Skip to content
build-git-installers

[WIP]testing #211

Sign in to view logs

[WIP]testing

[WIP]testing #211

Workflow file for this run

.github/workflows/build-git-installers.yml at 1dbcb62
name: build-git-installers
on:
push:
tags:
- 'v[0-9]*vfs*' # matches "v<number><any characters>vfs<any characters>"
permissions:
id-token: write # required for Azure login via OIDC
jobs:
windows_pkg:
environment: release
strategy:
fail-fast: false
matrix:
arch:
- name: aarch64
artifact: pkg-aarch64
toolchain: clang-aarch64
mingwprefix: /clangarm64
runner: ['self-hosted', '1ES.Pool=github-arm64-pool']
runs-on: ${{ matrix.arch.runner }}
env:
GPG_OPTIONS: "--batch --yes --no-tty --list-options no-show-photos --verify-options no-show-photos --pinentry-mode loopback"
HOME: "${{github.workspace}}\\home"
USERPROFILE: "${{github.workspace}}\\home"
__TAG_NAME: v2.47.1.vfs.0.0
steps:
- name: Configure user
shell: bash
run:
USER_NAME="${{github.actor}}" &&
USER_EMAIL="${{github.actor}}@users.noreply.github.com" &&
mkdir -p "$HOME" &&
git config --global user.name "$USER_NAME" &&
git config --global user.email "$USER_EMAIL" &&
echo "PACKAGER=$USER_NAME <$USER_EMAIL>" >>$GITHUB_ENV
- uses: git-for-windows/setup-git-for-windows-sdk@v1
with:
flavor: build-installers
architecture: ${{ matrix.arch.name }}
- name: Clone build-extra
shell: bash
run: |
git clone --filter=blob:none --single-branch -b main https://github.com/git-for-windows/build-extra /usr/src/build-extra
- name: Clone git
shell: bash
run: |
# Since we cannot directly clone a specified tag (as we would a branch with `git clone -b <branch name>`),
# this clone has to be done manually (via init->fetch->reset).
tag_name=$__TAG_NAME &&
git -c init.defaultBranch=main init &&
git remote add -f origin https://github.com/git-for-windows/git &&
git fetch "https://github.com/${{github.repository}}" refs/tags/${tag_name}:refs/tags/${tag_name} &&
git reset --hard ${tag_name}
- name: Prepare home directory for code-signing
env:
CODESIGN_P12: ${{secrets.CODESIGN_P12}}
CODESIGN_PASS: ${{secrets.CODESIGN_PASS}}
if: env.CODESIGN_P12 != '' && env.CODESIGN_PASS != ''
shell: bash
run: |
cd home &&
mkdir -p .sig &&
echo -n "$CODESIGN_P12" | tr % '\n' | base64 -d >.sig/codesign.p12 &&
echo -n "$CODESIGN_PASS" >.sig/codesign.pass
git config --global alias.signtool '!sh "/usr/src/build-extra/signtool.sh"'
- name: Prepare home directory for GPG signing
if: env.GPGKEY != ''
shell: bash
run: |
# This section ensures that the identity for the GPG key matches the git user identity, otherwise
# signing will fail
echo '${{secrets.PRIVGPGKEY}}' | tr % '\n' | gpg $GPG_OPTIONS --import &&
info="$(gpg --list-keys --with-colons "${GPGKEY%% *}" | cut -d : -f 1,10 | sed -n '/^uid/{s|uid:||p;q}')" &&
git config --global user.name "${info% <*}" &&
git config --global user.email "<${info#*<}"
env:
GPGKEY: ${{secrets.GPGKEY}}
- name: Build mingw-w64-${{matrix.arch.toolchain}}-git
env:
GPGKEY: "${{secrets.GPGKEY}}"
shell: bash
run: |
set -x
# Make sure that there is a `/usr/bin/git` that can be used by `makepkg-mingw`
printf '#!/bin/sh\n\nexec ${{matrix.arch.mingwprefix}}/bin/git.exe "$@"\n' >/usr/bin/git &&
sh -x /usr/src/build-extra/please.sh build-mingw-w64-git --only-${{matrix.arch.name}} --build-src-pkg -o artifacts HEAD &&
if test -n "$GPGKEY"
then
for tar in artifacts/*.tar*
do
/usr/src/build-extra/gnupg-with-gpgkey.sh --detach-sign --no-armor $tar
done
fi &&
b=$PWD/artifacts &&
version=$__TAG_NAME &&
(cd /usr/src/MINGW-packages/mingw-w64-git &&
cp PKGBUILD.$version PKGBUILD &&
git commit -s -m "mingw-w64-git: new version ($version)" PKGBUILD &&
git bundle create "$b"/MINGW-packages.bundle origin/main..main)
- name: Publish mingw-w64-${{matrix.arch.toolchain}}-git
uses: actions/upload-artifact@v4
with:
name: "${{ matrix.arch.artifact }}"
path: artifacts