magdev
64be713b97
After the QML/C++ build started succeeding, `make appimage` failed at
the staging-symfony step ("rsync: No such file or directory") — slim
runner image again. Adding:
- rsync — used by examples/todo/Makefile to stage a
--no-dev composer copy of the Symfony tree
into build/staging-symfony/.
- file — appimagetool/linuxdeploy invoke `file` to
detect ELF type (AppImage, AppDir contents).
- libfuse2 — AppImage runtime mounts the squashfs via
libfuse2; without it appimagetool refuses
to assemble. (Alternative is
APPIMAGE_EXTRACT_AND_RUN=1 but installing
libfuse2 keeps the script unchanged.)
- desktop-file-utils — appimagetool validates the bundled
.desktop file via desktop-file-validate.
ci.yml only needs cmake + ninja + rsync (the symfony staging happens
in `make build` which it runs too, after the QML build) — no AppImage
assembly there.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
174 lines
6.2 KiB
YAML
174 lines
6.2 KiB
YAML
name: Release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- 'v*'
|
|
|
|
jobs:
|
|
linux:
|
|
name: Linux AppImage
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0 # need tag history for release notes
|
|
|
|
- name: Setup PHP
|
|
uses: shivammathur/setup-php@v2
|
|
with:
|
|
php-version: '8.4'
|
|
extensions: curl, json, mbstring
|
|
tools: composer:v2
|
|
coverage: none
|
|
|
|
- name: Install bundle dependencies
|
|
working-directory: framework/php
|
|
run: composer install --no-interaction --prefer-dist
|
|
|
|
- name: Setup Python (for install-qt-action's aqtinstall)
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.12'
|
|
|
|
- name: Install build + AppImage tools
|
|
run: sudo apt-get install -y cmake ninja-build rsync file libfuse2 desktop-file-utils
|
|
|
|
- name: Setup Qt 6
|
|
uses: jurplel/install-qt-action@v4
|
|
with:
|
|
version: '6.5.*'
|
|
dir: ${{ github.workspace }}/qt
|
|
cache: true
|
|
setup-python: false
|
|
|
|
- name: Install FrankenPHP
|
|
run: |
|
|
curl -fsSL -o /usr/local/bin/frankenphp \
|
|
https://github.com/php/frankenphp/releases/download/v1.12.2/frankenphp-linux-x86_64
|
|
chmod +x /usr/local/bin/frankenphp
|
|
|
|
- name: Build the todo example
|
|
working-directory: examples/todo
|
|
run: |
|
|
make install
|
|
make build
|
|
|
|
- name: Build AppImage (with embedded update-info)
|
|
working-directory: examples/todo
|
|
env:
|
|
APPIMAGE_EXTRACT_AND_RUN: '1'
|
|
FRANKENPHP: /usr/local/bin/frankenphp
|
|
# AppImageUpdate sidecar will fetch this .zsync URL; it must
|
|
# point at the asset we're about to upload to this Release.
|
|
APPIMAGE_UPDATE_INFO: |
|
|
zsync|${{ github.server_url }}/${{ github.repository }}/releases/download/${{ github.ref_name }}/Todo-x86_64.AppImage.zsync
|
|
run: make appimage
|
|
|
|
- name: Install zsync + Xvfb
|
|
run: |
|
|
sudo apt-get update -qq
|
|
sudo apt-get install -y zsync xvfb
|
|
|
|
- name: Performance smoke (PLAN.md §11 budgets)
