From 72d17ccf5c559947de2e2c08b0778f677e3e5051 Mon Sep 17 00:00:00 2001 From: s3rj1k Date: Thu, 6 Jun 2024 23:59:10 +0200 Subject: [PATCH] [GHA] Add build workflow. --- .../docker/debian/bookworm/amd64/Dockerfile | 97 ++++++++++++++++ .../docker/debian/bookworm/arm32v7/Dockerfile | 96 ++++++++++++++++ .../docker/debian/bookworm/arm64v8/Dockerfile | 96 ++++++++++++++++ .../docker/debian/bullseye/amd64/Dockerfile | 96 ++++++++++++++++ .../docker/debian/bullseye/arm32v7/Dockerfile | 96 ++++++++++++++++ .../docker/debian/bullseye/arm64v8/Dockerfile | 96 ++++++++++++++++ .github/docker/debian/buster/amd64/Dockerfile | 97 ++++++++++++++++ .../docker/debian/buster/arm32v7/Dockerfile | 96 ++++++++++++++++ .../docker/debian/buster/arm64v8/Dockerfile | 96 ++++++++++++++++ .github/workflows/build.yml | 107 ++++++++++++++++++ 10 files changed, 973 insertions(+) create mode 100644 .github/docker/debian/bookworm/amd64/Dockerfile create mode 100644 .github/docker/debian/bookworm/arm32v7/Dockerfile create mode 100644 .github/docker/debian/bookworm/arm64v8/Dockerfile create mode 100644 .github/docker/debian/bullseye/amd64/Dockerfile create mode 100644 .github/docker/debian/bullseye/arm32v7/Dockerfile create mode 100644 .github/docker/debian/bullseye/arm64v8/Dockerfile create mode 100644 .github/docker/debian/buster/amd64/Dockerfile create mode 100644 .github/docker/debian/buster/arm32v7/Dockerfile create mode 100644 .github/docker/debian/buster/arm64v8/Dockerfile create mode 100644 .github/workflows/build.yml diff --git a/.github/docker/debian/bookworm/amd64/Dockerfile b/.github/docker/debian/bookworm/amd64/Dockerfile new file mode 100644 index 0000000000..b500830148 --- /dev/null +++ b/.github/docker/debian/bookworm/amd64/Dockerfile @@ -0,0 +1,97 @@ +ARG BUILDER_IMAGE=debian:bookworm-20240513 + +FROM ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=bookworm +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-unstable/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" + +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bookworm/arm32v7/Dockerfile b/.github/docker/debian/bookworm/arm32v7/Dockerfile new file mode 100644 index 0000000000..43b4778b3e --- /dev/null +++ b/.github/docker/debian/bookworm/arm32v7/Dockerfile @@ -0,0 +1,96 @@ +ARG BUILDER_IMAGE=arm32v7/debian:bookworm-20240513 + +FROM --platform=linux/arm32 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=bookworm +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc -a armhf ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bookworm/arm64v8/Dockerfile b/.github/docker/debian/bookworm/arm64v8/Dockerfile new file mode 100644 index 0000000000..50c24957f1 --- /dev/null +++ b/.github/docker/debian/bookworm/arm64v8/Dockerfile @@ -0,0 +1,96 @@ +ARG BUILDER_IMAGE=arm64v8/debian:bookworm-20240513 + +FROM --platform=linux/arm64 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=bookworm +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-unstable/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc -a arm64 ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bullseye/amd64/Dockerfile b/.github/docker/debian/bullseye/amd64/Dockerfile new file mode 100644 index 0000000000..aefbd38224 --- /dev/null +++ b/.github/docker/debian/bullseye/amd64/Dockerfile @@ -0,0 +1,96 @@ +ARG BUILDER_IMAGE=debian:bullseye-20240513 + +FROM ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=bullseye +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-unstable/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bullseye/arm32v7/Dockerfile b/.github/docker/debian/bullseye/arm32v7/Dockerfile new file mode 100644 index 0000000000..b3a6f00c36 --- /dev/null +++ b/.github/docker/debian/bullseye/arm32v7/Dockerfile @@ -0,0 +1,96 @@ +ARG BUILDER_IMAGE=arm32v7/debian:bullseye-20240513 + +FROM --platform=linux/arm32 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=bullseye +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc -a armhf ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bullseye/arm64v8/Dockerfile b/.github/docker/debian/bullseye/arm64v8/Dockerfile new file mode 100644 index 0000000000..dfa899540e --- /dev/null +++ b/.github/docker/debian/bullseye/arm64v8/Dockerfile @@ -0,0 +1,96 @@ +ARG BUILDER_IMAGE=arm64v8/debian:bullseye-20240513 + +FROM --platform=linux/arm64 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=bullseye +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-unstable/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc -a arm64 ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/buster/amd64/Dockerfile b/.github/docker/debian/buster/amd64/Dockerfile new file mode 100644 index 0000000000..119a18076e --- /dev/null +++ b/.github/docker/debian/buster/amd64/Dockerfile @@ -0,0 +1,97 @@ +ARG BUILDER_IMAGE=debian:buster-20240513 + +FROM ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=buster +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-unstable/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} + +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/buster/arm32v7/Dockerfile b/.github/docker/debian/buster/arm32v7/Dockerfile new file mode 100644 index 0000000000..2113f55bd8 --- /dev/null +++ b/.github/docker/debian/buster/arm32v7/Dockerfile @@ -0,0 +1,96 @@ +ARG BUILDER_IMAGE=arm32v7/debian:buster-20240513 + +FROM --platform=linux/arm32 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=buster +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/rpi/debian-dev/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc -a armhf ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/buster/arm64v8/Dockerfile b/.github/docker/debian/buster/arm64v8/Dockerfile new file mode 100644 index 0000000000..150a77fec2 --- /dev/null +++ b/.github/docker/debian/buster/arm64v8/Dockerfile @@ -0,0 +1,96 @@ +ARG BUILDER_IMAGE=arm64v8/debian:buster-20240513 + +FROM --platform=linux/arm64 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +# Credentials +ARG REPO_DOMAIN=freeswitch.signalwire.com +ARG REPO_USERNAME=user +ARG REPO_PASSWORD=password + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +ARG DATA_DIR=/data +ARG CODENAME=buster +ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" + +MAINTAINER "${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list +deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-unstable ${CODENAME} main +EOF + +RUN --mount=type=secret,id=REPO_PASSWORD \ + printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ + printf "login ${REPO_USERNAME} " >> ~/.netrc && \ + printf "password " >> ~/.netrc && \ + cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ + cp -f ~/.netrc /etc/apt/auth.conf + +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-unstable/signalwire-freeswitch-repo.gpg + +# Bootstrap and Build +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} +RUN echo "export VERSION=$(cat ./build/next-release.txt | tr -d '\n')" | tee -a ~/.env + +RUN . ~/.env && ./debian/util.sh prep-create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x +RUN . ~/.env && ./debian/util.sh prep-create-dsc -a arm64 ${CODENAME} + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN . ~/.env && ./debian/util.sh create-orig -n -V${VERSION}-${BUILD_NUMBER}-${GIT_SHA} -x + +RUN dpkg-source \ + --diff-ignore=.* \ + --compression=xz \ + --compression-level=9 \ + --build \ + . \ + && debuild -b -us -uc \ + && mkdir OUT \ + && mv -v ../*.{deb,dsc,changes,tar.*} OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000000..e16da9a364 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,107 @@ +name: Build and Distribute + +on: + pull_request: + push: + branches: + - master + paths: + - "**" + workflow_dispatch: + +concurrency: + group: ${{ github.head_ref || github.ref }} + +jobs: + excludes: + runs-on: ubuntu-latest + outputs: + deb: ${{ steps.deb.outputs.excludes }} + steps: + - id: deb + name: Generate Matrix excludes for DEB + run: | + JSON="[]" + + if [[ "${{ github.event_name }}" == "pull_request" ]]; then + JSON=$(jq -n '[ + { + "version": "bookworm", + "platform": { + "name": "amd64" + } + }, + { + "version": "bookworm", + "platform": { + "name": "arm64v8" + } + }, + { + "version": "bullseye" + } + ]') + fi + + echo "excludes=$(echo $JSON | jq -c .)" | tee -a $GITHUB_OUTPUT + + deb: + name: 'DEB' + permissions: + id-token: write + contents: read + needs: + - excludes + uses: signalwire/actions-template/.github/workflows/cicd-docker-build-and-distribute.yml@main + strategy: + # max-parallel: 1 + fail-fast: false + matrix: + os: + - debian + version: + - bookworm + - bullseye + - buster + platform: + - name: amd64 + runner: ubuntu-latest + - name: arm32v7 + runner: linux-arm64-4-core-public + - name: arm64v8 + runner: linux-arm64-4-core-public + exclude: ${{ fromJson(needs.excludes.outputs.deb) }} + with: + RUNNER: ${{ matrix.platform.runner }} + ARTIFACTS_PATTERN: '.*\.(deb|dsc|changes|tar.bz2|tar.gz|tar.lzma|tar.xz)$' + DOCKERFILE: .github/docker/${{ matrix.os }}/${{ matrix.version }}/${{ matrix.platform.name }}/Dockerfile + MAINTAINER: 'Andrey Volk ' + META_FILE_PATH_PREFIX: /var/www/freeswitch/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }} + PLATFORM: ${{ matrix.platform.name }} + REPO_DOMAIN: freeswitch.signalwire.com + TARGET_ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-artifact + UPLOAD_BUILD_ARTIFACTS: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} + secrets: + GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} + HOSTNAME: ${{ secrets.HOSTNAME }} + PROXY_URL: ${{ secrets.PROXY_URL }} + USERNAME: ${{ secrets.USERNAME }} + TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} + REPO_USERNAME: 'signalwire' + REPO_PASSWORD: ${{ secrets.REPOTOKEN }} + + meta: + name: 'Publish build data to meta-repo' + if: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} + needs: + - deb + permissions: + id-token: write + contents: read + uses: signalwire/actions-template/.github/workflows/meta-repo-content.yml@main + with: + META_CONTENT: '/var/www/freeswitch/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }}' + META_REPO: signalwire/bamboo_gha_trigger + META_REPO_BRANCH: trigger/freeswitch/${{ github.ref_name }} + secrets: + GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }}