Homebrew Testing #26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Homebrew Testing | |
on: | |
workflow_dispatch: | |
inputs: | |
skip_signing: | |
description: 'Skip code signing' | |
required: true | |
default: false | |
type: boolean | |
release_tag: | |
description: 'Release tag' | |
required: true | |
type: string | |
push: | |
tags: | |
- 'v*' | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
INIT_IMAGE_NAME: ${{ github.repository }}-init | |
permissions: | |
contents: write | |
pull-requests: write | |
packages: write | |
id-token: write | |
attestations: write | |
jobs: | |
build-macos: | |
runs-on: macos-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
## install build dependencies for frontend generation | |
- name: Install Node.js | |
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version-file: './frontend/dev-mode/.nvmrc' | |
- name: Install pnpm | |
uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 | |
with: | |
version: 8.0.0 | |
- name: Setup Go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: 'go.mod' | |
- name: Import Apple Code Signing Certificates | |
if: ${{ github.event_name != 'workflow_dispatch' || !inputs.skip_signing }} | |
uses: Apple-Actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0 | |
with: | |
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE_BASE64 }} | |
p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0 | |
with: | |
version: latest | |
distribution: goreleaser | |
args: release --clean --snapshot --config ./.goreleaser.darwin.yaml | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
APPLE_DEVELOPER_ID: ${{ secrets.APPLICATION_IDENTITY}} | |
APPLE_ID: ${{ vars.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD}} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID}} | |
- name: Notarize the macOS binary | |
env: | |
APPLE_DEVELOPER_ID: ${{ secrets.APPLICATION_IDENTITY}} | |
APPLE_ID: ${{ vars.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD}} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID}} | |
shell: bash | |
run: | | |
./build/scripts/sign ./dist/kitops-darwin-arm64.zip | |
./build/scripts/sign ./dist/kitops-darwin-x86_64.zip | |
- name: Upload macOS artifacts | |
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 | |
with: | |
name: dist-macos | |
if-no-files-found: error | |
retention-days: 7 | |
path: | | |
./dist/*.zip | |
./dist/*.tar.gz | |
build-windows: | |
runs-on: windows-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- name: Setup Go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: 'go.mod' | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0 | |
with: | |
version: latest | |
distribution: goreleaser | |
args: release --clean --snapshot --config ./.goreleaser.windows.yaml | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload Windows artifacts | |
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 | |
with: | |
name: dist-windows | |
if-no-files-found: error | |
retention-days: 7 | |
path: | | |
./dist/*.zip | |
build-linux: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- name: Setup Go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: 'go.mod' | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 #v6.0.0 | |
with: | |
version: latest | |
distribution: goreleaser | |
args: release --clean --snapshot --config ./.goreleaser.linux.yaml | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload Linux artifacts | |
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 | |
with: | |
name: dist-linux | |
if-no-files-found: error | |
retention-days: 7 | |
path: | | |
./dist/*.tar.gz | |
# Creates a release using artifacts created in the previous steps. | |
# workflow_dispatch triggered versions will be draft releases. | |
# CLI docs are not updated for workflow_dispatch triggered versions. | |
release: | |
runs-on: ubuntu-latest | |
needs: [build-linux, build-macos, build-windows] | |
steps: | |
# checkout the current repository | |
- name: Checkout kitops | |
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
with: | |
path: kitops | |
- name: List working dir after checking out kitops | |
run: | | |
ls | |
- name: List contents of kitops | |
run: | | |
shopt -s failglob | |
pushd kitops | |
ls | |
popd | |
# Create the homebrew-file directory to store the | |
# homebrew artifacts | |
- name: Create homebrew-files dir | |
