Build baremetal ubuntu updated

Build baremetal ubuntu updated Fixed to use script instead of custom build steps Minor naming convention changes Signed-off-by: Milosz Linkiewicz <[email protected]>
OpenVisualCloud · Nov 27, 2024 · 1b805ef · 1b805ef
1 parent 15e9d0e
commit 1b805ef
Show file tree

Hide file tree

Showing 21 changed files with 279 additions and 280 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,4 +1,4 @@
-name: Scan CodeQL
+name: scan-codeql-workflow
 
 on:
   push:
@@ -59,6 +59,12 @@ jobs:
       if: steps.load-local-dependencies-cache.outputs.cache-hit != 'true'
       run: eval 'source scripts/setup_build_env.sh && get_download_unpack_dependencies'
 
+    - name: 'Clone and patch ffmpeg 6.1 and 7.0'
+      if: steps.load-local-dependencies-cache.outputs.cache-hit != 'true'
+      run: |
+        ffmpeg-plugin/clone-and-patch-ffmpeg.sh "6.1"
+        ffmpeg-plugin/clone-and-patch-ffmpeg.sh "7.0"
+
     - name: 'Build and Install xdp and libbpf'
       run: eval 'source scripts/setup_build_env.sh && lib_install_xdp_bpf_tools'
 

diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
@@ -1,4 +1,4 @@
-name: Scan Coverity Ubuntu Scan
+name: scan-coverity-baremetal
 
 on:
   schedule:
@@ -12,13 +12,9 @@ on:
 
 env:
   BUILD_TYPE: Release
+  BUILD_DIR: "${{ github.workspace }}/_build"
+  PREFIX_DIR: "${{ github.workspace }}/_install"
   MTL_BUILD_DISABLE_PCAPNG: true
-  LIBFABRIC_DIR: /tmp/libfabric
-  XDP_VERSION: 5c88569dd15e55db678b897b8ea2a73aeaf956f4
-  XDP_DIR: /tmp/xdp
-  GRPC_VERSION: v1.58.0
-  GRPC_DIR: /tmp/grpc
-  PREFIX_DIR: /usr/local
   DEBIAN_FRONTEND: noninteractive
 
 permissions:
@@ -42,58 +38,43 @@ jobs:
     - name: 'Install OS level dependencies'
       run: eval 'source scripts/setup_build_env.sh && install_package_dependencies'
 
-    - name: 'Build and Install xdp and libbpf'
+    - name: 'Check local dependencies build cache'
+      id: load-local-dependencies-cache
+      uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
+      with:
+        path: ${{ env.BUILD_DIR }}
+        key: ${{ runner.os }}-${{ hashFiles('versions.env') }}-${{ hashFiles('scripts/setup*.sh') }}
+
+    - name: 'Download, unpack and patch build dependencies'
+      if: steps.load-local-dependencies-cache.outputs.cache-hit != 'true'
+      run: eval 'source scripts/setup_build_env.sh && get_download_unpack_dependencies'
+
+    - name: 'Clone and patch ffmpeg 6.1 and 7.0'
+      if: steps.load-local-dependencies-cache.outputs.cache-hit != 'true'
       run: |
-        git clone --recurse-submodules https://github.com/xdp-project/xdp-tools.git "${XDP_DIR}" && \
-        pushd "${XDP_DIR}" && \
-        ./configure && \
-        make -j$(nproc) && \
-        sudo make install && \
-        make -j$(nproc) -C "${XDP_DIR}/lib/libbpf/src" && \
-        sudo make -C "${XDP_DIR}/lib/libbpf/src" install && popd
+        ffmpeg-plugin/clone-and-patch-ffmpeg.sh "6.1"
+        ffmpeg-plugin/clone-and-patch-ffmpeg.sh "7.0"
+
+    - name: 'Build and Install xdp and libbpf'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_xdp_bpf_tools'
 
     - name: 'Build and Install libfabric'
-      run: |
-        git clone --depth 1 --branch v1.22.0 https://github.com/ofiwg/libfabric "${LIBFABRIC_DIR}" && \
-        pushd "${LIBFABRIC_DIR}" && \
-        ./autogen.sh && ./configure && \
-        make -j$(nproc) && \
-        sudo make install && popd
+      run: eval 'source scripts/setup_build_env.sh && lib_install_fabrics'
 
