binaries #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: binaries | |
| on: | |
| push: | |
| # Don't run on version tags (these are used for JS module). | |
| tags-ignore: | |
| - 'v**' | |
| branches: | |
| - '**' | |
| paths: | |
| - .github/workflows/binaries.yml | |
| - patches/* | |
| - scripts/* | |
| pull_request: | |
| schedule: | |
| - cron: '0 0 * * 0' # run each Sunday | |
| env: | |
| ALPINE_BRANCH: v3.18 | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| JOBS: 3 | |
| CFLAGS: -Os -fomit-frame-pointer -pipe | |
| LINUX_LDFLAGS: -static -Wl,--as-needed -Wl,-Map,linker.map | |
| DARWIN_LDFLAGS: -Wl,-map,linker.map | |
| WIN32_LDFLAGS: -Wl,--as-needed -Wl,-Map,linker.map | |
| # Don't update binaries with unchanged sources. | |
| SKIP_SAME_SOURCES: true | |
| jobs: | |
| nginx-multi-linux: | |
| name: nginx-${{ matrix.NGINX_VERSION }}-${{ matrix.ARCH }}-linux | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| NGINX_VERSION: | |
| - 1.25.x | |
| - 1.26.x | |
| ARCH: | |
| - x86_64 | |
| - aarch64 | |
| steps: | |
| - name: Checkout master branch | |
| uses: actions/checkout@v4 | |
| with: | |
| path: master | |
| - name: Download and extract nginx | |
| run: ./master/scripts/fetch-sources -d . nginx/nginx@release-${{ matrix.NGINX_VERSION }} | |
| - name: Install Alpine ${{ env.ALPINE_BRANCH }} for ${{ matrix.ARCH }} | |
| uses: jirutka/setup-alpine@v1 | |
| with: | |
| arch: ${{ matrix.ARCH }} | |
| branch: ${{ env.ALPINE_BRANCH }} | |
| packages: > | |
| build-base | |
| jansson-dev | |
| jansson-static | |
| linux-headers | |
| openssl-dev | |
| openssl-libs-static | |
| pcre-dev | |
| zlib-dev | |
| zlib-static | |
| - name: Build nginx | |
| env: | |
| CFLAGS: ${{ env.CFLAGS }} | |
| LDFLAGS: ${{ env.LINUX_LDFLAGS }} | |
| run: ./master/scripts/build-nginx | |
| shell: alpine.sh {0} | |
| - name: Upload nginx binary to artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: nginx-${{ matrix.NGINX_VERSION }}-${{ matrix.ARCH }}-linux | |
| path: artifact/* | |
| nginx-x86_64-darwin: | |
| name: nginx-${{ matrix.NGINX_VERSION }}-x86_64-darwin | |
| runs-on: macos-13 | |
| strategy: | |
| matrix: | |
| NGINX_VERSION: | |
| - 1.25.x | |
| - 1.26.x | |
| steps: | |
| - name: Install dependencies | |
| run: brew install gsed jansson jq openssl@3 pcre zlib | |
| - name: Checkout master branch | |
| uses: actions/checkout@v4 | |
| with: | |
| path: master | |
| - name: Download and extract nginx | |
| run: ./master/scripts/fetch-sources -d . nginx/nginx@release-${{ matrix.NGINX_VERSION }} | |
| # cmake prefers dynamic libs and there's no option to change it, so | |
| # we have to remove them to give it no other option than using static. | |
| - name: Remove dylibs | |
| run: | | |
| rm /usr/local/opt/jansson/lib/*.dylib | |
| rm /usr/local/opt/openssl/lib/*.dylib | |
| rm /usr/local/opt/pcre/lib/*.dylib | |
| rm /usr/local/opt/zlib/lib/*.dylib | |
| - name: Build nginx | |
| env: | |
| CFLAGS: ${{ env.CFLAGS }} -I/usr/local/opt/jansson/include -I/usr/local/opt/openssl/include -I/usr/local/opt/pcre/include -I/usr/local/opt/zlib/include | |
| LDFLAGS: ${{ env.DARWIN_LDFLAGS }} -L/usr/local/opt/jansson/lib -L/usr/local/opt/openssl/lib -L/usr/local/opt/pcre/lib -L/usr/local/opt/zlib/lib | |
| run: ./master/scripts/build-nginx | |
| - name: Upload nginx binary to artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: nginx-${{ matrix.NGINX_VERSION }}-x86_64-darwin | |
| path: artifact/* | |
| nginx-aarch64-darwin: | |
| name: nginx-${{ matrix.NGINX_VERSION }}-aarch64-darwin | |
| runs-on: macos-14 | |
| strategy: | |
| matrix: | |
| NGINX_VERSION: | |
| - 1.25.x | |
| - 1.26.x | |
| steps: | |
| - name: Install dependencies | |
| run: brew install gsed jansson jq openssl@3 pcre zlib | |
| - name: Checkout master branch | |
| uses: actions/checkout@v4 | |
| with: | |
| path: master | |
| - name: Download and extract nginx | |
| run: ./master/scripts/fetch-sources -d . nginx/nginx@release-${{ matrix.NGINX_VERSION }} | |
| # cmake prefers dynamic libs and there's no option to change it, so | |
| # we have to remove them to give it no other option than using static. | |
| - name: Remove dylibs | |
| run: | | |
| rm /opt/homebrew/opt/jansson/lib/*.dylib | |
| rm /opt/homebrew/opt/openssl/lib/*.dylib | |
| rm /opt/homebrew/opt/pcre/lib/*.dylib | |
| rm /opt/homebrew/opt/zlib/lib/*.dylib | |
| - name: Build nginx | |
| env: | |
| CFLAGS: ${{ env.CFLAGS }} -I/opt/homebrew/opt/jansson/include -I/opt/homebrew/opt/openssl/include -I/opt/homebrew/opt/pcre/include -I/opt/homebrew/opt/zlib/include | |
| LDFLAGS: ${{ env.DARWIN_LDFLAGS }} -L/opt/homebrew/opt/jansson/lib -L/opt/homebrew/opt/openssl/lib -L/opt/homebrew/opt/pcre/lib -L/opt/homebrew/opt/zlib/lib | |
| run: ./master/scripts/build-nginx | |
| - name: Upload nginx binary to artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: nginx-${{ matrix.NGINX_VERSION }}-aarch64-darwin | |
| path: artifact/* | |
| upload: | |
| name: Upload binaries | |
| needs: | |
| - nginx-multi-linux | |
| - nginx-x86_64-darwin | |
| - nginx-aarch64-darwin | |
| if: github.ref == 'refs/heads/master' && github.event_name != 'pull_request' | |
| runs-on: ubuntu-latest | |
| container: | |
| image: docker://alpine:3.18 | |
| steps: | |
| - name: Install dependencies | |
| run: apk add -U git nodejs tree | |
| - name: Checkout master branch | |
| uses: actions/checkout@v4 | |
| with: | |
| path: master | |
| - name: Checkout binaries branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: binaries | |
| path: binaries | |
| - name: Download and unpack all workflow run artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: artifact | |
| merge-multiple: true | |
| - name: List unpacked artifact files | |
| run: ls -lah artifact/ | |
| # XXX: Windows builds of nginx and macOS builds of njs-debug are not reproducible. | |
| # This is a workaround to avoid unnecessary updates of binaries that are built from | |
| # very same sources as the existing (note that we track even used system libs). | |
| - name: Move binaries with changed source checksums to the repository | |
| if: env.SKIP_SAME_SOURCES == 'true' | |
| working-directory: binaries | |
| run: | | |
| mv ../artifact/*.sources . | |
| for name in $(git status --porcelain | cut -c4-); do | |
| mv -v ../artifact/${name%.sources}* . | |
| done | |
| - name: Move all binaries to the repository | |
| if: env.SKIP_SAME_SOURCES != 'true' | |
| run: mv -v artifact/* binaries/ | |
| - name: Generate index.json | |
| run: ./master/scripts/generate-index --json binaries/ binaries/index.json | |
| - name: Generate index.csv | |
| run: ./master/scripts/generate-index --csv binaries/ binaries/index.csv | |
| - name: Generate index.html | |
| working-directory: binaries | |
| run: tree -hv -H . -o index.html . | |
| - name: Check if there are any changes | |
| id: has_changes | |
| working-directory: binaries | |
| run: | | |
| git status || exit 1 | |
| test -n "$(git status --porcelain)" && result=yes || result=no | |
| echo "result=$result" >> $GITHUB_OUTPUT | |
| - name: Commit changes | |
| if: steps.has_changes.outputs.result == 'yes' | |
| working-directory: binaries | |
| run: | | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "github-actions[bot]" | |
| git add --all | |
| git commit -m "Built from ${{ github.sha }}" | |
| - name: Push changes back to origin | |
| if: steps.has_changes.outputs.result == 'yes' | |
| working-directory: binaries | |
| run: | | |
| # XXX: workaround for https://github.com/orgs/community/discussions/55820 | |
| git config --global http.version HTTP/1.1 | |
| git push https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git binaries |