From 5ca832d756125314250f13f4d89d13f48c9648ef Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 16 Nov 2022 08:06:47 +0900 Subject: [PATCH 1/2] Makefile: add install.doc Signed-off-by: Akihiro Suda --- Makefile | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 4d8e0aa..6c6cd23 100644 --- a/Makefile +++ b/Makefile @@ -40,6 +40,10 @@ install.bin: socket_vmnet socket_vmnet_client install socket_vmnet "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet" install socket_vmnet_client "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet_client" +install.doc: README.md LICENSE launchd etc_sudoers.d + mkdir -p "$(DESTDIR)/$(PREFIX)/share/doc/socket_vmnet" + cp -a $? "$(DESTDIR)/$(PREFIX)/share/doc/socket_vmnet" + install.launchd.plist: launchd/*.plist sed -e "s@/opt/socket_vmnet@$(PREFIX)@g" launchd/io.github.lima-vm.socket_vmnet.plist > "$(DESTDIR)/Library/LaunchDaemons/io.github.lima-vm.socket_vmnet.plist" @@ -53,13 +57,17 @@ ifneq ($(BRIDGED),) launchctl load -w "$(DESTDIR)/Library/LaunchDaemons/io.github.lima-vm.socket_vmnet.bridged.$(BRIDGED).plist" endif -install: install.bin install.launchd +install: install.bin install.doc install.launchd .PHONY: uninstall.bin uninstall.bin: rm -f "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet" rm -f "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet_client" +.PHONY: uninstall.doc +uninstall.doc: + rm -rf "$(DESTDIR)/$(PREFIX)/share/doc/socket_vmnet" + .PHONY: uninstall.launchd uninstall.launchd: launchctl unload -w "$(DESTDIR)/Library/LaunchDaemons/io.github.lima-vm.socket_vmnet.plist" @@ -77,7 +85,7 @@ endif uninstall.run: rm -f /var/run/socket_vmnet* -uninstall: uninstall.launchd.plist uninstall.bin uninstall.run +uninstall: uninstall.launchd.plist uninstall.doc uninstall.bin uninstall.run .PHONY: clean clean: From 37549cba581c5159f142f290461485de219a0064 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 16 Nov 2022 08:31:03 +0900 Subject: [PATCH 2/2] Release artifacts Signed-off-by: Akihiro Suda --- .github/workflows/release.yml | 63 +++++++++++++++++++++++++++++++++++ .gitignore | 1 + Makefile | 50 +++++++++++++++++++++++++-- 3 files changed, 112 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..9102d55 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,63 @@ +# Forked from https://github.com/reproducible-containers/repro-get/blob/v0.2.1/.github/workflows/release.yml +# Forked from https://github.com/containerd/nerdctl/blob/v0.8.1/.github/workflows/release.yml +# Apache License 2.0 + +name: Release +on: + push: + branches: + - 'master' + tags: + - 'v*' + pull_request: + branches: + - 'master' +jobs: + release: + runs-on: macos-11 + timeout-minutes: 20 + steps: + - uses: actions/checkout@v3 + with: + # https://github.com/reproducible-containers/repro-get/issues/3 + fetch-depth: 0 + ref: ${{ github.event.pull_request.head.sha }} + - name: "Install dependencies" + # coreutils: For `gtouch -d @${SOURCE_DATE_EPOCH}` + # diffoscope: For `make test.repro` + run: brew install coreutils diffoscope + - name: "Test reproducibility" + run: | + make test.repro + git clean -xfd + - name: "Make artifacts" + run: make artifacts + - name: "SHA256SUMS" + run: | + cat _artifacts/SHA256SUMS + - name: "The sha256sum of the SHA256SUMS file" + run: | + (cd _artifacts; shasum -a 256 SHA256SUMS) + - name: "Prepare the release note" + run: | + tag="${GITHUB_REF##*/}" + shasha=$(shasum -a 256 _artifacts/SHA256SUMS | awk '{print $1}') + cat <<-EOF | tee /tmp/release-note.txt + ${tag} + + (Changes to be