name: Bootstrapping on: # This Workflow can be triggered manually workflow_dispatch: pull_request: branches: - develop - releases/** paths-ignore: # Don't run if we only modified packages in the # built-in repository or documentation - 'var/spack/repos/builtin/**' - '!var/spack/repos/builtin/packages/clingo-bootstrap/**' - '!var/spack/repos/builtin/packages/python/**' - '!var/spack/repos/builtin/packages/re2c/**' - 'lib/spack/docs/**' schedule: # nightly at 2:16 AM - cron: '16 2 * * *' jobs: fedora-clingo-sources: runs-on: ubuntu-latest container: "fedora:latest" steps: - name: Install dependencies run: | dnf install -y \ bzip2 curl file gcc-c++ gcc gcc-gfortran git gnupg2 gzip \ make patch unzip which xz python3 python3-devel tree \ cmake bison bison-devel libstdc++-static - name: Work around CVE-2022-24765 run: | # See: # - https://github.blog/2022-04-12-git-security-vulnerability-announced/ # - https://github.com/actions/checkout/issues/760 git config --global --add safe.directory /__w/spack/spack - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2 - name: Setup repo and non-root user run: | git --version git fetch --unshallow . .github/workflows/setup_git.sh useradd spack-test chown -R spack-test . - name: Bootstrap clingo shell: runuser -u spack-test -- bash {0} run: | source share/spack/setup-env.sh spack bootstrap untrust github-actions-v0.2 spack external find cmake bison spack -d solve zlib tree ~/.spack/bootstrap/store/ ubuntu-clingo-sources: runs-on: ubuntu-latest container: "ubuntu:latest" steps: - name: Install dependencies env: DEBIAN_FRONTEND: noninteractive run: | apt-get update -y && apt-get upgrade -y apt-get install -y \ bzip2 curl file g++ gcc gfortran git gnupg2 gzip \ make patch unzip xz-utils python3 python3-dev tree \ cmake bison - name: Work around CVE-2022-24765 run: | # Apparently Ubuntu patched git v2.25.1 with a security patch that introduces # a breaking behavior. See: # - https://github.blog/2022-04-12-git-security-vulnerability-announced/ # - https://github.com/actions/checkout/issues/760 # - http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog git config --global --add safe.directory /__w/spack/spack - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2 - name: Setup repo and non-root user run: | git --version git fetch --unshallow . .github/workflows/setup_git.sh useradd -m spack-test chown -R spack-test . - name: Bootstrap clingo shell: runuser -u spack-test -- bash {0} run: | source share/spack/setup-env.sh spack bootstrap untrust github-actions-v0.2 spack external find cmake bison spack -d solve zlib tree ~/.spack/bootstrap/store/ ubuntu-clingo-binaries-and-patchelf: runs-on: ubuntu-latest container: "ubuntu:latest" steps: - name: Install dependencies env: DEBIAN_FRONTEND: noninteractive run: | apt-get update -y && apt-get upgrade -y apt-get install -y \ bzip2 curl file g++ gcc gfortran git gnupg2 gzip \ make patch unzip xz-utils python3 python3-dev tree - name: Work around CVE-2022-24765 run: | # Apparently Ubuntu patched git v2.25.1 with a security patch that introduces # a breaking behavior. See: # - https://github.blog/2022-04-12-git-security-vulnerability-announced/ # - https://github.com/actions/checkout/issues/760 # - http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog git config --global --add safe.directory /__w/spack/spack - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2 - name: Setup repo and non-root user run: | git --version git fetch --unshallow . .github/workflows/setup_git.sh useradd -m spack-test chown -R spack-test . - name: Bootstrap clingo shell: runuser -u spack-test -- bash {0} run: | source share/spack/setup-env.sh spack -d solve zlib tree ~/.spack/bootstrap/store/ opensuse-clingo-sources: runs-on: ubuntu-latest container: "opensuse/leap:latest" steps: - name: Install dependencies run: | # Harden CI by applying the workaround described here: https://www.suse.com/support/kb/doc/?id=000019505 zypper update -y || zypper update -y zypper install -y \ bzip2 curl file gcc-c++ gcc gcc-fortran tar git gpg2 gzip \ make patch unzip which xz python3 python3-devel tree \ cmake bison - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2 - name: Setup repo and non-root user run: | git --version # See http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog git config --global --add safe.directory /__w/spack/spack git fetch --unshallow . .github/workflows/setup_git.sh - name: Bootstrap clingo run: | source share/spack/setup-env.sh spack bootstrap untrust github-actions-v0.2 spack external find cmake bison spack -d solve zlib tree ~/.spack/bootstrap/store/ macos-clingo-sources: runs-on: macos-latest steps: - name: Install dependencies run: | brew install cmake bison@2.7 tree - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2 - name: Bootstrap clingo run: | source share/spack/setup-env.sh export PATH=/usr/local/opt/bison@2.7/bin:$PATH spack bootstrap untrust github-actions-v0.2 spack external find --not-buildable cmake bison spack -d solve zlib tree ~/.spack/bootstrap/store/ macos-clingo-binaries: runs-on: macos-latest strategy: matrix: python-version: ['3.5', '3.6', '3.7', '3.8', '3.9', '3.10'] steps: - name: Install dependencies run: | brew install tree - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2 - uses: actions/setup-python@98f2ad02fd48d057ee3b4d4f66525b231c3e52b6 # @v2 with: python-version: ${{ matrix.python-version }} - name: Bootstrap clingo run: | source share/spack/setup-env.sh spack bootstrap untrust spack-install spack -d solve zlib tree ~/.spack/bootstrap/store/ ubuntu-clingo-binaries: runs-on: ubuntu-latest strategy: matrix: python-version: ['2.7', '3.5', '3.6', '3.7', '3.8', '3.9', '3.10'] steps: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2 - uses: actions/setup-python@98f2ad02fd48d057ee3b4d4f66525b231c3e52b6 # @v2 with: python-version: ${{ matrix.python-version }} - name: Setup repo and non-root user run: | git --version git fetch --unshallow . .github/workflows/setup_git.sh - name: Bootstrap clingo run: | source share/spack/setup-env.sh spack bootstrap untrust spack-install spack -d solve zlib tree ~/.spack/bootstrap/store/ ubuntu-gnupg-binaries: runs-on: ubuntu-latest container: "ubuntu:latest" steps: - name: Install dependencies env: DEBIAN_FRONTEND: noninteractive run: | apt-get update -y && apt-get upgrade -y apt-get install -y \ bzip2 curl file g++ gcc patchelf gfortran git gzip \ make patch unzip xz-utils python3 python3-dev tree - name: Work around CVE-2022-24765 run: | # Apparently Ubuntu patched git v2.25.1 with a security patch that introduces # a breaking behavior. See: # - https://github.blog/2022-04-12-git-security-vulnerability-announced/ # - https://github.com/actions/checkout/issues/760 # - http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog git config --global --add safe.directory /__w/spack/spack - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Setup repo and non-root user run: | git --version git fetch --unshallow . .github/workflows/setup_git.sh useradd -m spack-test chown -R spack-test . - name: Bootstrap GnuPG shell: runuser -u spack-test -- bash {0} run: | source share/spack/setup-env.sh spack bootstrap untrust spack-install spack -d gpg list tree ~/.spack/bootstrap/store/ ubuntu-gnupg-sources: runs-on: ubuntu-latest container: "ubuntu:latest" steps: - name: Install dependencies env: DEBIAN_FRONTEND: noninteractive run: | apt-get update -y && apt-get upgrade -y apt-get install -y \ bzip2 curl file g++ gcc patchelf gfortran git gzip \ make patch unzip xz-utils python3 python3-dev tree \ gawk - name: Work around CVE-2022-24765 run: | # Apparently Ubuntu patched git v2.25.1 with a security patch that introduces # a breaking behavior. See: # - https://github.blog/2022-04-12-git-security-vulnerability-announced/ # - https://github.com/actions/checkout/issues/760 # - http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog git config --global --add safe.directory /__w/spack/spack - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Setup repo and non-root user run: | git --version git fetch --unshallow . .github/workflows/setup_git.sh useradd -m spack-test chown -R spack-test . - name: Bootstrap GnuPG shell: runuser -u spack-test -- bash {0} run: | source share/spack/setup-env.sh spack solve zlib spack bootstrap untrust github-actions-v0.2 spack -d gpg list tree ~/.spack/bootstrap/store/ macos-gnupg-binaries: runs-on: macos-latest steps: - name: Install dependencies run: | brew install tree # Remove GnuPG since we want to bootstrap it sudo rm -rf /usr/local/bin/gpg - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Bootstrap GnuPG run: | source share/spack/setup-env.sh spack bootstrap untrust spack-install spack -d gpg list tree ~/.spack/bootstrap/store/ macos-gnupg-sources: runs-on: macos-latest steps: - name: Install dependencies run: | brew install gawk tree # Remove GnuPG since we want to bootstrap it sudo rm -rf /usr/local/bin/gpg - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b - name: Bootstrap GnuPG run: | source share/spack/setup-env.sh spack solve zlib spack bootstrap untrust github-actions-v0.2 spack -d gpg list tree ~/.spack/bootstrap/store/