Add preflight to --no-verify-sigs #158
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build project | |
on: push | |
jobs: | |
build: | |
name: Build | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
ghc: ['8.8.4', '8.10.7', '9.0.2'] | |
cabal: ['3.8'] | |
os: ['ubuntu-20.04', 'ubuntu-22.04', 'macOS-latest'] | |
steps: | |
# Setup | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
# Haskell Setup | |
- name: Install GHC and Cabal | |
uses: haskell-actions/setup@v2 | |
with: | |
ghc-version: ${{ matrix.ghc }} | |
cabal-version: ${{ matrix.cabal }} | |
- name: Confirm GHC and Cabal installation | |
run: | | |
ghc --version | |
cabal --version | |
# Project Setup | |
- name: Create cabal.project.local | |
if: matrix.ghc == '9.0.2' || matrix.ghc == '8.10.7' | |
run: | | |
cat > cabal.project.local <<EOF | |
allow-newer: *:base | |
EOF | |
# dist cache | |
# the cache-key forces uploading of cache at least once a day, which ensures that | |
# upstream dependency changes are captured regularly. | |
- name: Create date file for dist-newstyle cache key | |
id: cache-date | |
run: | | |
echo "value=$(date +%Y.%j)" >> $GITHUB_OUTPUT | |
- uses: actions/cache@v3 | |
name: Cache dist-newstyle | |
with: | |
path: | | |
~/.cabal/packages | |
~/.cabal/store | |
dist-newstyle | |
key: ${{ matrix.os }}-${{ matrix.ghc }}-${{ steps.cache-date.outputs.value }}-${{ hashFiles('cabal.*', '*.cabal', 'src/**', 'test/**') }} | |
restore-keys: | | |
${{ matrix.os }}-${{ matrix.ghc }}-${{ steps.cache-date.outputs.value }}- | |
${{ matrix.os }}-${{ matrix.ghc }}- | |
# Build | |
- name: Update package database | |
run: cabal update | |
- name: Display outdated packages | |
run: cabal outdated | |
- name: Install build dependencies | |
run: cabal build --only-dependencies | |
- name: Build | |
run: cabal build | |
- name: Show installed packages | |
run: cabal freeze && cat cabal.project.freeze | |
# Upload artifacts | |
- name: Copy build artifact | |
run: cp `cabal list-bin exe:kda` . | |
- name: Stripping binary | |
run: strip kda | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: kda-build-${{ matrix.os }}-${{ matrix.ghc }} | |
path: kda | |
# Test | |
- name: Test | |
run: cabal test | |
# ########################################################################## # | |
# Build and publish docker image | |
docker-image: | |
name: Build and publish docker image | |
needs: [build] | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
ghc: ["8.10.7"] | |
os: ["ubuntu-20.04"] | |
steps: | |
- name: Get build artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: kda-build-${{ matrix.os }}-${{ matrix.ghc }} | |
path: . | |
- name: Create Dockerfile | |
run: | | |
chmod 755 kda | |
export OS=${{ matrix.os }} | |
cat > Dockerfile <<EOF | |
FROM ubuntu:${OS#ubuntu-} | |
LABEL com.chainweb.docker.image.compiler="ghc-${{ matrix.ghc }}" | |
LABEL com.chainweb.docker.image.os="${OS}" | |
RUN apt-get update && apt-get install -y ca-certificates libgmp10 libssl1.1 locales && rm -rf /var/lib/apt/lists/* && locale-gen en_US.UTF-8 && update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 | |
ENV LANG=en_US.UTF-8 | |
WORKDIR /home/kda | |
COPY kda /usr/bin/ | |
ENTRYPOINT ["/usr/bin/kda"] | |
EOF | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v3 | |
with: | |
images: ghcr.io/kadena-io/kda-tool | |
tags: | | |
type=sha | |
type=ref,event=branch | |
type=ref,event=tag | |
type=ref,event=pr | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Cache Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: kadena-build | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push | |
id: docker_build | |
uses: docker/build-push-action@v2 | |
with: | |
push: true | |
context: . | |
file: ./Dockerfile | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |