Generate sha256 checksums for each release #2201
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build FFmpeg | |
on: | |
push: | |
paths-ignore: | |
- '**.md' | |
- 'LICENSE' | |
workflow_dispatch: | |
inputs: | |
doRelease: | |
description: 'Publish new release' | |
type: boolean | |
default: false | |
required: false | |
buildOnly: | |
description: 'Only build ffmpeg' | |
type: boolean | |
default: false | |
required: false | |
schedule: | |
- cron: '0 12 * * *' | |
env: | |
DOCKER_BUILDKIT: 1 | |
jobs: | |
pre_check: | |
name: Pre Checks | |
if: ${{ github.event.inputs.buildOnly != 'true' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Repo Check | |
run: | | |
if [[ "$GITHUB_REPOSITORY" != "BtbN/FFmpeg-Builds" ]]; then | |
echo "When forking this repository to make your own builds, you have to adjust this check." | |
echo "When doing so make sure to randomize the scheduled cron time above, in order to spread out the various build times as much as possible." | |
echo "This has been put in place due to the enormous amounts of traffic hundreds/thousands of parallel builds can cause on external infrastructure." | |
exit 1 | |
fi | |
exit 0 | |
build_base: | |
name: Build base image | |
if: ${{ github.event.inputs.buildOnly != 'true' }} | |
needs: pre_check | |
runs-on: ubuntu-latest | |
steps: | |
- name: Free Disk-Space | |
run: df -h && sudo apt-get clean && docker system prune -a -f && sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc && df -h | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
buildkitd-config: .github/buildkit.toml | |
- name: Login to Docker | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ github.token }} | |
- name: Image Name | |
id: imagename | |
run: | | |
IMG="${GITHUB_REPOSITORY,,}/base" | |
echo "name=ghcr.io/${IMG/ /-}" >> $GITHUB_OUTPUT | |
echo "rawname=${IMG/ /-}" >> $GITHUB_OUTPUT | |
- name: Stop Commands | |
run: T="$(echo -n ${{ github.token }} | sha256sum | head -c 64)" && echo -e "::add-mask::${T}\n::stop-commands::${T}" | |
- name: Build target base image | |
uses: docker/build-push-action@v5 | |
with: | |
context: images/base | |
pull: true | |
push: true | |
provenance: false | |
tags: ${{ steps.imagename.outputs.name }}:latest | |
cache-to: type=registry,mode=max,ref=${{ steps.imagename.outputs.name }}:cache | |
cache-from: type=registry,ref=${{ steps.imagename.outputs.name }}:cache | |
- name: Get download cache key | |
id: dl_cache | |
run: | | |
echo "dltagname=$(./util/get_dl_cache_tag.sh)" >> $GITHUB_OUTPUT | |
- name: Cache | |
uses: actions/cache@v4 | |
with: | |
path: .cache/downloads | |
key: download-cache-${{ steps.dl_cache.outputs.dltagname }} | |
restore-keys: | | |
download-cache- | |
- name: Update Cache | |
run: | | |
set -e | |
./download.sh | |
./util/clean_cache.sh | |
- name: Cleanup | |
continue-on-error: true | |
uses: BtbN/delete-untagged-ghcr-action@main | |
with: | |
token: ${{ github.token }} | |
package_name: ${{ steps.imagename.outputs.rawname }} | |
repository_owner: ${{ github.repository_owner }} | |
repository: ${{ github.repository }} | |
owner_type: user | |
untagged_only: true | |
build_target_bases: | |
name: Build target base image | |
if: ${{ github.event.inputs.buildOnly != 'true' }} | |
needs: build_base | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
target: [win64,winarm64,linux64,linuxarm64] | |
steps: | |
- name: Free Disk-Space | |
