WAF Builder: independent configuration manager to generate WAF instances #3674
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: [ master ] | |
tags: | |
- "*" | |
pull_request: | |
branches: | |
- "**" | |
schedule: | |
- cron: 30 0 * * * | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
windows-builds: | |
runs-on: windows-2019 | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: | |
- Win32 | |
- x64 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- uses: ilammy/msvc-dev-cmd@v1 | |
- name: Create Directories | |
run: cmake -E make_directory ${{ github.workspace }}/build ${{ github.workspace }}/packages | |
- name: Generating Build Scripts | |
run: cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DLIBDDWAF_PACKAGE_PROCESSOR=${{ matrix.arch }} -DCMAKE_INSTALL_PREFIX=${{ github.workspace }} -DCPACK_PACKAGE_DIRECTORY=${{ github.workspace }}/packages ${{ github.workspace }} -A ${{ matrix.arch }} | |
working-directory: ${{ github.workspace }}/build | |
- name: Build | |
run: cmake --build . --target package --config RelWithDebInfo --verbose --target libddwaf_shared --target libddwaf_static --target tests/waf_test -j | |
working-directory: ${{ github.workspace }}/build | |
- name: Test | |
run: ${{ github.workspace }}/build/tests/waf_test | |
working-directory: ${{ github.workspace }}/tests | |
- name: Remove Temporary Files | |
run: cmake -E remove_directory _CPack_Packages | |
working-directory: ${{ github.workspace }}/packages | |
- name: Generate Package sha256 | |
working-directory: ${{ github.workspace }}/packages | |
run: for file in *.tar.gz; do sha256sum "$file" > "$file.sha256"; done | |
shell: bash | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: libddwaf-windows-${{ matrix.arch }} | |
path: | | |
${{ github.workspace }}/packages/*.tar.gz | |
${{ github.workspace }}/packages/*.sha256 | |
macos-build: | |
runs-on: macos-13 | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: | |
- x86_64 | |
- arm64 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Select Xcode version | |
run: sudo xcode-select --switch /Applications/Xcode_14.3.1.app | |
- name: Create Build Directory | |
run: cmake -E make_directory ${{ github.workspace }}/build ${{ github.workspace }}/packages | |
- name: Generating Build Scripts | |
run: cmake -DCMAKE_OSX_ARCHITECTURES=${{ matrix.arch }} -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=${{ github.workspace }} -DCPACK_PACKAGE_DIRECTORY=${{ github.workspace }}/packages ${{ github.workspace }} | |
working-directory: ${{ github.workspace }}/build | |
- name: Build Binaries | |
run: cmake --build . --config RelWithDebInfo --verbose --target all --target waf_test -j $(getconf _NPROCESSORS_ONLN) | |
working-directory: ${{ github.workspace }}/build | |
- name: Test | |
if: matrix.arch == 'x86_64' | |
run: ${{ github.workspace }}/build/tests/waf_test | |
working-directory: ${{ github.workspace }}/tests | |
- name: Build Packages | |
run: cmake --build . --target package --config RelWithDebInfo --verbose | |
working-directory: ${{ github.workspace }}/build | |
- name: Remove Temporary Files | |
run: cmake -E remove_directory _CPack_Packages | |
working-directory: ${{ github.workspace }}/packages | |
- name: Generate Package sha256 | |
working-directory: ${{ github.workspace }}/packages | |
run: for file in *.tar.gz; do shasum -a 256 "$file" > "$file.sha256"; done | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: libddwaf-macos-${{ matrix.arch }} | |
path: | | |
${{ github.workspace }}/packages/*.tar.gz | |
${{ github.workspace }}/packages/*.sha256 | |
macos-universal-package: | |
runs-on: macos-13 | |
needs: [macos-build] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
path: artifacts | |
- name: Create universal binary | |
run: | | |
# Create temporal folders | |
mkdir -p ./pack-temp/{osx-x64,osx-arm64,osx} | |
ls ./artifacts | |
# Extract x86_64 and arm64 artifacts | |
tar -zxf ./artifacts/libddwaf-macos-x86_64/libddwaf-*-darwin-x86_64*.tar.gz -C ./pack-temp/osx-x64 | |
tar -zxf ./artifacts/libddwaf-macos-arm64/libddwaf-*-darwin-arm64*.tar.gz -C ./pack-temp/osx-arm64 | |
# Copy one as a base for the universal artifact (headers and cmake files doesn't contains any arch data, so it's safe to use for the universal package) | |
cp -R ./pack-temp/osx-x64/* ./pack-temp/osx | |
# Declare names vars | |
x64Name=$(cd ./pack-temp/osx-x64 && ls) | |
arm64Name=$(cd ./pack-temp/osx-arm64 && ls) | |
universalName=$((cd ./pack-temp/osx && ls) | sed 's/x86_64/universal/g') | |
# Change the current folder name with the universal name | |
mv ./pack-temp/osx/libddwaf-*-darwin-* ./pack-temp/osx/$universalName | |
echo "--- x86_64 target ---" | |
file ./pack-temp/osx-x64/$x64Name/lib/libddwaf.dylib | |
otool -l ./pack-temp/osx-x64/$x64Name/lib/libddwaf.dylib | egrep "(minos|sdk)" | |
echo "--- arm64 target ---" | |
file ./pack-temp/osx-arm64/$arm64Name/lib/libddwaf.dylib | |
otool -l ./pack-temp/osx-arm64/$arm64Name/lib/libddwaf.dylib | egrep "(minos|sdk)" | |
# Create the universal binary for the shared library: libddwaf.dylib | |
lipo ./pack-temp/osx-x64/$x64Name/lib/libddwaf.dylib ./pack-temp/osx-arm64/$arm64Name/lib/libddwaf.dylib -create -output ./pack-temp/osx/$universalName/lib/libddwaf.dylib | |
# Check the universal binary | |
(lipo -archs ./pack-temp/osx/$universalName/lib/libddwaf.dylib | grep -q 'x86_64 arm64') && echo 'archs ok' | |
# Create the universal binary for the static library: libddwaf.a.stripped | |
lipo ./pack-temp/osx-x64/$x64Name/lib/libddwaf.a.stripped ./pack-temp/osx-arm64/$arm64Name/lib/libddwaf.a.stripped -create -output ./pack-temp/osx/$universalName/lib/libddwaf.a.stripped | |
# Check the universal binary | |
(lipo -archs ./pack-temp/osx/$universalName/lib/libddwaf.a.stripped | grep -q 'x86_64 arm64') && echo 'archs ok' | |
# Create the universal binary for the static library: libddwaf.a | |
lipo ./pack-temp/osx-x64/$x64Name/lib/libddwaf.a ./pack-temp/osx-arm64/$arm64Name/lib/libddwaf.a -create -output ./pack-temp/osx/$universalName/lib/libddwaf.a | |
# Check the universal binary | |
(lipo -archs ./pack-temp/osx/$universalName/lib/libddwaf.a | grep -q 'x86_64 arm64') && echo 'archs ok' | |
# Create final tar preserving the same folder structure | |
mkdir -p ./packages | |
tar -czvf ./packages/$universalName.tar.gz -C ./pack-temp/osx/ $universalName | |
- name: Generate Package sha256 | |
working-directory: ${{ github.workspace }}/packages | |
run: | | |
brew install coreutils | |
for file in *.tar.gz; do shasum -a 256 "$file" > "$file.sha256"; done | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: libddwaf-macos-universal | |
path: | | |
${{ github.workspace }}/packages/*.tar.gz | |
${{ github.workspace }}/packages/*.sha256 | |
docker-builds: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
target: | |
- name: mingw64 | |
dockerfile: docker/libddwaf/gcc/mingw64/Dockerfile | |
package: libddwaf-linux-mingw64 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- run: docker build -f ${{ matrix.target.dockerfile }} -o /tmp/packages . | |
- run: ${{ matrix.target.check_script }} | |
if: matrix.target.check_script | |
name: Invoke check script | |
- name: Generate Package sha256 | |
working-directory: /tmp/packages | |
run: for file in *.tar.gz; do sha256sum "$file" > "$file.sha256"; done | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.target.package }} | |
path: | | |
/tmp/packages/*.tar.gz | |
/tmp/packages/*.sha256 | |
linux-musl-build: | |
strategy: | |
fail-fast: false | |
matrix: | |
target: | |
- name: x86_64 | |
arch: x86_64 | |
qemu_action_arch: amd64 | |
platform: linux/amd64 | |
package: libddwaf-x86_64-linux-musl | |
- name: i386 | |
arch: i386 | |
qemu_action_arch: i386 | |
platform: linux/386 | |
package: libddwaf-i386-linux-musl | |
- name: aarch64 | |
arch: aarch64 | |
qemu_action_arch: arm64 | |
platform: linux/arm64 | |
package: libddwaf-aarch64-linux-musl | |
- name: armv7 | |
arch: armv7 | |
qemu_action_arch: arm | |
platform: linux/arm/v7 | |
package: libddwaf-armv7-linux-musl | |
runs-on: ${{ matrix.arch == 'amd64' && 'ubuntu-latest' || 'arm-4core-linux-arm-limited' }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- uses: docker/setup-buildx-action@v3 | |
id: buildx | |
with: | |
install: true | |
- run: docker build --progress=plain --build-arg "ARCH=${{ matrix.target.arch }}" -f docker/libddwaf/build/Dockerfile -o packages . | |
- name: Smoketest musl (gcc) | |
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 | |
with: | |
timeout_minutes: 10 | |
max_attempts: 3 | |
command: docker build --progress=plain --platform ${{ matrix.target.platform }} --build-arg "ARCH=${{ matrix.target.arch }}" -f docker/libddwaf/smoketest/musl/Dockerfile . | |
- name: Smoketest musl (clang) | |
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 | |
with: | |
timeout_minutes: 10 | |
max_attempts: 3 | |
command: docker build --progress=plain --platform ${{ matrix.target.platform }} --build-arg "ARCH=${{ matrix.target.arch }}" -f docker/libddwaf/smoketest/musl_llvm/Dockerfile . | |
- name: Smoketest gnu (gcc) | |
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 | |
with: | |
timeout_minutes: 10 | |
max_attempts: 3 | |
command: docker build --progress=plain --platform ${{ matrix.target.platform }} --build-arg "ARCH=${{ matrix.target.arch }}" -f docker/libddwaf/smoketest/gnu/Dockerfile . | |
- name: Smoketest gnu rhel 6 (gcc) | |
if: matrix.target.qemu_action_arch == 'amd64' | |
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 | |
with: | |
timeout_minutes: 10 | |
max_attempts: 3 | |
command: docker build --progress=plain --platform ${{ matrix.target.platform }} --build-arg "ARCH=${{ matrix.target.arch }}" -f docker/libddwaf/smoketest/gnu_rhel6/Dockerfile . | |
- name: Generate Package sha256 | |
working-directory: packages | |
run: for file in *.tar.gz; do sha256sum "$file" > "$file.sha256"; done | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.target.package }} | |
path: | | |
packages/*.tar.gz | |
packages/*.sha256 | |
package-nuget: | |
needs: [ windows-builds, macos-universal-package, linux-musl-build] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: nuget/setup-nuget@v2 | |
with: | |
nuget-version: '5.x' | |
- uses: actions/download-artifact@v4 | |
with: | |
path: artifacts | |
- name: Display structure of downloaded files | |
run: find | |
- name: Package Nuget | |
run: | | |
sudo apt-get update && sudo apt-get install -y libarchive-tools mono-complete | |
function extract_file { | |
local -r arch=$1 filepat=$2 dest=$3 | |
local -r file_in_arch=$(bsdtar -tf "$arch" | grep "$filepat" | head -1) | |
bsdtar -xOf "$arch" "$file_in_arch" > "$dest"/"$(basename "$file_in_arch")" | |
} | |
mkdir -p ./packages/nuget/runtimes/{linux-x64,linux-arm64,osx,win-x86,win-x64}/native | |
extract_file ./artifacts/libddwaf-x86_64-linux-musl/libddwaf-*-x86_64-linux-musl*.tar.gz \ | |
'/libddwaf\.so$' ./packages/nuget/runtimes/linux-x64/native | |
extract_file ./artifacts/libddwaf-aarch64-linux-musl/libddwaf-*-aarch64-linux-musl*.tar.gz \ | |
'/libddwaf\.so$' ./packages/nuget/runtimes/linux-arm64/native | |
extract_file ./artifacts/libddwaf-windows-Win32/libddwaf-*-windows-win32*.tar.gz \ | |
'/ddwaf\.dll$' ./packages/nuget/runtimes/win-x86/native | |
extract_file ./artifacts/libddwaf-windows-x64/libddwaf-*-windows-x64*.tar.gz \ | |
'/ddwaf\.dll$' ./packages/nuget/runtimes/win-x64/native | |
extract_file ./artifacts/libddwaf-macos-universal/libddwaf-*-darwin-universal*.tar.gz \ | |
'/libddwaf\.dylib$' ./packages/nuget/runtimes/osx/native | |
# create nuget | |
version=`cat ./version` | |
echo Version is: $version | |
mkdir output-packages | |
nuget pack ./packages/nuget/libddwaf.nuspec -Version $version -OutputDirectory ./output-packages | |
- name: Generate Package sha256 | |
working-directory: ${{ github.workspace }}/output-packages | |
run: for file in *.nupkg; do sha256sum "$file" > "$file.sha256"; done | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: nuget | |
path: ${{ github.workspace }}/output-packages | |
release: | |
needs: [ windows-builds, macos-build, docker-builds, linux-musl-build, package-nuget] | |
runs-on: ubuntu-latest | |
if: startsWith(github.ref, 'refs/tags/') | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
path: artifacts | |
- name: Display structure of downloaded files | |
run: find | |
- name: Release | |
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 | |
with: | |
draft: true | |
files: | | |
./artifacts/**/*.tar.gz | |
./artifacts/**/*.sha256 | |
./artifacts/**/*.nupkg |