5b7b770f80
The Gitea runner assigns a different workspace directory hash on each
run (e.g. /var/lib/gitea-runner/.cache/act/<hash>/hostexecutor/). When
CCACHE_DIR was set to ${{ github.workspace }}/.ccache, the actions/cache
save and restore operated on a path that changed every run, making the
restored cache land in the wrong location. This caused 0% hit rate on
the second build despite the cache being saved successfully.
Fix by using a fixed path (/tmp/ccache-kindred-create) for CCACHE_DIR
and the cache action path. CCACHE_BASEDIR remains set to the workspace
so ccache stores relative source paths, making cache entries portable
across different workspace directories.
158 lines
5.2 KiB
YAML
158 lines
5.2 KiB
YAML
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
name: Release Build
|
|
|
|
on:
|
|
push:
|
|
tags: ["v*", "weekly-*"]
|
|
workflow_dispatch:
|
|
inputs:
|
|
tag:
|
|
description: "Release tag (e.g., v1.0.0)"
|
|
required: true
|
|
type: string
|
|
|
|
jobs:
|
|
build-linux-appimage:
|
|
runs-on: app-builder
|
|
|
|
env:
|
|
CCACHE_DIR: /tmp/ccache-kindred-create
|
|
CCACHE_COMPRESS: "true"
|
|
CCACHE_COMPRESSLEVEL: "6"
|
|
CCACHE_MAXSIZE: "4G"
|
|
CCACHE_SLOPPINESS: "include_file_ctime,include_file_mtime,pch_defines,time_macros"
|
|
CCACHE_BASEDIR: ${{ github.workspace }}
|
|
BUILD_TAG: ${{ github.ref_name || inputs.tag }}
|
|
MAKE_INSTALLER: "true"
|
|
CFLAGS: "-O3"
|
|
CXXFLAGS: "-O3"
|
|
|
|
steps:
|
|
- name: Trust FreeIPA CA certificate
|
|
shell: bash
|
|
run: |
|
|
# Download and install the FreeIPA CA certificate for SSL verification
|
|
echo "Downloading FreeIPA CA certificate..."
|
|
curl -fsSL -o /tmp/ipa-ca.crt https://ipa.kindred.internal/ipa/config/ca.crt
|
|
|
|
# Verify the certificate is valid (just show subject and dates)
|
|
echo "Verifying certificate..."
|
|
openssl x509 -in /tmp/ipa-ca.crt -subject -dates -noout
|
|
|
|
# Set NODE_EXTRA_CA_CERTS for Node.js-based actions (used by upload-artifact)
|
|
echo "NODE_EXTRA_CA_CERTS=/tmp/ipa-ca.crt" >> $GITHUB_ENV
|
|
|
|
# Verify SSL connection to Gitea works with the CA cert
|
|
echo "Testing SSL connection to Gitea..."
|
|
curl -fsSL --cacert /tmp/ipa-ca.crt https://gitea.kindred.internal/api/v1/version
|
|
echo ""
|
|
echo "SSL certificate setup complete"
|
|
|
|
- name: Install node if needed
|
|
shell: bash
|
|
run: |
|
|
if ! command -v node &> /dev/null; then
|
|
curl -fsSL https://nodejs.org/dist/v20.18.0/node-v20.18.0-linux-x64.tar.xz | sudo tar -xJ -C /usr/local --strip-components=1
|
|
fi
|
|
node --version
|
|
|
|
- name: Checkout repository
|
|
uses: https://github.com/actions/checkout@v4
|
|
with:
|
|
submodules: recursive
|
|
fetch-depth: 0
|
|
fetch-tags: true
|
|
|
|
- name: Install pixi if needed
|
|
shell: bash
|
|
run: |
|
|
if ! command -v pixi &> /dev/null; then
|
|
curl -fsSL https://pixi.sh/install.sh | bash
|
|
echo "$HOME/.pixi/bin" >> $GITHUB_PATH
|
|
export PATH="$HOME/.pixi/bin:$PATH"
|
|
fi
|
|
pixi --version
|
|
|
|
- name: Restore ccache
|
|
id: ccache-restore
|
|
uses: https://github.com/actions/cache/restore@v4
|
|
with:
|
|
path: /tmp/ccache-kindred-create
|
|
key: ccache-release-${{ github.ref_name }}-${{ github.sha }}
|
|
restore-keys: |
|
|
ccache-release-
|
|
ccache-build-main-
|
|
|
|
- name: Prepare ccache
|
|
shell: bash
|
|
run: |
|
|
mkdir -p $CCACHE_DIR
|
|
pixi run ccache -z
|
|
echo "=== ccache configuration ==="
|
|
pixi run ccache -p
|
|
echo ""
|
|
echo "=== ccache status before build ==="
|
|
pixi run ccache -s
|
|
|
|
- name: Write version info
|
|
run: python3 package/scripts/write_version_info.py ../freecad_version.txt
|
|
|
|
- name: Build release package (AppImage)
|
|
working-directory: package/rattler-build
|
|
run: |
|
|
pixi install
|
|
pixi run -e package create_bundle
|
|
|
|
- name: Show ccache statistics
|
|
shell: bash
|
|
run: |
|
|
echo "=== ccache statistics after build ==="
|
|
pixi run ccache -s
|
|
echo ""
|
|
echo "=== ccache cache directory size ==="
|
|
du -sh $CCACHE_DIR
|
|
|
|
- name: Save ccache
|
|
if: always()
|
|
uses: https://github.com/actions/cache/save@v4
|
|
with:
|
|
path: /tmp/ccache-kindred-create
|
|
key: ccache-release-${{ github.ref_name }}-${{ github.sha }}
|
|
|
|
- name: Build .deb package
|
|
shell: bash
|
|
run: |
|
|
# Build .deb package from the AppDir used for AppImage
|
|
# The build-deb.sh script handles version conversion to Debian format
|
|
# (e.g., weekly-2025.01.28 -> 0~weekly.2025.01.28)
|
|
./package/debian/build-deb.sh \
|
|
package/rattler-build/linux/AppDir/usr \
|
|
package/rattler-build/linux \
|
|
"${BUILD_TAG}"
|
|
|
|
- name: List built artifacts
|
|
shell: bash
|
|
run: |
|
|
echo "Built artifacts:"
|
|
ls -lah package/rattler-build/linux/*.AppImage* 2>/dev/null || echo "No AppImage files found"
|
|
ls -lah package/rattler-build/linux/*.deb* 2>/dev/null || echo "No .deb files found"
|
|
ls -lah package/rattler-build/linux/*-SHA256.txt 2>/dev/null || echo "No SHA256 files found"
|
|
|
|
- name: Upload AppImage artifact
|
|
uses: https://github.com/actions/upload-artifact@v3
|
|
with:
|
|
name: kindred-create-appimage
|
|
path: |
|
|
package/rattler-build/linux/*.AppImage
|
|
package/rattler-build/linux/*-SHA256.txt
|
|
if-no-files-found: error
|
|
|
|
- name: Upload .deb artifact
|
|
uses: https://github.com/actions/upload-artifact@v3
|
|
with:
|
|
name: kindred-create-deb
|
|
path: |
|
|
package/rattler-build/linux/*.deb
|
|
package/rattler-build/linux/*.deb.sha256
|
|
if-no-files-found: warn
|