name: Cross build packages concurrency: group: build-${{ github.event_name }}-${{ github.ref }} cancel-in-progress: true on: schedule: - cron: '0 */6 * * *' push: branches: - 'ci/**' tags: - v* - e* workflow_dispatch: inputs: which_branch: required: false jobs: prepare: runs-on: ubuntu-20.04 # prepare source with any OTP version, no need for a matrix container: "ghcr.io/emqx/emqx-builder/5.0-10:1.13.3-24.2.1-1-ubuntu20.04" outputs: BUILD_PROFILES: ${{ steps.get_profiles.outputs.BUILD_PROFILES }} DEP_QUICER_REF: ${{ steps.deps-refs.outputs.DEP_QUICER_REF }} steps: - uses: actions/checkout@v2 with: ref: ${{ github.event.inputs.which_branch }} path: source fetch-depth: 0 - name: Get deps git refs for cache id: deps-refs working-directory: source run: | bash -x scripts/get-dep-refs.sh make clean-all - name: Get profiles to build id: get_profiles run: | tag=${{ github.ref }} case $tag in refs/tags/v*) echo "::set-output name=BUILD_PROFILES::[\"emqx\",\"emqx-edge\"]" ;; refs/tags/e*) echo "::set-output name=BUILD_PROFILES::[\"emqx-enterprise\"]" ;; *) # this is for testing ? echo "::set-output name=BUILD_PROFILES::[\"emqx-edge\",\"emqx\",\"emqx-enterprise\"]" ;; esac - name: get_all_deps run: | make -C source deps-all zip -ryq source.zip source/* source/.[^.]* - uses: actions/upload-artifact@v2 with: name: source path: source.zip windows: runs-on: windows-2019 needs: prepare strategy: fail-fast: false matrix: profile: # for now only CE for windows - emqx otp: - 24.2.1 steps: - uses: actions/download-artifact@v2 with: name: source path: . - name: unzip source code run: Expand-Archive -Path source.zip -DestinationPath ./ - uses: ilammy/msvc-dev-cmd@v1 - uses: erlef/setup-beam@v1 with: otp-version: ${{ matrix.otp }} - name: build env: PYTHON: python DIAGNOSTIC: 1 working-directory: source run: | # ensure crypto app (openssl) erl -eval "erlang:display(crypto:info_lib())" -s init stop make ${{ matrix.profile }}-tgz - name: run emqx timeout-minutes: 5 working-directory: source run: | ./_build/${{ matrix.profile }}/rel/emqx/bin/emqx start Start-Sleep -s 5 echo "EMQX started" ./_build/${{ matrix.profile }}/rel/emqx/bin/emqx stop echo "EMQX stopped" ./_build/${{ matrix.profile }}/rel/emqx/bin/emqx install echo "EMQX installed" ./_build/${{ matrix.profile }}/rel/emqx/bin/emqx uninstall echo "EMQX uninstalled" - uses: actions/upload-artifact@v1 if: startsWith(github.ref, 'refs/tags/') with: name: ${{ matrix.profile }}-windows path: source/_packages/${{ matrix.profile }}/. mac: needs: prepare strategy: fail-fast: false matrix: profile: ${{ fromJson(needs.prepare.outputs.BUILD_PROFILES) }} otp: - 24.2.1-1 os: - macos-11 - macos-10.15 exclude: - profile: emqx-edge runs-on: ${{ matrix.os }} steps: - uses: actions/download-artifact@v2 with: name: source path: . - name: unzip source code run: unzip -q source.zip - name: prepare run: | brew update brew install curl zip unzip gnu-sed kerl unixodbc freetds echo "/usr/local/bin" >> $GITHUB_PATH git config --global credential.helper store - uses: actions/cache@v2 id: cache with: path: ~/.kerl/${{ matrix.otp }} key: otp-install-${{ matrix.otp }}-${{ matrix.os }} - name: build erlang if: steps.cache.outputs.cache-hit != 'true' timeout-minutes: 60 env: KERL_BUILD_BACKEND: git OTP_GITHUB_URL: https://github.com/emqx/otp run: | kerl update releases kerl build ${{ matrix.otp }} kerl install ${{ matrix.otp }} $HOME/.kerl/${{ matrix.otp }} - name: load quicer cache uses: actions/cache@v2 with: path: source/_build/default/lib/quicer/ key: ${{ matrix.os }}-${{ matrix.otp }}-${{ matrix.arch }}-${{ needs.prepare.outputs.DEP_QUICER_REF }} - name: build working-directory: source run: | . $HOME/.kerl/${{ matrix.otp }}/activate make ensure-rebar3 sudo cp rebar3 /usr/local/bin/rebar3 rm -rf _build/${{ matrix.profile }}/lib make ${{ matrix.profile }}-tgz - name: test working-directory: source run: | pkg_name=$(find _packages/${{ matrix.profile }} -mindepth 1 -maxdepth 1 -iname \*.tar.gz) tar -zxf $pkg_name # gsed -i '/emqx_telemetry/d' ./emqx/data/loaded_plugins ./emqx/bin/emqx start || cat emqx/log/erlang.log.1 ready='no' for i in {1..10}; do if curl -fs 127.0.0.1:18083/api/v5/status > /dev/null; then ready='yes' break fi sleep 1 done if [ "$ready" != "yes" ]; then echo "Timed out waiting for emqx to be ready" cat emqx/log/erlang.log.1 exit 1 fi ./emqx/bin/emqx_ctl status ./emqx/bin/emqx stop rm -rf emqx - uses: actions/upload-artifact@v1 if: startsWith(github.ref, 'refs/tags/') with: name: ${{ matrix.profile }}-${{ matrix.otp }} path: source/_packages/${{ matrix.profile }}/. linux: needs: prepare runs-on: ${{ matrix.build_machine }} container: image: "ghcr.io/emqx/emqx-builder/5.0-10:${{ matrix.elixir }}-${{ matrix.otp }}-${{ matrix.os }}" strategy: fail-fast: false matrix: profile: ${{ fromJson(needs.prepare.outputs.BUILD_PROFILES) }} otp: - 24.2.1-1 # we test with OTP 23, but only build package on OTP 24 versions elixir: - 1.13.3 # used to split elixir packages into a separate job, since the # entire job may take a lot of time, especially on arm64 # emulation. # we only want to build ubuntu and centos with elixir for the # time being, so it's easier to just include those with # `with_elixir` set. build_elixir: # - with_elixir - no_elixir arch: - amd64 - arm64 os: - ubuntu20.04 - ubuntu18.04 - ubuntu16.04 - debian11 - debian10 - debian9 - rockylinux8 - centos7 - raspbian10 build_machine: - aws-arm64 - ubuntu-20.04 exclude: - arch: arm64 build_machine: ubuntu-20.04 - arch: amd64 build_machine: aws-arm64 - os: raspbian9 arch: amd64 - os: raspbian10 arch: amd64 - os: raspbian10 # we only have arm32 image arch: arm64 - os: raspbian9 profile: emqx - os: raspbian10 profile: emqx - os: raspbian9 profile: emqx-enterprise - os: raspbian10 profile: emqx-enterprise include: - profile: emqx otp: 24.2.1-1 elixir: 1.13.3 build_elixir: with_elixir arch: amd64 os: ubuntu20.04 build_machine: ubuntu-20.04 - profile: emqx otp: 24.2.1-1 elixir: 1.13.3 build_elixir: with_elixir arch: amd64 os: centos7 build_machine: ubuntu-20.04 defaults: run: shell: bash steps: - uses: AutoModality/action-clean@v1 if: matrix.build_machine == 'aws-arm64' - uses: actions/download-artifact@v2 with: name: source path: . - name: unzip source code run: unzip -q source.zip - name: load quicer cache uses: actions/cache@v2 with: path: | source/_build/default/lib/quicer/ source/deps/quicer/ key: ${{ matrix.os }}-${{ matrix.otp }}-${{ matrix.arch }}-${{ needs.prepare.outputs.DEP_QUICER_REF }} - name: build emqx packages working-directory: source env: OTP: ${{ matrix.otp }} ELIXIR: ${{ matrix.elixir }} PROFILE: ${{ matrix.profile }} ARCH: ${{ matrix.arch }} SYSTEM: ${{ matrix.os }} run: | set -eu # Align path for CMake caches if [ ! "$PWD" = "/emqx" ]; then ln -s $PWD /emqx cd /emqx fi echo "pwd is $PWD" PkgTypes="tgz pkg" IsElixir="no" if [ ${{ matrix.build_elixir }} = "with_elixir" ]; then PkgTypes="tgz" # set Elixir build flag IsElixir="yes" fi for PKGTYPE in ${PkgTypes}; do ./scripts/buildx.sh \ --profile "${PROFILE}" \ --pkgtype "${PKGTYPE}" \ --arch "${ARCH}" \ --otp "${OTP}" \ --elixir "${IsElixir}" \ --elixir-vsn "${ELIXIR}" \ --system "${SYSTEM}" \ --builder "ghcr.io/emqx/emqx-builder/5.0-10:${ELIXIR}-${OTP}-${SYSTEM}" done - uses: actions/upload-artifact@v1 if: startsWith(github.ref, 'refs/tags/') with: name: ${{ matrix.profile }}-${{ matrix.otp }} path: source/_packages/${{ matrix.profile }}/. docker: runs-on: ${{ matrix.build_machine }} needs: prepare strategy: fail-fast: false matrix: os: - alpine3.15.1 profile: ${{ fromJson(needs.prepare.outputs.BUILD_PROFILES) }} # NOTE: for docker, only support latest otp and elixir # versions, not a matrix otp: - 24.2.1-1 # update to latest elixir: - 1.13.3 # update to latest arch: - amd64 - arm64 build_elixir: - no_elixir build_machine: - aws-arm64 - ubuntu-20.04 registry: - docker.io exclude: - arch: arm64 build_machine: ubuntu-20.04 - arch: amd64 build_machine: aws-arm64 include: - os: alpine3.15.1 profile: emqx otp: 24.2.1-1 elixir: 1.13.3 arch: amd64 build_elixir: no_elixir build_machine: ubuntu-20.04 registry: public.ecr.aws - os: alpine3.15.1 profile: emqx otp: 24.2.1-1 elixir: 1.13.3 arch: amd64 build_elixir: with_elixir build_machine: ubuntu-20.04 steps: - uses: AutoModality/action-clean@v1 if: matrix.build_machine == 'aws-arm64' - uses: actions/download-artifact@v2 with: name: source path: . - name: unzip source code run: unzip -q source.zip - uses: docker/setup-buildx-action@v1 - name: load quicer cache uses: actions/cache@v2 with: path: | source/_build/default/lib/quicer/ source/deps/quicer/ key: ${{ matrix.os }}-${{ matrix.otp }}-${{ matrix.arch }}-${{ needs.prepare.outputs.DEP_QUICER_REF }} - name: Login for docker. uses: docker/login-action@v1 if: matrix.arch == 'amd64' && matrix.registry == 'docker.io' with: username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Login for AWS ECR uses: docker/login-action@v1 if: matrix.profile == 'emqx' && matrix.arch == 'amd64' && matrix.registry == 'public.ecr.aws' with: registry: public.ecr.aws username: ${{ secrets.AWS_ACCESS_KEY_ID }} password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ecr: true - name: prepare for docker-action-parms id: pre-meta run: | img=$(echo ${{ matrix.os }} | sed 's#\([0-9.]\+\)$#:\1#g') emqx_name=${{ matrix.profile }} img_suffix=${{ matrix.arch }} img_labels="org.opencontainers.image.otp.version=${{ matrix.otp }}" if [ ${{ matrix.build_elixir }} = "with_elixir" ]; then emqx_name="emqx-elixir" img_suffix="elixir-${{ matrix.arch }}" img_labels="org.opencontainers.image.elixir.version=${{ matrix.elixir }}\n${img_labels}" fi echo "::set-output name=img::${img}" echo "::set-output name=emqx_name::${emqx_name}" echo "::set-output name=img_suffix::${img_suffix}" echo "::set-output name=img_labels::${img_labels}" # NOTE, Pls make sure this is identical as the one in job 'docker-push-multi-arch-manifest' - uses: docker/metadata-action@v3 id: meta with: images: ${{ github.repository_owner }}/${{ matrix.profile }} flavor: | latest=${{ github.event_name == 'release' && !github.event.release.prerelease }} suffix=-${{ steps.pre-meta.outputs.img_suffix }} tags: | type=ref,event=branch type=ref,event=pr type=ref,event=tag type=semver,pattern={{version}} labels: ${{ steps.pre-meta.outputs.img_labels }} - uses: docker/build-push-action@v2 with: push: > ${{ (github.event_name == 'release' && !github.event.release.prerelease) || (github.event.repository.owner != 'emqx' && startsWith(github.ref_name, 'ci/')) }} pull: true no-cache: true platforms: linux/${{ matrix.arch }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | BUILD_FROM=ghcr.io/emqx/emqx-builder/5.0-10:${{ matrix.elixir }}-${{ matrix.otp }}-${{ matrix.os }} RUN_FROM=${{ steps.pre-meta.outputs.img }} EMQX_NAME=${{ steps.pre-meta.outputs.emqx_name }} file: source/deploy/docker/Dockerfile context: source docker-push-multi-arch-manifest: # note, we only run on amd64 if: > (github.event_name == 'release' && !github.event.release.prerelease) || (github.event.repository.owner != 'emqx' && startsWith(github.ref_name, 'ci/')) needs: - prepare - docker runs-on: ubuntu-latest strategy: fail-fast: false matrix: profile: ${{ fromJson(needs.prepare.outputs.BUILD_PROFILES) }} # NOTE: for docker, only support latest otp version, not a matrix otp: - 24.2.1-1 # update to latest # elixir: - 1.13.3 # update to latest arch: - amd64 - arm64 build_elixir: - no_elixir build_machine: - aws-arm64 - ubuntu-20.04 registries: - docker.io exclude: - arch: arm64 build_machine: ubuntu-20.04 - arch: amd64 build_machine: aws-arm64 include: - os: alpine3.15.1 profile: emqx otp: 24.2.1-1 elixir: 1.13.3 arch: amd64 build_elixir: no_elixir build_machine: ubuntu-20.04 registry: public.ecr.aws - os: alpine3.15.1 profile: emqx otp: 24.2.1-1 elixir: 1.13.3 arch: amd64 build_elixir: with_elixir build_machine: ubuntu-20.04 registry: docker.io steps: - uses: actions/download-artifact@v2 if: matrix.arch == 'amd64' with: name: source path: . - name: unzip source code if: matrix.arch == 'amd64' run: unzip -q source.zip - uses: docker/login-action@v1 if: matrix.arch == 'amd64' && matrix.registry == 'docker.io' with: username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - uses: docker/login-action@v1 if: matrix.profile == 'emqx' && matrix.arch == 'amd64' && matrix.registry == 'public.ecr.aws' with: registry: public.ecr.aws username: ${{ secrets.AWS_ACCESS_KEY_ID }} password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ecr: true - name: prepare for docker-action-parms id: pre-meta run: | img=$(echo ${{ matrix.os }} | sed 's#\([0-9.]\+\)$#:\1#g') emqx_name=${{ matrix.profile }} img_suffix=${{ matrix.arch }} img_labels="org.opencontainers.image.otp.version=${{ matrix.otp }}" if [ ${{ matrix.build_elixir }} = "with_elixir" ]; then emqx_name="emqx-elixir" img_suffix="elixir-${{ matrix.arch }}" img_labels="org.opencontainers.image.elixir.version=${{ matrix.elixir }}\n$img_labels" fi echo "::set-output name=img::${img}" echo "::set-output name=emqx_name::${emqx_name}" echo "::set-output name=img_suffix::${img_suffix}" echo "::set-output name=img_labels::${img_labels}" # NOTE, Pls make sure this is identical as the one in job 'docker' - uses: docker/metadata-action@v3 if: matrix.arch == 'amd64' id: meta with: images: ${{ github.repository_owner }}/${{ matrix.profile }} flavor: | latest=false suffix=-${{ steps.pre-meta.outputs.img_suffix }} tags: | type=ref,event=branch type=ref,event=pr type=ref,event=tag type=semver,pattern={{version}} labels: ${{ steps.pre-meta.outputs.img_labels }} - name: update manifest for multiarch image if: matrix.arch == 'amd64' working-directory: source run: | IsPushLatest=${{ github.event_name == 'release' && !github.event.release.prerelease }}; scripts/docker-create-push-manifests.sh "${{ steps.meta.outputs.tags }}" "$IsPushLatest" upload: runs-on: ubuntu-20.04 if: startsWith(github.ref, 'refs/tags/') needs: [prepare, mac, linux, docker] strategy: fail-fast: false matrix: profile: ${{ fromJson(needs.prepare.outputs.BUILD_PROFILES) }} otp: - 24.2.1-1 include: - profile: emqx otp: windows # otp version on windows is rather fixed steps: - uses: actions/download-artifact@v2 with: name: ${{ matrix.profile }}-${{ matrix.otp }} path: packages/${{ matrix.profile }} - name: install dos2unix run: sudo apt-get update && sudo apt install -y dos2unix - name: get packages run: | set -e -u cd packages/${{ matrix.profile }} for var in $( ls |grep emqx |grep -v sha256); do dos2unix $var.sha256 echo "$(cat $var.sha256) $var" | sha256sum -c || exit 1 done cd - - uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - name: upload aws s3 env: PROFILE: ${{ matrix.profile }} run: | set -e -u if [ $PROFILE = 'emqx' ]; then s3dir='emqx-ce' elif [ $PROFILE = 'emqx-enterprise' ]; then s3dir='emqx-ee' elif [ $PROFILE = 'emqx-edge' ]; then s3dir='emqx-edge' else echo "unknown profile $PROFILE" exit 1 fi aws s3 cp --recursive packages/$PROFILE s3://${{ secrets.AWS_S3_BUCKET }}/$s3dir/${{ github.ref_name }} aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_CLOUDFRONT_ID }} --paths "/$s3dir/${{ github.ref_name }}/*"