-    - name: 'Install MTL'
-      run: |
-        git clone --depth 1 https://github.com/OpenVisualCloud/Media-Transport-Library.git imtl
-        pushd imtl && ./build.sh && popd
+    - name: 'Build and Install the DPDK'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_dpdk'
 
-    - name: 'Restore cached for gRPC build'
-      id: grpc-cache-restore
-      uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
-      with:
-        path: ${{ env.GRPC_DIR }}
-        key: Linux-grpc${{ env.GRPC_VERSION }}
+    - name: 'Build and Install the MTL'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_mtl'
 
-    - name: 'Build gRPC'
-      if: steps.grpc-cache-restore.outputs.cache-hit != 'true'
-      run: |
-          git clone --branch ${GRPC_VERSION} --recurse-submodules --depth 1 --shallow-submodules https://github.com/grpc/grpc "${GRPC_DIR}" && \
-          cmake -DgRPC_INSTALL=ON -DgRPC_BUILD_TESTS=OFF -DCMAKE_INSTALL_PREFIX=${PREFIX_DIR} \
-            -B "${GRPC_DIR}/cmake/build" -S "${GRPC_DIR}" && \
-          cmake --build "${GRPC_DIR}/cmake/build" -j `nproc`
-
-    - name: 'Save cache for gRPC build'
-      id: grpc-cache-save
-      if: steps.grpc-cache-restore.outputs.cache-hit != 'true'
-      uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
-      with:
-        path: ${{ env.GRPC_DIR }}
-        key: ${{ steps.grpc-cache-restore.outputs.cache-primary-key }}
+    - name: 'Build and Install JPEG XS'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_jpeg_xs'
 
-    - name: 'Install gRPC'
-      run: sudo cmake --install "${GRPC_DIR}/cmake/build"
+    - name: 'Build and Install JPEG XS ffmpeg plugin'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_mtl_jpeg_xs_plugin'
 
-    - name: 'Patch and configure MCM FFmpeg plugin'
-      working-directory: ${{ github.workspace }}/ffmpeg-plugin
-      run: ./clone-and-patch-ffmpeg.sh
+    - name: 'Build gRPC and dependencies'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_grpc'
 
     - name: 'Run coverity'
       uses: vapier/coverity-scan-action@2068473c7bdf8c2fb984a6a40ae76ee7facd7a85 # v1.8.0
@@ -107,6 +88,7 @@ jobs:
             ${{ github.workspace }}/build.sh && \
             ${{ github.workspace }}/ffmpeg-plugin/configure-ffmpeg.sh && \
             ${{ github.workspace }}/ffmpeg-plugin/build-ffmpeg.sh
+
     - uses: actions/upload-artifact@v4
       with:
         name: coverity-reports

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -0,0 +1,21 @@
+# Source repository: https://github.com/actions/dependency-review-action
+name: scan-dependency-review
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Harden Runner'
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        with:
+          egress-policy: audit
+
+      - name: 'Checkout Repository'
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3
diff --git a/.github/workflows/docker-cached-build.yml b/.github/workflows/docker-cached-build.yml
@@ -1,4 +1,4 @@
-name: Build Docker Images
+name: build-docker-images
 
 on:
   pull_request:

diff --git a/.github/workflows/github_pages_update.yml b/.github/workflows/github_pages_update.yml
@@ -1,5 +1,4 @@
-
-name: Documentation Build and Publish
+name: documentation-build-and-publish
 on:
   workflow_call:
   workflow_dispatch:

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -1,17 +1,16 @@
 name: scan-scorecard-security
 on:
-  pull_request:
-    branches: [ "main" ]
+  # For Branch-Protection check. Only the default branch is supported. See
+  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
   branch_protection_rule:
-
+  # To guarantee Maintained check is occasionally updated. See
+  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
+  schedule:
+    - cron: '0 18 * * *'
   workflow_dispatch:
   push:
     branches: [ "main" ]
 
-env:
-  BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
-  INSIDE_REPO_PUSH: ${{ github.event_name == 'push' && github.repository == 'openvisualcloud/media-communications-mesh' }}
-
 permissions:
   contents: read
 
