awslabs · austinvazquez · Aug 27, 2024
@@ -17,7 +17,7 @@ env:
 
 jobs:
   benchmark:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout main branch
         uses: actions/checkout@v4
@@ -37,7 +37,7 @@ jobs:
           path: ${{github.workspace}}/benchmark/performanceTest/output/results.json
 
   download-and-convert-benchmark-result-to-visualization-data:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs: benchmark
     steps:
       - name: Checkout main branch
@@ -67,7 +67,7 @@ jobs:
 
   push-benchmark-result-gh-pages:
     name: Push benchmark result to Github-pages
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     needs: download-and-convert-benchmark-result-to-visualization-data
     strategy:
       matrix:

@@ -34,7 +34,7 @@ jobs:
     # up a codebuild project. https://docs.aws.amazon.com/codebuild/latest/userguide/action-runner.html
     # Then, replace 'soci-snapshotter-instance' with the name of the project you created.
     name: Setup Build Matrix
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     strategy:
       matrix:
         # We're using a matrix with a single entry so that we can define some config as YAML rather than

@@ -20,7 +20,7 @@ jobs:
 
     # Don't bother bumping deps on forks.
     if: ${{ github.repository == 'awslabs/soci-snapshotter' || github.event_name == 'workflow_dispatch' }}
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
 
     steps:
       - uses: actions/checkout@v4

@@ -9,7 +9,7 @@ env:
 
 jobs:
   check:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5

@@ -13,7 +13,7 @@ permissions:
 jobs:
   label:
     if: github.event.pull_request.draft == false
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
 
     permissions:
       pull-requests: write

@@ -12,7 +12,7 @@ env:
 
 jobs:
   check:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
         with:
@@ -32,7 +32,7 @@ jobs:
       - run: PATH=$PATH:$(pwd) ./scripts/check-flatc.sh
 
   git-secrets:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Pull latest awslabs/git-secrets repo
         uses: actions/checkout@v4
@@ -54,7 +54,7 @@ jobs:
     strategy:
       matrix:
         working_dir: ['.', 'cmd']
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
       - uses: golangci/golangci-lint-action@v6
@@ -64,13 +64,13 @@ jobs:
 
   yamllint:
     name: yamllint-lint
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
       - run: yamllint .
 
   shellcheck:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     container: koalaman/shellcheck-alpine:v0.10.0
     steps:
       - uses: actions/checkout@v4

@@ -19,60 +19,72 @@ permissions:
   deployments: write
 
 jobs:
-  generate-artifacts:
-    runs-on: ubuntu-20.04
+  setup-environment:
+    runs-on: ubuntu-22.04
     env:
-      # Set during setup.
       RELEASE_TAG: ''
       DYNAMIC_BINARY_NAME: ''
       STATIC_BINARY_NAME: ''
     steps:
-      - uses: actions/checkout@v4
       - name: Export cleaned release tag
         run: |
           export release_tag=${GITHUB_REF#refs/*/} # Strip down to raw tag name
           echo "RELEASE_TAG=${release_tag}" >> $GITHUB_ENV
       - name: Create dummy environment for release
         if: github.event_name == 'pull_request'
         run: |
-          touch THIRD_PARTY_LICENSES
           echo "RELEASE_TAG=v0.0.0" >> $GITHUB_ENV
       - name: Setup variables and release directories
         run: |
           export release_tag=${{ env.RELEASE_TAG }}
           export release_version=${release_tag/v/} # Remove v from tag name
           echo "DYNAMIC_BINARY_NAME=soci-snapshotter-${release_version}-linux-amd64.tar.gz" >> $GITHUB_ENV
           echo "STATIC_BINARY_NAME=soci-snapshotter-${release_version}-linux-amd64-static.tar.gz" >> $GITHUB_ENV
+    outputs:
+      release_tag: ${{ env.RELEASE_TAG }}
+      dynamic_binary_name: ${{ env.DYNAMIC_BINARY_NAME }}
+      static_binary_name: ${{ env.STATIC_BINARY_NAME }}
 
-          mkdir release
+  generate-artifacts:
+    needs: setup-environment
+    runs-on: ubuntu-22.04
+    container:
+      image: public.ecr.aws/ubuntu/ubuntu:20.04
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: ${{ env.GO_VERSION }}
+      - name: install build dependencies
+        run: bash scripts/install-build-dependencies.sh
+      - name: Create dummy THIRD_PARTY_LICENSES file for pull request
+        if: github.event_name == 'pull_request'
+        run: |
+          touch THIRD_PARTY_LICENSES
       - name: Create release binaries
-        run: make RELEASE_TAG=${{ env.RELEASE_TAG }} release
+        shell: bash
+        run: make RELEASE_TAG=${{ needs.setup-environment.outputs.RELEASE_TAG }} release
       - uses: actions/upload-artifact@v4
         with:
           name: artifacts
           path: release/
           if-no-files-found: error
 
-    outputs:
-      release_tag: ${{ env.RELEASE_TAG }}
-      dynamic_binary_name: ${{ env.DYNAMIC_BINARY_NAME }}
-      static_binary_name: ${{ env.STATIC_BINARY_NAME }}
-
   validate-artifacts:
-    needs: generate-artifacts
-    runs-on: ubuntu-20.04
+    needs: [setup-environment, generate-artifacts]
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
       - uses: actions/download-artifact@v4
         with:
           name: artifacts
           path: release/
-      - run: bash scripts/verify-release-artifacts.sh ${{ needs.generate-artifacts.outputs.release_tag }}
+      - run: bash scripts/verify-release-artifacts.sh ${{ needs.setup-environment.outputs.release_tag }}
 
   create-release:
     if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
-    needs: [generate-artifacts, validate-artifacts]
-    runs-on: ubuntu-20.04
+    needs: [setup-environment, validate-artifacts]
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
       - uses: actions/download-artifact@v4
@@ -84,7 +96,7 @@ jobs:
           prerelease: false
           generate_release_notes: false
           files: |
-            ${{ needs.generate-artifacts.outputs.dynamic_binary_name }}
-            ${{ needs.generate-artifacts.outputs.dynamic_binary_name }}.sha256sum
-            ${{ needs.generate-artifacts.outputs.static_binary_name }}
-            ${{ needs.generate-artifacts.outputs.static_binary_name }}.sha256sum
+            ${{ needs.setup-environment.outputs.dynamic_binary_name }}
+            ${{ needs.setup-environment.outputs.dynamic_binary_name }}.sha256sum
+            ${{ needs.setup-environment.outputs.static_binary_name }}
+            ${{ needs.setup-environment.outputs.static_binary_name }}.sha256sum
@@ -9,7 +9,7 @@ on:
 
 jobs:
   review:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     permissions:
       # Write permissions needed to comment review results on PR.

@@ -17,7 +17,7 @@ on:
 jobs:
   test-update-version:
     if: github.event_name == 'pull_request'
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
 
     permissions:
       contents: read
@@ -35,7 +35,7 @@ jobs:
 
   update-version:
     if: github.event_name == 'release'
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
 
     permissions:
       # Write permissions needed to create pull request.

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+
+#   Copyright The Soci Snapshotter Authors.
+
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+
+#       http://www.apache.org/licenses/LICENSE-2.0
+
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+
+# A script to install the build dependencies needed to build SOCI in a
+# Ubuntu 20.04 container.
+#
+# Usage: bash install-build-dependencies.sh
+
+apt update && apt install -y \
+    git \
+    make