Update .gitignore #33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # NextSSL CI — Build, Test & Release | |
| # | |
| # Guard rule: nothing runs unless the commit message contains '--gen' | |
| # or the workflow is triggered manually (workflow_dispatch). | |
| # | |
| # Valid runner.py targets (only :main tier exists): | |
| # hash:main core:main pqc:main pow:main system:main lite:main | |
| # | |
| # Commit message flags: | |
| # --gen [platform] Build all or one platform (web/linux/windows/mac) | |
| # --genRelease [tag] Same as --gen all + GitHub Release | |
| # --genAll LOAD_MODE=genAll → --fullTest | |
| # --genQuick LOAD_MODE=genQuick → --quickTest | |
| # --skipTest Skip --test step | |
| # --noLog Suppress log files | |
| name: CI | |
| on: | |
| push: | |
| branches: [ main ] | |
| tags: [ '*' ] | |
| workflow_dispatch: | |
| inputs: | |
| platforms: | |
| description: "Comma-separated platforms (web,linux,windows,mac) or 'all'" | |
| required: false | |
| default: "all" | |
| load_mode: | |
| description: "Load mode: gen | genAll | genQuick" | |
| required: false | |
| default: "gen" | |
| env: | |
| SOURCE_DATE_EPOCH: 0 | |
| TZ: UTC | |
| LOAD_MODE: >- | |
| ${{ (github.event_name == 'workflow_dispatch' && github.event.inputs.load_mode != '' && github.event.inputs.load_mode) || | |
| (contains(github.event.head_commit.message, '--genAll') && 'genAll') || | |
| (contains(github.event.head_commit.message, '--genQuick') && 'genQuick') || | |
| 'gen' }} | |
| # ───────────────────────────────────────────────────────────────────────────── | |
| # guard — parse commit flags; gate all downstream jobs | |
| # ───────────────────────────────────────────────────────────────────────────── | |
| jobs: | |
| guard: | |
| runs-on: ubuntu-latest | |
| if: >- | |
| github.event_name == 'workflow_dispatch' || | |
| contains(github.event.head_commit.message, '--gen') | |
| outputs: | |
| gen: ${{ steps.resolve.outputs.gen }} | |
| gen_platforms: ${{ steps.resolve.outputs.gen_platforms }} | |
| gen_release: ${{ steps.resolve.outputs.gen_release }} | |
| skip_test: ${{ steps.resolve.outputs.skip_test }} | |
| no_log: ${{ steps.resolve.outputs.no_log }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - id: parse | |
| run: | | |
| python script/ci/commit_parser.py \ | |
| "${{ github.event.head_commit.message }}" >> $GITHUB_OUTPUT | |
| - id: resolve | |
| shell: bash | |
| run: | | |
| GEN_RELEASE="${{ steps.parse.outputs.gen_release }}" | |
| if [ "$GEN_RELEASE" = "auto" ]; then | |
| GEN_RELEASE=$(python script/ci/gen_dev_tag.py --src-dir src) | |
| fi | |
| if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then | |
| echo "gen=true" >> $GITHUB_OUTPUT | |
| echo "gen_platforms=${{ github.event.inputs.platforms || 'all' }}" >> $GITHUB_OUTPUT | |
| else | |
| echo "gen=${{ steps.parse.outputs.gen }}" >> $GITHUB_OUTPUT | |
| echo "gen_platforms=${{ steps.parse.outputs.gen_platforms }}" >> $GITHUB_OUTPUT | |
| fi | |
| echo "gen_release=$GEN_RELEASE" >> $GITHUB_OUTPUT | |
| echo "skip_test=${{ steps.parse.outputs.skip_test }}" >> $GITHUB_OUTPUT | |
| echo "no_log=${{ steps.parse.outputs.no_log }}" >> $GITHUB_OUTPUT | |
| # ───────────────────────────────────────────────────────────────────────── | |
| # WEB — main tier (ubuntu + emsdk + wasmtime) | |
| # ───────────────────────────────────────────────────────────────────────── | |
| web_hash: | |
| runs-on: ubuntu-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'web')) | |
| env: | |
| PLATFORM: web | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - uses: actions/cache@v4 | |
| with: | |
| path: emsdk | |
| key: emsdk-${{ runner.os }}-3.1.60 | |
| - uses: actions/cache@v4 | |
| with: | |
| path: ~/.wasmtime | |
| key: wasmtime-${{ runner.os }}-v1 | |
| - name: Setup Emscripten | |
| run: | | |
| if [ ! -d emsdk ]; then git clone https://github.com/emscripten-core/emsdk.git; fi | |
| cd emsdk && ./emsdk install 3.1.60 && ./emsdk activate 3.1.60 | |
| echo "$PWD" >> $GITHUB_PATH | |
| echo "$PWD/upstream/emscripten" >> $GITHUB_PATH | |
| - name: Setup wasmtime | |
| run: | | |
| if [ ! -d "$HOME/.wasmtime/bin" ]; then curl https://wasmtime.dev/install.sh -sSf | bash; fi | |
| echo "$HOME/.wasmtime/bin" >> $GITHUB_PATH | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build hash:main \ | |
| --action-log logs/action/web/main/hash.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test hash:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/web/main/hash.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: web-main-hash-${{ github.run_attempt }} | |
| path: | | |
| bin/web/main/ | |
| logs/action/web/main/hash.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| web_core: | |
| runs-on: ubuntu-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'web')) | |
| env: | |
| PLATFORM: web | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - uses: actions/cache@v4 | |
| with: | |
| path: emsdk | |
| key: emsdk-${{ runner.os }}-3.1.60 | |
| - uses: actions/cache@v4 | |
| with: | |
| path: ~/.wasmtime | |
| key: wasmtime-${{ runner.os }}-v1 | |
| - name: Setup Emscripten | |
| run: | | |
| if [ ! -d emsdk ]; then git clone https://github.com/emscripten-core/emsdk.git; fi | |
| cd emsdk && ./emsdk install 3.1.60 && ./emsdk activate 3.1.60 | |
| echo "$PWD" >> $GITHUB_PATH | |
| echo "$PWD/upstream/emscripten" >> $GITHUB_PATH | |
| - name: Setup wasmtime | |
| run: | | |
| if [ ! -d "$HOME/.wasmtime/bin" ]; then curl https://wasmtime.dev/install.sh -sSf | bash; fi | |
| echo "$HOME/.wasmtime/bin" >> $GITHUB_PATH | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build core:main \ | |
| --action-log logs/action/web/main/core.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test core:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/web/main/core.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: web-main-core-${{ github.run_attempt }} | |
| path: | | |
| bin/web/main/ | |
| logs/action/web/main/core.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| web_pqc: | |
| runs-on: ubuntu-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'web')) | |
| env: | |
| PLATFORM: web | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - uses: actions/cache@v4 | |
| with: | |
| path: emsdk | |
| key: emsdk-${{ runner.os }}-3.1.60 | |
| - uses: actions/cache@v4 | |
| with: | |
| path: ~/.wasmtime | |
| key: wasmtime-${{ runner.os }}-v1 | |
| - name: Setup Emscripten | |
| run: | | |
| if [ ! -d emsdk ]; then git clone https://github.com/emscripten-core/emsdk.git; fi | |
| cd emsdk && ./emsdk install 3.1.60 && ./emsdk activate 3.1.60 | |
| echo "$PWD" >> $GITHUB_PATH | |
| echo "$PWD/upstream/emscripten" >> $GITHUB_PATH | |
| - name: Setup wasmtime | |
| run: | | |
| if [ ! -d "$HOME/.wasmtime/bin" ]; then curl https://wasmtime.dev/install.sh -sSf | bash; fi | |
| echo "$HOME/.wasmtime/bin" >> $GITHUB_PATH | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build pqc:main \ | |
| --action-log logs/action/web/main/pqc.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test pqc:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/web/main/pqc.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: web-main-pqc-${{ github.run_attempt }} | |
| path: | | |
| bin/web/main/ | |
| logs/action/web/main/pqc.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| web_pow: | |
| runs-on: ubuntu-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'web')) | |
| env: | |
| PLATFORM: web | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - uses: actions/cache@v4 | |
| with: | |
| path: emsdk | |
| key: emsdk-${{ runner.os }}-3.1.60 | |
| - uses: actions/cache@v4 | |
| with: | |
| path: ~/.wasmtime | |
| key: wasmtime-${{ runner.os }}-v1 | |
| - name: Setup Emscripten | |
| run: | | |
| if [ ! -d emsdk ]; then git clone https://github.com/emscripten-core/emsdk.git; fi | |
| cd emsdk && ./emsdk install 3.1.60 && ./emsdk activate 3.1.60 | |
| echo "$PWD" >> $GITHUB_PATH | |
| echo "$PWD/upstream/emscripten" >> $GITHUB_PATH | |
| - name: Setup wasmtime | |
| run: | | |
| if [ ! -d "$HOME/.wasmtime/bin" ]; then curl https://wasmtime.dev/install.sh -sSf | bash; fi | |
| echo "$HOME/.wasmtime/bin" >> $GITHUB_PATH | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build pow:main \ | |
| --action-log logs/action/web/main/pow.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test pow:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/web/main/pow.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: web-main-pow-${{ github.run_attempt }} | |
| path: | | |
| bin/web/main/ | |
| logs/action/web/main/pow.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # ───────────────────────────────────────────────────────────────────────── | |
| # WEB — system tier (primary: main.wasm + main_lite.wasm) | |
| # ───────────────────────────────────────────────────────────────────────── | |
| web_system: | |
| runs-on: ubuntu-latest | |
| needs: [ guard, web_hash, web_core, web_pqc, web_pow ] | |
| if: >- | |
| needs.web_hash.result == 'success' && | |
| needs.web_core.result == 'success' && | |
| needs.web_pqc.result == 'success' && | |
| needs.web_pow.result == 'success' | |
| env: | |
| PLATFORM: web | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - uses: actions/cache@v4 | |
| with: | |
| path: emsdk | |
| key: emsdk-${{ runner.os }}-3.1.60 | |
| - uses: actions/cache@v4 | |
| with: | |
| path: ~/.wasmtime | |
| key: wasmtime-${{ runner.os }}-v1 | |
| - name: Setup Emscripten | |
| run: | | |
| if [ ! -d emsdk ]; then git clone https://github.com/emscripten-core/emsdk.git; fi | |
| cd emsdk && ./emsdk install 3.1.60 && ./emsdk activate 3.1.60 | |
| echo "$PWD" >> $GITHUB_PATH | |
| echo "$PWD/upstream/emscripten" >> $GITHUB_PATH | |
| - name: Setup wasmtime | |
| run: | | |
| if [ ! -d "$HOME/.wasmtime/bin" ]; then curl https://wasmtime.dev/install.sh -sSf | bash; fi | |
| echo "$HOME/.wasmtime/bin" >> $GITHUB_PATH | |
| - name: Build system + lite | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build system:main \ | |
| --action-log logs/action/web/primary/system.log $NOLOG | |
| python runner.py --platform $PLATFORM --build lite:main \ | |
| --action-log logs/action/web/primary/lite.log $NOLOG | |
| - name: Test system + lite | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test system:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/web/primary/system.log $NOLOG | |
| python runner.py --platform $PLATFORM --test lite:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/web/primary/lite.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: web-primary-${{ github.run_attempt }} | |
| path: | | |
| bin/web/primary/ | |
| logs/action/web/primary/ | |
| if-no-files-found: warn | |
| # ───────────────────────────────────────────────────────────────────────── | |
| # LINUX — main tier (ubuntu + build-essential) | |
| # ───────────────────────────────────────────────────────────────────────── | |
| linux_hash: | |
| runs-on: ubuntu-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'linux')) | |
| env: | |
| PLATFORM: linux | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: sudo apt-get install -y build-essential | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build hash:main \ | |
| --action-log logs/action/linux/main/hash.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test hash:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/linux/main/hash.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: linux-main-hash-${{ github.run_attempt }} | |
| path: | | |
| bin/linux/main/ | |
| logs/action/linux/main/hash.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| linux_core: | |
| runs-on: ubuntu-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'linux')) | |
| env: | |
| PLATFORM: linux | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: sudo apt-get install -y build-essential | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build core:main \ | |
| --action-log logs/action/linux/main/core.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test core:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/linux/main/core.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: linux-main-core-${{ github.run_attempt }} | |
| path: | | |
| bin/linux/main/ | |
| logs/action/linux/main/core.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| linux_pqc: | |
| runs-on: ubuntu-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'linux')) | |
| env: | |
| PLATFORM: linux | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: sudo apt-get install -y build-essential | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build pqc:main \ | |
| --action-log logs/action/linux/main/pqc.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test pqc:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/linux/main/pqc.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: linux-main-pqc-${{ github.run_attempt }} | |
| path: | | |
| bin/linux/main/ | |
| logs/action/linux/main/pqc.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| linux_pow: | |
| runs-on: ubuntu-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'linux')) | |
| env: | |
| PLATFORM: linux | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: sudo apt-get install -y build-essential | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build pow:main \ | |
| --action-log logs/action/linux/main/pow.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test pow:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/linux/main/pow.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: linux-main-pow-${{ github.run_attempt }} | |
| path: | | |
| bin/linux/main/ | |
| logs/action/linux/main/pow.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| linux_system: | |
| runs-on: ubuntu-latest | |
| needs: [ guard, linux_hash, linux_core, linux_pqc, linux_pow ] | |
| if: >- | |
| needs.linux_hash.result == 'success' && | |
| needs.linux_core.result == 'success' && | |
| needs.linux_pqc.result == 'success' && | |
| needs.linux_pow.result == 'success' | |
| env: | |
| PLATFORM: linux | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: sudo apt-get install -y build-essential | |
| - name: Build system + lite | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build system:main \ | |
| --action-log logs/action/linux/primary/system.log $NOLOG | |
| python runner.py --platform $PLATFORM --build lite:main \ | |
| --action-log logs/action/linux/primary/lite.log $NOLOG | |
| - name: Test system + lite | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test system:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/linux/primary/system.log $NOLOG | |
| python runner.py --platform $PLATFORM --test lite:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/linux/primary/lite.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: linux-primary-${{ github.run_attempt }} | |
| path: | | |
| bin/linux/primary/ | |
| logs/action/linux/primary/ | |
| if-no-files-found: warn | |
| # ───────────────────────────────────────────────────────────────────────── | |
| # WINDOWS — main tier (windows-latest + mingw) | |
| # ───────────────────────────────────────────────────────────────────────── | |
| windows_hash: | |
| runs-on: windows-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'windows')) | |
| env: | |
| PLATFORM: windows | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: choco install mingw -y | |
| - name: Build | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build hash:main \ | |
| --action-log logs/action/windows/main/hash.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test hash:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/windows/main/hash.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: windows-main-hash-${{ github.run_attempt }} | |
| path: | | |
| bin/windows/main/ | |
| logs/action/windows/main/hash.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| shell: bash | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| windows_core: | |
| runs-on: windows-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'windows')) | |
| env: | |
| PLATFORM: windows | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: choco install mingw -y | |
| - name: Build | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build core:main \ | |
| --action-log logs/action/windows/main/core.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test core:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/windows/main/core.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: windows-main-core-${{ github.run_attempt }} | |
| path: | | |
| bin/windows/main/ | |
| logs/action/windows/main/core.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| shell: bash | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| windows_pqc: | |
| runs-on: windows-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'windows')) | |
| env: | |
| PLATFORM: windows | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: choco install mingw -y | |
| - name: Build | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build pqc:main \ | |
| --action-log logs/action/windows/main/pqc.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test pqc:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/windows/main/pqc.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: windows-main-pqc-${{ github.run_attempt }} | |
| path: | | |
| bin/windows/main/ | |
| logs/action/windows/main/pqc.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| shell: bash | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| windows_pow: | |
| runs-on: windows-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'windows')) | |
| env: | |
| PLATFORM: windows | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: choco install mingw -y | |
| - name: Build | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build pow:main \ | |
| --action-log logs/action/windows/main/pow.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test pow:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/windows/main/pow.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: windows-main-pow-${{ github.run_attempt }} | |
| path: | | |
| bin/windows/main/ | |
| logs/action/windows/main/pow.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| shell: bash | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| windows_system: | |
| runs-on: windows-latest | |
| needs: [ guard, windows_hash, windows_core, windows_pqc, windows_pow ] | |
| if: >- | |
| needs.windows_hash.result == 'success' && | |
| needs.windows_core.result == 'success' && | |
| needs.windows_pqc.result == 'success' && | |
| needs.windows_pow.result == 'success' | |
| env: | |
| PLATFORM: windows | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: choco install mingw -y | |
| - name: Build system + lite | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build system:main \ | |
| --action-log logs/action/windows/primary/system.log $NOLOG | |
| python runner.py --platform $PLATFORM --build lite:main \ | |
| --action-log logs/action/windows/primary/lite.log $NOLOG | |
| - name: Test system + lite | |
| if: needs.guard.outputs.skip_test != 'true' | |
| shell: bash | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test system:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/windows/primary/system.log $NOLOG | |
| python runner.py --platform $PLATFORM --test lite:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/windows/primary/lite.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: windows-primary-${{ github.run_attempt }} | |
| path: | | |
| bin/windows/primary/ | |
| logs/action/windows/primary/ | |
| if-no-files-found: warn | |
| # ───────────────────────────────────────────────────────────────────────── | |
| # MAC — main tier (macos-latest + homebrew gcc) | |
| # ───────────────────────────────────────────────────────────────────────── | |
| mac_hash: | |
| runs-on: macos-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'mac')) | |
| env: | |
| PLATFORM: mac | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: brew list gcc >/dev/null 2>&1 || brew install gcc | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build hash:main \ | |
| --action-log logs/action/mac/main/hash.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test hash:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/mac/main/hash.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: mac-main-hash-${{ github.run_attempt }} | |
| path: | | |
| bin/mac/main/ | |
| logs/action/mac/main/hash.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| mac_core: | |
| runs-on: macos-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'mac')) | |
| env: | |
| PLATFORM: mac | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: brew list gcc >/dev/null 2>&1 || brew install gcc | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build core:main \ | |
| --action-log logs/action/mac/main/core.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test core:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/mac/main/core.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: mac-main-core-${{ github.run_attempt }} | |
| path: | | |
| bin/mac/main/ | |
| logs/action/mac/main/core.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| mac_pqc: | |
| runs-on: macos-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'mac')) | |
| env: | |
| PLATFORM: mac | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: brew list gcc >/dev/null 2>&1 || brew install gcc | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build pqc:main \ | |
| --action-log logs/action/mac/main/pqc.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test pqc:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/mac/main/pqc.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: mac-main-pqc-${{ github.run_attempt }} | |
| path: | | |
| bin/mac/main/ | |
| logs/action/mac/main/pqc.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| mac_pow: | |
| runs-on: macos-latest | |
| needs: guard | |
| if: >- | |
| needs.guard.outputs.gen == 'true' && | |
| (needs.guard.outputs.gen_platforms == 'all' || | |
| contains(needs.guard.outputs.gen_platforms, 'mac')) | |
| env: | |
| PLATFORM: mac | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: brew list gcc >/dev/null 2>&1 || brew install gcc | |
| - name: Build | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build pow:main \ | |
| --action-log logs/action/mac/main/pow.log $NOLOG | |
| - name: Test | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test pow:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/mac/main/pow.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: mac-main-pow-${{ github.run_attempt }} | |
| path: | | |
| bin/mac/main/ | |
| logs/action/mac/main/pow.log | |
| if-no-files-found: warn | |
| - name: Cancel on failure | |
| if: failure() | |
| run: gh run cancel ${{ github.run_id }} --repo ${{ github.repository }} || true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| mac_system: | |
| runs-on: macos-latest | |
| needs: [ guard, mac_hash, mac_core, mac_pqc, mac_pow ] | |
| if: >- | |
| needs.mac_hash.result == 'success' && | |
| needs.mac_core.result == 'success' && | |
| needs.mac_pqc.result == 'success' && | |
| needs.mac_pow.result == 'success' | |
| env: | |
| PLATFORM: mac | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 1 } | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - run: brew list gcc >/dev/null 2>&1 || brew install gcc | |
| - name: Build system + lite | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --build system:main \ | |
| --action-log logs/action/mac/primary/system.log $NOLOG | |
| python runner.py --platform $PLATFORM --build lite:main \ | |
| --action-log logs/action/mac/primary/lite.log $NOLOG | |
| - name: Test system + lite | |
| if: needs.guard.outputs.skip_test != 'true' | |
| run: | | |
