Introduce and switch to CPack release workflow

dkropachev · dkropachev · commit c5ef44318cd5 · 2025-09-30T18:46:01.000-04:00
diff --git a/.github/workflows/build-cpack-packages.yml b/.github/workflows/build-cpack-packages.yml
@@ -0,0 +1,171 @@
+name: Build CPack Packages
+
+on:
+  workflow_call:
+    inputs:
+      build-type:
+        description: CMake build type used for packaging
+        type: string
+        default: Release
+      extra-cmake-flags:
+        description: Additional flags passed to CMake configure step
+        type: string
+        default: ""
+      save-artifacts:
+        description: Save built packages as artifacts
+        type: boolean
+        default: false
+    secrets: {}
+  workflow_dispatch:
+    inputs:
+      build-type:
+        description: CMake build type used for packaging
+        type: string
+        default: Release
+      extra-cmake-flags:
+        description: Additional flags passed to CMake configure step
+        type: string
+        default: ""
+      save-artifacts:
+        description: Save built packages as artifacts
+        type: boolean
+        default: false
+    secrets: {}
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  linux:
+    name: Linux packages
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install tooling
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y rpm ninja-build
+
+      - name: Configure
+        run: cmake -S . -B build -G Ninja -DCMAKE_BUILD_TYPE=${{ inputs.build-type }} ${{ inputs.extra-cmake-flags }}
+
+      - name: Build
+        run: cmake --build build --config ${{ inputs.build-type }}
+
+      - name: Package (DEB and RPM)
+        working-directory: build
+        run: |
+          cpack -G DEB -C ${{ inputs.build-type }}
+          cpack -G RPM -C ${{ inputs.build-type }}
+
+      - name: Collect artifacts
+        run: |
+          set -euo pipefail
+          shopt -s nullglob
+          mkdir -p artifacts/linux
+          for file in build/*.deb build/*.rpm; do
+            cp "$file" artifacts/linux/
+          done
+
+      - uses: actions/upload-artifact@v4
+        if: inputs.save-artifacts
+        with:
+          name: linux-packages
+          path: artifacts/linux
+          retention-days: 7
+
+  macos:
+    name: macOS packages
+    runs-on: macos-13
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Configure
+        run: cmake -S . -B build -DCMAKE_BUILD_TYPE=${{ inputs.build-type }} ${{ inputs.extra-cmake-flags }}
+
+      - name: Build
+        run: cmake --build build --config ${{ inputs.build-type }}
+
+      - name: Package (pkg and dmg)
+        working-directory: build
+        run: |
+          cpack -G productbuild -C ${{ inputs.build-type }}
+          cpack -G DragNDrop -C ${{ inputs.build-type }}
+
+      - name: Collect artifacts
+        run: |
+          set -euo pipefail
+          shopt -s nullglob
+          mkdir -p artifacts/macos
+          for file in build/*.pkg build/*.dmg; do
+            cp "$file" artifacts/macos/
+          done
+
+      - uses: actions/upload-artifact@v4
+        if: inputs.save-artifacts
+        with:
+          name: macos-packages
+          path: artifacts/macos
+          retention-days: 7
+
+  windows:
+    name: Windows packages
+    runs-on: windows-2022
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Add WiX to PATH
+        shell: pwsh
+        run: |
+          $wixPath = "C:\\Program Files (x86)\\WiX Toolset v3.11\\bin"
+          if (Test-Path $wixPath) { Add-Content -Path $env:GITHUB_PATH -Value $wixPath }
+
+      - name: Install OpenSSL
+        shell: pwsh
+        run: |
+          choco install openssl.light --no-progress -y
+          $opensslRoot = "C:\\Program Files\\OpenSSL-Win64"
+          if (-not (Test-Path $opensslRoot)) {
+            $opensslRoot = "C:\\Program Files\\OpenSSL"
+          }
+          if (-not (Test-Path $opensslRoot)) {
+            throw "OpenSSL installation path not found"
+          }
+          $libPath = Join-Path $opensslRoot "lib"
+          $vcLibPath = Join-Path $libPath "VC\\x64"
+          if (Test-Path $vcLibPath) {
+            $libPath = $vcLibPath
+          }
+          "OPENSSL_DIR=$opensslRoot" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+          "OPENSSL_ROOT_DIR=$opensslRoot" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+          "OPENSSL_LIB_DIR=$libPath" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+          "OPENSSL_INCLUDE_DIR=$(Join-Path $opensslRoot 'include')" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
+
+      - name: Configure
+        shell: pwsh
+        run: |
+          cmake -S . -B build -G "Visual Studio 17 2022" -A x64 -DCMAKE_BUILD_TYPE=${{ inputs.build-type }} ${{ inputs.extra-cmake-flags }}
+
+      - name: Build
+        shell: pwsh
+        run: cmake --build build --config ${{ inputs.build-type }}
+
+      - name: Package (MSI)
+        shell: pwsh
+        working-directory: build
+        run: cpack -G WIX -C ${{ inputs.build-type }}
+
+      - name: Collect artifacts
+        if: inputs.save-artifacts
+        shell: pwsh
+        run: |
+          New-Item -ItemType Directory -Path artifacts\windows -Force | Out-Null
+          Get-ChildItem build -Filter *.msi | Copy-Item -Destination artifacts\windows
+
+      - uses: actions/upload-artifact@v4
+        if: inputs.save-artifacts
+        with:
+          name: windows-packages
+          path: artifacts/windows
+          retention-days: 7
diff --git a/.github/workflows/pkg.yml b/.github/workflows/pkg.yml
@@ -2,66 +2,29 @@ name: Build packages
 
 on:
   push:
+    paths-ignore:
+      - "docs/**"
+      - ".github/workflows/docs-**"
+      - ".github/workflows/build-lint-and-test.yml"
+      - "examples/**"
+      - "*.md"
     branches: [ master ]
   pull_request:
+    paths-ignore:
+      - "docs/**"
+      - ".github/workflows/docs-**"
+      - ".github/workflows/build-lint-and-test.yml"
+      - "examples/**"
+      - "*.md"
     branches: [ master ]
 
 env:
   CARGO_TERM_COLORS: always
 
 jobs:
-  build-rpm-pkgs:
-    name: Build rpm packages
-    runs-on: ubuntu-22.04
-    container:
-      image: fedora:latest
-      # Required by `mock`:
-      ### INFO: It seems that you run Mock in a Docker container.
-      ### Mock though uses container tooling itself (namely Podman) for downloading bootstrap image.
-      ### This might require you to run Mock in 'docker run --privileged'.
-      options: --privileged
-      # It does not seem to be necessary (CI run without it was successful).
-      # However, without it, there appear some errors during `mock` execution.
-      # I've found the solution to these errors here: https://github.com/containers/buildah/issues/3666.
-      # They are related to podman, which is used by `mock` under the hood.
-      volumes:
-        - /var/lib/containers:/var/lib/containers
-
-    strategy:
-      matrix:
-        dist-version: [rocky-9-x86_64, fedora-41-x86_64, fedora-42-x86_64]
-      fail-fast: false
-    
-    steps:
-      # See: https://github.com/actions/checkout/issues/363
-      # An issue related to GH actions containers
-      - name: Install git and update safe directory
-        run: |
-          dnf update -y
-          dnf install -y git
-          git config --global --add safe.directory "$GITHUB_WORKSPACE"
-
-      - name: Checkout
-        uses: actions/checkout@v4
-      
-      - name: Build rpm package for ${{ matrix.dist-version }}
-        run: ./dist/redhat/build_rpm.sh --target ${{ matrix.dist-version }}
-  
-  build-deb-pkgs:
-    name: Build deb packages
-    runs-on: ubuntu-22.04
-
-    strategy:
-      matrix:
-        dist-version: [jammy, noble]
-      fail-fast: false
-    
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      
-      - name: Update apt cache
-        run: sudo apt-get update -y
-      
-      - name: Build deb package for ${{ matrix.dist-version }}
-        run: ./dist/debian/build_deb.sh --target ${{ matrix.dist-version }}
+  build-packages:
+    uses: ./.github/workflows/build-cpack-packages.yml
+    with:
+      save-artifacts: false
+      build-type: Release
+    secrets: inherit
diff --git a/.github/workflows/release-upload-packages.yml b/.github/workflows/release-upload-packages.yml
@@ -0,0 +1,42 @@
+name: Attach Packages to Release
+
+on:
+  release:
+    types: [published]
+  workflow_dispatch:
+    inputs:
+      release-tag:
+        description: release tag
+        type: string
+        required: true
+
+permissions:
+  contents: write
+
+jobs:
+  build-packages:
+    uses: ./.github/workflows/build-cpack-packages.yml
+    with:
+      save-artifacts: true
+      build-type: Release
+    secrets: inherit
+
+  publish:
+    name: Upload artifacts to release
+    runs-on: ubuntu-22.04
+    needs: build-packages
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          path: packages
+      - name: Upload packages to GitHub Release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          TAG_NAME: ${{ inputs.release-tag || github.event.release.tag_name }}
+        run: |
+          set -euo pipefail
+          shopt -s nullglob
+          for file in packages/*/*; do
+            echo "Uploading $file"
+            gh release upload "$TAG_NAME" "$file" --clobber
+          done
