diff --git a/.github/workflows/hydrun.yaml b/.github/workflows/hydrun.yaml new file mode 100644 index 00000000000..16ffed01e1f --- /dev/null +++ b/.github/workflows/hydrun.yaml @@ -0,0 +1,104 @@ +name: hydrun CI + +on: + push: + pull_request: + schedule: + - cron: "0 0 * * 0" + +jobs: + build-linux: + runs-on: ${{ matrix.target.runner }} + permissions: + contents: read + strategy: + matrix: + target: + # Binaries + - id: rust.x86_64 + src: . + os: alpine:edge + flags: "" + cmd: ./Hydrunfile rust x86_64 + dst: out/* + runner: depot-ubuntu-22.04-32 + - id: rust.aarch64 + src: . + os: alpine:edge + flags: "" + cmd: ./Hydrunfile rust aarch64 + dst: out/* + runner: depot-ubuntu-22.04-arm-32 + + steps: + - name: Maximize build space + run: | + sudo rm -rf /usr/share/dotnet + sudo rm -rf /usr/local/lib/android + sudo rm -rf /opt/ghc + - name: Checkout + uses: actions/checkout@v4 + - name: Restore ccache + uses: actions/cache/restore@v4 + with: + path: | + /tmp/ccache + key: cache-ccache-${{ matrix.target.id }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Set up hydrun + run: | + curl -L -o /tmp/hydrun "https://github.com/pojntfx/hydrun/releases/latest/download/hydrun.linux-$(uname -m)" + sudo install /tmp/hydrun /usr/local/bin + - name: Build with hydrun + working-directory: ${{ matrix.target.src }} + run: hydrun -o ${{ matrix.target.os }} ${{ matrix.target.flags }} "${{ matrix.target.cmd }}" + - name: Fix permissions for output + run: sudo chown -R $USER . + - name: Save ccache + uses: actions/cache/save@v4 + with: + path: | + /tmp/ccache + key: cache-ccache-${{ matrix.target.id }} + - name: Upload output + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.target.id }} + path: ${{ matrix.target.dst }} + + publish-linux: + runs-on: ubuntu-latest + permissions: + contents: write + needs: build-linux + + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Download output + uses: actions/download-artifact@v4 + with: + path: /tmp/out + - name: Extract branch name + id: extract_branch + run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" + - name: Publish pre-release to GitHub releases + if: ${{ github.ref == 'refs/heads/firecracker-v1.6-live-migration' || github.ref == 'refs/heads/firecracker-v1.6-live-migration-and-pvm' || github.ref == 'refs/heads/firecracker-v1.7-live-migration-and-msync' || github.ref == 'refs/heads/firecracker-v1.7-live-migration-pvm-and-msync' || github.ref == 'refs/heads/main-live-migration-and-msync' }} + uses: marvinpinto/action-automatic-releases@latest + with: + repo_token: "${{ secrets.GITHUB_TOKEN }}" + automatic_release_tag: release-${{ steps.extract_branch.outputs.branch }} + prerelease: true + files: | + /tmp/out/*/* + - name: Publish release to GitHub releases + if: startsWith(github.ref, 'refs/tags/v') + uses: marvinpinto/action-automatic-releases@latest + with: + repo_token: "${{ secrets.GITHUB_TOKEN }}" + prerelease: false + files: | + /tmp/out/*/* diff --git a/Hydrunfile b/Hydrunfile new file mode 100755 index 00000000000..6184657168c --- /dev/null +++ b/Hydrunfile @@ -0,0 +1,29 @@ +#!/bin/sh + +set -e + +# Rust +if [ "$1" = "rust" ]; then + # Install native dependencies + apk add rust cargo clang-dev cmake linux-headers make git + + # Configure Git + git config --global --add safe.directory '*' + + # Build + cp "resources/seccomp/$2-unknown-linux-musl.json" "resources/seccomp/$2-alpine-linux-musl.json" + export RUSTFLAGS='-C target-feature=+crt-static' + cargo build --target "$2-alpine-linux-musl" --all-features --release + + # Stage binaries + mkdir -p out + + dir="./build/cargo_target/$2-alpine-linux-musl/release" + for file in $(ls "$dir"); do + if [[ -x "$dir/$file" && ! -d "$dir/$file" ]]; then + cp "$dir/$file" "./out/${file}.linux-$2" + fi + done + + exit 0 +fi