Build Matrix of Binaries #229

Workflow file for this run

.github/workflows/build_binaries.yml at c29d5b8

	---
	name: Build Matrix of Binaries

	on:
	push:
	tags:
	- "v[0-9]+.[0-9]+.[0-9]+"
	branches:
	- build-*
	schedule:
	- cron: "05 00 * * *"
	workflow_dispatch:
	inputs:
	customTag:
	description: "Development Tag"
	required: true
	default: "development-tag"

	env:
	TN_FILENAME: "tari_network_suite"
	TBN_BUNDLEID_BASE: "com.tari.network.pkg"
	toolchain: stable
	matrix-json-file: ".github/workflows/build_binaries.json"

	jobs:
	matrix-prep:
	runs-on: ubuntu-latest
	outputs:
	matrix: ${{ steps.set-matrix.outputs.matrix }}
	steps:
	- uses: actions/checkout@v4
	with:
	submodules: false

	- name: Set Matrix
	id: set-matrix
	run: \|
	#
	# build all targets images
	# matrix=$( jq -s -c .[] .github/workflows/base_node_binaries.json )
	#
	# build only single target image
	# matrix_selection=$( jq -c '.[] \| select( ."name" == "windows-x64" )' ${{ env.matrix-json-file }} )
	#
	# buid select target images - build_enabled
	matrix_selection=$( jq -c '.[] \| select( ."build_enabled" != false )' ${{ env.matrix-json-file }} )
	#
	# Setup the json build matrix
	matrix=$(echo ${matrix_selection} \| jq -s -c '{"builds": .}')
	echo $matrix
	echo $matrix \| jq .
	echo "matrix=${matrix}" >> $GITHUB_OUTPUT

	matrix-check:
	# Debug matrix
	if: ${{ false }}
	runs-on: ubuntu-latest
	needs: matrix-prep
	steps:
	- name: Install json2yaml
	run: \|
	sudo npm install -g json2yaml

	- name: Check matrix definition
	run: \|
	matrix='${{ needs.matrix-prep.outputs.matrix }}'
	echo $matrix
	echo $matrix \| jq .
	echo $matrix \| json2yaml

	builds:
	name: Building ${{ matrix.builds.name }} on ${{ matrix.builds.runs-on }}
	needs: matrix-prep
	strategy:
	fail-fast: false
	matrix: ${{ fromJson(needs.matrix-prep.outputs.matrix) }}

	runs-on: ${{ matrix.builds.runs-on }}

	steps:
	- name: Checkout source code
	uses: actions/checkout@v4
	with:
	submodules: recursive

	- name: Declare Global Variables 4 GHA ${{ github.event_name }}
	id: vars
	shell: bash
	run: \|
	echo "VBRANCH=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
	echo "VSHA_SHORT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
	echo "CARGO_HTTP_MULTIPLEXING=false" >> $GITHUB_ENV

	- name: Default Destination Folder
	run: \|
	echo "S3DESTOVERRIDE=" >> $GITHUB_ENV

	- name: Scheduled Destination Folder Override
	if: ${{ github.event_name == 'schedule' && github.event.schedule == '05 00 01 * *' }}
	run: \|
	echo "S3DESTOVERRIDE=daily/" >> $GITHUB_ENV

	- name: Setup Rust toolchain
	uses: dtolnay/rust-toolchain@master
	with:
	components: rustfmt, clippy
	toolchain: ${{ matrix.builds.rust }}
	targets: ${{ matrix.builds.target }}

	- uses: rui314/setup-mold@v1

	- name: wasm target install
	run: rustup target add wasm32-unknown-unknown

	- name: Install Linux dependencies - Ubuntu
	if: ${{ startsWith(runner.os,'Linux') && matrix.builds.cross != 'true' }}
	run: \|
	sudo apt-get update
	sudo bash scripts/install_ubuntu_dependencies.sh

	- name: Install macOS dependencies
	if: startsWith(runner.os,'macOS')
	run: \|
	brew install cmake zip coreutils automake autoconf
	rustup target add ${{ matrix.builds.target }}

	- name: Install Windows dependencies
	if: startsWith(runner.os,'Windows')
	run: \|
	vcpkg.exe install sqlite3:x64-windows zlib:x64-windows
	choco upgrade llvm zip openssl -y
	# psutils is out of date
	# choco upgrade psutils -y
	# Should already be installed
	# choco upgrade strawberryperl -y

	- name: Set environment variables - Nix
	if: ${{ ! startsWith(runner.os,'Windows') }}
	run: \|
	echo "SHARUN=shasum --algorithm 256" >> $GITHUB_ENV
	echo "CC=gcc" >> $GITHUB_ENV
	echo "TBN_EXT=" >> $GITHUB_ENV
	echo "LIB_PRE=lib" >> $GITHUB_ENV
	echo "SHELL_EXT=.sh" >> $GITHUB_ENV
	echo "PLATFORM_SPECIFIC_DIR=linux" >> $GITHUB_ENV
	echo "TBN_DIST=/dist" >> $GITHUB_ENV

	- name: Set environment variables - macOS
	if: startsWith(runner.os,'macOS')
	run: \|
	echo "PLATFORM_SPECIFIC_DIR=osx" >> $GITHUB_ENV
	echo "LIB_EXT=.dylib" >> $GITHUB_ENV

	- name: Set environment variables - Ubuntu
	if: startsWith(runner.os,'Linux')
	run: \|
	echo "LIB_EXT=.so" >> $GITHUB_ENV

	- name: Set environment variables - Windows
	if: startsWith(runner.os,'Windows')
	shell: bash
	run: \|
	# echo "SHARUN=pwsh C:\ProgramData\chocolatey\lib\psutils\tools\psutils-master\shasum.ps1 --algorithm 256" >> $GITHUB_ENV
	mkdir -p "$GITHUB_WORKSPACE\psutils"
	curl -v -o "$GITHUB_WORKSPACE\psutils\getopt.ps1" "https://raw.githubusercontent.com/lukesampson/psutils/master/getopt.ps1"
	curl -v -o "$GITHUB_WORKSPACE\psutils\shasum.ps1" "https://raw.githubusercontent.com/lukesampson/psutils/master/shasum.ps1"
	echo "SHARUN=pwsh $GITHUB_WORKSPACE\psutils\shasum.ps1 --algorithm 256" >> $GITHUB_ENV
	echo "TBN_EXT=.exe" >> $GITHUB_ENV
	echo "LIB_EXT=.dll" >> $GITHUB_ENV
	echo "LIB_PRE=" >> $GITHUB_ENV
	echo "SHELL_EXT=.bat" >> $GITHUB_ENV
	echo "TBN_DIST=\dist" >> $GITHUB_ENV
	echo "PLATFORM_SPECIFIC_DIR=windows" >> $GITHUB_ENV
	echo "SQLITE3_LIB_DIR=C:\vcpkg\installed\x64-windows\lib" >> $GITHUB_ENV
	echo "OPENSSL_DIR=C:\Program Files\OpenSSL-Win64" >> $GITHUB_ENV
	echo "LIBCLANG_PATH=C:\Program Files\LLVM\bin" >> $GITHUB_ENV
	echo "C:\Strawberry\perl\bin" >> $GITHUB_PATH

	# Don't use caches for binary builds. Start from a clean slate - on release
	- name: Cache cargo files and outputs
	if: ${{ ! startsWith(github.ref, 'refs/tags/v') }}
	uses: Swatinem/rust-cache@v2

	- name: Build rust binaries
	shell: bash
	run: \|
	if [ "${{ matrix.builds.cross }}" != "true" ]; then
	cargo build --release \
	--target ${{ matrix.builds.target }} \
	--features "${{ matrix.builds.features }}" \
	${{ matrix.builds.target_bins }} \
	${{ matrix.builds.flags }} --locked
	else
	cargo install cross
	cross build --release \
	--target ${{ matrix.builds.target }} \
	--features "${{ matrix.builds.features }}" \
	${{ matrix.builds.target_bins }} \
	${{ matrix.builds.flags }} --locked
	fi

