-
Notifications
You must be signed in to change notification settings - Fork 197
131 lines (106 loc) · 4.19 KB
/
release.yml
File metadata and controls
131 lines (106 loc) · 4.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Release
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
tag:
description: 'Tag to build (e.g. v12.0.0)'
required: true
type: string
jobs:
build:
name: Build and upload release artifacts
runs-on: ubuntu-latest
container: archlinux:latest
steps:
- name: Install dependencies
run: pacman --noconfirm -Syu && pacman --needed --noconfirm -S base-devel gnupg gzip bzip2 xz zip git autoconf automake nasm curl mtools llvm clang lld
- name: Import GPG public key
run: gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys 05D29860D0A0668AAEFB9D691F3C021BECA23821
- name: Import GPG private key
run: echo "$MINTSUKI_PRIVATE_KEY" | gpg --batch --import
env:
MINTSUKI_PRIVATE_KEY: ${{ secrets.MINTSUKI_PRIVATE_KEY }}
- name: Checkout code
uses: actions/checkout@v6
with:
ref: ${{ inputs.tag || github.ref }}
- name: Git config
run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: Get tag name
run: |
if [ -n "${{ inputs.tag }}" ]; then
echo "TAG_NAME=${{ inputs.tag }}" >> $GITHUB_ENV
else
echo "TAG_NAME=$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))" >> $GITHUB_ENV
fi
- name: Regenerate
run: ./bootstrap
- name: Create build dir
run: mkdir -p build
- name: Configure
run: cd build && ../configure --enable-all
- name: Package source release tarball
run: |
make -C build dist
mv build/limine-*.tar.* ./
- name: Build the bootloader
run: make -C build -j$(nproc)
- name: Clean limine
run: rm build/bin/limine
- name: Fetch MinGW
run: |
curl -Lo /tmp/mingw-i486.tar.xz https://github.com/osdev0/mingw-binary-builds/releases/latest/download/mingw-i486.tar.xz
cd /tmp
tar -xf mingw-i486.tar.xz
- name: Build limine for Windows
run: |
make -C build/bin CC="/tmp/mingw-i486/bin/i486-w64-mingw32-gcc" CFLAGS="-O2 -pipe" CPPFLAGS="-D__USE_MINGW_ANSI_STDIO" limine
/tmp/mingw-i486/bin/i486-w64-mingw32-strip build/bin/limine.exe
mkdir build/bin/limine-tool-windows-x86
mv build/bin/limine.exe build/bin/limine-tool-windows-x86/
- name: Copy LICENSE to bin
run: cp COPYING build/bin/LICENSE
- name: Remove limine-bios-hdd.bin
run: rm build/bin/limine-bios-hdd.bin
- name: Create binary release zip and tarballs
run: |
mv build/bin ./limine-binary
zip -r limine-binary.zip limine-binary
tar -cvf limine-binary.tar limine-binary
gzip < limine-binary.tar > limine-binary.tar.gz
xz < limine-binary.tar > limine-binary.tar.xz
rm -rf limine-binary.tar limine-binary
- name: Sign release tarballs
run: |
for f in limine-*.tar.* limine-binary.zip; do
gpg --batch --default-key 05D29860D0A0668AAEFB9D691F3C021BECA23821 --detach-sign "$f"
done
- name: Create release notes
run: |
cat <<EOF >rel_notes.txt
Changelog can be found [here](https://github.com/Limine-Bootloader/Limine/blob/$TAG_NAME/ChangeLog).
EOF
cat <<'EOF' >>rel_notes.txt
Tarballs are signed using key ID `05D29860D0A0668AAEFB9D691F3C021BECA23821` which can be obtained from a keyserver such as `keyserver.ubuntu.com`.
Import the public key with:
```bash
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 05D29860D0A0668AAEFB9D691F3C021BECA23821
```
In order to verify the tarball with the given signature, do:
```bash
gpg --verify <tarball sig file> <associated tarball>
```
EOF
- name: Release
uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda
with:
tag_name: ${{ env.TAG_NAME }}
body_path: rel_notes.txt
files: |
limine-*.tar.*
limine-binary.zip*
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}