More manipulations with gh runner user #2368
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: package-plugin-workflow | |
| on: push | |
| jobs: | |
| android-sdk: | |
| uses: ./.github/workflows/sdk.yml | |
| with: | |
| target: Android | |
| runsOn: ubuntu-latest-4-cores | |
| ios-sdk: | |
| uses: ./.github/workflows/sdk.yml | |
| with: | |
| target: IOS | |
| runsOn: macos-13 | |
| macos-sdk: | |
| uses: ./.github/workflows/sdk.yml | |
| with: | |
| target: Mac | |
| runsOn: macos-13 | |
| linux-sdk: | |
| uses: ./.github/workflows/sdk.yml | |
| with: | |
| target: Linux | |
| # Build for an older GLIBC so that it can run with the old GLIBC included in EpicGames' Unreal docker images. | |
| # See discussion in https://github.com/getsentry/sentry-unreal/pull/173 | |
| runsOn: ubuntu-20.04 | |
| windows-crashpad-sdk: | |
| uses: ./.github/workflows/sdk.yml | |
| with: | |
| target: Win64-Crashpad | |
| runsOn: windows-2019 | |
| windows-breakpad-sdk: | |
| uses: ./.github/workflows/sdk.yml | |
| with: | |
| target: Win64-Breakpad | |
| runsOn: windows-2019 | |
| build: | |
| needs: [android-sdk, ios-sdk, macos-sdk, linux-sdk, windows-crashpad-sdk, windows-breakpad-sdk] | |
| name: Package | |
| runs-on: ubuntu-latest-4-cores | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Download CLI | |
| shell: pwsh | |
| run: ./scripts/download-cli.ps1 | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: Android-sdk | |
| path: plugin-dev/Source/ThirdParty/Android | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: Android-libraries | |
| path: modules/sentry-java/sentry-android-ndk/build/intermediates/merged_native_libs/release/out/lib | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: IOS-sdk | |
| path: plugin-dev/Source/ThirdParty/IOS | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: Mac-sdk | |
| path: plugin-dev/Source/ThirdParty/Mac | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: Linux-sdk | |
| path: plugin-dev/Source/ThirdParty/Linux | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: Win64-Crashpad-sdk | |
| path: plugin-dev/Source/ThirdParty/Win64/Crashpad | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: Win64-Breakpad-sdk | |
| path: plugin-dev/Source/ThirdParty/Win64/Breakpad | |
| - name: Prepare Sentry packages for release | |
| shell: pwsh | |
| run: ./scripts/packaging/pack.ps1 | |
| - name: Upload release artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| # Artifact name is the commit sha. Which is what craft uses to find the relevant artifact. | |
| name: ${{ github.sha }} | |
| if-no-files-found: error | |
| path: | | |
| sentry-unreal-*.zip | |
| # Adding the native libraries so the symbol collector craft target can find/upload them | |
| # TODO modules/sentry-java/sentry-android-ndk/build/intermediates/merged_native_libs/release/out/lib/* | |
| package-validation: | |
| needs: [build] | |
| name: Check snapshot | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Download packages | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ github.sha }} | |
| # If this step fails, you can accept the new file content by | |
| # running the following script locally with 'accept' as an argument | |
| # and committing the new snapshot file to your branch. i.e: | |
| # pwsh ./scripts/test-contents.ps1 accept | |
| - name: Verify package content against snapshot | |
| shell: pwsh | |
| run: ./scripts/packaging/test-contents.ps1 | |
| test: | |
| name: Test UE ${{ matrix.unreal }} | |
| runs-on: ubuntu-latest-4-cores | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # Note: these versions must match scripts/packaging/engine-versions.txt | |
| unreal: ['5.2', '5.3', '5.4'] | |
| app: ['sample'] | |
| steps: | |
| - name: Free disk space | |
| if: ${{ steps.exists.outputs.value == 0 }} | |
| run: | | |
| # time df -h | |
| sudo time swapoff -a | |
| sudo time rm -f /swapfile | |
| sudo time rm -rf /usr/local/lib/android | |
| sudo time rm -rf /usr/share/dotnet | |
| sudo time rm -rf /usr/share/swift | |
| sudo time rm -rf /usr/local/share/powershell | |
| sudo time rm -rf /usr/local/.ghcup | |
| sudo time rm -rf /usr/local/lib/node_modules | |
| sudo time rm -rf /usr/local/share/boost | |
| sudo time rm -rf /usr/lib/google-cloud-sdk | |
| sudo time rm -rf /usr/lib/jvm | |
| sudo time rm -rf /opt/pipx | |
| sudo time rm -rf /opt/ghc | |
| sudo time rm -rf "$AGENT_TOOLSDIRECTORY" | |
| sudo time apt-get clean | |
| sudo time rm -rf /var/lib/apt/lists/* | |
| # time docker rmi $(docker image ls -aq) | |
| # time du --max-depth=3 --threshold=100M -h /usr /opt /var 2>/dev/null | sort -hr | |
| df -h | |
| - name: Start Docker container | |
| run: | | |
| echo ${{ secrets.DOCKER_TOKEN }} | docker login ghcr.io -u ${{ secrets.DOCKER_USERNAME }} --password-stdin | |
| # We start the container with the user ID of the parent GH action user to avoid permission issues on volume. | |
| sudo useradd -m -u 1001 -g 1000 gh-runner | |
| sudo -u gh-runner | |
| # For UE 5.4 we have to enable ipv6 to fix container startup issues. See https://github.com/adamrehn/ue4-docker/issues/357 | |
| uid=$(id -u) # the GH action user ID | |
| gid=1000 # the ue4 group in the docker container | |
| user='gh' | |
| set -x | |
| cat /etc/passwd | |
| docker network create --ipv6 --subnet 2001:0DB8::/112 ip6net | |
| docker run -td \ | |
| --name unreal \ | |
| --volume ${{ github.workspace }}:/workspace \ | |
| --workdir /workspace \ | |
| --user $uid:$gid \ | |
| --env PATH="/home/$user/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" \ | |
| --network ip6net -p 80:80 \ | |
| ghcr.io/epicgames/unreal-engine:dev-slim-${{ matrix.unreal }}.1 | |
| docker logout ghcr.io | |
| # Add the user so it has a home directory (needed for the pip cache later on) | |
| docker exec --user root unreal useradd -u $uid -g $gid --create-home $user | |
| # Ensure CA certs are in the right directory (needed for running tests) | |
| docker exec --user root unreal bash -c " | |
| mkdir -p /etc/pki/tls/certs ; | |
| cp /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt " | |
| # Chown some paths to the GH user to make UE5 work properly. We can't just chown the whole UnrealEngine or | |
| # docker would implicitly have to copy it to the container and we would run out of space on the GH runner. | |
| docker exec --user root unreal bash -c " | |
| chown -R $uid /home/ue4/UnrealEngine/Engine/Binaries/ThirdParty/Mono/Linux ; | |
| chown -R $uid /home/ue4/UnrealEngine/Engine/Binaries/ThirdParty/DotNet " | |
| - name: Setup UE CLI | |
| run: docker exec unreal bash -c ' | |
| pip3 install --upgrade pip ; | |
| pip3 install -Iv ue4cli==0.0.54 ; | |
| ue4 setroot /home/ue4/UnrealEngine ' | |
| - name: Setup C++ runtime | |
| run: docker exec --user root unreal bash -c ' | |
| apt-get update ; | |
| apt-get install -y libc++-dev ' | |
| - name: Download package | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ github.sha }} | |
| - uses: actions/checkout@v3 | |
| with: | |
| path: checkout | |
| - name: Extract package to ${{ matrix.app }}/Plugins | |
| run: unzip sentry-unreal-*-engine${{ matrix.unreal }}-github.zip -d checkout/${{ matrix.app }}/Plugins/sentry | |
| - name: Set permissions for ${{ matrix.app }} | |
| # sentry-native requires write access to sample project directory in order to initialize itself properly | |
| run: docker exec -w /workspace/checkout unreal chmod -R +x ${{ matrix.app }} | |
| - name: Run tests | |
| id: run-tests | |
| run: | | |
| docker exec -w /workspace/checkout/${{ matrix.app }} unreal ue4 build | |
| docker exec -w /workspace/checkout/${{ matrix.app }} unreal ue4 editor \ | |
| /workspace/checkout/${{ matrix.app }}/SentryPlayground.uproject \ | |
| -ReportExportPath=/workspace/checkout/${{ matrix.app }}/Saved/Automation \ | |
| -ExecCmds="Automation RunTests Sentry;quit" \ | |
| -TestExit="Automation Test Queue Empty" \ | |
| -Unattended \ | |
| -NoPause \ | |
| -NoSplash \ | |
| -NullRHI | |
| - name: Collect ${{ matrix.app }} test info | |
| if: ${{ always() && steps.run-tests.outcome == 'failure' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: UE ${{ matrix.unreal }} ${{ matrix.app }} test report | |
| path: | | |
| checkout/${{ matrix.app }}/Saved/Automation | |
| - name: Build & package ${{ matrix.app }} | |
| # Unreal 5.0 takes ~1 hour to build+package the app so only do it on v4.27 | |
| if: ${{ matrix.unreal == '4.27'}} | |
| id: package-app | |
| run: | | |
| docker exec -w /workspace/checkout/${{ matrix.app }} unreal ue4 package | |
| docker exec -w /workspace/checkout/${{ matrix.app }} unreal cp -r '/home/gh/Library/Logs/Unreal Engine/LocalBuildLogs' Saved/Logs | |
| - name: Collect ${{ matrix.app }} build info | |
| if: contains(fromJson('["success", "failure"]'), steps.package-app.outcome) | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: UE ${{ matrix.unreal }} ${{ matrix.app }} build logs | |
| path: | | |
| checkout/${{ matrix.app }}/Saved/Logs | |
| checkout/${{ matrix.app }}/Saved/Stats | |
| checkout/${{ matrix.app }}/Saved/MaterialStats | |
| checkout/${{ matrix.app }}/Saved/MaterialStatsDebug |