documented) + - - - + The binaries were built automatically on GitHub Actions. + The build log is available for 90 days: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} + + The sha256sum of the SHA256SUMS file itself is \`${shasha}\` . + EOF + - name: "Create release" + if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tag="${GITHUB_REF##*/}" + asset_flags=() + for f in _artifacts/*; do asset_flags+=("-a" "$f"); done + hub release create "${asset_flags[@]}" -F /tmp/release-note.txt --draft "${tag}" diff --git a/.gitignore b/.gitignore index eb467fa..c3e76d2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /socket_vmnet /socket_vmnet_client *.o +_artifacts* diff --git a/Makefile b/Makefile index 6c6cd23..408af9a 100644 --- a/Makefile +++ b/Makefile @@ -1,9 +1,19 @@ # PREFIX should be only writable by the root to avoid privilege escalation with launchd or sudo PREFIX ?= /opt/socket_vmnet +export SOURCE_DATE_EPOCH ?= $(shell git log -1 --pretty=%ct) +# https://reproducible-builds.org/docs/archives/ +TAR ?= gtar --sort=name --mtime="@$(SOURCE_DATE_EPOCH)" --owner=0 --group=0 --numeric-owner --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime +TOUCH ?= gtouch -d @$(SOURCE_DATE_EPOCH) +# Not necessary to use GNU's gzip +GZIP ?= gzip -9 -n +DIFFOSCOPE ?= diffoscope +STRIP ?= strip + CFLAGS ?= -O3 VERSION ?= $(shell git describe --match 'v[0-9]*' --dirty='.m' --always --tags) +VERSION_TRIMMED := $(VERSION:v%=%) CFLAGS += -DVERSION=\"$(VERSION)\" @@ -37,8 +47,10 @@ socket_vmnet_client: $(patsubst %.c, %.o, $(wildcard client/*.c)) install.bin: socket_vmnet socket_vmnet_client mkdir -p "$(DESTDIR)/$(PREFIX)/bin" - install socket_vmnet "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet" - install socket_vmnet_client "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet_client" + cp -a socket_vmnet "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet" + cp -a socket_vmnet_client "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet_client" + $(STRIP) "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet" + $(STRIP) "$(DESTDIR)/$(PREFIX)/bin/socket_vmnet_client" install.doc: README.md LICENSE launchd etc_sudoers.d mkdir -p "$(DESTDIR)/$(PREFIX)/share/doc/socket_vmnet" @@ -90,3 +102,37 @@ uninstall: uninstall.launchd.plist uninstall.doc uninstall.bin uninstall.run .PHONY: clean clean: rm -f socket_vmnet socket_vmnet_client *.o client/*.o + +define make_artifacts + $(MAKE) clean + rm -rf _artifacts/$(1) + $(MAKE) ARCH=$(1) DESTDIR=_artifacts/$(1) install.bin install.doc + file -bp _artifacts/$(1)/$(PREFIX)/bin/socket_vmnet | grep -q "Mach-O 64-bit executable $(1)" + $(TAR) -C _artifacts/$(1) -cf _artifacts/socket_vmnet-$(VERSION_TRIMMED)-$(1).tar ./ + $(GZIP) _artifacts/socket_vmnet-$(VERSION_TRIMMED)-$(1).tar + rm -rf _artifacts/$(1) + $(MAKE) clean +endef + +.PHONY: artifacts +artifacts: + rm -rf _artifacts + $(call make_artifacts,x86_64) + $(call make_artifacts,arm64) + sw_vers | tee _artifacts/build-env.txt + echo --- >> _artifacts/build-env.txt + pkgutil --pkg-info=com.apple.pkg.CLTools_Executables | tee -a _artifacts/build-env.txt + echo --- >> _artifacts/build-env.txt + $(CC) --version | tee -a _artifacts/build-env.txt + (cd _artifacts ; shasum -a 256 *) > SHA256SUMS + mv SHA256SUMS _artifacts/SHA256SUMS + $(TOUCH) _artifacts/* _artifacts + +.PHONY: test.repro +test.repro: + rm -rf _artifacts.0 _artifacts.1 + $(MAKE) artifacts + mv _artifacts _artifacts.0 + $(MAKE) artifacts + mv _artifacts _artifacts.1 + $(DIFFOSCOPE) _artifacts.0/ _artifacts.1/