name: Cross build packages concurrency: group: build-packages-${{ github.event_name }}-${{ github.ref }} cancel-in-progress: true on: workflow_call: inputs: profile: required: true type: string publish: required: true type: string otp_vsn: required: true type: string elixir_vsn: required: true type: string builder_vsn: required: true type: string secrets: AWS_ACCESS_KEY_ID: required: true AWS_SECRET_ACCESS_KEY: required: true AWS_DEFAULT_REGION: required: true AWS_S3_BUCKET: required: true AWS_CLOUDFRONT_ID: required: true APPLE_ID_PASSWORD: required: true APPLE_DEVELOPER_IDENTITY: required: true APPLE_DEVELOPER_ID_BUNDLE: required: true APPLE_DEVELOPER_ID_BUNDLE_PASSWORD: required: true workflow_dispatch: inputs: ref: required: false profile: required: false publish: required: false type: boolean default: false otp_vsn: required: false type: string default: '25.3.2-2' elixir_vsn: required: false type: string default: '1.14.5' builder_vsn: required: false type: string default: '5.2-3' jobs: mac: strategy: fail-fast: false matrix: profile: - ${{ inputs.profile }} otp: - ${{ inputs.otp_vsn }} os: - macos-12 - macos-12-arm64 - macos-13 runs-on: ${{ matrix.os }} steps: - uses: emqx/self-hosted-cleanup-action@v1.0.3 - uses: actions/checkout@v3 with: ref: ${{ github.event.inputs.ref }} fetch-depth: 0 - uses: ./.github/actions/package-macos with: profile: ${{ matrix.profile }} otp: ${{ matrix.otp }} os: ${{ matrix.os }} apple_id_password: ${{ secrets.APPLE_ID_PASSWORD }} apple_developer_identity: ${{ secrets.APPLE_DEVELOPER_IDENTITY }} apple_developer_id_bundle: ${{ secrets.APPLE_DEVELOPER_ID_BUNDLE }} apple_developer_id_bundle_password: ${{ secrets.APPLE_DEVELOPER_ID_BUNDLE_PASSWORD }} - uses: actions/upload-artifact@v3 if: success() with: name: ${{ matrix.profile }} path: _packages/${{ matrix.profile }}/ retention-days: 7 linux: runs-on: [self-hosted, ephemeral, linux, "${{ matrix.arch }}"] # always run in builder container because the host might have the wrong OTP version etc. # otherwise buildx.sh does not run docker if arch and os matches the target arch and os. container: image: "ghcr.io/emqx/emqx-builder/${{ matrix.builder }}:${{ matrix.elixir }}-${{ matrix.otp }}-${{ matrix.os }}" strategy: fail-fast: false matrix: profile: - ${{ inputs.profile }} otp: - ${{ inputs.otp_vsn }} arch: - x64 - arm64 os: - ubuntu22.04 - ubuntu20.04 - ubuntu18.04 - debian12 - debian11 - debian10 - el9 - el8 - el7 - amzn2 - amzn2023 builder: - ${{ inputs.builder_vsn }} elixir: - ${{ inputs.elixir_vsn }} with_elixir: - 'no' include: - profile: emqx otp: ${{ inputs.otp_vsn }} arch: x64 os: ubuntu22.04 builder: ${{ inputs.builder_vsn }} elixir: ${{ inputs.elixir_vsn }} with_elixir: 'yes' defaults: run: shell: bash steps: - uses: actions/checkout@v3 with: ref: ${{ github.event.inputs.ref }} fetch-depth: 0 - name: fix workdir run: | set -eu git config --global --add safe.directory "$GITHUB_WORKSPACE" # Align path for CMake caches if [ ! "$PWD" = "/emqx" ]; then ln -s $PWD /emqx cd /emqx fi echo "pwd is $PWD" - name: build emqx packages env: PROFILE: ${{ matrix.profile }} IS_ELIXIR: ${{ matrix.with_elixir }} ACLOCAL_PATH: "/usr/share/aclocal:/usr/local/share/aclocal" run: | set -eu if [ "${IS_ELIXIR:-}" == 'yes' ]; then make "${PROFILE}-elixir-tgz" else make "${PROFILE}-tgz" make "${PROFILE}-pkg" fi - name: test emqx packages env: PROFILE: ${{ matrix.profile }} IS_ELIXIR: ${{ matrix.with_elixir }} run: | set -eu if [ "${IS_ELIXIR:-}" == 'yes' ]; then ./scripts/pkg-tests.sh "${PROFILE}-elixir-tgz" else ./scripts/pkg-tests.sh "${PROFILE}-tgz" ./scripts/pkg-tests.sh "${PROFILE}-pkg" fi - uses: actions/upload-artifact@v3 with: name: ${{ matrix.profile }} path: _packages/${{ matrix.profile }}/ retention-days: 7 publish_artifacts: runs-on: ubuntu-latest needs: - mac - linux if: inputs.publish == 'true' || inputs.publish strategy: fail-fast: false matrix: profile: - ${{ inputs.profile }} steps: - uses: actions/download-artifact@v3 with: name: ${{ matrix.profile }} path: packages/${{ matrix.profile }} - name: install dos2unix run: sudo apt-get update -y && sudo apt install -y dos2unix - name: get packages run: | set -eu cd packages/${{ matrix.profile }} # fix the .sha256 file format for var in $(ls | grep emqx | grep -v sha256); do dos2unix $var.sha256 echo "$(cat $var.sha256) $var" | sha256sum -c || exit 1 done cd - - uses: aws-actions/configure-aws-credentials@v2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_DEFAULT_REGION }} - name: upload to aws s3 env: PROFILE: ${{ matrix.profile }} run: | set -eu if [ $PROFILE = 'emqx' ]; then s3dir='emqx-ce' elif [ $PROFILE = 'emqx-enterprise' ]; then s3dir='emqx-ee' else echo "unknown profile $PROFILE" exit 1 fi aws s3 cp --recursive packages/$PROFILE s3://${{ secrets.AWS_S3_BUCKET }}/$s3dir/${{ github.ref_name }} aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_CLOUDFRONT_ID }} --paths "/$s3dir/${{ github.ref_name }}/*"