saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

We only really need one job

Browse source 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
This commit is contained in:
Pedro Algarvio 2023-11-23 11:35:54 +00:00 committed by Pedro Algarvio
parent 3a439b6d82
commit 1a3459e4fb
4 changed files with 15 additions and 217 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
.github/workflows/build-deps-onedir-macos.yml vendored
View file

@ -46,7 +46,10 @@ jobs:
matrix:
arch:
- x86_64
runs-on: macos-12
- aarch64
runs-on:
- ${{ matrix.arch == 'aarch64' && 'macos-13-xlarge' || 'macos-12' }}
steps:
- name: "Throttle Builds"
@ -83,48 +86,3 @@ jobs:
arch: ${{ matrix.arch }}
python-version: "${{ inputs.python-version }}"
cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }}
build-deps-macos-arm64:
name: macOS
if: ${{ inputs.github-hosted-runners }}
strategy:
fail-fast: false
max-parallel: 2
matrix:
arch:
- aarch64
runs-on: macos-13-xlarge
steps:
- name: "Throttle Builds"
shell: bash
run: |
t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t"
- uses: actions/checkout@v4
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Setup Relenv
id: setup-relenv
uses: ./.github/actions/setup-relenv
with:
platform: darwin
arch: ${{ matrix.arch }}
version: ${{ inputs.relenv-version }}
cache-seed: ${{ inputs.cache-seed }}
python-version: ${{ inputs.python-version }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Install Salt Packaging Dependencies into Relenv Onedir
uses: ./.github/actions/build-onedir-deps
with:
platform: darwin
arch: ${{ matrix.arch }}
python-version: "${{ inputs.python-version }}"
cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }}

121
.github/workflows/build-macos-packages.yml vendored
View file

@ -48,13 +48,14 @@ jobs:
matrix:
arch:
- x86_64
- aarch64
source:
- ${{ inputs.source }}
runs-on:
- macos-12
steps:
- ${{ matrix.arch == 'aarch64' && 'macos-13-xlarge' || 'macos-12' }}
steps:
- name: Check Package Signing Enabled
shell: bash
id: check-pkg-sign
@ -81,7 +82,7 @@ jobs:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: 3.9
python-version: 3.11
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
@ -155,117 +156,3 @@ jobs:
path: pkg/macos/salt-${{ inputs.salt-version }}-py3-*.pkg
retention-days: 7
if-no-files-found: error
build-pkgs-arm64:
name: macOS
environment: ${{ inputs.environment }}
strategy:
fail-fast: false
matrix:
arch:
- aarch64
source:
- ${{ inputs.source }}
runs-on:
- macos-13-xlarge
steps:
- name: Check Package Signing Enabled
shell: bash
id: check-pkg-sign
run: |
if [ "${{ inputs.sign-packages }}" == "true" ]; then
if [ "${{ (secrets.MAC_SIGN_APPLE_ACCT != '' && contains(fromJSON('["nightly", "staging"]'), inputs.environment)) && 'true' || 'false' }}" != "true" ]; then
MSG="Secrets for signing packages are not available. The packages created will NOT be signed."
echo "${MSG}"
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
echo "sign-pkgs=false" >> "$GITHUB_OUTPUT"
else
MSG="The packages created WILL be signed."
echo "${MSG}"
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
echo "sign-pkgs=true" >> "$GITHUB_OUTPUT"
fi
else
MSG="The sign-packages input is false. The packages created will NOT be signed."
echo "${MSG}"
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
echo "sign-pkgs=false" >> "$GITHUB_OUTPUT"
fi
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ inputs.salt-version }}"
- name: Download Onedir Tarball as an Artifact
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}-onedir-darwin-${{ matrix.arch }}.tar.xz
path: artifacts/
- name: Prepare Package Signing
if: ${{ steps.check-pkg-sign.outputs.sign-pkgs == 'true' }}
run: |
echo ${{ secrets.MAC_SIGN_DEV_APP_CERT_B64 }} | base64 --decode > app-cert.p12
echo ${{ secrets.MAC_SIGN_DEV_INSTALL_CERT_B64 }} | base64 --decode > install-cert.p12
# Create SaltSigning keychain. This will contain the certificates for signing
security create-keychain -p "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}"
# Append SaltSigning keychain to the search list
security list-keychains -d user -s "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" "$(security list-keychains -d user | sed s/\"//g)"
# Unlock the keychain so we can import certs
security unlock-keychain -p "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}"
# Developer Application Certificate
security import "app-cert.p12" -t agg -k "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" -P "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" -A
rm app-cert.p12
# Developer Installer Certificate
security import "install-cert.p12" -t agg -k "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" -P "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" -A
rm install-cert.p12
security set-key-partition-list -S apple-tool:,apple: -k "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" &> /dev/null
- name: Build MacOS Package
env:
DEV_APP_CERT: "${{ secrets.MAC_SIGN_DEV_APP_CERT }}"
DEV_INSTALL_CERT: "${{ secrets.MAC_SIGN_DEV_INSTALL_CERT }}"
APPLE_ACCT: "${{ secrets.MAC_SIGN_APPLE_ACCT }}"
APPLE_TEAM_ID: "${{ secrets.MAC_SIGN_APPLE_TEAM_ID }}"
APP_SPEC_PWD: "${{ secrets.MAC_SIGN_APP_SPEC_PWD }}"
run: |
tools pkg build macos --relenv-version=${{ inputs.relenv-version }} --python-version=${{ inputs.python-version }} ${{
inputs.source == 'onedir' &&
format(
'--onedir salt-{0}-onedir-darwin-{1}.tar.xz --salt-version {0} {2}',
inputs.salt-version,
matrix.arch,
steps.check-pkg-sign.outputs.sign-pkgs == 'true' && '--sign' || ''
)
||
format('--salt-version {0}', inputs.salt-version)
}}
- name: Set Artifact Name
id: set-artifact-name
run: |
if [ "${{ inputs.source }}" != "src" ]; then
echo "artifact-name=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-macos" >> "$GITHUB_OUTPUT"
else
echo "artifact-name=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-macos-from-src" >> "$GITHUB_OUTPUT"
fi
- name: Upload ${{ matrix.arch }} Package
uses: actions/upload-artifact@v3
with:
name: ${{ steps.set-artifact-name.outputs.artifact-name }}
path: pkg/macos/salt-${{ inputs.salt-version }}-py3-*.pkg
retention-days: 7
if-no-files-found: error

