mirror of
https://github.com/ElementsProject/lightning.git
synced 2025-02-22 14:42:40 +01:00
ci: Version update for Fedora reproducible build
Closes #7902. Changelog-None.
This commit is contained in:
ShahanaFarooqui
Rusty Russell
parent
1bf92c2dad
commit
b1fbbb0405
4 changed files with 25 additions and 18 deletions
2
.github/workflows/release.yml
vendored
2
.github/workflows/release.yml
vendored
|
|
@ -60,7 +60,7 @@ jobs:
|
|||
fail-fast: false # Let each build finish.
|
||||
matrix:
|
||||
target:
|
||||
- 'bin-Fedora-28-amd64'
|
||||
- 'bin-Fedora'
|
||||
- 'bin-Ubuntu-focal'
|
||||
- 'bin-Ubuntu-jammy'
|
||||
- 'bin-Ubuntu-noble'
|
||||
|
|
|
|||
|
|
@ -117,7 +117,7 @@ Here's a checklist for the release process.
|
|||
8. Push the tag to the remote repository `git push --tags`.
|
||||
9. Create a new release draft for `v<VERSION>.<POINT_VERSION>` on GitHub, ensuring to check the `Set as a pre-release` option.
|
||||
10. Execute the script contrib/cl-repro.sh for the [Builder image setup](https://docs.corelightning.org/docs/repro#builder-image-setup). This will generate the builder images `cl-repro-<codename>` needed for the next step.
|
||||
11. Run the following script to prepare the required builds `tools/build-release.sh bin-Fedora-28-amd64 bin-Ubuntu sign`.
|
||||
11. Run the following script to prepare the required builds `tools/build-release.sh bin-Fedora bin-Ubuntu sign`.
|
||||
12. Upload the reproducible builds along with `SHA256SUMS` and `SHA256SUMS.asc` files from the release folder to the newly drafted release.
|
||||
13. Share the `SHA256SUMS` and `SHA256SUMS.asc` files with the team for verification and signing.
|
||||
14. Append the signatures received from the team to the `SHA256SUMS.asc` file. Verify the file using `gpg --verify SHA256SUMS.asc`. Then re-upload the file.
|
||||
|
|
|
|||
|
|
@ -124,7 +124,7 @@ The release captain is in charge of creating the manifest, whereas contributors
|
|||
## Script build-release
|
||||
1: Pull latest code from master
|
||||
|
||||
2: Run the `tools/build-release.sh bin-Fedora-28-amd64 bin-Ubuntu sign` script. This will create a release directory, build binaries for Fedora, and build binaries for Ubuntu (Focal, Jammy, and Noble). Finally, it will sign the ZIP, Fedora, and Ubuntu builds.
|
||||
2: Run the `tools/build-release.sh bin-Fedora bin-Ubuntu sign` script. This will create a release directory, build binaries for Fedora, and build binaries for Ubuntu (Focal, Jammy, and Noble). Finally, it will sign the ZIP, Fedora, and Ubuntu builds.
|
||||
|
||||
## Manual
|
||||
The release captain creates the manifest as follows:
|
||||
|
|
@ -199,10 +199,12 @@ sha256sum -c SHA256SUMS
|
|||
Producing output similar to the following:
|
||||
|
||||
```shell
|
||||
sha256sum: clightning-v0.9.0-Fedora-28-amd64.tar.gz: No such file or directory
|
||||
clightning-v0.9.0-Fedora-28-amd64.tar.gz: FAILED open or read
|
||||
clightning-v0.9.0-Ubuntu-18.04.tar.xz: OK
|
||||
clightning-v0.9.0.zip: OK
|
||||
sha256sum: clightning-v24.11-Fedora-35-amd64.tar.gz: No such file or directory
|
||||
clightning-v24.11-Fedora-35-amd64.tar.gz: FAILED open or read
|
||||
clightning-v24.11-Ubuntu-20.04.tar.xz: OK
|
||||
clightning-v24.11-Ubuntu-22.04.tar.xz: OK
|
||||
clightning-v24.11-Ubuntu-24.04.tar.xz: OK
|
||||
clightning-v24.11.zip: OK
|
||||
sha256sum: WARNING: 1 listed file could not be read
|
||||
```
|
||||
|
||||
|
|
|
|||
|
|
@ -6,14 +6,17 @@ if [ "$1" = "--inside-docker" ]; then
|
|||
echo "Inside docker: starting build"
|
||||
VER="$2"
|
||||
PLTFM="$3"
|
||||
PLTFMVER="$4"
|
||||
ARCH="$5"
|
||||
