forked from c-ares/c-ares
-
Notifications
You must be signed in to change notification settings - Fork 0
107 lines (102 loc) · 3.52 KB
/
package.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# Copyright (C) The c-ares project and its contributors
# SPDX-License-Identifier: MIT
name: Build Release Package
on:
push:
concurrency:
group: ${{ github.ref }}-build-release-package
cancel-in-progress: true
env:
TEST_FILTER: "--gtest_filter=-*LiveSearchTXT*:*LiveSearchANY*"
MAKE: make
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: write
discussions: write
outputs:
hashes: ${{ steps.hash.outputs.hashes }}
version: ${{ steps.version.outputs.version }}
name: "build"
steps:
- name: Install packages
uses: awalsh128/cache-apt-pkgs-action@latest
with:
packages: autoconf automake libtool g++ libgmock-dev pkg-config gdb
version: 1.0
- name: Checkout c-ares
uses: actions/checkout@v4
- name: Get Tag version
id: version
run: |
version=`echo ${GITHUB_REF} | grep '^refs/tags/v' | sed -e 's|^refs/tags/v\(.*\)|\1|'`
if [ "$version" = "" ] ; then
version="prerelease"
fi
echo "version=${version}" >> "$GITHUB_OUTPUT"
- name: "build c-ares tarball"
run: |
autoreconf -fi
./configure
make dist
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: "c-ares-src-tarball"
path: 'c-ares-*.tar.gz'
if-no-files-found: error
overwrite: true
retention-days: 7
- name: Upload Release
uses: softprops/action-gh-release@v2
if: startsWith(github.ref, 'refs/tags/')
with:
body_path: RELEASE-NOTES.md
draft: true
make_latest: true
name: ${{ steps.version.outputs.version }}
files: c-ares-${{ steps.version.outputs.version }}.tar.gz
fail_on_unmatched_files: true
discussion_category_name: "Announcements"
- name: Generate subject
id: hash
run: |
set -euo pipefail
echo "hashes=$(sha256sum c-ares-*.tar.gz | base64 -w0)" >> "$GITHUB_OUTPUT"
provenance:
needs: [build]
permissions:
actions: read # To read the workflow path.
id-token: write # To sign the provenance.
contents: write # To add assets to a release.
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
with:
base64-subjects: "${{ needs.build.outputs.hashes }}"
upload-tag-name: "${{ needs.build.outputs.version }}"
draft-release: true
# NOTE: Due to issue with duplicating a draft, we need to download the provenance and
# upload it ourselves via the "upload-provenance" step.
# upload-assets: ${{ startsWith(github.ref, 'refs/tags/') }}
upload-assets: false
provenance-name: "c-ares-${{ needs.build.outputs.version }}.intoto.jsonl"
upload-provenance:
needs: [provenance]
runs-on: ubuntu-latest
permissions:
actions: read # To read the workflow path.
contents: write # To add assets to a release.
steps:
- name: Download the provenance
uses: actions/download-artifact@v4
with:
name: ${{needs.provenance.outputs.provenance-name}}
- name: Upload Provenance to Release
uses: softprops/action-gh-release@v2
if: startsWith(github.ref, 'refs/tags/')
id: upload-provenance
with:
name: ${{ needs.build.outputs.version }}
draft: true
files: ${{needs.provenance.outputs.provenance-name}}
fail_on_unmatched_files: true