ci: implement guix build by label request in CI (#5368)

## Issue being fixed or feature implemented
Automated guix builds in CI when specifically requested 

## What was done?
Any PR with the `build-guix` label added will automatically have the
Guix build ran and the hashes placed in the CI output to compare against


## How Has This Been Tested?
This PR

## Breaking Changes
None

## Checklist:
_Go over all the following points, and put an `x` in all the boxes that
apply._
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e
tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository
code-owners and collaborators only)_
This commit is contained in:
PastaPastaPasta 2023-05-15 22:15:34 -05:00 committed by GitHub
parent bfccd1e732
commit 16187c7670
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 72 additions and 1 deletions

67
.github/workflows/guix-build.yml vendored Normal file
View File

@ -0,0 +1,67 @@
name: Guix Build
on:
pull_request:
types: [ labeled ]
jobs:
build:
runs-on: self-hosted
if: contains(github.event.pull_request.labels.*.name, 'guix-build')
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Hash Dockerfile
id: dockerfile
run: |
echo "::set-output name=hash::$(sha256sum ./contrib/guix/Dockerfile | cut -d ' ' -f1)"
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ steps.dockerfile.outputs.hash }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build Docker image
uses: docker/build-push-action@v2
with:
context: .
file: ./contrib/guix/Dockerfile
load: true
tags: alpine-guix:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Run Guix build
run: |
export ADDITIONAL_GUIX_COMMON_FLAGS='--max-jobs=32' && \
mkdir -p depends/SDKs && \
mkdir -p /tmp/guix-store && \
curl -L https://bitcoincore.org/depends-sources/sdks/Xcode-12.1-12A7403-extracted-SDK-with-libcxx-headers.tar.gz | tar -xz -C depends/SDKs && \
docker run --privileged -d --name guix-daemon --rm -v ${{ github.workspace }}:/dash -w /dash alpine-guix:latest && \
docker exec guix-daemon bash -c "\
chmod 777 /dash/depends && \
git config --global --add safe.directory /dash && \
cd /dash && \
contrib/guix/guix-build"
- name: Ensure build passes
run: |
if [[ $? != 0 ]]; then
echo "Guix build failed!"
exit 1
fi
- name: Compute SHA1 checksum
run: |
sha1sum guix-build-$(git rev-parse --short=12 HEAD)/distsrc-*/src/dashd{,.exe}
sha1sum guix-build-$(git rev-parse --short=12 HEAD)/distsrc-*/src/qt/dash-qt{,.exe}
- name: Compute SHA256 checksum
run: |
sha256sum guix-build-$(git rev-parse --short=12 HEAD)/distsrc-*/src/dashd{,.exe}
sha256sum guix-build-$(git rev-parse --short=12 HEAD)/distsrc-*/src/qt/dash-qt{,.exe}

View File

@ -50,10 +50,14 @@ RUN for i in $(seq -w 1 ${builder_count}); do \
"guixbuilder${i}" ; \
done
CMD ["/root/.config/guix/current/bin/guix-daemon","--build-users-group=guixbuild"]
ENTRYPOINT ["/root/.config/guix/current/bin/guix-daemon","--build-users-group=guixbuild"]
RUN git clone https://github.com/dashpay/dash.git /dash
RUN mkdir base_cache sources SDKs
WORKDIR /dash
RUN mkdir -p depends/SDKs && \
curl -L https://bitcoincore.org/depends-sources/sdks/Xcode-12.1-12A7403-extracted-SDK-with-libcxx-headers.tar.gz | tar -xz -C depends/SDKs