From 8d138d2525f5c34e5f4afb830f2b49c94a6bde77 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Sun, 20 Nov 2022 14:29:28 +0100 Subject: [PATCH 1/4] ci: build slim packages on macos arm64 --- .github/actions/package-macos/action.yaml | 29 ++++++++++++++-------- .github/workflows/build_slim_packages.yaml | 4 +-- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/.github/actions/package-macos/action.yaml b/.github/actions/package-macos/action.yaml index 57c7910a8..efa9ac812 100644 --- a/.github/actions/package-macos/action.yaml +++ b/.github/actions/package-macos/action.yaml @@ -30,25 +30,29 @@ runs: shell: bash run: | brew update - brew install curl zip unzip kerl coreutils openssl@1.1 + brew install curl zip unzip coreutils openssl@1.1 echo "/usr/local/opt/bison/bin" >> $GITHUB_PATH echo "/usr/local/bin" >> $GITHUB_PATH + echo "OTP_SOURCE_PATH=$HOME/otp-${{ inputs.otp }}" >> $GITHUB_ENV + echo "OTP_INSTALL_PATH=/opt/erlang/${{ inputs.otp }}" >> $GITHUB_ENV - uses: actions/cache@v3 id: cache with: - path: ~/.kerl/${{ inputs.otp }} + path: /opt/erlang/${{ inputs.otp }} key: otp-install-${{ inputs.otp }}-${{ inputs.os }}-static-ssl-disable-hipe-disable-jit - name: build erlang if: steps.cache.outputs.cache-hit != 'true' shell: bash - env: - KERL_BUILD_BACKEND: git - OTP_GITHUB_URL: https://github.com/emqx/otp - KERL_CONFIGURE_OPTIONS: --disable-dynamic-ssl-lib --with-ssl=/usr/local/opt/openssl@1.1 --disable-hipe --disable-jit run: | - kerl update releases - kerl build ${{ inputs.otp }} - kerl install ${{ inputs.otp }} $HOME/.kerl/${{ inputs.otp }} + if [ -d "$OTP_SOURCE_PATH" ]; then + rm -rf "$OTP_SOURCE_PATH" + fi + git clone --depth 1 --branch OTP-${{ inputs.otp }} https://github.com/emqx/otp.git "$OTP_SOURCE_PATH" + cd "$OTP_SOURCE_PATH" + ./configure --disable-dynamic-ssl-lib --with-ssl=$(brew --prefix openssl@1.1) --disable-hipe --disable-jit --prefix="$OTP_INSTALL_PATH" + make -j$(nproc) + rm -rf "$OTP_INSTALL_PATH" + make install - name: build ${{ inputs.profile }} env: AUTO_INSTALL_BUILD_DEPS: 1 @@ -61,13 +65,16 @@ runs: APPLE_DEVELOPER_ID_BUNDLE_PASSWORD: ${{ inputs.apple_developer_id_bundle_password }} shell: bash run: | - . $HOME/.kerl/${{ inputs.otp }}/activate + export PATH="$OTP_INSTALL_PATH/bin:$PATH" make ensure-rebar3 - sudo cp rebar3 /usr/local/bin/rebar3 + mkdir -p $HOME/bin + cp rebar3 $HOME/bin/rebar3 + export PATH="$HOME/bin:$PATH" make ${{ inputs.profile }}-tgz - name: test ${{ inputs.profile }} shell: bash run: | + export PATH="$OTP_INSTALL_PATH/bin:$PATH" pkg_name=$(find _packages/${{ inputs.profile }} -mindepth 1 -maxdepth 1 -iname \*.zip) mkdir emqx unzip -d emqx $pkg_name > /dev/null diff --git a/.github/workflows/build_slim_packages.yaml b/.github/workflows/build_slim_packages.yaml index 0e3e3d036..1a5cd6c77 100644 --- a/.github/workflows/build_slim_packages.yaml +++ b/.github/workflows/build_slim_packages.yaml @@ -135,6 +135,7 @@ jobs: - 24.3.4.2-1 os: - macos-11 + - macos-12-arm64 runs-on: ${{ matrix.os }} @@ -143,7 +144,6 @@ jobs: - name: prepare run: | echo "EMQX_NAME=${{ matrix.profile }}" >> $GITHUB_ENV - echo "BUILD_WITH_QUIC=1" >> $GITHUB_ENV - uses: ./.github/actions/package-macos with: profile: ${{ matrix.profile }} @@ -155,7 +155,7 @@ jobs: apple_developer_id_bundle_password: ${{ secrets.APPLE_DEVELOPER_ID_BUNDLE_PASSWORD }} - uses: actions/upload-artifact@v3 with: - name: macos + name: ${{ matrix.os }} path: _packages/**/* spellcheck: From f02e4af09a7682bdda828bf04c0f881fe8fa067e Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Sun, 20 Nov 2022 16:19:28 +0100 Subject: [PATCH 2/4] ci: use user home dir for otp install --- .github/actions/package-macos/action.