Kata/Docker Container external driver for Linux #7773
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Forked from https://github.com/containerd/nerdctl/blob/v0.8.1/.github/workflows/release.yml | |
| # Apache License 2.0 | |
| name: Release | |
| on: | |
| # paths-ignore should be kept in sync with test.yml | |
| push: | |
| branches: | |
| - 'master' | |
| tags: | |
| - 'v*' | |
| paths-ignore: | |
| - "docs/**" | |
| - "website/**" | |
| - "**.md" | |
| pull_request: | |
| branches: | |
| - 'master' | |
| paths-ignore: | |
| - "docs/**" | |
| - "website/**" | |
| - "**.md" | |
| env: | |
| GO111MODULE: on | |
| GOTOOLCHAIN: local | |
| permissions: | |
| contents: read | |
| jobs: | |
| artifacts-darwin: | |
| name: Artifacts Darwin | |
| # The latest release of macOS is used to enable new features. | |
| # https://github.com/lima-vm/lima/issues/2767 | |
| # | |
| # Apparently, a binary built on a newer version of macOS can still run on | |
| # an older release of macOS without an error. | |
| # This is quite different from Linux and glibc. | |
| runs-on: macos-26 | |
| timeout-minutes: 20 | |
| steps: | |
| - name: "Show xcode and SDK version" | |
| run: | | |
| # Xcode version | |
| xcodebuild -version | |
| # macOS SDK version | |
| xcrun --show-sdk-version || true | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 | |
| with: | |
| go-version: 1.25.x | |
| - name: Make darwin artifacts | |
| run: make artifacts-darwin | |
| - name: "Upload artifacts" | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: artifacts-darwin | |
| path: _artifacts/ | |
| release: | |
| # An old release of Ubuntu is chosen for glibc compatibility | |
| runs-on: ubuntu-22.04 | |
| needs: artifacts-darwin | |
| timeout-minutes: 20 | |
| # The maximum access is "read" for PRs from public forked repos | |
| # https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token | |
| permissions: | |
| contents: write # for releases | |
| id-token: write # for provenances | |
| attestations: write # for provenances | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 | |
| with: | |
| name: artifacts-darwin | |
| path: _artifacts/ | |
| - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 | |
| with: | |
| go-version: 1.25.x | |
| - name: Install gcc | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gcc-x86-64-linux-gnu gcc-aarch64-linux-gnu | |
| - name: "Compile binaries" | |
| run: make artifacts-linux | |
| - name: "Make misc artifacts" | |
| run: make artifacts-misc | |
| - name: "Validate artifactts" | |
| run: ./hack/validate-artifact.sh ./_artifacts/*.tar.gz | |
| - name: "SHA256SUMS" | |
| run: | | |
| ( cd _artifacts; sha256sum *.tar.gz ) | tee /tmp/SHA256SUMS | |
| mv /tmp/SHA256SUMS _artifacts/SHA256SUMS | |
| - name: "The sha256sum of the SHA256SUMS file" | |
| run: (cd _artifacts; sha256sum SHA256SUMS) | |
| - name: "Prepare the release note" | |
| run: | | |
| shasha=$(sha256sum _artifacts/SHA256SUMS | awk '{print $1}') | |
| cat <<-EOF | tee /tmp/release-note.txt | |
| (Changes to be documented) | |
| ## Usage | |
| \`\`\`console | |
| $ limactl create | |
| $ limactl start | |
| ... | |
| INFO[0029] READY. Run \`lima\` to open the shell. | |
| $ lima uname | |
| Linux | |
| \`\`\` | |
| - - - | |
| The binaries were built automatically on GitHub Actions. | |
| The build log is available for 90 days: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| The sha256sum of the SHA256SUMS file itself is \`${shasha}\` . | |
| - - - | |
| Release manager: [ADD YOUR NAME HERE] (@[ADD YOUR GITHUB ID HERE]) | |
| EOF | |
| - uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') | |
| with: | |
| subject-path: _artifacts/* | |
| - name: "Create release" | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| tag="${GITHUB_REF##*/}" | |
| gh release create -F /tmp/release-note.txt --draft --title "${tag}" "${tag}" _artifacts/* |