git config --global --add safe.directory /src/.git
|
||||
git clone /src /build
|
||||
cd /build || exit
|
||||
poetry export --without-hashes > /tmp/requirements.txt
|
||||
python3 -m pip install -r /tmp/requirements.txt
|
||||
./configure
|
||||
make VERSION="$VER"
|
||||
make install DESTDIR=/"$VER-$PLTFM" RUST_PROFILE=release
|
||||
cd /"$VER-$PLTFM" && tar cvfz /release/clightning-"$VER-$PLTFM".tar.gz -- *
|
||||
make install DESTDIR=/"$VER-$PLTFM-$PLTFMVER-$ARCH" RUST_PROFILE=release
|
||||
cd /"$VER-$PLTFM-$PLTFMVER-$ARCH" && tar cvfz /release/clightning-"$VER-$PLTFM-$PLTFMVER-$ARCH".tar.gz -- *
|
||||
echo "Inside docker: build finished"
|
||||
exit 0
|
||||
fi
|
||||
|
|
@ -22,8 +25,8 @@ FORCE_UNCLEAN=false
|
|||
VERIFY_RELEASE=false
|
||||
WITHOUT_ZIP=false
|
||||
|
||||
ALL_TARGETS="bin-Fedora-28-amd64 bin-Ubuntu docker sign"
|
||||
# ALL_TARGETS="bin-Fedora-28-amd64 bin-Ubuntu tarball deb docker sign"
|
||||
ALL_TARGETS="bin-Fedora bin-Ubuntu docker sign"
|
||||
# ALL_TARGETS="bin-Fedora bin-Ubuntu tarball deb docker sign"
|
||||
|
||||
for arg; do
|
||||
case "$arg" in
|
||||
|
|
@ -46,7 +49,7 @@ for arg; do
|
|||
echo "Usage: [--force-version=<ver>] [--force-unclean] [--force-mtime=YYYY-MM-DD] [--verify] [TARGETS]"
|
||||
echo Known targets: "$ALL_TARGETS"
|
||||
echo "Example: tools/build-release.sh"
|
||||
echo "Example: tools/build-release.sh --force-version=v23.05 --force-unclean --force-mtime=2023-05-01 bin-Fedora-28-amd64 bin-Ubuntu sign"
|
||||
echo "Example: tools/build-release.sh --force-version=v23.05 --force-unclean --force-mtime=2023-05-01 bin-Fedora bin-Ubuntu sign"
|
||||
echo "Example: tools/build-release.sh --verify"
|
||||
echo "Example: tools/build-release.sh --force-version=v23.05 --force-unclean --force-mtime=2023-05-01 --verify"
|
||||
echo "Example: tools/build-release.sh docker"
|
||||
|
|
@ -151,13 +154,15 @@ for target in $TARGETS; do
|
|||
platform=${target#bin-}
|
||||
[ "$platform" != "$target" ] || continue
|
||||
case $platform in
|
||||
Fedora-28-amd64)
|
||||
Fedora*)
|
||||
echo "Building Fedora Image"
|
||||
DOCKERFILE=contrib/docker/Dockerfile.builder.fedora
|
||||
ARCH=amd64
|
||||
TAG=fedora
|
||||
DOCKERFILE=contrib/docker/Dockerfile.builder.fedora
|
||||
FEDORA_VERSION=$(grep -oP '^FROM fedora:\K[0-9]+' "$DOCKERFILE")
|
||||
docker build -f $DOCKERFILE -t $TAG --load .
|
||||
docker run --rm=true -v "$(pwd)":/src:ro -v "$RELEASEDIR":/release $TAG /src/tools/build-release.sh --inside-docker "$VERSION" "$platform"
|
||||
docker run --rm=true -w /build $TAG rm -rf /"$VERSION-$platform" /build
|
||||
docker run --rm=true -v "$(pwd)":/src:ro -v "$RELEASEDIR":/release $TAG /src/tools/build-release.sh --inside-docker "$VERSION" "$platform" "$FEDORA_VERSION" "$ARCH"
|
||||
docker run --rm=true -w /build $TAG rm -rf /"$VERSION-$platform-$FEDORA_VERSION-$ARCH" /build
|
||||
echo "Fedora Image Built"
|
||||
;;
|
||||
Ubuntu*)
|
||||
|
|
@ -226,8 +231,8 @@ if [ "$VERIFY_RELEASE" = "true" ]; then
|
|||
# it gives a direct hint which specific checksums don't match if so.
|
||||
sha256sum --check --ignore-missing "${sumfile}"
|
||||
# Creating SHA256SUMS, except Fedora (copy that from theirs)
|
||||
grep 'Fedora-28-amd64' "$sumfile" > SHA256SUMS
|
||||
sha256sum clightning-"$VERSION"* | grep -v 'bin-Fedora-28-amd64' >> SHA256SUMS
|
||||
grep 'Fedora-' "$sumfile" > SHA256SUMS
|
||||
sha256sum clightning-"$VERSION"* | grep -v 'Fedora' >> SHA256SUMS
|
||||
# compare our and release captain's SHA256SUMS contents
|
||||
if cmp -s SHA256SUMS "$sumfile"; then
|
||||
echo "SHA256SUMS are Identical"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue