Skip to content
release

github: Use IAM Roles to push files on AWS S3 #55

Sign in to view logs

github: Use IAM Roles to push files on AWS S3

github: Use IAM Roles to push files on AWS S3 #55

Workflow file for this run

.github/workflows/release.yml at 29fb7fb
name: release
on:
push:
tags:
- "[0-9]+.[0-9]+.[0-9]+*"
jobs:
build:
name: build (${{ matrix.config.os }}, ${{ matrix.config.arch }})
runs-on: ubuntu-latest
env:
LIBUSB_DIR: /opt/lib/libusb-1.0.20/libusb/
strategy:
matrix:
config:
- os: linux
arch: amd64
cross_compile: x86_64-ubuntu16.04-linux-gnu
- os: linux
arch: 386
cross_compile: i686-ubuntu16.04-linux-gnu
- os: linux
arch: arm
cross_compile: arm-linux-gnueabihf
- os: linux
arch: arm64
cross_compile: aarch64-linux-gnu
- os: darwin
arch: amd64
cross_compile: x86_64-apple-darwin13
cross_compiler: o64-clang
- os: windows
arch: 386
cross_compile: i686-w64-mingw32
extension: .exe
container:
image: ghcr.io/arduino/crossbuild:0.1.1
credentials:
username: ${{ github.actor }}
password: ${{ secrets.RP2040_CI_PAT }}
steps:
- name: Checkout rp2040tools repository
uses: actions/checkout@v4
with:
path: rp2040tools
- name: Checkout picotool
uses: actions/checkout@v4
with:
repository: raspberrypi/picotool
path: picotool
- name: Checkout pico-sdk
uses: actions/checkout@v4
with:
repository: raspberrypi/pico-sdk
path: pico-sdk
- name: Set env vars
run: echo "PICO_SDK_PATH=${GITHUB_WORKSPACE}/pico-sdk" >> $GITHUB_ENV
- name: Set env vars for non-macos
run: echo "LIBUSBUDEV=/opt/lib/${{ matrix.config.cross_compile }}/libusbudev.a" >> $GITHUB_ENV
if: matrix.config.os != 'darwin'
- name: Set env vars for macos
run: echo "LIBUSBUDEV=$LIBUSB_DIR.libs/libusb-1.0.a" >> $GITHUB_ENV
if: matrix.config.os == 'darwin'
- name: Set env var for win
run: echo "CFLAGS="-mno-ms-bitfields $CFLAGS"" >> $GITHUB_ENV
if: matrix.config.os == 'windows'
- name: Build picotool
run: |
cd $GITHUB_WORKSPACE/picotool
if ls $GITHUB_WORKSPACE/rp2040tools/patches/picotool_*.patch 1> /dev/null 2>&1
then git apply $GITHUB_WORKSPACE/rp2040tools/patches/picotool_*.patch
fi
mkdir build
cd build
if [ "${{ matrix.config.os }}" = "darwin" ]; then
cmake -DCMAKE_C_COMPILER=${{ matrix.config.cross_compiler }} -DCMAKE_CXX_COMPILER=${{ matrix.config.cross_compiler }}++ -DCMAKE_CXX_FLAGS="${CMAKE_CXX_FLAGS} -framework IOKit -framework Cocoa -pthread" -DLIBUSB_LIBRARIES=$LIBUSBUDEV -DLIBUSB_INCLUDE_DIR=$LIBUSB_DIR ..
else
cmake -DCMAKE_C_COMPILER=${{ matrix.config.cross_compile }}-gcc -DCMAKE_CXX_COMPILER=${{ matrix.config.cross_compile }}-g++ -DCMAKE_EXE_LINKER_FLAGS="-static-libgcc -static-libstdc++" -DCMAKE_CXX_FLAGS="${CMAKE_CXX_FLAGS} -pthread" -DLIBUSB_LIBRARIES=$LIBUSBUDEV -DLIBUSB_INCLUDE_DIR=$LIBUSB_DIR ..
fi
make
mv picotool${{ matrix.config.extension }} /tmp/
- name: Build elf2uf2
run: |
cd $GITHUB_WORKSPACE/pico-sdk/tools/elf2uf2/
if ls $GITHUB_WORKSPACE/rp2040tools/patches/elf2uf2_*.patch 1> /dev/null 2>&1
then git apply $GITHUB_WORKSPACE/rp2040tools/patches/elf2uf2_*.patch
fi
mkdir build
cd build
if [ "${{ matrix.config.os }}" = "darwin" ]; then
cmake -DCMAKE_C_COMPILER=${{ matrix.config.cross_compiler }} -DCMAKE_CXX_COMPILER=${{ matrix.config.cross_compiler }}++ -DCMAKE_CXX_FLAGS="${CMAKE_CXX_FLAGS} -framework IOKit -framework Cocoa" ..
else
cmake -DCMAKE_C_COMPILER=${{ matrix.config.cross_compile }}-gcc -DCMAKE_CXX_COMPILER=${{ matrix.config.cross_compile }}-g++ -DCMAKE_EXE_LINKER_FLAGS="-static-libgcc -static-libstdc++" ..
fi
make
mv elf2uf2${{ matrix.config.extension }} /tmp/
- name: Build pioasm
run: |
cd $GITHUB_WORKSPACE/pico-sdk/tools/pioasm/
if ls $GITHUB_WORKSPACE/rp2040tools/patches/pioasm_*.patch 1> /dev/null 2>&1
then git apply $GITHUB_WORKSPACE/rp2040tools/patches/pioasm_*.patch
fi
mkdir build
cd build
if [ "${{ matrix.config.os }}" = "darwin" ]; then
cmake -DCMAKE_C_COMPILER=${{ matrix.config.cross_compiler }} -DCMAKE_CXX_COMPILER=${{ matrix.config.cross_compiler }}++ -DCMAKE_CXX_FLAGS="${CMAKE_CXX_FLAGS} -framework IOKit -framework Cocoa" ..
else
cmake -DCMAKE_C_COMPILER=${{ matrix.config.cross_compile }}-gcc -DCMAKE_CXX_COMPILER=${{ matrix.config.cross_compile }}-g++ -DCMAKE_EXE_LINKER_FLAGS="-static-libgcc -static-libstdc++" ..
fi
make
mv pioasm${{ matrix.config.extension }} /tmp/
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: tools_${{matrix.config.os}}_${{matrix.config.arch}}
path: |
/tmp/elf2uf2${{ matrix.config.extension }}
/tmp/picotool${{ matrix.config.extension }}
/tmp/pioasm${{ matrix.config.extension }}
build-go:
name: build-go (${{ matrix.config.os }}, ${{ matrix.config.arch }})
runs-on: ubuntu-latest
strategy:
matrix:
config:
- os: linux
arch: amd64
- os: linux
arch: 386
- os: linux
arch: arm
- os: linux
arch: arm64
- os: darwin
arch: amd64
- os: windows
arch: 386
extension: .exe
steps:
- name: Checkout rp2040tools repository
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: "1.16.2"
- name: Install Task
uses: arduino/setup-task@v2
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
version: 3.x
- name: Build rp2040load
run: task go:build
env:
GOOS: ${{ matrix.config.os }}
GOARCH: ${{ matrix.config.arch }}
CGO_ENABLED: 0
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: rp2040load_${{matrix.config.os}}_${{matrix.config.arch}}
path: rp2040load${{ matrix.config.extension }}
create-release:
runs-on: ubuntu-latest
environment: production
needs: [build, build-go]
permissions:
contents: write
id-token: write # This is required for requesting the JWT
env:
TARGET: "/tools/"
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: "us-east-1" # or https://github.com/aws/aws-cli/issues/5623
PROJECT_NAME: rp2040tools
steps:
- name: Checkout rp2040tools repository # we need package_index.template
uses: actions/checkout@v4
- name: Download artifact
uses: actions/download-artifact@v3 # download all the artifacts
- name: Prepare artifacts for the release and handle package_index
run: |
mkdir release
package_index=`cat package_index.template | sed s/%%VERSION%%/${GITHUB_REF##*/}/`
declare -a target_folders=("linux_amd64" "linux_386" "linux_arm64" "linux_arm" "darwin_amd64" "windows_386")
for folder in "${target_folders[@]}"
do
chmod -v +x rp2040load_$folder/* && chmod -v +x tools_$folder/*
mv -v rp2040load_$folder/rp2040load* tools_$folder/
FILENAME=rp2040tools-${GITHUB_REF##*/}-${folder}.tar.bz2
tar -cvjf $FILENAME tools_$folder/
T_OS=`echo ${folder} | awk '{print toupper($0)}'`
SHASUM=`sha256sum ${FILENAME} | cut -f1 -d" "`
SIZE=`stat --printf="%s" ${FILENAME}`
package_index=`echo "$package_index" |
sed s/%%FILENAME_${T_OS}%%/${FILENAME}/ |
sed s/%%FILENAME_${T_OS}%%/${FILENAME}/ |
sed s/%%SIZE_${T_OS}%%/${SIZE}/ |
sed s/%%SHA_${T_OS}%%/${SHASUM}/`
done
mv -v rp2040tools*.tar.bz2 release/
echo ================== CUT ME HERE =====================
echo "${package_index}"
echo "${package_index}" > package_index_draft.json
- name: Create Github Release and upload artifacts
uses: ncipollo/release-action@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
artifacts: "release/*,package_index_draft.json"
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-session-name: "github_${{ env.PROJECT_NAME }}"
aws-region: ${{ env.AWS_REGION }}
- name: Upload release files on Arduino downloads servers
run: aws s3 sync release/ s3://${{ secrets.DOWNLOADS_BUCKET }}${{ env.TARGET }}