-
Notifications
You must be signed in to change notification settings - Fork 8
152 lines (136 loc) · 5.28 KB
/
dissect-ci.yml
File metadata and controls
152 lines (136 loc) · 5.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
name: Dissect CI
on:
push:
branches:
- main
tags:
- '*'
pull_request:
workflow_dispatch:
jobs:
ci:
uses: fox-it/dissect-workflow-templates/.github/workflows/dissect-ci-template.yml@main
secrets: inherit
with:
run-benchmarks: true
build-native:
runs-on: ${{ matrix.os }}
# continue-on-error: true
strategy:
matrix:
include:
- os: ubuntu-latest
arch: x86_64
- os: ubuntu-latest
arch: i686
- os: ubuntu-latest
arch: ppc64le
- os: ubuntu-latest
arch: s390x
- os: ubuntu-24.04-arm
arch: aarch64
- os: ubuntu-24.04-arm
arch: armv7l
- os: windows-latest
arch: AMD64
- os: windows-latest
arch: x86
- os: windows-11-arm
arch: ARM64
- os: macos-13
arch: x86_64
- os: macos-14
arch: arm64
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: git lfs install --local
- name: Create LFS file list
run: git lfs ls-files --long | cut -d ' ' -f1 | sort > .lfs-assets-id
- name: Cache LFS
uses: actions/cache@v4
with:
path: .git/lfs
key: lfs-${{ hashFiles('.lfs-assets-id') }}-v1
- name: Pull LFS
run: git lfs pull
- name: Setup QEMU (Linux)
if: runner.os == 'Linux' && runner.arch == 'X64' && matrix.arch != 'x86_64'
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ matrix.arch == 'ppc64le' && 'linux/ppc64le' || matrix.arch == 's390x' && 'linux/s390x' || '' }}
- name: Setup Rust
if: ${{ matrix.os != 'windows-11-arm' }}
run: curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain stable
- name: Setup Rust (Windows 11 ARM)
if: ${{ matrix.os == 'windows-11-arm' }}
run: |
Invoke-WebRequest -Uri "https://win.rustup.rs/aarch64" -OutFile "$env:TEMP\rustup-init.exe"
& "$env:TEMP\rustup-init.exe" -y
"$env:USERPROFILE\.cargo\bin" | Out-File -Append -Encoding ascii $env:GITHUB_PATH
"CARGO_HOME=$env:USERPROFILE\.cargo" | Out-File -Append -Encoding ascii $env:GITHUB_ENV
shell: pwsh
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.13"
- name: Install cibuildwheel
run: python -m pip install cibuildwheel==2.23.2
- name: Build wheels
run: python -m cibuildwheel --output-dir dist
env:
CIBW_ARCHS: ${{ matrix.arch }}
# Rust needs to be installed in every Linux container
CIBW_BEFORE_ALL_LINUX: curl -sSf https://sh.rustup.rs | sh -s -- -y
# Add i686 target for Windows only when building for x86
CIBW_BEFORE_ALL_WINDOWS: ${{ matrix.arch == 'x86' && 'rustup target add i686-pc-windows-msvc' || '' }}
# Manually install setuptools-rust to enable building native wheels
CIBW_BEFORE_BUILD: >
python -m pip install -U tomli setuptools-rust &&
python -m pip install -U `python -c 'import tomli; print(" ".join(tomli.load(open("pyproject.toml", "rb"))["build-system"]["requires"]))'`
CIWB_BEFORE_BUILD_WINDOWS: >
python -m pip install -U tomli setuptools-rust &&
python -m pip install -I @($(python -c "import tomli; print(*tomli.load(open('pyproject.toml', 'rb'))['build-system']['requires'])") -split " ")
# Disable build isolation so we utilize setuptools-rust
CIBW_BUILD_FRONTEND: "build; args: --no-isolation"
# Set the limited API to CPython 3.9
CIBW_CONFIG_SETTINGS: --build-option=--py-limited-api=cp39
# Enable PyPy builds
CIBW_ENABLE: pypy
# Specific environment variables for each OS
CIBW_ENVIRONMENT_LINUX: PATH="$HOME/.cargo/bin:$PATH"
CIBW_ENVIRONMENT_MACOS: MACOSX_DEPLOYMENT_TARGET=10.12
# There are no Rust releases for these architectures
CIBW_SKIP: '*-musllinux_i686 *-musllinux_ppc64le *-musllinux_s390x *-musllinux_armv7l'
# Run tests
CIBW_TEST_REQUIRES: tox
CIBW_TEST_COMMAND: tox -e native -c {package}/tox.ini --installpkg {wheel}
- name: Run abi3audit
run: pip install abi3audit && abi3audit --strict --report dist/*-abi3-*.whl
- uses: actions/upload-artifact@v4
with:
name: packages-native-${{ matrix.os }}-${{ matrix.arch }}
path: dist/*
retention-days: 1
publish:
if: ${{ github.ref_name == 'main' || github.ref_type == 'tag' }}
needs: [ci]
runs-on: ubuntu-latest
environment: dissect_publish
permissions:
id-token: write
steps:
- uses: actions/download-artifact@v4
with:
pattern: packages-*
path: dist/
# According to the documentation, it automatically looks inside the `dist/` folder for packages.
- name: Publish package distributions to Pypi
uses: pypa/gh-action-pypi-publish@release/v1
trigger-tests:
needs: [publish]
uses: fox-it/dissect-workflow-templates/.github/workflows/dissect-ci-demand-test-template.yml@main
secrets: inherit
with:
on-demand-test: 'dissect.target'