pkg/rpm/scriptlets.toml | |
rpm_yum_key_url: "https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/yum-key.asc" | |
rpm_yum_repo: | | |
[nlnetlabs] | |
name=NLnet Labs | |
baseurl=https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/centos/$releasever/main/$basearch | |
enabled=1 | |
check_full: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'full' }} | |
runs-on: ubuntu-latest | |
needs: full | |
steps: | |
- name: Check Docker image publication | |
if: ${{ (contains(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') && !needs.full.outputs.docker_images_published }} | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.setFailed("Expected Docker images to have been published but output `docker_images_published` is false") | |
- name: Check Docker manifest publication | |
if: ${{ (contains(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') && !needs.full.outputs.docker_manifest_published }} | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.setFailed("Expected Docker manifest to have been published but output `docker_manifest_published` is false") | |
minimal: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'minimal' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
no_test_scripts: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'no_test_scripts' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: no_test_scripts_ | |
cross_build_args: --no-default-features | |
docker_org: ximoneighteen | |
docker_repo: ploutos-testing_no_test_scripts | |
docker_build_rules: pkg/rules/docker-build-rules.yml | |
package_build_rules: pkg/rules/package-build-rules.yml | |
package_test_rules: pkg/rules/package-test-rules.yml | |
deb_extra_build_packages: libssl-dev | |
deb_apt_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/apt-key.asc' | |
deb_apt_source: 'deb https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/${OS_NAME}/ ${OS_REL} main' | |
rpm_scriptlets_path: pkg/rpm/scriptlets.toml | |
rpm_yum_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/yum-key.asc' | |
rpm_yum_repo: | | |
[nlnetlabs] | |
name=NLnet Labs | |
baseurl=https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/centos/$releasever/main/$basearch | |
enabled=1 | |
default_tests: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'default_tests' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: default_tests_ | |
cross_build_args: --no-default-features | |
docker_org: ximoneighteen | |
docker_repo: ploutos-testing_default_tests | |
docker_build_rules: pkg/rules/docker-build-rules.yml | |
package_build_rules: pkg/rules/package-build-rules.yml | |
package_test_scripts_path: pkg/test-scripts/test-<package>.sh | |
deb_extra_build_packages: libssl-dev | |
deb_apt_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/apt-key.asc' | |
deb_apt_source: 'deb https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/${OS_NAME}/ ${OS_REL} main' | |
rpm_scriptlets_path: pkg/rpm/scriptlets.toml | |
default_tests_with_upgrades: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'default_tests_with_upgrades' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: default_tests_with_upgrades_ | |
package_build_rules: | | |
pkg: | |
- "mytest" | |
image: | |
- "ubuntu:bionic" | |
- "ubuntu:jammy" | |
- "debian:buster" | |
- "rockylinux:8" | |
mode: | |
- "fresh-install" | |
target: | |
- "x86_64" | |
test-image: | |
- "" | |
include: | |
- pkg: "mytest" | |
image: "ubuntu:jammy" | |
target: "x86_64" | |
mode: "upgrade-from-published" | |
- pkg: "mytest" | |
image: "rockylinux:8" | |
systemd_service_unit_file: "pkg/common/mytest.mytest.*" | |
target: "x86_64" | |
mode: "fresh-install" | |
- pkg: "mytest" | |
image: "rockylinux:8" | |
systemd_service_unit_file: "pkg/common/mytest.mytest.*" | |
target: "x86_64" | |
mode: "upgrade-from-published" | |
- pkg: "mytest" | |
image: "rockylinux:8" | |
target: "x86_64" | |
test-image: "almalinux:8" | |
- pkg: "mytest" | |
image: "rockylinux:8" | |
target: "x86_64" | |
test-image: "centos:9-Stream" | |
package_test_scripts_path: pkg/test-scripts/test-<package>.sh | |
deb_extra_build_packages: libssl-dev | |
deb_apt_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/apt-key.asc' | |
deb_apt_source: 'deb https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/${OS_NAME}/ ${OS_REL} main' | |
rpm_scriptlets_path: pkg/rpm/scriptlets.toml | |
rpm_yum_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/yum-key.asc' | |
rpm_yum_repo: | | |
[nlnetlabs] | |
name=NLnet Labs | |
baseurl=https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/centos/$releasever/main/$basearch | |
enabled=1 | |
no_tests: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'no_tests' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: no_tests_ | |
cross_build_args: --no-default-features | |
docker_org: ximoneighteen | |
docker_repo: ploutos-testing_no_tests | |
docker_build_rules: pkg/rules/docker-build-rules.yml | |
package_build_rules: pkg/rules/package-build-rules.yml | |
package_test_rules: none | |
deb_extra_build_packages: libssl-dev | |
deb_apt_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/apt-key.asc' | |
deb_apt_source: 'deb https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/${OS_NAME}/ ${OS_REL} main' | |
rpm_scriptlets_path: pkg/rpm/scriptlets.toml | |
rpm_yum_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/yum-key.asc' | |
rpm_yum_repo: | | |
[nlnetlabs] | |
name=NLnet Labs | |
baseurl=https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/centos/$releasever/main/$basearch | |
enabled=1 | |
no_docker: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'no_docker' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
with: | |
artifact_prefix: no_docker_ | |
cross_build_args: --no-default-features | |
package_build_rules: pkg/rules/package-build-rules.yml | |
package_test_rules: pkg/rules/package-test-rules.yml | |
package_test_scripts_path: pkg/test-scripts/test-<package>.sh | |
deb_extra_build_packages: libssl-dev | |
deb_apt_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/apt-key.asc' | |
deb_apt_source: 'deb https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/${OS_NAME}/ ${OS_REL} main' | |
rpm_scriptlets_path: pkg/rpm/scriptlets.toml | |
rpm_yum_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/yum-key.asc' | |
rpm_yum_repo: | | |
[nlnetlabs] | |
name=NLnet Labs | |
baseurl=https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/centos/$releasever/main/$basearch | |
enabled=1 | |
only_docker: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'only_docker' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: only_docker_ | |
cross_build_args: --no-default-features | |
docker_org: ximoneighteen | |
docker_repo: ploutos-testing_only_docker | |
docker_build_rules: pkg/rules/docker-build-rules.yml | |
check_only_docker: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'only_docker' }} | |
runs-on: ubuntu-latest | |
needs: only_docker | |
steps: | |
- name: Check Docker image publication | |
if: ${{ (contains(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') && !needs.only_docker.outputs.docker_images_published }} | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.setFailed("Expected Docker images to have been published but output `docker_images_published` is false") | |
- name: Check Docker manifest publication | |
if: ${{ (contains(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') && !needs.only_docker.outputs.docker_manifest_published }} | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.setFailed("Expected Docker manifest to have been published but output `docker_manifest_published` is false") | |
docker_no_secrets: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'docker_no_secrets' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
with: | |
artifact_prefix: docker_no_secrets_ | |
docker_org: ximoneighteen | |
docker_repo: ploutos-testing_docker_no_secrets | |
docker_build_rules: | | |
platform: ["linux/amd64"] | |
shortname: ["amd64"] | |
mode: ["build"] | |
no_cross: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'no_cross' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: no_cross_ | |
docker_org: ximoneighteen | |
docker_repo: ploutos-testing_no_cross | |
docker_build_rules: pkg/rules/docker-build-rules-no-cross.yml | |
package_build_rules: pkg/rules/package-build-rules-no-cross.yml | |
package_test_rules: pkg/rules/package-test-rules-no-cross.yml | |
package_test_scripts_path: pkg/test-scripts/test-<package>.sh | |
deb_extra_build_packages: libssl-dev | |
deb_apt_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/apt-key.asc' | |
deb_apt_source: 'deb https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/${OS_NAME}/ ${OS_REL} main' | |
rpm_scriptlets_path: pkg/rpm/scriptlets.toml | |
rpm_yum_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/yum-key.asc' | |
rpm_yum_repo: | | |
[nlnetlabs] | |
name=NLnet Labs | |
baseurl=https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/centos/$releasever/main/$basearch | |
enabled=1 | |
check_no_cross: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'no_cross' }} | |
runs-on: ubuntu-latest | |
needs: no_cross | |
steps: | |
- name: Check Docker image publication | |
if: ${{ (contains(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') && !needs.no_cross.outputs.docker_images_published }} | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.setFailed("Expected Docker images to have been published but output `docker_images_published` is false") | |
- name: Check Docker manifest publication | |
if: ${{ (contains(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') && !needs.no_cross.outputs.docker_manifest_published }} | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.setFailed("Expected Docker manifest to have been published but output `docker_manifest_published` is false") | |
test_with_alt_pkg: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'test_with_alt_pkg' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: test_with_alt_pkg | |
package_build_rules: | | |
pkg: | |
- "mytest" | |
- "myalt" | |
image: | |
- "rockylinux:9" | |
mode: | |
- "fresh-install" | |
target: | |
- "x86_64" | |
include: | |
- pkg: "mytest" | |
image: "rockylinux:9" | |
systemd_service_unit_file: "pkg/common/mytest.mytest.*" | |
target: "x86_64" | |
package_test_scripts_path: pkg/test-scripts/test-<package>.sh | |
rpm_scriptlets_path: pkg/rpm/scriptlets.toml | |
test_with_cargo_workspace: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'test_with_cargo_workspace' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7 | |
secrets: inherit | |
with: | |
artifact_prefix: test_with_cargo_workspace_ | |
manifest_dir: virtual | |
workspace_package: app | |
package_build_rules: | | |
pkg: | |
- "app" | |
image: | |
- "rockylinux:8" | |
- "ubuntu:jammy" | |
mode: | |
- "fresh-install" | |
target: | |
- "x86_64" | |
test_with_obsolete_pkg_replacement: | |
if: ${{ inputs.single_job == '' || inputs.single_job == 'test_with_obsolete_pkg_replacement' }} | |
uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@120-upgrade-cargo-generate-rpm-to-support-posttrans | |
secrets: inherit | |
with: | |
artifact_prefix: test_with_obsolete_pkg_replacement_ | |
manifest_dir: successor | |
package_build_rules: | | |
pkg: | |
- "successor" | |
image: | |
- "rockylinux:8" | |
- "ubuntu:jammy" | |
target: | |
- "x86_64" | |
package_test_rules: | | |
pkg: | |
- "successor" | |
published_pkg: | |
- "mytest" | |
image: | |
- "ubuntu:jammy" # ubuntu/22.04 | |
- "rockylinux:8" | |
mode: | |
- "upgrade-from-published" | |
target: | |
- "x86_64" | |
package_test_scripts_path: successor/pkg/test-scripts/test-successor.sh | |
deb_apt_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/apt-key.asc' | |
deb_apt_source: 'deb https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/${OS_NAME}/ ${OS_REL} main' | |
rpm_scriptlets_path: successor/pkg/rpm/scriptlets.toml | |
rpm_yum_key_url: 'https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/yum-key.asc' | |
rpm_yum_repo: | | |
[nlnetlabs] | |
name=NLnet Labs | |
baseurl=https://raw.githubusercontent.com/NLnetLabs/ploutos-testing/main/repo/linux/centos/$releasever/main/$basearch | |
enabled=1 | |