-
Notifications
You must be signed in to change notification settings - Fork 6
229 lines (206 loc) · 6.71 KB
/
angr-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
name: angr Release
on:
pull_request:
paths:
- .github/workflows/angr-release.yml
- release-scripts/*
schedule:
- cron: "0 17 * * 2"
workflow_dispatch:
inputs:
dry_run:
description: "Dry run"
default: true
type: boolean
required: false
defaults:
run:
shell: bash
jobs:
create:
name: Create release
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Configure git
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
- name: Add release key
run: |
mkdir -p ~/.ssh
echo "${RELEASE_KEY}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan github.com >> ~/.ssh/known_hosts
env:
RELEASE_KEY: ${{ secrets.RELEASE_KEY }}
- name: Checkout repos
run: release-scripts/checkout_repos.sh
- name: Create release commits
run: release-scripts/create_release_commits.sh
- name: Create sdists
run: release-scripts/create_sdist.sh
- name: Publish repo artifacts
uses: actions/upload-artifact@v4
with:
name: repos
path: repos
if-no-files-found: error
- name: Publish sdist artifacts
uses: actions/upload-artifact@v4
with:
name: sdist
path: sdist
if-no-files-found: error
- name: Check artifacts are valid for PyPI
run: |
pip install twine
twine check sdist/*
build:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-22.04, windows-2022, macos-12, macos-14]
needs: create
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
if: startsWith(matrix.os, 'ubuntu')
uses: docker/setup-qemu-action@v3
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Download sdists
uses: actions/download-artifact@v4
with:
name: sdist
path: sdist
- name: Build wheels
if: startsWith(matrix.os, 'windows') != true
run: release-scripts/build_wheels.sh sdist
- name: Build wheels
if: startsWith(matrix.os, 'windows')
run: |
call "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
bash release-scripts/build_wheels.sh sdist
shell: cmd
- name: Upload wheel artifact
uses: actions/upload-artifact@v4
with:
name: wheels-${{ matrix.os }}
path: wheels
if-no-files-found: error
- name: Check artifacts are valid for PyPI
run: |
pip install twine
twine check sdist/*
verify:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-22.04, windows-2022, macos-12, macos-14]
needs: build
steps:
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Download wheels artifact
uses: actions/download-artifact@v4
with:
name: wheels-${{ matrix.os }}
path: wheels
- name: Download ubuntu wheels artifact
if: startsWith(matrix.os, 'windows') || startsWith(matrix.os, 'macos')
uses: actions/download-artifact@v4
with:
name: wheels-ubuntu-22.04
path: wheels-ubuntu
- name: Find
run: find .
- name: Test wheel install
run: |
python -m venv angr_venv
source angr_venv/bin/activate &> /dev/null || source angr_venv/Scripts/activate
export PIP_FIND_LINKS="wheels wheels-ubuntu"
if [[ $(uname) == "Darwin" || $(uname) == "Linux" ]]; then
pip install --no-binary capstone wheels/angr*$(arch | sed s/i386/x86_64/g).whl
else
pip install wheels/angr*.whl
fi
- name: Test angr import
run: |
source angr_venv/bin/activate &> /dev/null || source angr_venv/Scripts/activate
python -c "import angr; print('angr imports!')"
publish:
runs-on: ubuntu-22.04
needs: verify
permissions:
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Configure git
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
- name: Add release key
run: |
mkdir -p ~/.ssh
echo "${RELEASE_KEY}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan github.com >> ~/.ssh/known_hosts
env:
RELEASE_KEY: ${{ secrets.RELEASE_KEY }}
# Git release commits
- name: Download repos artifact
uses: actions/download-artifact@v4
with:
name: repos
path: repos
- name: Publish release commits
run: release-scripts/publish_release_commits.sh
env:
DRY_RUN: ${{ github.event_name != 'schedule' && github.event.inputs.dry_run == false }}
- name: Bump versions on master
run: release-scripts/bump_versions.sh
env:
DRY_RUN: ${{ github.event_name != 'schedule' && github.event.inputs.dry_run == false }}
# PyPI artifacts
- name: Create artifacts and dist directories
run: mkdir artifacts dist
- name: Download sdist artifact
uses: actions/download-artifact@v4
with:
name: sdist
path: artifacts/sdist
- name: Download Ubuntu wheels artifact
uses: actions/download-artifact@v4
with:
name: wheels-ubuntu-22.04
path: artifacts/wheels-ubuntu-22.04
- name: Download Windows wheels artifact
uses: actions/download-artifact@v4
with:
name: wheels-windows-2022
path: artifacts/wheels-windows-2022
- name: Download macOS x86_64 wheels artifact
uses: actions/download-artifact@v4
with:
name: wheels-macos-12
path: artifacts/wheels-macos-12
- name: Download macOS arm64 wheels artifact
uses: actions/download-artifact@v4
with:
name: wheels-macos-14
path: artifacts/wheels-macos-14
- name: Collect all packages to upload
run: find artifacts \( -name "*.tar.gz" -o -name "*.whl" \) -exec mv {} dist/ \;
- name: Publish distribution to PyPI
if: github.event_name == 'schedule' || github.event.inputs.dry_run == 'false'
uses: pypa/gh-action-pypi-publish@release/v1
with:
verbose: true