Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release: implement automated package signing process #43

Open
otegami opened this issue Dec 9, 2024 · 2 comments
Open

release: implement automated package signing process #43

otegami opened this issue Dec 9, 2024 · 2 comments

Comments

@otegami
Copy link
Contributor

otegami commented Dec 9, 2024

What is your problem?

Currently, the package signing process is manual and requires downloading
unsigned packages, signing them, and uploading them back to the repository.
This workflow is time-consuming. Automating this process via a webhook triggered
by GitHub would significantly streamline the release pipeline.

Proposed solution

Create a Rack-based API server to listen for GitHub webhook events.
Develop a Rake task to handle package signing process.

  • Download unsigned packages.
  • Sign the packages.
  • Upload or copy signed packages to the appropriate places.

This solution will improve the efficiency of the release process and eliminate
redundant manual steps.
@otegami
Copy link
Contributor Author

otegami commented Dec 9, 2024
edited
Loading

TODO

Set up a Rack-based API application as a GitHub webhook listener

  • Set up a skeleton Rack application.
  • Implement authentication using webhook secrets.
  • Add steps which call webhook to groonga/groonga's workflow in GitHub Actions.
  • Asynchronously call Rake tasks for signing packages using threads.

Implement Rake tasks for signing packages

  • Research how to handle the signing key securely.
  • Download unsigned source archives from the release page.
  • Sign the source archives.
  • Upload the signed source archives to the release page.
  • Download unsigned packages from the release page.
  • Sign the packages.
  • Copy the packages to the appropriate locations based on package types.

Deploy using Ansible

Configure the Ansible playbook for deployment:

  • Set up the Apache server to proxy the Passenger server.
  • Configure the Passenger server.

@otegami
Copy link
Contributor Author

otegami commented Dec 9, 2024
edited
Loading

Download unsigned source archives from the release page. Set up a skeleton Rack application.

I will take this task.

otegami added a commit to otegami/packages.groonga.org that referenced this issue Dec 10, 2024
@otegami
release: add signer user for packages and archives using a webhook
2aba080 
GitHub: groongaGH-43

In this PR, we set up the signer user and the corresponding working
directory.

At the following PRs, we will implement the auto siging function by
webhook.
@otegami otegami mentioned this issue Dec 10, 2024
Merged
otegami added a commit to otegami/packages.groonga.org that referenced this issue Dec 10, 2024
@otegami
release: add Rack application skeleton of webhook auto signer
e8a3a3b 
GitHub: groongaGH-43

In this PR, we set up a rack application skeleton of webhook auto
signer. At the following PRs, we will implement the logic.
kou pushed a commit that referenced this issue Dec 11, 2024
@otegami
release: add Rack application skeleton for automatic deployment (#45)
fd8bf4c 
GitHub: GH-43

In this PR, we set up a Rack application skeleton for automatic
deployment using webhook.
At the following PRs, we will implement the logic of automatic sign as
first steps.

### Call webhook

```console
$ cd ansible/files/home/deployer/webhook
$ gem install rackup
$ bundle install
$ rackup &
$ curl localhost:9292
127.0.0.1 - - [10/Dec/2024:16:33:28 +0900] "GET / HTTP/1.1" 200 - 0.0001
Hello deployer
```
otegami added a commit to otegami/packages.groonga.org that referenced this issue Dec 12, 2024
@otegami
release: authorize webhook request using webhook secret token
69632d9 
GitHub: groongaGH-43

In this PR, we set up the authorization flow for webhook requests.
At the following PRs, we will implement the logic of deoployments.
@otegami otegami mentioned this issue Dec 12, 2024
Merged
otegami added a commit to otegami/packages.groonga.org that referenced this issue Dec 12, 2024
@otegami
release: authorize webhook request using webhook secret token
ed50a10 
GitHub: groongaGH-43

In this PR, we set up the authorization flow for webhook requests.
At the following PRs, we will implement the logic of deployments.
kou pushed a commit that referenced this issue Dec 12, 2024
@otegami
release: authorize webhook request using webhook secret token (#46)
0c7cc5b 
GitHub: GH-43

In this PR, we set up the authorization flow for webhook requests.
At the following PRs, we will implement the logic of deployments.
otegami added a commit to otegami/groonga that referenced this issue Dec 13, 2024
@otegami
ci deploy: release add deploy workflow to notify successful package u…
008e404 
…pload

GitHub: groonga/packages.groonga.org#43

This PR introduces a new Deploy workflow that triggers upon the
completion of uploading packages.

The Deploy workflow is responsible for handling deployment flows in
near future.

At first step, we will trigger the webhook using this workflow to
sign packages and upload them. Please refer the issue in detail.
@otegami otegami mentioned this issue Dec 13, 2024
Merged
otegami added a commit to otegami/groonga that referenced this issue Dec 17, 2024
@otegami
ci deploy: release add deploy workflow to notify successful package u…
553705c 
…pload

GitHub: groonga/packages.groonga.org#43

This PR introduces a new release workflow. This release workflow
handdle the followings. We will implement it step by step.