59
.github/workflows/build-salt-onedir-macos.yml vendored
View file

@ -46,60 +46,11 @@ jobs:
matrix:
arch:
- x86_64
runs-on: macos-12
steps:
- name: "Throttle Builds"
shell: bash
run: |
t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t"
- uses: actions/checkout@v4
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Setup Relenv
id: setup-relenv
uses: ./.github/actions/setup-relenv
with:
platform: darwin
arch: ${{ matrix.arch }}
version: ${{ inputs.relenv-version }}
cache-seed: ${{ inputs.cache-seed }}
python-version: ${{ inputs.python-version }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ inputs.salt-version }}"
- name: Install Salt into Relenv Onedir
uses: ./.github/actions/build-onedir-salt
with:
platform: darwin
arch: ${{ matrix.arch }}
salt-version: "${{ inputs.salt-version }}"
python-version: "${{ inputs.python-version }}"
cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }}
build-salt-macos-arm64:
name: macOS
if: ${{ inputs.github-hosted-runners }}
strategy:
fail-fast: false
max-parallel: 2
matrix:
arch:
- aarch64
runs-on: macos-13-xlarge
steps:
runs-on:
- ${{ matrix.arch == 'aarch64' && 'macos-13-xlarge' || 'macos-12' }}
steps:
- name: "Throttle Builds"
shell: bash
run: |
@ -116,13 +67,15 @@ jobs:
uses: ./.github/actions/setup-relenv
with:
platform: darwin
arch: ${{ matrix.arch }}
arch: ${{ matrix.arch == 'aarch64' && 'arm64' || matrix.arch }}
version: ${{ inputs.relenv-version }}
cache-seed: ${{ inputs.cache-seed }}
python-version: ${{ inputs.python-version }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
with:
cache-prefix: ${{ inputs.cache-seed }}-build-salt-macos
- name: Setup Salt Version
id: setup-salt-version

2
.github/workflows/build-windows-packages.yml vendored
View file

@ -92,7 +92,7 @@ jobs:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: 3.9
python-version: 3.11
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts