Skip to content
Build

Build #31

Sign in to view logs

Build

Build #31

Workflow file for this run

.github/workflows/build.yaml at bf76eb0
# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A workflow to build fresh binaries.
# Builds ffmpeg and ffprobe on all OS & CPU combinations, then optionally
# attaches them to a release.
name: Build
on:
# Runs when called from another workflow, such as the release or test
# workflows.
workflow_call:
inputs:
release_id:
required: false
type: string
secrets:
# The GITHUB_TOKEN name is reserved, but not passed through implicitly.
# So we call our secret parameter simply TOKEN.
TOKEN:
required: false
# These below are not actual secrets, but secrets are the only place to
# keep repo-specific configs that make this project friendlier to forks
# and easier to debug.
ENABLE_DEBUG:
required: true
ENABLE_SELF_HOSTED:
required: true
# Runs on manual trigger.
workflow_dispatch:
# NOTE: The versions of the software we build are stored in versions.txt.
# By default, run all commands in a bash shell. On Windows, the default would
# otherwise be powershell. Each shell command should begin with "set -e" (to
# make any failed command fail the script immediately) and "set -x" (to log
# what commands are being run).
defaults:
run:
shell: bash
jobs:
# Configure the build matrix based on inputs. The list of objects in the
# build matrix contents can't be changed by conditionals, but it can be
# computed by another job and deserialized. This uses
# secrets.ENABLE_SELF_HOSTED to determine the build matrix, based on the
# metadata in build-matrix.json.
matrix_config:
runs-on: ubuntu-latest
outputs:
MATRIX: ${{ steps.configure.outputs.MATRIX }}
ENABLE_DEBUG: ${{ steps.configure.outputs.ENABLE_DEBUG }}
steps:
- uses: actions/checkout@v4
with:
path: repo-src
- name: Configure Build Matrix
id: configure
shell: node {0}
run: |
const fs = require('fs');
const enableDebug = "${{ secrets.ENABLE_DEBUG }}" != '';
const enableSelfHosted = "${{ secrets.ENABLE_SELF_HOSTED }}" != '';
// Use ENABLE_SELF_HOSTED to decide what the build matrix below
// should include.
const {hosted, selfHosted} = require("${{ github.workspace }}/repo-src/.github/workflows/build-matrix.json");
const matrix = enableSelfHosted ? hosted.concat(selfHosted) : hosted;
// Output a JSON object consumed by the build matrix below.
fs.appendFileSync(
process.env['GITHUB_OUTPUT'],
`MATRIX=${ JSON.stringify(matrix) }\n`);
// Output the debug flag directly.
fs.appendFileSync(
process.env['GITHUB_OUTPUT'],
`ENABLE_DEBUG=${ enableDebug }\n`);
// Log the outputs, for the sake of debugging this script.
console.log({enableDebug, matrix});
# On several different hosts, build ffmpeg's dependencies, then ffmpeg itself.
# The deps are all built as static libraries.
build:
needs: matrix_config
strategy:
# Let other matrix entries complete, so we have all results on failure
# instead of just the first failure.
fail-fast: false
matrix:
include: ${{ fromJSON(needs.matrix_config.outputs.MATRIX) }}
name: Build ${{ matrix.os_name }} ${{ matrix.target_arch }}
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
path: repo-src
- name: Install Linux packages
if: runner.os == 'Linux'
run: |
set -e
set -x
# Install missing packages on Linux.
# TODO: Some of these are already on GitHub's VMs, but not our
# self-hosted runner. Try to make the self-hosted runner image more
# compatible with what GitHub offers by default.
sudo apt -y update
sudo apt -y upgrade
sudo apt -y install \
cmake \
curl \
nasm \
npm \
pkg-config \
yasm \
libffmpeg-nvenc-dev \
libvdpau-dev
# Use sudo in install commands on Linux.
echo "SUDO=sudo" >> "$GITHUB_ENV"
- name: Install macOS packages
if: runner.os == 'macOS'
run: |
set -e
set -x
# Use homebrew to install missing packages on mac.
brew install \
md5sha1sum \
nasm \
yasm
# Unlink pre-installed homebrew packages that conflict with our
# static library builds below. They are still installed, but will no
# longer be symlinked into default library paths, and the ffmpeg
# build will not pick up pre-installed shared libraries we don't want.
# Only our static versions will be used. The list of preinstalled
# packages in the GitHub Actions environment may change over time, so
# this list may need to change, as well. Ignore errors if one of
# these is not installed.
for i in \
aom \
lame \
libvpx \
libx11 \
libxau \
libxcb \
libxdmcp \
mbedtls \
opus \
opusfile \
svt-av1 \
x264 \
x265 \
xz \
; do brew unlink $i || true; done
# Use sudo in install commands on macOS.
echo "SUDO=sudo" >> "$GITHUB_ENV"
- name: Add msys2 to the Windows path
if: runner.os == 'Windows'
run: |
# At this point, we're running Git Bash. After this step, we will be
# running msys bash, just as we would be when debugging via SSH with
# mxschmitt/action-tmate.
echo "C:\\msys64\\usr\\bin" >> "$GITHUB_PATH"
echo "C:\\msys64\\mingw64\\bin" >> "$GITHUB_PATH"
- name: Install Windows packages
if: runner.os == 'Windows'
run: |
set -e
set -x
# Install msys packages we will need.
# NOTE: Add tools to this list if you see errors like
# "shared_info::initialize: size of shared memory region changed".
# The tools reporting such errors need to be explicitly replaced by
# msys versions. The list of preinstalled packages in the GitHub
# Actions environment may change over time, so this list may need to
# change, as well.
# NOTE: pkg-config specifically must be installed because of
# https://github.com/actions/runner-images/issues/5459, in which
# there is a conflicting version that GitHub will not remove.
# NOTE: mingw-w64-x86_64-gcc must be installed because of conflicting
# GCC toolchains installed with Strawberry Perl, Git, and one more
# through Chocolatey. None of these build clean executables that
# only depend on standard DLLs.
pacman -Sy --noconfirm \
diffutils \
git \
make \
mingw-w64-x86_64-gcc \
nasm \
patch \
pkg-config \
yasm
# Make sure that cmake generates makefiles and not ninja files.
echo "CMAKE_GENERATOR=MSYS Makefiles" >> "$GITHUB_ENV"
# Make sure that pkg-config searches the path where we will install
# things.
echo "PKG_CONFIG_PATH=/usr/local/lib/pkgconfig" >> "$GITHUB_ENV"
- name: Install libvpx
run: ./repo-src/build-scripts/01-libvpx.sh
- name: Install SVT-AV1
run: ./repo-src/build-scripts/02-svt-av1.sh
- name: Install x264
run: ./repo-src/build-scripts/03-x264.sh
- name: Install x265
run: ./repo-src/build-scripts/04-x265.sh
- name: Install lame
run: ./repo-src/build-scripts/05-lame.sh
- name: Install opus
run: ./repo-src/build-scripts/06-opus.sh
- name: Install mbedtls
run: ./repo-src/build-scripts/07-mbedtls.sh
- name: Build ffmpeg and ffprobe
run: ./repo-src/build-scripts/08-ffmpeg.sh
- name: Prepare assets
run: |
set -e
set -x
mkdir assets
SUFFIX="-${{ matrix.os_name }}-${{ matrix.target_arch }}${{ matrix.exe_ext}}"
echo "SUFFIX=$SUFFIX" >> "$GITHUB_ENV"
cp ffmpeg/ffmpeg assets/ffmpeg"$SUFFIX"
cp ffmpeg/ffprobe assets/ffprobe"$SUFFIX"
# Show sizes and MD5 sums that can be verified by users later if they
# want to check for authenticity.
cd assets
wc -c *
md5sum *
# This makes it possible to debug failures in the next step by
# downloading binaries that fail the check for static linkage.
- name: Upload assets as artifacts
uses: actions/upload-artifact@v3
with:
name: binaries${{ env.SUFFIX }}
path: assets/*
- name: Check that executables are static
run: ./repo-src/build-scripts/09-check-static.sh
- name: Attach assets to release
if: inputs.release_id != ''
env:
GITHUB_TOKEN: ${{ secrets.TOKEN }}
run: |
set -e
set -x
# Attach the build outputs to the draft release. Each machine will
# do this separately and in parallel. Later, another job will take
# over to collect them all and use their MD5 sums to create the
# release notes (the "body" of the release).
release_id="${{ inputs.release_id }}"
(cd ./repo-src/.github/workflows/api-client && npm ci)
node ./repo-src/.github/workflows/api-client/main.js \
upload-all-assets "$release_id" assets/
- name: Debug
uses: mxschmitt/[email protected]
with:
limit-access-to-actor: true
# NOTE: You cannot refer to secrets directly here when this workflow is
# called from another.
# NOTE: The ENABLE_DEBUG flag has been converted into "true" or "false".
if: failure() && needs.matrix_config.outputs.ENABLE_DEBUG == 'true'