Linuxfabrik: Compile and Package #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Linuxfabrik: Compile and Package' | |
| # Controls when the workflow will run | |
| on: | |
| # Triggers the workflow on push or pull request events but only for the main branch | |
| # push: | |
| # tags: | |
| # - '*' | |
| # Allows running this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| inputs: | |
| package-version: | |
| description: 'The version ("major.minor.patch"). If ommitted, revision is auto-incremented.' | |
| required: false | |
| default: '' | |
| lib-repo-ref: | |
| description: 'The branch, tag or SHA to checkout from the lib repo. Defaults to the current branch or tag.' | |
| required: false | |
| default: '' | |
| # package-iteration: | |
| # description: 'The iteration to give to the package. RPM calls this the ‘release’. FreeBSD calls it ‘PORTREVISION’. Debian calls this ‘debian_revision’' | |
| # required: false | |
| # default: '1' | |
| distros: | |
| description: 'Comma-separated list of operating systems to build on. Supported: `debian11,debian12,rocky8,rocky9,ubuntu2004,ubuntu2204,ubuntu2404,windows`.' | |
| required: false | |
| default: 'debian11,debian12,rocky8,rocky9,ubuntu2004,ubuntu2204,ubuntu2404,windows' | |
| check-plugin: | |
| description: 'If you only want to compile a specific check plugin, specify its name, for example `xml`, otherwise leave empty to build all plugins.' | |
| required: false | |
| default: '' | |
| arch: | |
| description: 'Comma-separated list of Architecture to build on. Supported: `X64,ARM64`.' | |
| required: false | |
| default: 'X64,ARM64' | |
| env: | |
| # we use this to get a (mostly) unique directory, therefore avoiding folder collisions when multiple workflows are running | |
| BASE_DIR: '${{ github.sha }}_${{ github.run_id }}_${{ github.run_attempt }}' | |
| # modify the default permissions granted to the GITHUB_TOKEN | |
| permissions: | |
| contents: 'read' | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| debug: | |
| runs-on: | |
| - 'ubuntu-24.04' | |
| - 'ubuntu-24.04-arm' | |
| steps: | |
| - name: 'Debug Environment and Inputs' | |
| run: > | |
| echo | |
| BASE_DIR=${{ env.BASE_DIR }} | |
| arch=${{ inputs.arch }} | |
| check-plugin=${{ inputs.check-plugin }} | |
| distros=${{ inputs.distros }} | |
| lib-repo-ref=${{ inputs.lib-repo-ref }} | |
| package-iteration=${{ inputs.package-iteration }} | |
| # set-matrix: | |
| # runs-on: | |
| # - 'ubuntu-24.04' | |
| # - 'ubuntu-24.04-arm' | |
| # outputs: | |
| # matrix: '${{ steps.generate-matrix.outputs.matrix }}' | |
| # steps: | |
| # - name: 'Generate Matrix' | |
| # id: 'generate-matrix' | |
| # run: | | |
| # distros="${{ inputs.distros }}" | |
| # matrix=$(echo "$distros" | jq --compact-output --raw-input '{"distros": split(",")}') | |
| # echo "matrix=$matrix" >> $GITHUB_OUTPUT | |
| # linux-preparations: | |
| # runs-on: | |
| # - 'ubuntu-24.04' | |
| # - 'ubuntu-24.04-arm' | |
| # steps: | |
| # - name: 'Harden Runner' | |
| # uses: 'step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e' # v2.10.4 | |
| # with: | |
| # egress-policy: 'audit' | |
| # - name: 'git checkout https://github.com/Linuxfabrik/monitoring-plugins.git' | |
| # uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2 | |
| # with: | |
| # path: '${{ env.BASE_DIR }}/repos/monitoring-plugins' | |
| # - name: 'git checkout https://github.com/Linuxfabrik/lib.git' | |
| # uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2 | |
| # with: | |
| # repository: 'Linuxfabrik/lib' | |
| # ref: '${{ inputs.lib-repo-ref || github.ref_name }}' | |
| # path: '${{ env.BASE_DIR }}/repos/lib' | |
| # - name: 'mkdir -p ${{ env.BASE_DIR }}/build' | |
| # run: 'mkdir -p ${{ env.BASE_DIR }}/build' | |
| # linux-build-packages: | |
| # runs-on: | |
| # - 'ubuntu-24.04' | |
| # - 'ubuntu-24.04-arm' | |
| # needs: | |
| # - 'set-matrix' | |
| # - 'linux-preparations' | |
| # strategy: | |
| # matrix: | |
| # distro: '${{ fromJson(needs.set-matrix.outputs.matrix).distros }}' | |
| # steps: | |
| # - name: 'Harden Runner' | |
| # uses: 'step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e' # v2.10.4 | |
| # with: | |
| # egress-policy: 'audit' | |
| # - name: 'mkdir -p ${{ env.BASE_DIR }}/build/${{ matrix.distro }}' | |
| # run: 'mkdir -p ${{ env.BASE_DIR }}/build/${{ matrix.distro }}' | |
| # # On ARM, the above directory creation is successful, but is often not physically created | |
| # - name: 'Synchronize cached writes to persistent storage' | |
| # run: 'sync' | |
| # - name: 'Build the container for ${{ matrix.distro }}' | |
| # run: > | |
| # podman build | |
| # --file "${{ env.BASE_DIR }}/repos/monitoring-plugins/build/${{ matrix.distro }}/Containerfile" | |
| # --tag "lfmp-build-${{ matrix.distro }}" | |
| # - name: 'Build the packages for ${{ matrix.distro }}' | |
| # run: > | |
| # podman run | |
| # --rm | |
| # --mount type=bind,source=${{ env.BASE_DIR }}/build/${{ matrix.distro }},destination=/build,relabel=private | |
| # --mount type=bind,source=${{ env.BASE_DIR }}/repos,destination=/repos,relabel=shared,ro=true | |
| # "lfmp-build-${{ matrix.distro }}" | |
| # /bin/bash -x | |
| # /repos/monitoring-plugins/build/${{ matrix.distro }}/build.sh | |
| # ${{ inputs.package-version || github.ref_name }} | |
| # ${{ inputs.package-iteration || '1' }} | |
| # ${{ inputs.check-plugin || '' }} | |
| # # this would not work on the Github-hosted runners, as each job is isolated there, | |
| # # but works when self-hosted (since there are no parallel jobs) | |
| # upload-outputs: | |
| # runs-on: | |
| # - 'ubuntu-24.04' | |
| # - 'ubuntu-24.04-arm' | |
| # needs: # we want this to run after the build jobs | |
| # - 'linux-build-packages' | |
| # # if: '${{ always() }}' # however, we want to upload the artifacts even if one of the job fails | |
| # steps: | |
| # - name: 'Harden Runner' | |
| # uses: 'step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e' # v2.10.4 | |
| # with: | |
| # egress-policy: 'audit' | |
| # - name: 'Upload build output as artifact for packaging later on' | |
| # uses: 'actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08' # v4.6.0 | |
| # with: | |
| # name: "monitoring-plugins-linux-${{ inputs.arch || 'X64' }}" | |
| # path: '${{ env.BASE_DIR }}/build/' | |
| # create-list-of-checks-for-windows: | |
| # runs-on: | |
| # - 'ubuntu-24.04' | |
| # outputs: | |
| # monitoring_plugin_list_json: '${{ steps.save-json.outputs.monitoring_plugin_list_json}}' | |
| # steps: | |
| # - name: 'Harden Runner' | |
| # uses: 'step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e' # v2.10.4 | |
| # with: | |
| # egress-policy: 'audit' | |
| # - name: 'git checkout https://github.com/Linuxfabrik/monitoring-plugins.git' | |
| # uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2 | |
| # - name: 'create list of windows checks' | |
| # run: | | |
| # for dir in check-plugins/*; do | |
| # check=$(basename $dir) | |
| # if [ -e $dir/.windows ]; then | |
| # echo $check >> /tmp/windows-checks | |
| # echo "'$check'," >> /tmp/windows-checks-ps-list | |
| # fi | |
| # done | |
| # - name: 'save the list as json' | |
| # id: 'save-json' | |
| # # https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings | |
| # run: | | |
| # EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) | |
| # echo "monitoring_plugin_list_json<<$EOF" >> "$GITHUB_OUTPUT" | |
| # cat /tmp/windows-checks | jq -R -s -c 'split("\n")[:-1]' >> "$GITHUB_OUTPUT" | |
| # echo "$EOF" >> "$GITHUB_OUTPUT" | |
| # compile-on-windows: | |
| # runs-on: | |
| # - 'windows-2025' | |
| # needs: | |
| # - 'build-windows-get-list' | |
| # strategy: | |
| # matrix: | |