@@ -20,13 +19,10 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  scorecard-analysis:
-    name: "scorecard-analysis"
-    runs-on: ubuntu-22.04
-    if: |
-      github.event_name == 'push' &&
-      github.repository == 'openvisualcloud/media-communications-mesh' &&
-      '${{ github.head_ref || github.ref_name }}' == 'main'
+  analysis:
+    name: Scorecard analysis
+    runs-on: ubuntu-latest
+    if: ${{ github.repository == 'OpenVisualCloud/Media-Communications-Mesh' }}
     permissions:
       security-events: write
       id-token: write
@@ -51,6 +47,7 @@ jobs:
           repo_token: ${{ secrets.GITHUB_TOKEN }}
           publish_results: true
 
+      # Upload the results as artifacts (optional).
       - name: "scorecard: Upload results artifact"
         uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
@@ -62,19 +59,3 @@ jobs:
         uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
         with:
           sarif_file: "scorecard-scan-results-${{ github.event.pull_request.number || github.ref }}.sarif"
-
-  dependency-review:
-    name: "dependency-review"
-    runs-on: ubuntu-22.04
-    if: ${{ github.repository == 'openvisualcloud/media-communications-mesh' }}
-    steps:
-      - name: "dependency-review: Harden Runner security"
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
-        with:
-          egress-policy: audit
-
-      - name: 'dependency-review: Checkout Repository'
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-
-      - name: 'dependency-review: Review dependencies'
-        uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -1,4 +1,4 @@
-name: scaner-trivy-workflow
+name: scan-trivy-workflow
 on:
   push:
     branches: [ "main", "master", "dev", "devel", "develop", "maint-*" ]
@@ -39,7 +39,7 @@ jobs:
         uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0
         with:
           scan-type: config
-          skip-dirs: deployment #helm charts not supported 
+          skip-dirs: deployment #helm charts not supported
           exit-code: '0'
           format: 'sarif'
           output: "trivy-config-scan-results-${{ github.event.pull_request.number || github.ref }}.sarif"
@@ -49,7 +49,7 @@ jobs:
         uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0
         with:
           scan-type: config
-          skip-dirs: deployment #helm charts not supported 
+          skip-dirs: deployment #helm charts not supported
           exit-code: '0'
           format: 'table'
           output: "trivy-config-scan-results-${{ github.event.pull_request.number || github.ref }}.txt"

diff --git a/.github/workflows/ubuntu-build.yml b/.github/workflows/ubuntu-build.yml
@@ -1,4 +1,4 @@
-name: Build Baremetal Ubuntu
+name: build-baremetal-ubuntu
 
 on:
   push:
@@ -9,14 +9,10 @@ on:
 
 env:
   BUILD_TYPE: Release
-  MTL_BUILD_DISABLE_PCAPNG: true
-  LIBFABRIC_DIR: /tmp/libfabric
-  XDP_VERSION: 5c88569dd15e55db678b897b8ea2a73aeaf956f4
-  XDP_DIR: /tmp/xdp
-  GRPC_VERSION: v1.58.0
-  GRPC_DIR: /tmp/grpc
-  PREFIX_DIR: /usr/local
+  BUILD_DIR: "${{ github.workspace }}/_build"
   DEBIAN_FRONTEND: noninteractive
+  MTL_BUILD_DISABLE_PCAPNG: true
+  PREFIX_DIR: "${{ github.workspace }}/_install"
 
 permissions:
   contents: read
@@ -45,68 +41,49 @@ jobs:
     - name: 'Install OS level dependencies'
       run: eval 'source scripts/setup_build_env.sh && install_package_dependencies'
 
