static scope #146
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (C) The c-ares project and its contributors | |
| # SPDX-License-Identifier: MIT | |
| name: Build Release Package | |
| on: | |
| push: | |
| concurrency: | |
| group: ${{ github.ref }}-build-release-package | |
| cancel-in-progress: true | |
| env: | |
| TEST_FILTER: "--gtest_filter=-*LiveSearchTXT*:*LiveSearchANY*" | |
| MAKE: make | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| discussions: write | |
| outputs: | |
| hashes: ${{ steps.hash.outputs.hashes }} | |
| version: ${{ steps.version.outputs.version }} | |
| name: "build" | |
| steps: | |
| - name: Install packages | |
| uses: awalsh128/cache-apt-pkgs-action@latest | |
| with: | |
| packages: autoconf automake libtool g++ libgmock-dev pkg-config gdb | |
| version: 1.0 | |
| - name: Checkout c-ares | |
| uses: actions/checkout@v4 | |
| - name: Get Tag version | |
| id: version | |
| run: | | |
| version=`echo ${GITHUB_REF} | grep '^refs/tags/v' | sed -e 's|^refs/tags/v\(.*\)|\1|'` | |
| if [ "$version" = "" ] ; then | |
| version="prerelease" | |
| fi | |
| echo "version=${version}" >> "$GITHUB_OUTPUT" | |
| - name: "build c-ares tarball" | |
| run: | | |
| autoreconf -fi | |
| ./configure | |
| make dist | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: "c-ares-src-tarball" | |
| path: 'c-ares-*.tar.gz' | |
| if-no-files-found: error | |
| overwrite: true | |
| retention-days: 7 | |
| - name: Upload Release | |
| uses: softprops/action-gh-release@v2 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| body_path: RELEASE-NOTES.md | |
| draft: true | |
| make_latest: true | |
| name: ${{ steps.version.outputs.version }} | |
| files: c-ares-${{ steps.version.outputs.version }}.tar.gz | |
| fail_on_unmatched_files: true | |
| discussion_category_name: "Announcements" | |
| - name: Generate subject | |
| id: hash | |
| run: | | |
| set -euo pipefail | |
| echo "hashes=$(sha256sum c-ares-*.tar.gz | base64 -w0)" >> "$GITHUB_OUTPUT" | |
| provenance: | |
| needs: [build] | |
| permissions: | |
| actions: read # To read the workflow path. | |
| id-token: write # To sign the provenance. | |
| contents: write # To add assets to a release. | |
| uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] | |
| with: | |
| base64-subjects: "${{ needs.build.outputs.hashes }}" | |
| upload-tag-name: "${{ needs.build.outputs.version }}" | |
| draft-release: true | |
| # NOTE: Due to issue with duplicating a draft, we need to download the provenance and | |
| # upload it ourselves via the "upload-provenance" step. | |
| # upload-assets: ${{ startsWith(github.ref, 'refs/tags/') }} | |
| upload-assets: false | |
| provenance-name: "c-ares-${{ needs.build.outputs.version }}.intoto.jsonl" | |
| upload-provenance: | |
| needs: [provenance] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read # To read the workflow path. | |
| contents: write # To add assets to a release. | |
| steps: | |
| - name: Download the provenance | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{needs.provenance.outputs.provenance-name}} | |
| - name: Upload Provenance to Release | |
| uses: softprops/action-gh-release@v2 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| id: upload-provenance | |
| with: | |
| name: ${{ needs.build.outputs.version }} | |
| draft: true | |
| files: ${{needs.provenance.outputs.provenance-name}} | |
| fail_on_unmatched_files: true |