	- name: Copy binaries to folder for zipping
	shell: bash
	run: \|
	mkdir -p "$GITHUB_WORKSPACE${TBN_DIST}"
	cd "$GITHUB_WORKSPACE${TBN_DIST}"
	VERSION=$(awk -F ' = ' '$1 ~ /version/ { gsub(/["]/, "", $2); printf("%s",$2) }' "$GITHUB_WORKSPACE/applications/tari_validator_node/Cargo.toml")
	echo "Branch: ${VBRANCH}"
	echo "Sha: ${VSHA_SHORT}"
	echo "VERSION=${VERSION}" >> $GITHUB_ENV
	echo "VSHA_SHORT=${VSHA_SHORT}" >> $GITHUB_ENV
	BINFILE="${TN_FILENAME}-${VERSION}-${VSHA_SHORT}-${{ matrix.builds.name }}${TBN_EXT}"
	echo "BINFILE=${BINFILE}" >> $GITHUB_ENV
	echo "Copying files for ${BINFILE} to $(pwd)"
	ls -la "$GITHUB_WORKSPACE/target/${{ matrix.builds.target }}/release/"
	FILES=(
	"tari_dan_wallet_cli"
	"tari_dan_wallet_daemon"
	"tari_indexer"
	"tari_validator_node"
	"tari_signaling_server"
	)
	for FILE in "${FILES[@]}"; do
	if [ -f "$GITHUB_WORKSPACE/target/${{ matrix.builds.target }}/release/${FILE}${TBN_EXT}" ]; then
	cp -v "$GITHUB_WORKSPACE/target/${{ matrix.builds.target }}/release/${FILE}${TBN_EXT}" .
	fi
	done

	# - name: Build the macOS pkg
	# if: startsWith(runner.os,'macOS')
	# continue-on-error: true
	# env:
	# MACOS_KEYCHAIN_PASS: ${{ secrets.MACOS_KEYCHAIN_PASS }}
	# MACOS_APPLICATION_ID: ${{ secrets.MACOS_APPLICATION_ID }}
	# MACOS_APPLICATION_CERT: ${{ secrets.MACOS_APPLICATION_CERT }}
	# MACOS_APPLICATION_PASS: ${{ secrets.MACOS_APPLICATION_PASS }}
	# MACOS_INSTALLER_ID: ${{ secrets.MACOS_INSTALLER_ID }}
	# MACOS_INSTALLER_CERT: ${{ secrets.MACOS_INSTALLER_CERT }}
	# MACOS_INSTALLER_PASS: ${{ secrets.MACOS_INSTALLER_PASS }}
	# MACOS_NOTARIZE_USERNAME: ${{ secrets.MACOS_NOTARIZE_USERNAME }}
	# MACOS_NOTARIZE_PASSWORD: ${{ secrets.MACOS_NOTARIZE_PASSWORD }}
	# MACOS_ASC_PROVIDER: ${{ secrets.MACOS_ASC_PROVIDER }}
	# run: \|
	# echo $MACOS_APPLICATION_CERT \| base64 --decode > application.p12
	# echo $MACOS_INSTALLER_CERT \| base64 --decode > installer.p12
	# security create-keychain -p $MACOS_KEYCHAIN_PASS build.keychain
	# security default-keychain -s build.keychain
	# security unlock-keychain -p $MACOS_KEYCHAIN_PASS build.keychain
	# security import application.p12 -k build.keychain -P $MACOS_APPLICATION_PASS -T /usr/bin/codesign
	# security import installer.p12 -k build.keychain -P $MACOS_INSTALLER_PASS -T /usr/bin/pkgbuild
	# security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $MACOS_KEYCHAIN_PASS build.keychain
	# cd buildtools
	# export target_release="target/${{ matrix.builds.target }}/release"
	# ./create_osx_install_zip.sh unused nozip
	# FILES=(
	# "tari_dan_wallet_cli"
	# "tari_dan_wallet_daemon"
	# "tari_indexer"
	# "tari_validator_node"
	# "tari_signaling_server"
	# )
	# for FILE in "${FILES[@]}"; do
	# codesign --options runtime --force --verify --verbose --timestamp --sign "Developer ID Application: $MACOS_APPLICATION_ID" "/tmp/tari_testnet/runtime/$FILE"
	# codesign --verify --deep --display --verbose=4 "/tmp/tari_testnet/runtime/$FILE"
	# cp -vf "/tmp/tari_testnet/runtime/$FILE" "$GITHUB_WORKSPACE${{ env.TBN_DIST }}"
	# done
	# distDirPKG=$(mktemp -d -t ${{ env.TN_FILENAME }})
	# echo "${distDirPKG}"
	# echo "distDirPKG=${distDirPKG}" >> $GITHUB_ENV
	# TBN_Temp=${{ env.TN_FILENAME }}
	# TBN_BUNDLEID_VALID_NAME=$(echo "${TBN_Temp//_/-}")
	# # Strip apple-darwin
	# TBN_ARCH=$(echo "${${{ matrix.builds.target }}//-apple-darwin/}")
	# pkgbuild --root /tmp/tari_testnet \
	# --identifier "${{ env.TBN_BUNDLEID_BASE }}.$TBN_BUNDLEID_VALID_NAME" \
	# --version "$VERSION" \
	# --install-location "/tmp/tari" \
	# --scripts "/tmp/tari_testnet/scripts" \
	# --sign "Developer ID Installer: $MACOS_INSTALLER_ID" \
	# "${distDirPKG}/${{ env.TN_FILENAME }}-${{ matrix.builds.name }}-${{ env.VERSION }}.pkg"
	# echo -e "Submitting to Apple...\n\n"
	# xcrun altool --notarize-app \
	# --primary-bundle-id "${{ env.TBN_BUNDLEID_BASE }}.$TBN_BUNDLEID_VALID_NAME" \
	# --username "$MACOS_NOTARIZE_USERNAME" --password "$MACOS_NOTARIZE_PASSWORD" \
	# --asc-provider "$MACOS_ASC_PROVIDER" \
	# --file "${distDirPKG}/${{ env.TN_FILENAME }}-${{ matrix.builds.name }}-${{ env.VERSION }}.pkg" &> notarisation.result
	# requestUUID=`grep RequestUUID notarisation.result \| cut -d" " -f 3`
	# echo $requestUUID
	# if [[ $requestUUID == "" ]]; then
	# echo "could not upload for notarization"
	# exit 1
	# else
	# echo "Notarization RequestUUID: $requestUUID"
	# fi
	# echo -e "\n\nChecking result of notarisation..."
	# request_status="in progress"
	# while [[ "$request_status" == "in progress" ]]; do
	# echo -n "waiting... "
	# sleep 10
	# request_status=$(xcrun altool --notarization-info $requestUUID --username "$MACOS_NOTARIZE_USERNAME" --password "$MACOS_NOTARIZE_PASSWORD" 2>&1)
	# echo "$request_status"
	# request_status=$(echo "$request_status" \| awk -F ': ' '/Status:/ { print $2; }' )
	# echo "$request_status"
	# done
	# echo "$request_status"
	# if [[ $request_status != "success" ]]; then
	# echo "## could not notarize - $request_status - ${{ env.TN_FILENAME }}-${{ matrix.builds.name }}-${{ env.VERSION }}.pkg"
	# exit 1
	# else
	# echo -e "\nStapling package...${{ env.TN_FILENAME }}-${{ matrix.builds.name }}-${{ env.VERSION }}.pkg\n"
	# xcrun stapler staple -v "${distDirPKG}/${{ env.TN_FILENAME }}-${{ matrix.builds.name }}-${{ env.VERSION }}.pkg"
	# fi
	#
	# - name: Artifact upload for macOS pkg
	# if: startsWith(runner.os,'macOS')
	# continue-on-error: true
	# uses: actions/upload-artifact@v4
	# with:
	# name: ${{ env.TN_FILENAME }}-${{ matrix.builds.name }}-${{ env.VERSION }}.pkg
	# path: "${{ env.distDirPKG }}/${{ env.TN_FILENAME }}-${{ matrix.builds.name }}-${{ env.VERSION }}*.pkg"