-    - name: 'Build and Install xdp and libbpf'
+    - name: 'Check local dependencies build cache'
+      id: load-local-dependencies-cache
+      uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
+      with:
+        path: ${{ env.BUILD_DIR }}
+        key: ${{ runner.os }}-${{ hashFiles('versions.env') }}-${{ hashFiles('scripts/setup*.sh') }}
+
+    - name: 'Download, unpack and patch build dependencies'
+      if: steps.load-local-dependencies-cache.outputs.cache-hit != 'true'
+      run: eval 'source scripts/setup_build_env.sh && get_download_unpack_dependencies'
+
+    - name: 'Clone and patch ffmpeg 6.1 and 7.0'
+      if: steps.load-local-dependencies-cache.outputs.cache-hit != 'true'
       run: |
-        git clone --recurse-submodules https://github.com/xdp-project/xdp-tools.git "${XDP_DIR}" && \
-        pushd "${XDP_DIR}" && \
-        ./configure && \
-        make -j$(nproc) && \
-        sudo make install && \
-        make -j$(nproc) -C "${XDP_DIR}/lib/libbpf/src" && \
-        sudo make -C "${XDP_DIR}/lib/libbpf/src" install && popd
+        ffmpeg-plugin/clone-and-patch-ffmpeg.sh "6.1"
+        ffmpeg-plugin/clone-and-patch-ffmpeg.sh "7.0"
+
+    - name: 'Build and Install xdp and libbpf'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_xdp_bpf_tools'
 
     - name: 'Build and Install libfabric'
-      run: |
-        git clone --depth 1 --branch v1.22.0 https://github.com/ofiwg/libfabric "${LIBFABRIC_DIR}" && \
-        pushd "${LIBFABRIC_DIR}" && \
-        ./autogen.sh && ./configure && \
-        make -j$(nproc) && \
-        sudo make install && popd
+      run: eval 'source scripts/setup_build_env.sh && lib_install_fabrics'
 
-    - name: 'Install MTL'
-      run: |
-        git clone --depth 1 https://github.com/OpenVisualCloud/Media-Transport-Library.git imtl
-        pushd imtl && ./build.sh && popd
+    - name: 'Build and Install the DPDK'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_dpdk'
 
-    - name: 'Restore cached for gRPC build'
-      id: grpc-cache-restore
-      uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
-      with:
-        path: ${{ env.GRPC_DIR }}
-        key: Linux-grpc${{ env.GRPC_VERSION }}
+    - name: 'Build and Install the MTL'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_mtl'
 
-    - name: 'Build gRPC'
-      if: steps.grpc-cache-restore.outputs.cache-hit != 'true'
-      run: |
-          git clone --branch ${GRPC_VERSION} --recurse-submodules --depth 1 --shallow-submodules https://github.com/grpc/grpc "${GRPC_DIR}" && \
-          cmake -DgRPC_INSTALL=ON \
-                -DgRPC_BUILD_TESTS=OFF \
-                -DCMAKE_INSTALL_PREFIX=${PREFIX_DIR} \
-                -B "${GRPC_DIR}/cmake/build"
-                -S "${GRPC_DIR}" && \
-          cmake --build "${GRPC_DIR}/cmake/build" -j `nproc`
-
-    - name: 'Save cache for gRPC build'
-      if: steps.grpc-cache-restore.outputs.cache-hit != 'true'
-      id: grpc-cache-save
-      uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
-      with:
-        path: ${{ env.GRPC_DIR }}
-        key: ${{ steps.grpc-cache-restore.outputs.cache-primary-key }}
+    - name: 'Build and Install JPEG XS'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_jpeg_xs'
 
-    - name: 'Install gRPC'
-      run: |
-          sudo cmake --install "${GRPC_DIR}/cmake/build" && \
-          rm -rf "${GRPC_DIR}"
+    - name: 'Build and Install JPEG XS ffmpeg plugin'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_mtl_jpeg_xs_plugin'
+
+    - name: 'Build gRPC and dependencies'
+      run: eval 'source scripts/setup_build_env.sh && lib_install_grpc'
 
     - name: 'Build MCM SDK and Media Proxy'
       run: ./build.sh
 
     - name: 'Build MCM FFmpeg plugin'
       working-directory: ${{ github.workspace }}/ffmpeg-plugin
       run: |
-          git config --global user.email "[email protected]"
-          git config --global user.name "Your Name"
-          ./clone-and-patch-ffmpeg.sh && \
-          ./configure-ffmpeg.sh && \
-          ./build-ffmpeg.sh
+        ./configure-ffmpeg.sh && \
+        ./build-ffmpeg.sh