run: | | |
shopt -s failglob | |
mkdir homebrew-files | |
ls | |
# Copy the awk script and template to the homebrew-files dir. | |
# These will be used later to build the homebrew recipe file. | |
- name: Copy homebrew artifacts to homebrew-files dir | |
run: | | |
cp ./kitops/build/homebrew/*.* ./homebrew-files | |
- name: Merge build artifacts | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.3 | |
with: | |
path: dist | |
pattern: dist-* | |
merge-multiple: true | |
- name: List working dir after downloading built artifacts | |
run: | | |
ls | |
- name: List contents of dist | |
run: | | |
shopt -s failglob | |
pushd dist | |
ls | |
popd | |
- name: Create checksums | |
env: | |
TAG_NAME: ${{ github.ref_name}} | |
#TAG_NAME: ${{ inputs.release_tag}} | |
run: | | |
shopt -s failglob | |
pushd dist | |
shasum -a 256 kitops-* > checksums.txt | |
mv checksums.txt kitops_${TAG_NAME}_checksums.txt | |
cp kitops_${TAG_NAME}_checksums.txt ../homebrew-files/. | |
ls | |
popd | |
# upload the homebrew-files directory (and its contents) | |
# as an artifact to be used later when generating the | |
# homebrew recipe and pushing it to the repository: | |
# 'jozu-ai/homebrew-kitops' | |
- name: Upload homebrew-files as a build artifact | |
uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 | |
with: | |
name: homebrew-files | |
if-no-files-found: error | |
retention-days: 7 | |
path: | | |
./homebrew-files | |
- name: Create Release | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ inputs.release_tag || github.ref_name}} | |
REPO: ${{ github.repository }} | |
DRAFT_RELEASE: ${{ github.event_name == 'workflow_dispatch' }} | |
run: | | |
echo "Creating release for ${TAG_NAME}" | |
release_args=( | |
${TAG_NAME} | |
./dist/*.* | |
--title "Release ${TAG_NAME}" | |
--generate-notes | |
--repo ${REPO} | |
) | |
if [[ "${DRAFT_RELEASE}" == "false" ]]; then | |
previous_release="$(gh release list --repo $REPO --limit 1 --json tagName --jq '.[] | .tagName ')" | |
echo "Previous release: ${previous_release}" | |
release_args+=( --latest ) | |
release_args+=( --verify-tag ) | |
release_args+=( --notes-start-tag "${previous_release}" ) | |
else | |
release_args+=( --draft ) | |
fi | |
gh release create "${release_args[@]}" | |
- name: Generate CLI documentation | |
shell: bash | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAG_NAME: ${{ inputs.release_tag || github.ref_name}} | |
run: | | |
pushd kitops | |
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) | |
PR_BRANCH="${{ github.ref_name }}-docs-update" | |
git fetch origin main | |
git branch "$PR_BRANCH" | |
git checkout "$PR_BRANCH" | |
git pull origin --ff-only "${PR_BRANCH}" || true | |
git config --global user.name "${GITHUB_ACTOR}" | |
git config --global user.email "${GITHUB_ACTOR_ID}+${GITHUB_ACTOR}@users.noreply.github.com" | |
(cd docs; npm pkg set version=$TAG_NAME) | |
./docs/src/docs/cli/generate.sh > /dev/null | |
git add --all | |
git commit -m "docs: update CLI documentation for ${{ github.ref_name }}" | |
git push origin "${PR_BRANCH}" | |
gh pr create --fill --base main --head "${PR_BRANCH}" | |
git checkout "${CURRENT_BRANCH}" | |
popd | |
# Generate and publish the homebrew recipe (kitops.rb) to the repository: | |
# 'jozu-ai/homebrew-kitops' | |
publish-homebrew-tap-formula: | |
runs-on: ubuntu-latest | |
needs: [release] | |
steps: | |
# checkout the homebrew-kitops repository (jozu-ai/homebrew-kitops) | |
- name: Checkout homebrew-kitops | |
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
with: | |
###### CHANGE THIS TO jozu-ai/homebrew-kitops ###### | |
repository: brett-hodges/homebrew-kitops | |
ref: 'main' | |
path: homebrew-kitops | |
token: ${{ secrets.MY_PAT }} | |
- name: List contents after checkout homebrew-kitops | |
run: | | |
ls | |
- name: List contents of homebrew-kitops | |
run: | | |
shopt -s failglob | |
pushd homebrew-kitops | |
ls | |
popd | |
- name: Download the homebrew artifacts to build the homebrew recipe | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.3 | |
with: | |
name: homebrew-files | |
path: homebrew-files | |
merge-multiple: true | |
- name: List dirs after downloading homebrew-files artifact | |
run: | | |
ls | |
- name: List contents of homebrew-files | |
run: | | |
shopt -s failglob | |
pushd homebrew-files | |
ls | |
popd | |
- name: Create and save homebrew-metadata.txt | |
env: | |
TAG_NAME: ${{ inputs.release_tag}} | |
REPO: ${{ github.repository }} | |
run: | | |
shopt -s failglob | |
pushd homebrew-files | |
awk ' | |
BEGIN { tag_name = ENVIRON["TAG_NAME"]; repo = ENVIRON["REPO"];} | |
/.tar.gz$/ { | |
print "\""$1"\"", | |
"\"https://github.com/" repo "/releases/download/" tag_name "/" $2 "\"", | |
$2, | |
tag_name }' kitops_${TAG_NAME}_checksums.txt | | |
awk '{ sub(/.tar.gz/, "", $3); print $1, $2, $3, $4 }' | | |
awk '{ sub(/kitops-/, "", $3); print $1, $2, $3, $4 }' | | |
awk '{sub(/v/, "", $4); print $1, $2, $3, $4 }' > homebrew-metadata.txt | |
popd | |
# uses the homebrew-metadata.txt file generated in the | |
# previous step to generate the homebrew formula (kitops.rb) | |
# for the homebrew tap (located at 'jozu-ai/homebrew-kitops') | |
- name: Create homebrew formula | |
run: | | |
shopt -s failglob | |
pushd homebrew-files | |
awk -f create-homebrew-recipe.awk homebrew-metadata.txt | |
popd | |
- name: List contents of homebrew-files dir | |
run: | | |
shopt -s failglob | |
pushd homebrew-files | |
ls | |
popd | |
# publish the homebrew recipe file to the homebrew tap | |
# located in the repository: 'jozu-ai/homebrew-kitops' | |
- name: Commit homebrew recipe to the homebrew tap | |
env: | |
GITHUB_TOKEN: ${{ secrets.MY_PAT }} | |
TAG_NAME: ${{ inputs.release_tag}} | |
##### CHANGE REPO TO jozu-ai/homebrew-kitops | |
REPO: "brett-hodges/homebrew-kitops" | |
run: | | |
cp ./homebrew-files/kitops.rb ./homebrew-kitops/. | |
pushd homebrew-kitops | |
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) | |
PR_BRANCH="${{ github.ref_name }}-homebrew-tap-update" | |
git fetch origin main | |
git branch "$PR_BRANCH" | |
git checkout "$PR_BRANCH" | |
git pull origin --ff-only "${PR_BRANCH}" || true | |
git config --global user.name "${GITHUB_ACTOR}" | |
git config --global user.email "${GITHUB_ACTOR_ID}+${GITHUB_ACTOR}@users.noreply.github.com" | |
git add --all | |
git commit -m "homebrew: update Homebrew Tap Formula for ${{ github.ref_name }}" | |
git push origin "${PR_BRANCH}" | |
gh pr create --fill --base main --head "${PR_BRANCH}" | |
git checkout "${CURRENT_BRANCH}" | |
popd | |
docker-image-build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 | |
- name: Login to ghcr.io | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Checkout | |
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- name: Build and push base Kit container | |
id: build-kit-container | |
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
context: build/dockerfiles | |
file: build/dockerfiles/release.Dockerfile | |
build-args: | | |
KIT_VERSION=${{ github.ref_name }} | |
tags: | | |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} | |
annotations: | | |
index:org.opencontainers.image.description=Official release Kit CLI container | |
index:org.opencontainers.image.source=https://github.com/jozu-ai/kitops | |
index:org.opencontainers.image.licenses=Apache-2.0 | |
- name: Build and push Kit init container | |
id: build-kit-init-container | |
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
context: build/dockerfiles/init | |
file: build/dockerfiles/init/Dockerfile | |
build-args: | | |
KIT_BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-kit-container.outputs.digest }} | |
tags: | | |
${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }}:latest | |
${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }}:${{ github.ref_name }} | |
annotations: | | |
index:org.opencontainers.image.description=Kit CLI init container | |
index:org.opencontainers.image.source=https://github.com/jozu-ai/kitops | |
index:org.opencontainers.image.licenses=Apache-2.0 | |
- name: Generate artifact attestation for base container | |
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 | |
with: | |
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
subject-digest: ${{ steps.build-kit-container.outputs.digest }} | |
push-to-registry: true | |
- name: Generate artifact attestation for base container | |
uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 | |
with: | |
subject-name: ${{ env.REGISTRY }}/${{ env.INIT_IMAGE_NAME }} | |
subject-digest: ${{ steps.build-kit-init-container.outputs.digest }} | |
push-to-registry: true |