Skip to content

Add mswin binary package workflows#133

Open
hsbt wants to merge 4 commits into
masterfrom
claude/sweet-poincare-35290a
Open

Add mswin binary package workflows#133
hsbt wants to merge 4 commits into
masterfrom
claude/sweet-poincare-35290a

Conversation

@hsbt

@hsbt hsbt commented Jul 5, 2026

Copy link
Copy Markdown
Member

These workflows produce relocatable Ruby binary zip packages for Windows (x64-mswin64_140). mswin-snapshot builds a dev package from the master branch on a daily schedule, and mswin-release builds a package from an official release tarball for Ruby 3.3 and later. Both delegate to the shared mswin-build reusable workflow, which stages nmake install-nodoc under DESTDIR, assembles the tree with tool/mswin/binary-package.rb, writes a .sha256 next to the zip, and smoke-tests the result.

The zip layout is a public contract for the tooling that consumes these packages. Each zip has a single root directory named after the package holding bin/, lib/, include/, share/, and LICENSES/. The bin/ directory bundles the vcpkg runtime DLLs and the VC runtime (vcruntime140*.dll) so the tree runs from any location. Release packages are named ruby-<version>-x64-mswin64_140, and snapshot packages embed the commit date and hash so a dev build can never collide with a release name.

tool/mswin/binary-package.rb is a vendored copy of the script proposed for ruby/ruby, pinned to a specific commit and synced by hand. Before archiving it scrubs build-machine paths such as the vcpkg --with-opt-dir from the staged rbconfig.rb configure_args, since mkmf feeds those to every extension build and a leaked absolute path would break gem compilation on the destination machine. Ruby 3.3 ships no in-tree vcpkg.json, so the builder supplies tool/mswin/vcpkg-ruby_3_3.json instead, mirroring the ruby_3_4 manifest.

Every built zip is verified in the workflow before upload. The extracted ruby.exe runs with PATH restricted to System32 while loading openssl, fiddle, psych, and zlib, its configure_args is asserted to carry no absolute path, and a native json gem is compiled against the package to confirm the extension build pulls in no vcpkg path. The zip and its checksum are uploaded as an Actions artifact. Publishing to cache.ruby-lang.org is not wired up yet. All three series were built and verified end to end with these exact steps.

gh workflow run mswin-release.yml -f TARGET_VERSION=3.4.5

https://bugs.ruby-lang.org/issues/22180

Generated with Claude Code

hsbt and others added 4 commits July 4, 2026 06:09
Vendor binary-package.rb proposed for ruby/ruby, so that every
target branch can be packaged the same way without patching its
build system. Ruby 3.3 does not ship vcpkg.json, so a manifest
mirroring the ruby_3_4 one is bundled for it.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
mswin-snapshot builds a dev zip of the master branch daily, and
mswin-release builds a zip from an official release tarball on
demand. Both call the shared mswin-build workflow, which stages
`nmake install-nodoc` under DESTDIR, assembles a relocatable zip
with tool/mswin/binary-package.rb, generates a sha256 checksum,
and smoke-tests the result with PATH restricted to System32.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
vswhere -latest skips Build Tools products without -products *.
The hosted runners install full Visual Studio, so this only matters
for self-hosted or local runs, found while validating the workflow
steps against a Build Tools only machine.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Re-sync the vendored binary-package.rb with ruby/ruby a7d813d0a5,
which strips absolute-path tokens (notably the vcpkg --with-opt-dir)
from configure_args in the staged rbconfig.rb. mkmf feeds those to
every extension build, so a leaked runner path would break gem
compilation on the destination machine. Only the staged copy is
touched, never the build machine's own installation.

The smoke test now asserts configure_args holds no absolute path,
and a native json gem is compiled against the package to confirm the
extension build pulls in no vcpkg path.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings July 5, 2026 03:36

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds GitHub Actions workflows to build and verify relocatable Windows (x64-mswin64_140) Ruby binary zip packages, using a shared reusable workflow and a vendored packaging script.

Changes:

  • Introduces mswin-snapshot (scheduled) and mswin-release (manual) workflows delegating to a reusable mswin-build workflow.
  • Adds tool/mswin/binary-package.rb to assemble a staged install into a relocatable zip and scrub build-machine paths from rbconfig.rb.
  • Adds a vcpkg manifest for Ruby 3.3 and documents the new workflows and package contract in README.md.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
tool/mswin/vcpkg-ruby_3_3.json Adds a vcpkg manifest for Ruby 3.3 dependency installation.
tool/mswin/binary-package.rb Adds the script that assembles the staged installation into the relocatable zip layout.
README.md Documents the mswin binary package workflows, naming, and verification contract.
.github/workflows/mswin-snapshot.yml Adds a scheduled workflow to build snapshot mswin packages from master.
.github/workflows/mswin-release.yml Adds a manual workflow to build release mswin packages from official tarballs.
.github/workflows/mswin-build.yml Adds the reusable build/package/verify workflow used by both snapshot and release.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.


- name: Install tools with scoop
run: |
if ((vcpkg.exe help install) -match "manifest") { exit }
Comment on lines +235 to +241
& "$bin\gem.cmd" install json --no-document --version 2.20.0
if ($LASTEXITCODE -ne 0) { throw "gem install json failed" }
$log = Get-ChildItem -Recurse "$env:GEM_HOME\extensions" -Filter gem_make.out |
Select-Object -First 1
if ($log -and (Select-String -Path $log.FullName -Pattern 'vcpkg' -Quiet)) {
throw "vcpkg path leaked into the extension build"
}
Comment on lines +88 to +91
src.sub!(/^(\s*CONFIG\["configure_args"\]\s*=\s*")(.*)(")/) do
pre, args, post = $1, $2, $3
kept = args.scan(/\\".*?\\"|\S+/).reject {|t| t.match?(%r{[A-Za-z]:[/\\]})}
pre + kept.join(" ") + post

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
src.sub!(/^(\s*CONFIG\["configure_args"\]\s*=\s*")(.*)(")/) do
pre, args, post = $1, $2, $3
kept = args.scan(/\\".*?\\"|\S+/).reject {|t| t.match?(%r{[A-Za-z]:[/\\]})}
pre + kept.join(" ") + post
src.sub!(/^\s*CONFIG\["configure_args"\]\s*=\s*"\K.*(?=")/) do |args|
args.scan(/\\".*?\\"|\S+/).grep_v(%r{\b[A-Za-z]:[/\\]}).join(" ")

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants