From 3dfd82780ecc4ec560106e8767c1f01f0ecac67c Mon Sep 17 00:00:00 2001 From: Hosh Sadiq Date: Mon, 19 Aug 2024 10:47:15 +0100 Subject: [PATCH 1/4] Attempt musl libs static --- .github/actions/publish/action.yml | 7 ++--- .github/workflows/release-please.yml | 10 ++++--- .goreleaser.yaml | 39 ++++++++++++++++------------ 3 files changed, 33 insertions(+), 23 deletions(-) diff --git a/.github/actions/publish/action.yml b/.github/actions/publish/action.yml index 8bd966d4..47be1ad9 100644 --- a/.github/actions/publish/action.yml +++ b/.github/actions/publish/action.yml @@ -48,9 +48,10 @@ runs: ghcr.io/goreleaser/goreleaser-cross:latest \ -f /dev/null )" - docker exec --tty "$CONTAINER_ID" dpkg --add-architecture i386 - docker exec --tty "$CONTAINER_ID" apt-get update - docker exec --tty "$CONTAINER_ID" apt-get install --no-install-recommends -y -q crossbuild-essential-i386 + docker exec --tty "$CONTAINER_ID" mkdir -p /musl + docker exec --tty "$CONTAINER_ID" curl -fsSL https://musl.cc/aarch64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1 + docker exec --tty "$CONTAINER_ID" curl -fsSL https://musl.cc/i686-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1 + docker exec --tty "$CONTAINER_ID" curl -fsSL https://musl.cc/x86_64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1 docker exec --tty "$CONTAINER_ID" git config --global --add safe.directory '*' docker exec --workdir "$PWD" --tty "$CONTAINER_ID" docker login --username $DOCKER_USERNAME --password $DOCKER_TOKEN echo "CONTAINER_ID=$CONTAINER_ID" >> "$GITHUB_ENV" diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 8d72933b..de1bab68 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -1,6 +1,7 @@ name: Run Release Please on: + pull_request: push: branches: - main @@ -25,7 +26,7 @@ jobs: id-token: write # Needed to obtain Docker tokens contents: write # Needed to upload release artifacts needs: [ release-please, go-versions ] - if: ${{ needs.release-please.outputs.release_created == 'true' }} + if: always() && (needs.release-please.outputs.release_created == 'true' || github.event_name == 'pull_request') runs-on: ubuntu-latest outputs: hashes: ${{ steps.publish.outputs.hashes }} @@ -49,7 +50,8 @@ jobs: - uses: ./.github/actions/publish id: publish with: - dry-run: 'false' + dry-run: ${{ github.event_name == 'pull_request' }} + snapshot: ${{ github.event_name == 'pull_request' }} token: ${{ secrets.GITHUB_TOKEN }} homebrew-gh-secret: ${{secrets.HOMEBREW_DEPLOY_KEY}} tag: ${{ needs.release-please.outputs.tag_name }} @@ -60,7 +62,7 @@ jobs: permissions: id-token: write contents: write - if: ${{ needs.release-please.outputs.release_created == 'true' }} + if: always() && needs.release-please.outputs.release_created == 'true' steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v3 @@ -76,7 +78,7 @@ jobs: name: Publish NPM Package uses: ./.github/actions/publish-npm with: - dry-run: 'false' + dry-run: ${{ github.event_name == 'pull_request' }} prerelease: 'false' release-ldcli-provenance: diff --git a/.goreleaser.yaml b/.goreleaser.yaml index e4c0c7ff..71e8f085 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -6,6 +6,25 @@ env: - GO111MODULE=on # Ensure we aren't using anything in GOPATH when building - CGO_ENABLED=1 # Needed for SQLite support - DOCKER_CLI_EXPERIMENTAL=enabled # This is on by default in docker versions >= 20.10 + # Paths to compiler toolchains for each target OS/ARCH. If new items are added to GOOS/GOACH in the build, + # they should also be added here. + # In the future we can use musl for w64-mingw32 too, currently missing is only aarch64. + - CC_windows_386=/llvm-mingw/bin/i686-w64-mingw32-gcc + - CXX_windows_386=/llvm-mingw/bin/i686-w64-mingw32-g++ + - CC_windows_amd64=/llvm-mingw/bin/x86_64-w64-mingw32-gcc + - CXX_windows_amd64=/llvm-mingw/bin/x86_64-w64-mingw32-g++ + - CC_windows_arm64=/llvm-mingw/bin/aarch64-w64-mingw32-gcc + - CXX_windows_arm64=/llvm-mingw/bin/aarch64-w64-mingw32-g++ + - CC_linux_386=/musl/bin/i686-linux-musl-gcc + - CXX_linux_386=/musl/bin/i686-linux-musl-g++ + - CC_linux_amd64=/musl/bin/x86_64-linux-musl-gcc + - CXX_linux_amd64=/musl/bin/x86_64-linux-musl-g++ + - CC_linux_arm64=/musl/bin/aarch64-linux-musl-gcc + - CXX_linux_arm64=/musl/bin/aarch64-linux-musl-g++ + - CC_darwin_amd64=/usr/local/osxcross/bin/o64-clang + - CXX_darwin_amd64=/usr/local/osxcross/bin/o64-clang++ + - CC_darwin_arm64=/usr/local/osxcross/bin/oa64-clang + - CXX_darwin_arm64=/usr/local/osxcross/bin/oa64-clang++ builds: - id: ldcli @@ -22,28 +41,16 @@ builds: - -s # Omit all symbol information to minimize binary size - -w # Omit DWARF to minimize binary size - -X 'main.version={{.Version}}' + - '{{ if eq .Os "linux" }}-extldflags "-static"{{ end }}' ignore: - goos: darwin goarch: "386" env: # The below environment variables set up the c compiler toolchain for CGO. # Templates are used to vary the toolchain based on OS & platform. - - TOOLCHAIN_BASE= - {{- if eq .Os "darwin" -}} - o - {{- if eq .Arch "arm64" -}}a{{- end -}} - 64-clang - {{- else -}} - {{- if eq .Os "windows" -}}/llvm-mingw/bin/{{- end -}} - {{- if eq .Arch "386" -}}i686{{- end -}} - {{- if eq .Arch "arm64" -}}aarch64{{- end -}} - {{- if eq .Arch "amd64" -}}x86_64{{- end -}} - - - {{- if eq .Os "windows" -}}w64-mingw32{{- end -}} - {{- if eq .Os "linux" -}}linux-gnu{{- end -}} - {{- end -}} - - CC={{ .Env.TOOLCHAIN_BASE }}{{ if ne .Os "darwin" }}-gcc{{ end }} - - CXX={{ .Env.TOOLCHAIN_BASE }}{{ if eq .Os "darwin" }}++{{ else }}-g++{{ end }} + # The real values are defined by the CC__ env vars defined at the top `env` attribute. + - 'CC={{ index .Env (print "CC_" .Os "_" .Arch) }}' + - 'CXX={{ index .Env (print "CXX_" .Os "_" .Arch) }}' dockers: # AMD64 From e960b581a80dce02e466ab18070b0e110ed32db3 Mon Sep 17 00:00:00 2001 From: Hosh Sadiq Date: Mon, 19 Aug 2024 10:51:25 +0100 Subject: [PATCH 2/4] enable debug --- .github/actions/publish/action.yml | 1 + .github/workflows/release-please.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/actions/publish/action.yml b/.github/actions/publish/action.yml index 47be1ad9..93424c0d 100644 --- a/.github/actions/publish/action.yml +++ b/.github/actions/publish/action.yml @@ -40,6 +40,7 @@ runs: # We're using the goreleaser-cross image to facilitate this. See also: https://github.com/goreleaser/goreleaser-cross shell: bash run: | + set -x CONTAINER_ID="$( docker run --detach \ --volume "$PWD:$PWD" \ diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index de1bab68..3c0f5ae4 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -12,6 +12,7 @@ jobs: release-please: runs-on: ubuntu-latest + if: github.event_name == 'push' outputs: release_created: ${{ steps.release.outputs.release_created }} tag_name: ${{ steps.release.outputs.tag_name }} From 34411c417c4260ea7d8805befa84ee2d9e6648be Mon Sep 17 00:00:00 2001 From: Hosh Sadiq Date: Mon, 19 Aug 2024 11:04:06 +0100 Subject: [PATCH 3/4] run pipe in container --- .github/actions/publish/action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/publish/action.yml b/.github/actions/publish/action.yml index 93424c0d..42156ba9 100644 --- a/.github/actions/publish/action.yml +++ b/.github/actions/publish/action.yml @@ -50,9 +50,9 @@ runs: -f /dev/null )" docker exec --tty "$CONTAINER_ID" mkdir -p /musl - docker exec --tty "$CONTAINER_ID" curl -fsSL https://musl.cc/aarch64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1 - docker exec --tty "$CONTAINER_ID" curl -fsSL https://musl.cc/i686-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1 - docker exec --tty "$CONTAINER_ID" curl -fsSL https://musl.cc/x86_64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1 + docker exec --tty "$CONTAINER_ID" bash -c 'curl -fsSL https://musl.cc/aarch64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' + docker exec --tty "$CONTAINER_ID" bash -c 'curl -fsSL https://musl.cc/i686-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' + docker exec --tty "$CONTAINER_ID" bash -c 'curl -fsSL https://musl.cc/x86_64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' docker exec --tty "$CONTAINER_ID" git config --global --add safe.directory '*' docker exec --workdir "$PWD" --tty "$CONTAINER_ID" docker login --username $DOCKER_USERNAME --password $DOCKER_TOKEN echo "CONTAINER_ID=$CONTAINER_ID" >> "$GITHUB_ENV" From 7cdeeecb79a4ae51b764d72ca208d2ebc0f4f58a Mon Sep 17 00:00:00 2001 From: Hosh Sadiq Date: Mon, 19 Aug 2024 17:54:48 +0100 Subject: [PATCH 4/4] retry curl calls --- .github/actions/publish/action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/publish/action.yml b/.github/actions/publish/action.yml index 42156ba9..99debe3b 100644 --- a/.github/actions/publish/action.yml +++ b/.github/actions/publish/action.yml @@ -50,9 +50,9 @@ runs: -f /dev/null )" docker exec --tty "$CONTAINER_ID" mkdir -p /musl - docker exec --tty "$CONTAINER_ID" bash -c 'curl -fsSL https://musl.cc/aarch64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' - docker exec --tty "$CONTAINER_ID" bash -c 'curl -fsSL https://musl.cc/i686-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' - docker exec --tty "$CONTAINER_ID" bash -c 'curl -fsSL https://musl.cc/x86_64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' + docker exec --tty "$CONTAINER_ID" bash -euo pipefail -c 'curl --retry 5 --retry-all-errors --retry-delay 5 -fsSL https://musl.cc/aarch64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' + docker exec --tty "$CONTAINER_ID" bash -euo pipefail -c 'curl --retry 5 --retry-all-errors --retry-delay 5 -fsSL https://musl.cc/i686-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' + docker exec --tty "$CONTAINER_ID" bash -euo pipefail -c 'curl --retry 5 --retry-all-errors --retry-delay 5 -fsSL https://musl.cc/x86_64-linux-musl-cross.tgz -o- | tar -zxvf - -C /musl --strip-components=1' docker exec --tty "$CONTAINER_ID" git config --global --add safe.directory '*' docker exec --workdir "$PWD" --tty "$CONTAINER_ID" docker login --username $DOCKER_USERNAME --password $DOCKER_TOKEN echo "CONTAINER_ID=$CONTAINER_ID" >> "$GITHUB_ENV"