| # check: '${{ fromJson(needs.build-windows-get-list.outputs.monitoring_plugin_list_json) }}' | |
| # steps: | |
| # - name: 'Harden Runner' | |
| # uses: 'step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e' # v2.10.4 | |
| # with: | |
| # egress-policy: 'audit' | |
| # - name: 'git checkout https://github.com/Linuxfabrik/monitoring-plugins.git' | |
| # uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2 | |
| # with: | |
| # # Relative path under $GITHUB_WORKSPACE to place the repository | |
| # path: 'monitoring-plugins' | |
| # - name: 'git checkout https://github.com/Linuxfabrik/lib.git' | |
| # uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2 | |
| # with: | |
| # repository: 'Linuxfabrik/lib' | |
| # path: 'lib' | |
| # - name: 'Install python3.12' | |
| # uses: 'actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38' # v5.4.0 | |
| # with: | |
| # python-version: '3.12' | |
| # - run: 'python.exe -m pip install --upgrade pip wheel setuptools' | |
| # # ordered-set is for nuitka: "Nuitka:WARNING: Using very slow fallback for ordered sets, please install 'ordered-set' or 'orderedset' PyPI packages for best Python compile time performance." | |
| # - run: 'python.exe -m pip install --upgrade ordered-set Nuitka Nuitka' | |
| # # install 3rd party libraries for all check plugins | |
| # - run: 'python.exe -m pip install --requirement ${{ github.workspace }}\monitoring-plugins\requirements-windows.txt --require-hashes' | |
| # # info in case of errors | |
| # - run: 'python.exe -m pip list' | |
| # - run: > | |
| # python.exe -m nuitka | |
| # --assume-yes-for-downloads | |
| # --output-dir=C:\nuitka-compile-temp | |
| # --remove-output | |
| # --standalone | |
| # --mingw64 | |
| # --include-plugin-directory="${{ github.workspace }}\lib" | |
| # ${{ github.workspace }}\monitoring-plugins\check-plugins\${{ matrix.check }}\${{ matrix.check}} | |
| # - name: 'Upload build output as artifact for zipping' | |
| # uses: 'actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08' # v4.6.0 | |
| # with: | |
| # name: 'nuitka-build-output-${{ matrix.check }}' | |
| # path: 'C:\nuitka-compile-temp\${{ matrix.check }}*' | |
| # windows-package: | |
| # runs-on: | |
| # - 'windows-2025' | |
| # needs: | |
| # - 'build-windows' | |
| # steps: | |
| # - name: 'Harden Runner' | |
| # uses: 'step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e' # v2.10.4 | |
| # with: | |
| # egress-policy: 'audit' | |
| # - name: 'Configuring MSBuild in the workflow PATH for building .NET Framework applications' | |
| # uses: 'microsoft/setup-msbuild@v2' | |
| # - name: 'Install WiX toolset' | |
| # run: 'dotnet tool install --global wix' | |
| # - name: 'wix --version' | |
| # run: 'wix --version' | |
| # - name: 'Download all artifacts' | |
| # uses: 'actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16' # v4.1.8 | |
| # with: | |
| # path: 'C:\artifacts' | |
| # - name: 'Prepare plugins for zipping and packaging' | |
| # shell: 'bash' | |
| # run: | | |
| # cd /c/artifacts | |
| # mkdir /c/output | |
| # for dir in */*/; do | |
| # echo "dir: $dir" | |
| # echo cp -rv $dir* /c/output/ | |
| # cp -rv $dir* /c/output/ | |
| # done | |
| # - name: 'Upload build output (zip)' | |
| # uses: 'actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08' # v4.6.0 | |
| # with: | |
| # name: 'linuxfabrik-monitoring-plugins.zip' | |
| # path: 'C:\output\' | |
| # - name: 'Compile .wxs into .msi using WiX v5+' | |
| # run: > | |
| # wix.exe build | |
| # -out C:\output\linuxfabrik-monitoring-plugins.msi | |
| # ${{ github.workspace }}\monitoring-plugins\linuxfabrik-monitoring-plugins.wxs | |
| # working-directory: . | |
| # - name: 'Upload build output (msi)' | |
| # uses: 'actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08' # v4.6.0 | |
| # with: | |
| # name: 'linuxfabrik-monitoring-plugins.msi' | |
| # path: 'C:\output\' |