-
Notifications
You must be signed in to change notification settings - Fork 534
77 lines (66 loc) · 2.26 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
---
name: Build
on: # yamllint disable-line rule:truthy
workflow_dispatch:
workflow_call:
# Map the workflow outputs to job outputs
outputs:
workflow_output:
description: "Build output"
value: ${{ jobs.go_build.outputs.build_output_failure }}
jobs:
go_build:
name: Polygon Edge
runs-on: ubuntu-latest
outputs:
build_output_failure: ${{ steps.edge_build_failure.outputs.build_output }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup Go environment
uses: actions/setup-go@v3
with:
go-version: 1.20.x
- name: Build Polygon Edge
run: go build -tags netgo -ldflags="-s -w -linkmode external -extldflags "-static" -X \"github.com/0xPolygon/polygon-edge/versioning.Version=${GITHUB_REF_NAME}\" -X \"github.com/0xPolygon/polygon-edge/versioning.Commit=${GITHUB_SHA}\"" && tar -czvf polygon-edge.tar.gz polygon-edge
env:
CC: gcc
CXX: g++
GOARC: amd64
GOOS: linux
- name: Build Polygon Edge Failed
if: failure()
id: edge_build_failure
run: echo "build_output=false" >> $GITHUB_OUTPUT
- name: 'Upload Artifact'
uses: actions/upload-artifact@v3
with:
name: polygon-edge
path: polygon-edge.tar.gz
retention-days: 3
go_build_reproducibility:
name: Verify Build Reproducibility
runs-on: ubuntu-latest
continue-on-error: true
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup Go environment
uses: actions/setup-go@v3
with:
go-version: 1.20.x
- name: 'Reproduce builds'
continue-on-error: true
run: |
go build -o ./edge-1 -trimpath -buildvcs=false
go build -o ./edge-2 -trimpath -buildvcs=false
buildsha1=$(shasum -a256 ./edge-1 | awk '{print $1}')
buildsha2=$(shasum -a256 ./edge-2 | awk '{print $1}')
echo "Build 1 SHA: $buildsha1"
echo "Build 2 SHA: $buildsha2"
if [ "$buildsha1" != "$buildsha2" ]; then
echo "Build artifact does not match original"
exit 1
else
echo "Build artifact matches original"
fi