| NOLOG="${{ needs.guard.outputs.no_log == 'true' && '--noLog' || '' }}" | |
| python runner.py --platform $PLATFORM --test system:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/mac/primary/system.log $NOLOG | |
| python runner.py --platform $PLATFORM --test lite:main \ | |
| --load-mode ${{ env.LOAD_MODE }} \ | |
| --action-log logs/action/mac/primary/lite.log $NOLOG | |
| - uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: mac-primary-${{ github.run_attempt }} | |
| path: | | |
| bin/mac/primary/ | |
| logs/action/mac/primary/ | |
| if-no-files-found: warn | |
| # ───────────────────────────────────────────────────────────────────────── | |
| # commit — download all artifacts, roll checksums, commit back | |
| # ───────────────────────────────────────────────────────────────────────── | |
| commit: | |
| runs-on: ubuntu-latest | |
| needs: [ guard, web_system, linux_system, windows_system, mac_system ] | |
| if: >- | |
| !cancelled() && | |
| (needs.web_system.result == 'success' || | |
| needs.linux_system.result == 'success' || | |
| needs.windows_system.result == 'success' || | |
| needs.mac_system.result == 'success') | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 0 } | |
| - name: Download all artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: . | |
| merge-multiple: true | |
| if-no-files-found: ignore | |
| - name: Cleanup RSP files | |
| shell: bash | |
| run: find bin -type f -name '*.rsp' -delete 2>/dev/null || true | |
| - name: Compress large logs | |
| shell: bash | |
| run: find logs -type f -name '*.log' -size +10M -exec gzip -9 {} \; 2>/dev/null || true | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - name: Generate bin index | |
| shell: bash | |
| run: python roll_checksum.py | |
| - name: Reproducibility spot-check | |
| shell: bash | |
| run: | | |
| sudo apt-get install -y build-essential -q | |
| python runner.py --platform linux --build hash:main --noLog | |
| sha256sum bin/linux/main/hash.* > /tmp/chk1.txt 2>/dev/null || true | |
| python runner.py --platform linux --build hash:main --noLog | |
| sha256sum bin/linux/main/hash.* > /tmp/chk2.txt 2>/dev/null || true | |
| if [ -s /tmp/chk1.txt ] && ! diff -q /tmp/chk1.txt /tmp/chk2.txt >/dev/null 2>&1; then | |
| echo "NON-REPRODUCIBLE BUILD DETECTED" | |
| diff /tmp/chk1.txt /tmp/chk2.txt | |
| exit 1 | |
| fi | |
| - name: Commit outputs | |
| shell: bash | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| python clear.py | |
| git add -f bin logs | |
| if [ -z "$(git status --porcelain)" ]; then | |
| echo "No changes to commit" | |
| exit 0 | |
| fi | |
| git commit -m "Add platform binaries and logs [skip ci]" | |
| git pull --rebase -X ours | |
| git push | |
| # ───────────────────────────────────────────────────────────────────────── | |
| # release — GitHub Release + versioned bins index | |
| # ───────────────────────────────────────────────────────────────────────── | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: [ guard, commit ] | |
| if: >- | |
| needs.guard.outputs.gen_release != '' && | |
| needs.commit.result == 'success' | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: { fetch-depth: 0 } | |
| - run: git pull origin ${{ github.ref_name }} | |
| - uses: actions/setup-python@v5 | |
| with: { python-version: '3.11' } | |
| - name: Archive versioned bins.json | |
| shell: bash | |
| run: | | |
| TAG=${{ needs.guard.outputs.gen_release }} | |
| mkdir -p bin/releases | |
| python roll_checksum.py \ | |
| --bin-dir bin \ | |
| --repo ${{ github.repository }} \ | |
| --branch $TAG \ | |
| --out bin/releases/${TAG}.json | |
| - name: Update releases/index.json | |
| shell: bash | |
| run: | | |
| python script/ci/update_release_index.py \ | |
| --tag "${{ needs.guard.outputs.gen_release }}" \ | |
| --index bin/releases/index.json \ | |
| --repo ${{ github.repository }} | |
| - name: Commit release index | |
| shell: bash | |
| run: | | |
| TAG=${{ needs.guard.outputs.gen_release }} | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git add bin/releases/ | |
| git commit -m "release: archive ${TAG} bins index [skip ci]" | |
| git push | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: ${{ needs.guard.outputs.gen_release }} | |
| name: "NextSSL ${{ needs.guard.outputs.gen_release }}" | |
| body: | | |
| Binary release — all platforms. | |
| Download index: `bin/releases/${{ needs.guard.outputs.gen_release }}.json` | |
| files: | | |
| bin/windows/primary/main.dll | |
| bin/windows/primary/main_lite.dll | |
| bin/linux/primary/main.so | |
| bin/linux/primary/main_lite.so | |
| bin/mac/primary/main.dylib | |
| bin/mac/primary/main_lite.dylib | |
| bin/web/primary/main.wasm | |
| bin/web/primary/main_lite.wasm | |
| bin/releases/${{ needs.guard.outputs.gen_release }}.json |