	# unlike inno script studio, iscc.exe doesn't run the [precompile] step generate_config.bat
	# - name: Build the Windows installer
	# shell: cmd
	# if: startsWith(runner.os,'Windows')
	# run: \|
	# cd buildtools
	# call generate_config.bat
	# "%programfiles(x86)%\Inno Setup 6\iscc.exe" "/DMyAppVersion=${{ env.VERSION }}-${{ env.VSHA_SHORT }}-release" "/DTariSuitePath=${{ github.workspace }}${{ env.TBN_DIST }}" "windows_inno_installer.iss"

	# - name: Artifact upload for Windows installer
	# uses: actions/upload-artifact@v4
	# if: startsWith(runner.os,'Windows')
	# with:
	# name: "tari_windows_installer"
	# path: "${{ github.workspace }}/buildtools/Output/*"

	- name: Archive and Checksum Binaries
	shell: bash
	run: \|
	echo "Archive ${{ env.BINFILE }} too ${{ env.BINFILE }}.zip"
	cd "$GITHUB_WORKSPACE${{ env.TBN_DIST }}"
	echo "Compute files shasum"
	${SHARUN} * >> "${{ env.BINFILE }}.sha256"
	echo "Show the shasum"
	cat "${{ env.BINFILE }}.sha256"
	echo "Checksum verification for files is "
	${SHARUN} --check "${{ env.BINFILE }}.sha256"
	7z a "${{ env.BINFILE }}.zip" *
	echo "Compute archive shasum"
	${SHARUN} "${{ env.BINFILE }}.zip" >> "${{ env.BINFILE }}.zip.sha256"
	echo "Show the shasum"
	cat "${{ env.BINFILE }}.zip.sha256"
	echo "Checkum verification archive is "
	${SHARUN} --check "${{ env.BINFILE }}.zip.sha256"

	- name: Artifact upload for Archive
	uses: actions/upload-artifact@v4
	with:
	name: ${{ env.TN_FILENAME }}_archive-${{ matrix.builds.name }}
	path: "${{ github.workspace }}${{ env.TBN_DIST }}/${{ env.BINFILE }}.zip*"

	# - name: Sync dist to S3 - Bash
	# continue-on-error: true # Don't break if s3 upload fails
	# if: ${{ env.AWS_SECRET_ACCESS_KEY != '' && matrix.builds.runs-on != 'self-hosted' }}
	# shell: bash
	# run: \|
	# echo "Starting upload ... ${{ env.SOURCE }}"
	# if [ "$RUNNER_OS" == "Windows" ]; then
	# echo "No ls for 'D:' on Windows"
	# else
	# ls -al ${{ env.SOURCE }}
	# fi
	# aws s3 ${{ env.S3CMD }} --region ${{ secrets.AWS_REGION }} \
	# "${{ env.SOURCE }}" \
	# s3://${{ secrets.AWS_S3_BUCKET }}/${{ env.DEST_DIR }} \
	# ${{ env.S3OPTIONS }}
	# echo "Done - $?"
	# exit 0
	# env:
	# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	# SOURCE: "${{ github.workspace }}${{ env.TBN_DIST }}"
	# DEST_DIR: "${{ env.S3DESTOVERRIDE }}${{ env.PLATFORM_SPECIFIC_DIR }}/"
	# S3CMD: "cp"
	# S3OPTIONS: '--recursive --exclude "" --include ".zip" --include ".pkg*"'
	# # S3OPTIONS: '--recursive --exclude "" --include ".zip*"'
	# # S3OPTIONS: '--acl public-read'
	#
	# - name: Copy tags to latest s3 - Bash
	# continue-on-error: true # Don't break if s3 upload fails
	# if: ${{ env.AWS_SECRET_ACCESS_KEY != '' && matrix.builds.runs-on != 'self-hosted' && startsWith(github.ref, 'refs/tags/v') }}
	# shell: bash
	# run: \|
	# echo "Starting upload ... ${{ env.SOURCE }}"
	# if [ "$RUNNER_OS" == "Windows" ]; then
	# echo "No ls for 'D:' on Windows"
	# else
	# ls -al ${{ env.SOURCE }}
	# fi
	#
	# aws s3 ${{ env.S3CMD }} --region ${{ secrets.AWS_REGION }} \
	# "${{ env.SOURCE }}" \
	# s3://${{ secrets.AWS_S3_BUCKET }}/current/${{ env.DEST_DIR }} \
	# ${{ env.S3OPTIONS }}
	#
	# aws s3 rm --region ${{ secrets.AWS_REGION }} \
	# s3://${{ secrets.AWS_S3_BUCKET }}/latest/${{ env.DEST_DIR }}/*
	#
	# aws s3 ${{ env.S3CMD }} --region ${{ secrets.AWS_REGION }} \
	# "${{ env.SOURCE }}" \
	# s3://${{ secrets.AWS_S3_BUCKET }}/latest/${{ env.DEST_DIR }} \
	# ${{ env.S3OPTIONS }}
	# echo "Done - $?"
	# exit 0
	# env:
	# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	# SOURCE: "${{ github.workspace }}${{ env.TBN_DIST }}"
	# DEST_DIR: "${{ env.S3DESTOVERRIDE }}${{ env.PLATFORM_SPECIFIC_DIR }}/"
	# S3CMD: "cp"
	# S3OPTIONS: '--recursive --exclude "" --include ".zip" --include ".pkg*"'
	# # S3OPTIONS: '--acl public-read'

	create-release:
	runs-on: ubuntu-latest
	needs: builds
	if: ${{ startsWith(github.ref, 'refs/tags/v') }}
	steps:
	- name: Download binaries
	uses: actions/download-artifact@v4
	- name: Create release
	uses: ncipollo/release-action@v1
	with:
	artifacts: "tari_//"
	token: ${{ secrets.GITHUB_TOKEN }}
	prerelease: true
	draft: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build Matrix of Binaries #229

Workflow file

Build Matrix of Binaries #229

Jobs

Run details

Workflow file for this run