pulumi/.github/workflows/ci-build-binaries.yml

138 lines
4.2 KiB
YAML

name: Build Binaries
permissions:
contents: read
on:
workflow_call:
inputs:
ref:
required: true
description: "GitHub ref to use"
type: string
os:
required: true
description: "Target OS (i.e.: GOOS)"
type: string
arch:
required: true
description: "Target Architecture (i.e.: GOARCH)"
type: string
build-platform:
required: false
default: ubuntu-latest
description: 'Build platform (i.e.: runs-on) for job'
type: string
dev-version:
required: false
description: "Dev version to bake into the binary"
type: string
version:
required: true
description: "Version to produce"
type: string
version-set:
required: true
description: "Set of language versions to use for builds, lints, releases, etc."
type: string
enable-coverage:
description: "Build coverage instrumented binaries"
default: false
required: false
type: boolean
enable-race-detection:
description: "Build binaries with race detection"
default: false
required: false
type: boolean
defaults:
run:
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
build:
name: ${{ inputs.os }}-${{ inputs.arch }}
runs-on: ${{ inputs.build-platform }}
permissions:
id-token: write
steps:
- name: "Windows cache workaround"
# https://github.com/actions/cache/issues/752#issuecomment-1222415717
# but only modify the path by adding tar.exe
if: ${{ runner.os == 'Windows' }}
env:
TOOL_BIN: ${{ runner.temp }}/tar-bin
run: |
set -x
mkdir -p "${TOOL_BIN}"
cp "C:/Program Files/Git/usr/bin/tar.exe" "${TOOL_BIN}"
PATH="${TOOL_BIN}:${PATH}"
echo "$TOOL_BIN" | tee -a "$GITHUB_PATH"
command -v tar
tar --version
- uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
- name: Configure Go Cache Key
env:
CACHE_KEY: "${{ fromJson(inputs.version-set).go }}-${{ runner.os }}-${{ runner.arch }}"
run: echo "$CACHE_KEY" > .gocache.tmp
- uses: actions/setup-go@v5
with:
go-version: ${{ fromJson(inputs.version-set).go }}
cache: true
cache-dependency-path: |
pkg/go.sum
.gocache.tmp
- name: Setup versioning env vars
run: |
./scripts/versions.sh | tee -a "${GITHUB_ENV}"
- name: Install GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
install-only: true
distribution: goreleaser-pro
- name: Prepare bin dir for goreleaser
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GOOS: ${{ inputs.os }}
GOARCH: ${{ inputs.arch }}
run: ./scripts/prep-for-goreleaser.sh local
- name: Show files and permissions
if: ${{ runner.os != 'macOS'}}
run: find bin -type f -printf "%M %p/"\\n
- name: Show files and permissions
if: ${{ runner.os == 'macOS'}}
run: |
brew install findutils
gfind bin -type f -printf "%M %p/"\\n
- name: Package
shell: bash
env:
GORELEASER_CURRENT_TAG: v${{ inputs.version }}
PULUMI_VERSION: ${{ inputs.dev-version || inputs.version }}
PULUMI_BUILD_MODE: ${{ inputs.enable-coverage && 'coverage' || 'normal' }}
PULUMI_ENABLE_RACE_DETECTION: ${{ inputs.enable-race-detection && 'true' || 'false' }}
run: |
set -euxo pipefail
# Spurious, this command requires piping via stdin
# shellcheck disable=SC2002
cat .goreleaser.yml \
| go run github.com/t0yv0/goreleaser-filter@v0.3.0 -goos ${{ inputs.os }} -goarch ${{ inputs.arch }} \
| goreleaser release -f - -p 5 --skip=validate --clean --snapshot
- uses: actions/upload-artifact@v4
if: ${{ inputs.os != 'js' }}
with:
name: artifacts-cli-${{ inputs.os }}-${{ inputs.arch }}
overwrite: true
retention-days: 1
path: |
goreleaser/*.tar.gz
goreleaser/*.zip