diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..b7127fe --- /dev/null +++ b/.dockerignore @@ -0,0 +1,2 @@ +**/.git +bazel-* diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml new file mode 100644 index 0000000..9c8cf67 --- /dev/null +++ b/.github/actionlint.yaml @@ -0,0 +1,6 @@ +# Configuration related to self-hosted runner. +self-hosted-runner: + # Labels of self-hosted runner in array of strings. + labels: + - ubuntu-22.04-32core-graph-team-amd64 + - ubuntu-22.04-32core-graph-team-arm64 diff --git a/.github/workflows/release-docker.yml b/.github/workflows/release-docker.yml new file mode 100644 index 0000000..3b6665b --- /dev/null +++ b/.github/workflows/release-docker.yml @@ -0,0 +1,156 @@ +name: "Release Docker images" + +on: + push: + branches: ["main"] + tags: + - "v*" +env: + REGISTRY_IMAGE: sourcegraph/scip-clang + +jobs: + build-binaries: + strategy: + fail-fast: false + matrix: + include: + - os: ubuntu-22.04-32core-graph-team-amd64 + platform: linux/amd64 + binary-name: scip-clang-x86_64-linux + - os: ubuntu-22.04-32core-graph-team-arm64 + platform: linux/arm64 + binary-name: scip-clang-arm64-linux + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v4 + + - uses: bazel-contrib/setup-bazel@0.14.0 + with: + bazelisk-cache: true + disk-cache: ${{ github.workflow }}-${{ matrix.binary-name }} + repository-cache: true + + - name: Build binary + run: bazel build //indexer:scip-clang --config release + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + path: bazel-bin/indexer/scip-clang + name: ${{ matrix.binary-name }} + if-no-files-found: error + + build-docker: + needs: [build-binaries] + strategy: + fail-fast: false + matrix: + include: + - os: ubuntu-22.04 + platform: linux/amd64 + binary-name: scip-clang-x86_64-linux + - os: ubuntu-22.04-arm + platform: linux/arm64 + binary-name: scip-clang-arm64-linux + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v4 + + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Download pre-built binary + uses: actions/download-artifact@v4 + with: + name: ${{ matrix.binary-name }} + path: /tmp/binary + + - run: cp /tmp/binary/scip-clang ./scip-clang && ls -l ./scip-clang + + - name: Build and push by digest + id: build-images + uses: docker/build-push-action@v6 + with: + context: . + platforms: ${{ matrix.platform }} + labels: ${{ steps.meta.outputs.labels }} + tags: ${{ env.REGISTRY_IMAGE }} + outputs: type=image,push-by-digest=true,name-canonical=true,push=true + + - name: Export digest + run: | + mkdir -p ${{ runner.temp }}/digests + digest="${{ steps.build-images.outputs.digest }}" + touch "${{ runner.temp }}/digests/${digest#sha256:}" + + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: ${{ runner.temp }}/digests/* + if-no-files-found: error + retention-days: 1 + + merge-docker: + runs-on: ubuntu-latest + needs: [build-docker] + steps: + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: ${{ runner.temp }}/digests + pattern: digests-* + merge-multiple: true + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Snapshot metadata + if: github.ref == 'refs/heads/main' + uses: docker/metadata-action@v5 + with: + images: | + ${{ env.REGISTRY_IMAGE }} + tags: | + type=raw,value=latest-snapshot + + - name: Tag metadata + if: startsWith(github.ref, 'refs/tags/v') + uses: docker/metadata-action@v5 + with: + images: | + ${{ env.REGISTRY_IMAGE }} + tags: | + type=raw,value=latest + type=raw,value=${{ env.PATCH }} + type=raw,value=${{ env.MINOR }} + type=raw,value=${{ env.MAJOR }} + + - name: Create manifest list and push + working-directory: ${{ runner.temp }}/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9cf9a66..93d93a7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,47 +2,47 @@ name: Release on: push: tags: - - 'v*' + - "v*" workflow_dispatch: inputs: revision: - description: 'Tag or revision to build binaries for' + description: "Tag or revision to build binaries for" type: string required: true create_release: - description: 'Should publish the binary or not' + description: "Should publish the binary or not" required: true - default: 'false' + default: "false" jobs: build-and-upload-artifacts: - name: 'Build and upload artifacts' + name: "Build and upload artifacts" strategy: matrix: include: - - platform: 'ubuntu-22.04' - container: 'gcc:9.5.0-buster' - config: 'dev' - - platform: 'ubuntu-22.04' - container: 'gcc:9.5.0-buster' - config: 'release' + - platform: "ubuntu-22.04" + container: "gcc:9.5.0-buster" + config: "dev" + - platform: "ubuntu-22.04" + container: "gcc:9.5.0-buster" + config: "release" # macOS 14 => arm64 - - platform: 'macos-14' - container: '' - config: 'release' + - platform: "macos-14" + container: "" + config: "release" runs-on: ${{ matrix.platform }} container: ${{ matrix.container }} env: TAG: ${{ github.event.ref }} permissions: - contents: 'read' - id-token: 'write' + contents: "read" + id-token: "write" defaults: run: shell: bash steps: - - uses: actions/checkout@v3 - - name: '📝 Check version' + - uses: actions/checkout@v4 + - name: "📝 Check version" run: | set -euo pipefail if [[ "${TAG:-}" == v* ]]; then @@ -51,7 +51,7 @@ jobs: TAG_LIKE="$(grep '## v' CHANGELOG.md | head -n 1 | cut -d ' ' -f 2)" fi NEW_VERSION="${TAG_LIKE/v/}" ./tools/version_check.sh - - name: '🐍 Install Bazelisk' + - name: "🐍 Install Bazelisk" run: | if ! command -v bazelisk; then if [ "$RUNNER_OS" == "Windows" ]; then @@ -64,13 +64,13 @@ jobs: fi fi - id: auth - name: '🔓 Authenticate to Google Cloud' - uses: 'google-github-actions/auth@v1' + name: "🔓 Authenticate to Google Cloud" + uses: "google-github-actions/auth@v2" with: workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }} create_credentials_file: true - - name: '🚧 Build scip-clang' + - name: "🚧 Build scip-clang" run: | # Stop Windows from converting the // to / # https://github.com/bazelbuild/bazel/commit/866ecc8c3d5e0b899e3f0c9c6b2265f16daae842 @@ -99,7 +99,7 @@ jobs: fi env: CONFIG: ${{ matrix.config }} - - name: '🔎 Identify OS' + - name: "🔎 Identify OS" run: echo "OS=$(uname -s | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_ENV" # - name: '🪵 Upload log' # uses: actions/upload-artifact@v3 @@ -120,19 +120,19 @@ jobs: OS: ${{ env.OS }} CONFIG: ${{ matrix.config }} - name: ${{ format('📦 Store binary ({0})', matrix.config) }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ matrix.platform }}-${{ matrix.config }}-release-artifacts path: ${{ env.outBinaryPath }} create-release: - name: 'Create release' + name: "Create release" if: github.event_name != 'workflow_dispatch' || inputs.create_release needs: build-and-upload-artifacts - runs-on: 'ubuntu-20.04' + runs-on: "ubuntu-20.04" steps: - - uses: actions/checkout@v3 - - name: '📝 Create Release' + - uses: actions/checkout@v4 + - name: "📝 Create Release" run: | REV="$INPUT_REVISION" if [ "$TRIGGER" != "workflow_dispatch" ]; then @@ -147,9 +147,9 @@ jobs: INPUT_REVISION: ${{ inputs.revision }} # Download everything to avoid spelling out the different # platforms here. - - name: '📥 Download all artifacts' - uses: actions/download-artifact@v3 - - name: '📤 Upload artifacts for release' + - name: "📥 Download all artifacts" + uses: actions/download-artifact@v4 + - name: "📤 Upload artifacts for release" run: gh release upload "${GITHUB_REF/refs\/tags\//}" ./*-release-artifacts/* env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..2f31d9f --- /dev/null +++ b/Dockerfile @@ -0,0 +1,10 @@ +FROM ubuntu:22.04 as indexer + +RUN apt-get update && apt-get install -y curl libc6-dev python3 build-essential ninja-build git cmake + +COPY ./scip-clang /usr/bin/scip-clang +RUN chmod +x /usr/bin/scip-clang && chown $(whoami) /usr/bin/scip-clang + +WORKDIR /sources + +ENTRYPOINT [ "scip-clang" ] diff --git a/fetch_deps.bzl b/fetch_deps.bzl index 0045196..38e8c8d 100644 --- a/fetch_deps.bzl +++ b/fetch_deps.bzl @@ -210,22 +210,22 @@ def fetch_direct_dependencies(): http_archive( name = "actionlint_darwin_arm64", build_file = "@scip_clang//third_party:actionlint.BUILD", - sha256 = "4b8eff986643b8d9918c4fd3ada9c0eee7e59230a53a46a9bd9686521dcad170", - urls = ["https://github.com/rhysd/actionlint/releases/download/v1.6.27/actionlint_1.6.27_darwin_arm64.tar.gz"], + sha256 = "2693315b9093aeacb4ebd91a993fea54fc215057bf0da2659056b4bc033873db", + urls = ["https://github.com/rhysd/actionlint/releases/download/v1.7.7/actionlint_1.7.7_darwin_arm64.tar.gz"], ) http_archive( name = "actionlint_linux_amd64", build_file = "@scip_clang//third_party:actionlint.BUILD", - sha256 = "5c9b6e5418f688b7f7c7e3d40c13d9e41b1ca45fb6a2c35788b0580e34b7300f", - urls = ["https://github.com/rhysd/actionlint/releases/download/v1.6.27/actionlint_1.6.27_linux_amd64.tar.gz"], + sha256 = "023070a287cd8cccd71515fedc843f1985bf96c436b7effaecce67290e7e0757", + urls = ["https://github.com/rhysd/actionlint/releases/download/v1.7.7/actionlint_1.7.7_linux_amd64.tar.gz"], ) http_archive( name = "actionlint_linux_arm64", build_file = "@scip_clang//third_party:actionlint.BUILD", - sha256 = "03ffe5891da7800ec39533543667697b5c292d0ff8b906397b43c58374ec052a", - urls = ["https://github.com/rhysd/actionlint/releases/download/v1.6.27/actionlint_1.6.27_linux_arm64.tar.gz"], + sha256 = "401942f9c24ed71e4fe71b76c7d638f66d8633575c4016efd2977ce7c28317d0", + urls = ["https://github.com/rhysd/actionlint/releases/download/v1.7.7/actionlint_1.7.7_linux_arm64.tar.gz"], ) http_archive(