temp x

.github/workflows/build.yaml

@@ -19,74 +19,120 @@ env:
   PLATFORMS: linux/amd64,linux/arm64/v8,linux/arm/v7,linux/riscv64
 
 jobs:
-  build:
+  build-binary:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
-    services:
+    strategy:
-      registry:
+      matrix:
-        image: registry:2
+        arch: ["amd64", "arm64", "arm", "riscv64"]
-        ports:
+      fail-fast: true
-          - 5000:5000
     steps:
       - name: Checkout
-        uses: actions/checkout@master
+        uses: actions/checkout@v3
+        with:
+          path: main
       - name: Set version
         id: version
-        run: echo "::set-output name=version::`cat build/VERSION`"
+        run: echo "version=`cat main/build/VERSION`" >> $GITHUB_OUTPUT
-      - name: Set repo
+      - name: Checkout proton bridge repo
-        id: repo
+        uses: actions/checkout@v3
-        run: if [[ $GITHUB_REF == "refs/heads/master" ]]; then echo "::set-output name=repo::${DOCKER_REPO}"; else echo "::set-output name=repo::${DOCKER_REPO_DEV}"; fi
-      - name: Docker meta
-        id: docker_meta
-        uses: crazy-max/ghaction-docker-meta@v1
         with:
-          images: ${{ steps.repo.outputs.repo }}
+          repository: ProtonMail/proton-bridge
-      - name: Set up QEMU
+          ref: v${{ steps.version.outputs.version }}
-        uses: docker/setup-qemu-action@v1
+          path: proton-bridge
-      - name: Set up Docker Buildx
+      - name: Set up golang
-        uses: docker/setup-buildx-action@v1
+        uses: actions/setup-go@v3
         with:
-          driver-opts: network=host
+          go-version: 1.18
-      - name: Build image without push to registry
+          check-latest: true
-        uses: docker/build-push-action@v2
+      - name: Install dependencies
-        with:
+        run: sudo apt-get install -y --no-install-recommends build-essential libsecret-1-dev
-          context: ./build
+      - name: Download go dep
-          file: ./build/Dockerfile
+        if: ${{ matrix.arch == 'arm' }}
-          platforms: ${{ env.PLATFORMS }}
+        working-directory: proton-bridge
-          push: true
+        # Build once to download deps.
-          tags: localhost:5000/protonmail-bridge:latest
+        # This step is expected to fail.
-      - name: Scan image
+        run: make build-nogui || true
-        id: scan
+        env:
-        uses: anchore/scan-action@v2
+          GOARCH: ${{ matrix.arch }}
-        with:
+      - name: Patch for 32 bit arch
-          image: localhost:5000/protonmail-bridge:latest
+        if: ${{ matrix.arch == 'arm' }}
-          fail-build: true
+        # For 32bit architectures, there was a overflow error on the parser
-          severity-cutoff: critical
+        # This is a workaround for this problem found at:
-          acs-report-enable: true
+        #   https://github.com/antlr/antlr4/issues/2433#issuecomment-774514106
-      - name: Upload Anchore scan SARIF report
+        run: find $(go env GOPATH)/pkg/mod/github.com/\!proton\!mail/go-rfc5322*/ -type f -exec sed -i.bak 's/(1<</(int64(1)<</g' {} +
-        uses: github/codeql-action/upload-sarif@v1
+      - name: Build binary
-        with:
+        working-directory: proton-bridge
-          sarif_file: ${{ steps.scan.outputs.sarif }}
+        run: make build-nogui
-      - name: Login to DockerHub
+        env:
-        uses: docker/login-action@v1
+          GOARCH: ${{ matrix.arch }}
-        if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/master' }}
+  # build:
-        with:
+  #   runs-on: ubuntu-latest
-          username: ${{ secrets.REGISTRY_USERNAME }}
+  #   services:
-          password: ${{ secrets.REGISTRY_PASSWORD }}
+  #     registry:
-      - name: Login to GitHub Container Registry
+  #       image: registry:2
-        uses: docker/login-action@v1
+  #       ports:
-        if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/dev' }}
+  #         - 5000:5000
-        with:
+  #   steps:
-          registry: ghcr.io
+  #     - name: Checkout
-          username: ${{ github.repository_owner }}
+  #       uses: actions/checkout@master
-          password: ${{ secrets.CR_PAT }}
+  #     - name: Set version
-      - name: Push image
+  #       id: version
-        uses: docker/build-push-action@v2
+  #       run: echo "::set-output name=version::`cat build/VERSION`"
-        with:
+  #     - name: Set repo
-          context: ./build
+  #       id: repo
-          file: ./build/Dockerfile
+  #       run: if [[ $GITHUB_REF == "refs/heads/master" ]]; then echo "::set-output name=repo::${DOCKER_REPO}"; else echo "::set-output name=repo::${DOCKER_REPO_DEV}"; fi
-          platforms: ${{ env.PLATFORMS }}
+  #     - name: Docker meta
-          tags: |
+  #       id: docker_meta
-            ${{ steps.repo.outputs.repo }}:build
+  #       uses: crazy-max/ghaction-docker-meta@v1
-            ${{ steps.repo.outputs.repo }}:${{ steps.version.outputs.version }}-build
+  #       with:
-          labels: ${{ steps.docker_meta.outputs.labels }}
+  #         images: ${{ steps.repo.outputs.repo }}
-          push: ${{ github.event_name != 'pull_request' }}
+  #     - name: Set up QEMU
+  #       uses: docker/setup-qemu-action@v1
+  #     - name: Set up Docker Buildx
+  #       uses: docker/setup-buildx-action@v1
+  #       with:
+  #         driver-opts: network=host
+  #     - name: Build image without push to registry
+  #       uses: docker/build-push-action@v2
+  #       with:
+  #         context: ./build
+  #         file: ./build/Dockerfile
+  #         platforms: ${{ env.PLATFORMS }}
+  #         push: true
+  #         tags: localhost:5000/protonmail-bridge:latest
+  #     - name: Scan image
+  #       id: scan
+  #       uses: anchore/scan-action@v2
+  #       with:
+  #         image: localhost:5000/protonmail-bridge:latest
+  #         fail-build: true
+  #         severity-cutoff: critical
+  #         acs-report-enable: true
+  #     - name: Upload Anchore scan SARIF report
+  #       uses: github/codeql-action/upload-sarif@v1
+  #       with:
+  #         sarif_file: ${{ steps.scan.outputs.sarif }}
+  #     - name: Login to DockerHub
+  #       uses: docker/login-action@v1
+  #       if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/master' }}
+  #       with:
+  #         username: ${{ secrets.REGISTRY_USERNAME }}
+  #         password: ${{ secrets.REGISTRY_PASSWORD }}
+  #     - name: Login to GitHub Container Registry
+  #       uses: docker/login-action@v1
+  #       if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/dev' }}
+  #       with:
+  #         registry: ghcr.io
+  #         username: ${{ github.repository_owner }}
+  #         password: ${{ secrets.CR_PAT }}
+  #     - name: Push image
+  #       uses: docker/build-push-action@v2
+  #       with:
+  #         context: ./build
+  #         file: ./build/Dockerfile
+  #         platforms: ${{ env.PLATFORMS }}
+  #         tags: |
+  #           ${{ steps.repo.outputs.repo }}:build
+  #           ${{ steps.repo.outputs.repo }}:${{ steps.version.outputs.version }}-build
+  #         labels: ${{ steps.docker_meta.outputs.labels }}
+  #         push: ${{ github.event_name != 'pull_request' }}

build/install-golang.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -ex
+
+GOLANG_VERSION=1.18.7
+
+ARCH=$(uname -m)
+if [[ $ARCH == "riscv64" ]]; then
+    # There is no official riscv64 release. Use carlosedp/riscv-bringup instead.
+    wget
+