Optimize packages build action (#1731)

2023-09-12 16:55:16 +04:00 · 2023-09-12 16:55:16 +04:00 · 0927b5e75c
commit 0927b5e75c
parent 0e90523c88
3 changed files with 36 additions and 12 deletions
--- a/.github/workflows/build_packages.yml
+++ b/.github/workflows/build_packages.yml
@ -36,15 +36,11 @@ jobs:
        packageType: [deb, rpm]

    steps:
+      # To avoid mistake "System.IO.IOException: No space left on device"
      - name: Free Disk Space
-        uses: jlumbroso/free-disk-space@main
-        with:
-          tool-cache: true
-          android: true
-          haskell: true
-          large-packages: true
-          docker-images: true
-          swap-storage: true
+        run: |
+          sudo rm -rf /usr/local/lib/android /opt/ghc
+          sudo docker image prune --all --force

      - name: Import GPG
        uses: crazy-max/ghaction-import-gpg@v5
@ -74,9 +70,14 @@ jobs:
          sudo gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/nodesource.gpg --import
          sudo chmod 644 /usr/share/keyrings/nodesource.gpg
          sudo apt-get -y update
-          sudo apt install -y dotnet-sdk-7.0 yarn nodejs dh-make rename dpkg-sig lintian
+          sudo apt install -y dotnet-sdk-7.0 yarn nodejs rename
          sudo npm install -g json
-          [ "${{ matrix.packageType }}" == "rpm" ] && sudo pip install rpmlint || true
+          if [[ "${{ matrix.packageType }}" == "rpm" ]]; then
+            sudo apt install -y python3-rpm python3-pip
+            sudo pip install rpmlint
+          else
+            sudo apt install -y dpkg-sig lintian dh-make
+          fi

      - name: Build DEB Packages
        if: matrix.packageType == 'deb'
@ -140,7 +141,7 @@ jobs:
      - name: Checking the DEB package for errors
        if: matrix.packageType == 'deb'
        run: |
-          lintian --suppress-tags=mismatched-override --profile debian ${{ env.PACKAGE_DIRECTORY }}/*.deb | tee -a LINTIAN
+          lintian --profile debian ${{ env.PACKAGE_DIRECTORY }}/*.deb | tee -a LINTIAN
          if grep -qE '^(W:|E:)' LINTIAN; then
            echo "::warning Noticedeb=lintian::$(cat LINTIAN | awk '/^W:/ { ws += 1 } /^E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')"
          fi
@ -151,6 +152,6 @@ jobs:
          for rpm_package in ${{ env.PACKAGE_DIRECTORY }}/rpm/SPECS/RPMS/noarch/*.rpm; do
            rpmlint --ignore-unused-rpmlintrc --rpmlintrc ${{ env.PACKAGE_DIRECTORY }}/rpm/SPECS/SOURCES/$(${{ env.PRODUCT_LOW }}).rpmlintrc $rpm_package | tee -a RPM_LINT
          done
-          if grep -qE '^(W:|E:)' RPM_LINT; then
+          if grep -qE '(W:|E:)' RPM_LINT; then
            echo "::warning Noticerpm=rpmlint::$(cat RPM_LINT | awk '/W:/ { ws += 1 } /E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')"
          fi
--- a/build/install/deb/debian/source/lintian-overrides
+++ b/build/install/deb/debian/source/lintian-overrides
@ -53,3 +53,17 @@ library-not-linked-against-libc

 # Some file triggers a privacy concern, specifically references an image files .png 
 privacy-breach-generic
+
+# Building a cross-platform project, so those files are arch-independent
+arch-independent-package-contains-binary-or-object
+ 
+# Specifying a dependency on glibc would be redundant and could create unnecessary dependencies.
+# We tested the application in different environments and made sure that it works stably without explicit dependence on glibc.
+missing-dependency-on-libc
+
+# Some binary files are executable, but are not intended for debugging.
+# Including debug symbols in these files makes no sense and increases the size of the package.
+unstripped-binary-or-object
+
+# The systemctl call is used to manage MySQL and ensure that it is configured correctly
+maintainer-script-calls-systemctl
--- a/build/install/rpm/SPECS/SOURCES/product.rpmlintrc
+++ b/build/install/rpm/SPECS/SOURCES/product.rpmlintrc
@ -57,3 +57,12 @@ addFilter(r'W: binary-or-shlib-calls-gethostbyname')

 # There are the same files, however on a different languages
 addFilter(r'files-duplicate')
+
+# Building a cross-platform project, so those files are arch-independent
+addFilter(r'arch-independent-package-contains-binary-or-object')
+
+# File is a static library that is used when building our application. 
+# The presence of an executable bit on it is justified, since the object files that are used for linking when building the program are included.
+# /var/www/{{product}}/services/ASC.Web.HealthChecks.UI/runtimes/browser-wasm/nativeassets/net7.0/e_sqlite3.a
+addFilter(r'spurious-executable-perm')
+addFilter(r'devel-file-in-non-devel-package')