run: df -h && sudo apt-get clean && docker system prune -a -f && sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc && df -h | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
buildkitd-config: .github/buildkit.toml | |
- name: Login to Docker | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ github.token }} | |
- name: Image Name | |
id: imagename | |
run: | | |
IMG="${GITHUB_REPOSITORY,,}/base-${{ matrix.target }}" | |
echo "name=ghcr.io/${IMG/ /-}" >> $GITHUB_OUTPUT | |
echo "rawname=${IMG/ /-}" >> $GITHUB_OUTPUT | |
echo "gh_repo=${GITHUB_REPOSITORY,,}" >> $GITHUB_OUTPUT | |
- name: Stop Commands | |
run: T="$(echo -n ${{ github.token }} | sha256sum | head -c 64)" && echo -e "::add-mask::${T}\n::stop-commands::${T}" | |
- name: Build target base image | |
uses: docker/build-push-action@v5 | |
with: | |
context: images/base-${{ matrix.target }} | |
pull: true | |
push: true | |
provenance: false | |
tags: ${{ steps.imagename.outputs.name }}:latest | |
cache-to: type=registry,mode=max,ref=${{ steps.imagename.outputs.name }}:cache | |
cache-from: type=registry,ref=${{ steps.imagename.outputs.name }}:cache | |
build-args: | | |
GH_REPO=ghcr.io/${{ steps.imagename.outputs.gh_repo }} | |
- name: Cleanup | |
continue-on-error: true | |
uses: BtbN/delete-untagged-ghcr-action@main | |
with: | |
token: ${{ github.token }} | |
package_name: ${{ steps.imagename.outputs.rawname }} | |
repository_owner: ${{ github.repository_owner }} | |
repository: ${{ github.repository }} | |
owner_type: user | |
untagged_only: true | |
build_targets: | |
name: Build target-variant image | |
if: ${{ github.event.inputs.buildOnly != 'true' }} | |
needs: build_target_bases | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
target: [win64,linux64,linuxarm64] | |
variant: [gpl,lgpl,gpl 5.1,gpl 6.1,gpl 7.1,lgpl 5.1,lgpl 6.1,lgpl 7.1,gpl-shared,lgpl-shared,gpl-shared 5.1,gpl-shared 6.1,gpl-shared 7.1,lgpl-shared 5.1,lgpl-shared 6.1,lgpl-shared 7.1] | |
steps: | |
- name: Free Disk-Space | |
run: df -h && sudo apt-get clean && docker system prune -a -f && sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc && df -h | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
buildkitd-config: .github/buildkit.toml | |
- name: Login to Docker | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ github.token }} | |
- name: Image Name | |
id: imagename | |
run: | | |
IMG="${GITHUB_REPOSITORY,,}/${{ matrix.target }}-${{ matrix.variant }}" | |
echo "name=ghcr.io/${IMG/ /-}" >> $GITHUB_OUTPUT | |
echo "rawname=${IMG/ /-}" >> $GITHUB_OUTPUT | |
- name: Get download cache key | |
id: dl_cache | |
run: | | |
echo "dltagname=$(./util/get_dl_cache_tag.sh)" >> $GITHUB_OUTPUT | |
- name: Stop Commands | |
run: T="$(echo -n ${{ github.token }} | sha256sum | head -c 64)" && echo -e "::add-mask::${T}\n::stop-commands::${T}" | |
- name: Generate Dockerfile | |
run: ./generate.sh ${{ matrix.target }} ${{ matrix.variant }} | |
- name: Cache | |
uses: actions/cache/restore@v4 | |
with: | |
path: .cache/downloads | |
key: download-cache-${{ steps.dl_cache.outputs.dltagname }} | |
fail-on-cache-miss: true | |
- name: Build target base image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
pull: true | |
push: true | |
provenance: false | |
tags: ${{ steps.imagename.outputs.name }}:latest | |
cache-to: type=registry,mode=max,ref=${{ steps.imagename.outputs.name }}:cache | |
cache-from: type=registry,ref=${{ steps.imagename.outputs.name }}:cache | |
- name: Cleanup | |
continue-on-error: true | |
