From 2de87bc97c81041e324861ed9538bd9ddc8222c0 Mon Sep 17 00:00:00 2001 From: Knut Ahlers Date: Thu, 29 Feb 2024 12:57:02 +0100 Subject: [PATCH] Replace old build-system Signed-off-by: Knut Ahlers --- .github/workflows/test-and-build.yml | 76 ++++++++++++++++++++++++++++ .repo-runner.yaml | 13 ----- Makefile | 18 +++++-- ci/build.sh | 63 +++++++++++++++++++++++ 4 files changed, 153 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/test-and-build.yml delete mode 100644 .repo-runner.yaml create mode 100644 ci/build.sh diff --git a/.github/workflows/test-and-build.yml b/.github/workflows/test-and-build.yml new file mode 100644 index 0000000..47c0510 --- /dev/null +++ b/.github/workflows/test-and-build.yml @@ -0,0 +1,76 @@ +--- + +name: test-and-build +on: + push: + branches: ['*'] + tags: ['v*'] + +permissions: + contents: write + issues: write + +jobs: + test-and-build: + defaults: + run: + shell: bash + + container: + image: luzifer/archlinux + env: + CGO_ENABLED: 0 + GOPATH: /go + + runs-on: ubuntu-latest + + steps: + - name: Enable custom AUR package repo + run: echo -e "[luzifer]\nSigLevel = Never\nServer = https://archrepo.hub.luzifer.io/\$arch" >>/etc/pacman.conf + + - name: Install required packages + run: | + pacman -Syy --noconfirm \ + awk \ + curl \ + diffutils \ + git \ + go \ + golangci-lint-bin \ + make \ + tar \ + trivy \ + unzip \ + which \ + zip + + - uses: actions/checkout@v3 + + - name: Marking workdir safe + run: git config --global --add safe.directory /__w/korvike/korvike + + - name: 'Lint and test code' + run: | + make test trivy + + - name: Build release + run: make publish + env: + FORCE_SKIP_UPLOAD: 'true' + MOD_MODE: readonly + NO_TESTS: 'true' + PACKAGES: '.' + + - name: Extract changelog + run: 'awk "/^#/ && ++c==2{exit}; /^#/f" "History.md" | tail -n +2 >release_changelog.md' + + - name: Release + uses: ncipollo/release-action@v1 + if: startsWith(github.ref, 'refs/tags/') + with: + artifacts: '.build/*' + bodyFile: release_changelog.md + draft: false + generateReleaseNotes: false + +... diff --git a/.repo-runner.yaml b/.repo-runner.yaml deleted file mode 100644 index 675e1f4..0000000 --- a/.repo-runner.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -image: "reporunner/golang-alpine" -checkout_dir: /go/src/github.com/Luzifer/korvike - -commands: - - make ci - -environment: - DRAFT: "false" - CGO_ENABLED: 0 - GO111MODULE: on - MOD_MODE: readonly diff --git a/Makefile b/Makefile index a02b5f2..056128b 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,16 @@ -ci: test - curl -sSLo golang.sh https://raw.githubusercontent.com/Luzifer/github-publish/master/golang.sh - bash golang.sh +publish: + bash ./ci/build.sh test: - cd functions && go test -v + cd functions && go test -cover -v + golangci-lint run ./... + +trivy: + trivy fs . \ + --dependency-tree \ + --exit-code 1 \ + --format table \ + --ignore-unfixed \ + --quiet \ + --scanners misconfig,license,secret,vuln \ + --severity HIGH,CRITICAL diff --git a/ci/build.sh b/ci/build.sh new file mode 100644 index 0000000..5617ff3 --- /dev/null +++ b/ci/build.sh @@ -0,0 +1,63 @@ +#!/usr/bin/env bash +set -euo pipefail + +osarch=( + darwin/amd64 + darwin/arm64 + linux/amd64 + linux/arm + linux/arm64 + windows/amd64 +) + +function go_package() { + cd "${4}" + + local outname="${3}" + [[ $1 == windows ]] && outname="${3}.exe" + + log "=> Building ${3} for ${1}/${2}..." + CGO_ENABLED=0 GOARCH=$2 GOOS=$1 go build \ + -ldflags "-s -w -X main.version=${version}" \ + -mod=readonly \ + -trimpath \ + -o "${outname}" + + if [[ $1 == linux ]]; then + log "=> Packging ${3} as ${3}_${1}_${2}.tgz..." + tar -czf "${builddir}/${3}_${1}_${2}.tgz" "${outname}" + else + log "=> Packging ${3} as ${3}_${1}_${2}.zip..." + zip "${builddir}/${3}_${1}_${2}.zip" "${outname}" + fi + + rm "${outname}" +} + +function go_package_all() { + for oa in "${osarch[@]}"; do + local os=$(cut -d / -f 1 <<<"${oa}") + local arch=$(cut -d / -f 2 <<<"${oa}") + (go_package "${os}" "${arch}" "${1}" "${2}") + done +} + +function log() { + echo "[$(date +%H:%M:%S)] $@" >&2 +} + +root=$(pwd) +builddir="${root}/.build" +version="$(git describe --tags --always || echo dev)" + +log "Building version ${version}..." + +log "Resetting output directory..." +rm -rf "${builddir}" +mkdir -p "${builddir}" + +log "Building Tool..." +go_package_all "korvike" "." + +log "Generating SHA256SUMS file..." +(cd "${builddir}" && sha256sum * | tee SHA256SUMS)