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/actions/package-macos/action.yaml b/.github/actions/package-macos/action.yaml index efa9ac812..52581c4c4 100644 --- a/.github/actions/package-macos/action.yaml +++ b/.github/actions/package-macos/action.yaml @@ -31,14 +31,15 @@ runs: run: | brew update brew install curl zip unzip coreutils openssl@1.1 + mkdir -p $HOME/src $HOME/otp echo "/usr/local/opt/bison/bin" >> $GITHUB_PATH echo "/usr/local/bin" >> $GITHUB_PATH - echo "OTP_SOURCE_PATH=$HOME/otp-${{ inputs.otp }}" >> $GITHUB_ENV - echo "OTP_INSTALL_PATH=/opt/erlang/${{ inputs.otp }}" >> $GITHUB_ENV + echo "OTP_SOURCE_PATH=$HOME/src/otp-${{ inputs.otp }}" >> $GITHUB_ENV + echo "OTP_INSTALL_PATH=$HOME/otp/${{ inputs.otp }}" >> $GITHUB_ENV - uses: actions/cache@v3 id: cache with: - path: /opt/erlang/${{ inputs.otp }} + path: $HOME/otp/${{ inputs.otp }} key: otp-install-${{ inputs.otp }}-${{ inputs.os }}-static-ssl-disable-hipe-disable-jit - name: build erlang if: steps.cache.outputs.cache-hit != 'true' From 262e53eed258a011601e3e83090708f17450ad53 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Sun, 20 Nov 2022 16:38:55 +0100 Subject: [PATCH 3/4] chore: ensure macos keychain does not exist when signing binaries --- scripts/macos-sign-binaries.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/macos-sign-binaries.sh b/scripts/macos-sign-binaries.sh index fed55faef..68a0216fa 100755 --- a/scripts/macos-sign-binaries.sh +++ b/scripts/macos-sign-binaries.sh @@ -24,6 +24,7 @@ base64 --decode > "${PKSC12_FILE}" <<<"${APPLE_DEVELOPER_ID_BUNDLE}" KEYCHAIN='emqx.keychain-db' KEYCHAIN_PASSWORD="$(openssl rand -base64 32)" +security delete-keychain "${KEYCHAIN}" 2>/dev/null || true security create-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN}" security set-keychain-settings -lut 21600 "${KEYCHAIN}" security unlock-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN}" From d0d99378b4f7413079c3decd393a2dd6b809cac0 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Tue, 22 Nov 2022 11:01:12 +0100 Subject: [PATCH 4/4] ci: define otp source and install path in one place --- .github/actions/package-macos/action.yaml | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/.github/actions/package-macos/action.yaml b/.github/actions/package-macos/action.yaml index 52581c4c4..37284e8b6 100644 --- a/.github/actions/package-macos/action.yaml +++ b/.github/actions/package-macos/action.yaml @@ -26,25 +26,30 @@ inputs: runs: using: composite steps: - - name: prepare + - id: prepare shell: bash run: | brew update brew install curl zip unzip coreutils openssl@1.1 - mkdir -p $HOME/src $HOME/otp echo "/usr/local/opt/bison/bin" >> $GITHUB_PATH echo "/usr/local/bin" >> $GITHUB_PATH - echo "OTP_SOURCE_PATH=$HOME/src/otp-${{ inputs.otp }}" >> $GITHUB_ENV - echo "OTP_INSTALL_PATH=$HOME/otp/${{ inputs.otp }}" >> $GITHUB_ENV + echo "emqx_name=${emqx_name}" >> $GITHUB_OUTPUT + OTP_SOURCE_PATH="$HOME/src/otp-${{ inputs.otp }}" + OTP_INSTALL_PATH="$HOME/otp/${{ inputs.otp }}" + echo "OTP_SOURCE_PATH=$OTP_SOURCE_PATH" >> $GITHUB_OUTPUT + echo "OTP_INSTALL_PATH=$OTP_INSTALL_PATH" >> $GITHUB_OUTPUT + mkdir -p "$OTP_SOURCE_PATH" "$OTP_INSTALL_PATH" - uses: actions/cache@v3 id: cache with: - path: $HOME/otp/${{ inputs.otp }} + path: ${{ steps.prepare.outputs.OTP_INSTALL_PATH }} key: otp-install-${{ inputs.otp }}-${{ inputs.os }}-static-ssl-disable-hipe-disable-jit - name: build erlang if: steps.cache.outputs.cache-hit != 'true' shell: bash run: | + OTP_SOURCE_PATH="${{ steps.prepare.outputs.OTP_SOURCE_PATH }}" + OTP_INSTALL_PATH="${{ steps.prepare.outputs.OTP_INSTALL_PATH }}" if [ -d "$OTP_SOURCE_PATH" ]; then rm -rf "$OTP_SOURCE_PATH" fi @@ -66,7 +71,7 @@ runs: APPLE_DEVELOPER_ID_BUNDLE_PASSWORD: ${{ inputs.apple_developer_id_bundle_password }} shell: bash run: | - export PATH="$OTP_INSTALL_PATH/bin:$PATH" + export PATH="${{ steps.prepare.outputs.OTP_INSTALL_PATH }}/bin:$PATH" make ensure-rebar3 mkdir -p $HOME/bin cp rebar3 $HOME/bin/rebar3 @@ -75,7 +80,7 @@ runs: - name: test ${{ inputs.profile }} shell: bash run: | - export PATH="$OTP_INSTALL_PATH/bin:$PATH" + export PATH="${{ steps.prepare.outputs.OTP_INSTALL_PATH }}/bin:$PATH" pkg_name=$(find _packages/${{ inputs.profile }} -mindepth 1 -maxdepth 1 -iname \*.zip) mkdir emqx unzip -d emqx $pkg_name > /dev/null