iperf3-static/.github/workflows/ci-linux-emulation.yml at master · userdocs/iperf3-static · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: ci - linux binary emulation build

on:
  workflow_call:
    outputs:
      release_tags:
        value: ${{ jobs.build.outputs.release_tags }}
    inputs:
      source_repo:
        type: string
        required: true
      source_branch:
        type: string
        required: true
    secrets:
      VT_API_KEY:
        required: false

env:
  GH_TOKEN: "${{ github.TOKEN }}"

jobs:
  build:
    runs-on: ubuntu-24.04-arm
    environment: production
    outputs:
      release_tags: ${{ steps.release_tags.outputs.release_tag }}
    strategy:
      fail-fast: false
      matrix:
        name: [iperf3]
        os_id: [alpine]
        os_version_id: [latest]
        arch: [amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, riscv64, s390x]
        include:
          - arch: amd64
            platform: linux/amd64
          - arch: arm32v6
            platform: linux/arm/v6
          - arch: arm32v7
            platform: linux/arm/v7
          - arch: arm64v8
            platform: linux/arm64
          - arch: i386
            platform: linux/i386
          - arch: ppc64le
            platform: linux/ppc64le
          - arch: riscv64
            platform: linux/riscv64
          - arch: s390x
            platform: linux/s390x

    name: ${{ matrix.name }} ${{ matrix.os_id }}:${{ matrix.os_version_id }} ${{ matrix.arch }}

    env:
      CDN: http://dl-cdn.alpinelinux.org/alpine/edge/main/
      source_repo: ${{ inputs.source_repo }}
      source_branch: ${{ inputs.source_branch }}
      container_name: builder

    steps:
      - name: Checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

      - name: Host - Bootstrap qemu
        uses: userdocs/actions/qemu@e8f57bd585c7bb6dcce011694d6772bab657abca # v1.0.7
        with:
          target_arch: ${{ matrix.arch }}

      - name: Host - Bootstrap docker container
        uses: userdocs/actions/qbt_docker@e8f57bd585c7bb6dcce011694d6772bab657abca # v1.0.7
        with:
          os_id: ${{ matrix.arch }}/${{ matrix.os_id }}
          os_version_id: ${{ matrix.os_version_id }}
          additional_apps: >
            build-base pkgconf autoconf automake curl libtool git tar curl perl openssl-dev openssl-libs-static linux-headers
          custom_docker_commands: |
            -e CPPFLAGS=-I${wd}/local/include -I/usr/include/fortify -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3
            -e LDFLAGS=-static --static -L${wd}/local/lib -Wl,-O1,--as-needed,--sort-common,-z,nodlopen,-z,noexecstack,-z,now,-z,relro,-z,--no-copy-dt-needed-entries,--build-id

      - name: Git clone ${{ matrix.name }}
        run: docker exec "${container_name}" git clone --no-tags --single-branch --branch "${source_branch}" --shallow-submodules --recurse-submodules -j"$(nproc)" --depth 1 "${source_repo}" "${wd}/${{ matrix.name }}"

      - name: Configure ${{ matrix.name }}
        run: docker exec -w "${wd}/${{ matrix.name }}" "${container_name}" ./configure --disable-shared --with-openssl=/usr --enable-static-bin --prefix=${wd}

      - name: Make Build ${{ matrix.name }}
        run: docker exec -w "${wd}/${{ matrix.name }}" "${container_name}" make -j$(nproc)

      - name: Make Install Build ${{ matrix.name }}
        run: docker exec -w "${wd}/${{ matrix.name }}" "${container_name}" make install

      - name: Rename ${{ matrix.name }} to ${{ matrix.name }}-${{ matrix.arch }}
        run: docker exec "${container_name}" mv -f "${wd}/bin/${{ matrix.name }}" "${wd}/${{ matrix.name }}-${{ matrix.arch }}"

      - name: Create path to binary env
        run: printf '%s\n' "binary_path=${{ github.workspace }}/${{ matrix.name }}-${{ matrix.arch }}" >> $GITHUB_ENV

      - name: VirusTotal Scan
        id: virustotal
        uses: crazy-max/ghaction-virustotal@936d8c5c00afe97d3d9a1af26d017cfdf26800a2 # v5.0.0
        with:
          vt_api_key: ${{ secrets.VT_API_KEY }}
          files: ${{ env.binary_path }}

      - name: sha256sum
        run: |
          printf '%s' https://www.virustotal.com/gui/file/$(sha256sum ${binary_path} | awk '{print $1}') > "${{ matrix.name }}-${{ matrix.arch }}.url"
          cat ${{ matrix.name }}-${{ matrix.arch }}.url

      - name: Create tag env
        run: printf '%s\n' "release_tag=$(sed -rn 's|(.*)\[(.*)],\[https://github.com/esnet/iperf],(.*)|\2|p' "${{ matrix.name }}/configure.ac")" >> $GITHUB_ENV

      - name: Set tag env to output
        id: release_tags
        run: printf '%s\n' "release_tag=${release_tag}" >> $GITHUB_OUTPUT

      - name: Generate artifact attestation
        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
        with:
          subject-path: ${{ env.binary_path }}

      - name: "Create artifact"
        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
        with:
          name: ${{ matrix.name }}-${{ matrix.arch }}
          path: |
            ${{ env.binary_path }}
            ${{ matrix.name }}-${{ matrix.arch }}.url