|
|
working-directory: examples/todo
|
|
# Cold-start on a shared CI runner is harder than on bare metal;
|
|
# bump the cold-start budget to 4s here and the deadline to 8s.
|
|
# The bundle-size and idle-memory budgets stay strict.
|
|
env:
|
|
PERF_COLD_START_MS: '4000'
|
|
PERF_HEALTHZ_DEADLINE_MS: '8000'
|
|
run: ./tests/perfsmoke.sh build/Todo-x86_64.AppImage
|
|
|
|
- name: Generate zsync metadata
|
|
working-directory: examples/todo/build
|
|
run: zsyncmake Todo-x86_64.AppImage -u Todo-x86_64.AppImage
|
|
|
|
- name: Generate latest.json appcast
|
|
working-directory: examples/todo/build
|
|
env:
|
|
TAG: ${{ github.ref_name }}
|
|
run: |
|
|
SIZE=$(stat -c %s Todo-x86_64.AppImage)
|
|
SHA=$(sha256sum Todo-x86_64.AppImage | awk '{print $1}')
|
|
URL_BASE="${{ github.server_url }}/${{ github.repository }}/releases/download/${TAG}"
|
|
jq -n \
|
|
--arg version "$TAG" \
|
|
--arg url "$URL_BASE/Todo-x86_64.AppImage" \
|
|
--arg sha256 "$SHA" \
|
|
--arg zsync "$URL_BASE/Todo-x86_64.AppImage.zsync" \
|
|
--argjson size "$SIZE" \
|
|
--arg released "$(date -u +%Y-%m-%dT%H:%M:%SZ)" \
|
|
'{version:$version, released_at:$released, appimage:{url:$url, sha256:$sha256, size:$size, zsync:$zsync}}' \
|
|
> latest.json
|
|
cat latest.json
|
|
|
|
- name: Compute SHA256SUMS
|
|
working-directory: examples/todo/build
|
|
run: |
|
|
sha256sum Todo-x86_64.AppImage Todo-x86_64.AppImage.zsync latest.json \
|
|
> SHA256SUMS
|
|
cat SHA256SUMS
|
|
|
|
- name: Import GPG signing key
|
|
if: ${{ env.GPG_KEY != '' }}
|
|
env:
|
|
GPG_KEY: ${{ secrets.GPG_KEY }}
|
|
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
|
|
run: |
|
|
echo "$GPG_KEY" | gpg --batch --import
|
|
# Default key id from the imported keyring (first secret key).
|
|
KEYID=$(gpg --list-secret-keys --with-colons | awk -F: '/^sec/ {print $5; exit}')
|
|
echo "GPG_KEYID=$KEYID" >> "$GITHUB_ENV"
|
|
|
|
- name: Sign SHA256SUMS
|
|
if: ${{ env.GPG_KEYID != '' }}
|
|
working-directory: examples/todo/build
|
|
env:
|
|
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
|
|
run: |
|
|
gpg --batch --pinentry-mode loopback \
|
|
--passphrase "$GPG_PASSPHRASE" \
|
|
--local-user "$GPG_KEYID" \
|
|
--detach-sign --armor \
|
|
-o SHA256SUMS.asc \
|
|
SHA256SUMS
|
|
|
|
- name: Create Gitea Release and upload artefacts
|
|
env:
|
|
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
|
REPO: ${{ github.repository }}
|
|
TAG: ${{ github.ref_name }}
|
|
working-directory: examples/todo/build
|
|
run: |
|
|
set -euo pipefail
|
|
api="${GITHUB_SERVER_URL}/api/v1"
|
|
|
|
# Create the release (or get the existing one for this tag)
|
|
release_json=$(curl -fsSL -X POST "$api/repos/$REPO/releases" \
|
|
-H "Authorization: token $GITEA_TOKEN" \
|
|
-H 'Content-Type: application/json' \
|
|
-d "$(jq -n --arg tag "$TAG" --arg name "$TAG" \
|
|
'{tag_name:$tag,name:$name,draft:false,prerelease:false}')" \
|
|
|| curl -fsSL "$api/repos/$REPO/releases/tags/$TAG" \
|
|
-H "Authorization: token $GITEA_TOKEN")
|
|
rid=$(echo "$release_json" | jq -r .id)
|
|
echo "Release id: $rid"
|
|
|
|
upload() {
|
|
local f="$1"
|
|
echo " uploading $f"
|
|
curl -fsSL -X POST \
|
|
"$api/repos/$REPO/releases/$rid/assets?name=$(basename "$f")" \
|
|
-H "Authorization: token $GITEA_TOKEN" \
|
|
-H 'Content-Type: application/octet-stream' \
|
|
--data-binary "@$f"
|
|
}
|
|
upload Todo-x86_64.AppImage
|
|
upload Todo-x86_64.AppImage.zsync
|
|
upload latest.json
|
|
upload SHA256SUMS
|
|
[ -f SHA256SUMS.asc ] && upload SHA256SUMS.asc || true
|