uses: BtbN/delete-untagged-ghcr-action@main | |
with: | |
token: ${{ github.token }} | |
package_name: ${{ steps.imagename.outputs.rawname }} | |
repository_owner: ${{ github.repository_owner }} | |
repository: ${{ github.repository }} | |
owner_type: user | |
untagged_only: true | |
build_ffmpeg: | |
name: Build ffmpeg | |
if: ${{ ( github.event.inputs.buildOnly == 'true' && !cancelled() ) || success() }} | |
needs: build_targets | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
target: [win64,linux64,linuxarm64] | |
variant: [gpl,lgpl,gpl 5.1,gpl 6.1,gpl 7.1,lgpl 5.1,lgpl 6.1,lgpl 7.1,gpl-shared,lgpl-shared,gpl-shared 5.1,gpl-shared 6.1,gpl-shared 7.1,lgpl-shared 5.1,lgpl-shared 6.1,lgpl-shared 7.1] | |
steps: | |
- name: Free Disk-Space | |
run: df -h && sudo apt-get clean && docker system prune -a -f && sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc && df -h | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login to Docker | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ github.token }} | |
- name: Build ffmpeg | |
run: | | |
T="$(echo -n ${{ github.token }} | sha256sum | head -c 64)" && echo -e "::add-mask::${T}\n::stop-commands::${T}" | |
./build.sh ${{ matrix.target }} ${{ matrix.variant }} | |
- name: Replace spaces in string | |
id: strs | |
run: | | |
SLUG="${{ matrix.target }}-${{ matrix.variant }}" | |
echo "artifact_slug=${SLUG// /-}" >> $GITHUB_OUTPUT | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ffmpeg-${{ steps.strs.outputs.artifact_slug }} | |
overwrite: true | |
path: artifacts/* | |
publish_release: | |
name: Publish release | |
if: ${{ !cancelled() && ( github.event_name == 'schedule' || github.event.inputs.doRelease == 'true' ) && needs.build_ffmpeg.result == 'success' }} | |
needs: build_ffmpeg | |
runs-on: ubuntu-latest | |
steps: | |
- name: Free Disk-Space | |
run: df -h && sudo apt-get clean && docker system prune -a -f && sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc && df -h | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Download artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: ffmpeg-* | |
merge-multiple: true | |
path: artifacts | |
- name: Create release | |
id: create_release | |
run: | | |
set -xe | |
shopt -s nullglob | |
RELDATE="$(date +'%Y-%m-%d %H:%M')" | |
NAME="Auto-Build $RELDATE" | |
TAGNAME="autobuild-$(date +'%Y-%m-%d-%H-%M')" | |
(cd artifacts && sha256sum *.{zip,tar.xz} > checksums.sha256) | |
gh release create "$TAGNAME" --target "master" --title "$NAME" artifacts/*.{zip,tar.xz} artifacts/checksums.* | |
echo "tag_name=${TAGNAME}" >> $GITHUB_OUTPUT | |
echo "rel_date=${RELDATE}" >> $GITHUB_OUTPUT | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: Update Latest | |
run: | | |
set -xe | |
shopt -s nullglob | |
mkdir latest_artifacts | |
./util/repack_latest.sh latest_artifacts artifacts/*.{zip,tar.xz} | |
(cd latest_artifacts && sha256sum *.{zip,tar.xz} > checksums.sha256) | |
NAME="Latest Auto-Build (${{ steps.create_release.outputs.rel_date }})" | |
TAGNAME="latest" | |
gh release delete --cleanup-tag --yes "$TAGNAME" || true | |
sleep 15 | |
gh release create "$TAGNAME" --target "master" --title "$NAME" latest_artifacts/* | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: Update Wiki | |
run: ./util/update_wiki.sh artifacts ${{ steps.create_release.outputs.tag_name }} | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: Prune old releases | |
run: ./util/prunetags.sh | |
env: | |
GITHUB_TOKEN: ${{ github.token }} |