- Create release page <- This PR is here.
- Upload the release artifacts to release page
otegami added a commit to otegami/groonga that referenced this issue Dec 17, 2024
@otegami
ci deploy: release add deploy workflow to notify successful package u…
9e9c9f0 
…pload

GitHub: groonga/packages.groonga.org#43

This PR introduces a new release workflow. This release workflow
handdle the followings. We will implement it step by step.

- Create release page <- This PR is here.
- Upload the release artifacts to release page
otegami added a commit to otegami/groonga that referenced this issue Dec 17, 2024
@otegami
ci deploy: release add deploy workflow to notify successful package u…
22d61d8 
…pload

GitHub: groonga/packages.groonga.org#43

This PR introduces a new release workflow. This release workflow
handdle the followings. We will implement it step by step.

- Create release page <- This PR is here.
- Upload the release artifacts to release page
otegami added a commit to otegami/groonga that referenced this issue Dec 17, 2024
@otegami
ci deploy: release add deploy workflow to notify successful package u…
31f5352 
…pload

GitHub: groonga/packages.groonga.org#43

This PR introduces a new release workflow. This release workflow
handdle the followings. We will implement it step by step.

- Create release page <- This PR is here.
- Upload the release artifacts to release page
abetomo pushed a commit to groonga/groonga that referenced this issue Dec 17, 2024
@otegami
ci release: create release page after uploading docuemnts or packages (
06860d8 
…#2156)

GitHub: groonga/packages.groonga.org#43

This PR introduces a part of new release workflow.
This release workflow handles the followings. We will implement it step
by step.

- Create release page. <- This PR is here.
- Download the uploaded artifacts.
- Upload the release artifacts to release page.
otegami added a commit to otegami/groonga that referenced this issue Dec 18, 2024
@otegami
ci release: upload release source, packages, or documents
9cc339d 
GitHub: groonga/packages.groonga.org#43

This PR introduces a part of new release workflow.
This release workflow handles the followings.

- Download the uploaded artifacts.
- Upload the release artifacts to release page.
otegami added a commit to otegami/groonga that referenced this issue Dec 18, 2024
@otegami
ci release: upload release source, packages, or documents
2375ed1 
GitHub: groonga/packages.groonga.org#43

This PR introduces a part of new release workflow.
This release workflow handles the followings.

- Download the uploaded artifacts.
- Upload the release artifacts to release page.
otegami added a commit to otegami/groonga that referenced this issue Dec 18, 2024
@otegami
ci release: upload release source, packages, or documents
66d87da 
GitHub: groonga/packages.groonga.org#43

This PR introduces a part of new release workflow.
This release workflow handles the followings.

- Download the uploaded artifacts.
- Upload the release artifacts to release page.
otegami added a commit to otegami/groonga that referenced this issue Dec 18, 2024
@otegami
ci release: upload release source, packages, or documents
54c6c0e 
GitHub: groonga/packages.groonga.org#43

This PR introduces a part of new release workflow.
This release workflow handles the followings.

- Download the uploaded artifacts.
- Upload the release artifacts to release page.
@otegami otegami mentioned this issue Dec 18, 2024
Merged
otegami added a commit to otegami/groonga that referenced this issue Dec 18, 2024
@otegami
ci release: upload release source, packages, or documents
0ae8aa3 
GitHub: groonga/packages.groonga.org#43

This PR introduces a part of new release workflow.
This release workflow handles the followings.

- Download the uploaded artifacts.
- Upload the release artifacts to release page.
otegami added a commit to otegami/packages.groonga.org that referenced this issue Dec 19, 2024
@otegami
release: trigger release processes when release workflow succeeded
e4f8727 
GitHub: groongaGH-43

In this PR, we set up how release flow is triggered from webhook
requests.
@otegami otegami mentioned this issue Dec 19, 2024
Merged
otegami added a commit to otegami/packages.groonga.org that referenced this issue Dec 19, 2024
@otegami
release: trigger release processes when release workflow succeeded
6929837 
GitHub: groongaGH-43

In this PR, we set up how release flow is triggered from webhook
requests.
abetomo added a commit to groonga/groonga that referenced this issue Dec 20, 2024
@otegami @abetomo
ci release: upload release source, packages, or documents (#2160)
dfb0c96 
GitHub: groonga/packages.groonga.org#43

This PR introduces a part of new release workflow. This release workflow
handles the followings.

- Download the uploaded artifacts.
- Upload the release artifacts to release page.

---------

Co-authored-by: Abe Tomoaki <[email protected]>
otegami added a commit to otegami/packages.groonga.org that referenced this issue Dec 23, 2024
@otegami
release: trigger release processes when release workflow succeeded
939b99e 
GitHub: groongaGH-43

In this PR, we set up how release flow is triggered from webhook
requests.
abetomo pushed a commit that referenced this issue Dec 23, 2024
@otegami @komainu8
release: trigger release processes when release workflow succeeded (#47)
491c627 
GitHub: GH-43

In this PR, we set up how release flow is triggered from webhook
requests.

---------

Co-authored-by: Horimoto Yasuhiro <[email protected]>
otegami added a commit to otegami/packages.groonga.org that referenced this issue Dec 23, 2024
@otegami
release: add a logger for release tasks
37275a0 
GitHub: groongaGH-43

In this PR, we add a logger for release tasks.
Our log will be output in `log/error.log`.
@otegami otegami mentioned this issue Dec 23, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@otegami