Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix workflows #240

Merged
merged 8 commits into from
Jun 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 2 additions & 34 deletions .github/workflows/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,32 +41,6 @@ jobs:
outputs:
VERSION: ${{ env.VERSION }}
VERSION_SUFFIX: ${{ env.VERSION_SUFFIX }}
build-html:
name: build html
runs-on: ubuntu-22.04
needs: [extract-version]
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Use node 18
uses: actions/setup-node@v4
with:
node-version: 18
cache: 'yarn'
- name: Install dependencies
env:
NODE_ENV: development
run: |
yarn
- name: Build Siren
env:
NODE_ENV: production
run: yarn build
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: html
path: build/

build-docker-single-arch:
name: build-docker-${{ matrix.binary }}
Expand All @@ -75,7 +49,7 @@ jobs:
matrix:
binary: [aarch64, x86_64]

needs: [extract-version, build-html]
needs: [extract-version]
env:
# We need to enable experimental docker features in order to use `docker buildx`
DOCKER_CLI_EXPERIMENTAL: enabled
Expand All @@ -93,18 +67,12 @@ jobs:
- name: Map x86_64 to amd64 short arch
if: startsWith(matrix.binary, 'x86_64')
run: echo "SHORT_ARCH=amd64" >> $GITHUB_ENV;
- name: Download artifacts
uses: actions/download-artifact@v3
with:
name: html
path: html/
- name: Build Dockerfile and push
run: |
docker buildx build \
--platform=linux/${SHORT_ARCH} \
--file ./Dockerfile.release . \
--file ./Dockerfile . \
--tag ${IMAGE_NAME}:${VERSION}-${SHORT_ARCH}${VERSION_SUFFIX} \
--provenance=false \
--push

build-docker-multiarch:
Expand Down
143 changes: 7 additions & 136 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,9 @@ on:

env:
REPO_NAME: ${{ github.repository_owner }}/siren
IMAGE_NAME: sigmaprime/siren
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/siren

jobs:
extract-version:
Expand All @@ -22,118 +24,10 @@ jobs:
id: extract_version
outputs:
VERSION: ${{ steps.extract_version.outputs.VERSION }}
build:
name: Build Release
strategy:
matrix:
arch: [
aarch64-unknown-linux-gnu,
x86_64-unknown-linux-gnu,
# Requires apple signature secrets
# x86_64-apple-darwin,
x86_64-windows,
]
include:
- arch: aarch64-unknown-linux-gnu
platform: ubuntu-latest
- arch: x86_64-unknown-linux-gnu
platform: ubuntu-latest
# Requires apple signature secrets
#- arch: x86_64-apple-darwin
# platform: macos-latest
- arch: x86_64-windows
platform: windows-2019

runs-on: ${{ matrix.platform }}
needs: extract-version
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Use node 18
uses: actions/setup-node@v4
with:
node-version: 18
- name: Configure Yarn Timeout
run: yarn config set network-timeout 300000

# ==============================
# Windows & Mac dependencies
# ==============================

# ==============================
# Builds
# ==============================
- name: Build Siren
run: make release

- name: Move unsigned packages (*nix)
if: startsWith(matrix.arch, 'x86_64-windows') != true
run: |
mv out/make/zip/*/*/*.zip ./siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip

- name: Move unsigned packages (windows)
if: startsWith(matrix.arch, 'x86_64-windows')
run: |
move out/make/zip/*/*/*.zip ./siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip

# =======================================================================
# Upload artifacts
# This is required to share artifacts between different jobs
# =======================================================================

- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip
path: ./siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip

sign:
name: Sign Release
runs-on: ubuntu-latest
needs: [extract-version, build]
strategy:
matrix:
arch: [
aarch64-unknown-linux-gnu,
x86_64-unknown-linux-gnu,
# Requires apple signature secrets
# x86_64-apple-darwin,
x86_64-windows,
]
steps:
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip

- name: Move artifacts
run: |
mkdir artifacts
#find siren-*/ -type f -name "*.zip" -exec mv {} artifacts/ \;
mv siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip artifacts/
ls -hal artifacts
- name: Configure GPG and create artifacts
env:
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
export GPG_TTY=$(tty)
echo "$GPG_SIGNING_KEY" | gpg --batch --import
#for file in $(ls artifacts); do
# echo "$GPG_PASSPHRASE" | gpg --passphrase-fd 0 --pinentry-mode loopback --batch -ab artifacts/$file ;
#done
echo "$GPG_PASSPHRASE" | gpg --passphrase-fd 0 --pinentry-mode loopback --batch -ab artifacts/siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip
ls -hal artifacts

- name: Upload signature (${{ matrix.arch }})
uses: actions/upload-artifact@v3
with:
name: siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip.asc
path: ./siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip.asc

draft-release:
name: Draft Release
needs: [build, extract-version]
needs: [extract-version]
runs-on: ubuntu-latest
env:
VERSION: ${{ needs.extract-version.outputs.VERSION }}
Expand All @@ -144,13 +38,6 @@ jobs:
with:
fetch-depth: 0

# ==============================
# Download artifacts
# ==============================

- name: Download artifacts
uses: actions/download-artifact@v3

# ==============================
# Create release draft
# ==============================
Expand Down Expand Up @@ -195,26 +82,10 @@ jobs:

${{ steps.changelog.outputs.CHANGELOG }}

## Binaries

[See pre-built binaries documentation.](https://lighthouse-book.sigmaprime.io/installation-binaries.html)

The binaries are signed with Sigma Prime's PGP key: `15E66D941F697E28F49381F426416DC3F30674B0`
## Docker Hub
https://hub.docker.com/r/${{ env.DOCKER_USERNAME }}/siren/tags?name=${{ env.VERSION }}

| System | Architecture | Binary | PGP Signature |
|:---:|:---:|:---:|:---|
| <img src="https://simpleicons.org/icons/apple.svg" style="width: 32px;"/> | x86_64 | [siren-${{ env.VERSION }}-x86_64-apple-darwin.zip](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-apple-darwin.zip) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-apple-darwin.zip.asc) |
| <img src="https://simpleicons.org/icons/linux.svg" style="width: 32px;"/> | x86_64 | [siren-${{ env.VERSION }}-x86_64-unknown-linux-gnu.zip](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-unknown-linux-gnu.zip) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-unknown-linux-gnu.zip.asc) |
| <img src="https://simpleicons.org/icons/raspberrypi.svg" style="width: 32px;"/> | aarch64 | [siren-${{ env.VERSION }}-aarch64-unknown-linux-gnu.zip](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-aarch64-unknown-linux-gnu.zip) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-aarch64-unknown-linux-gnu.zip.asc) |
| <img src="https://simpleicons.org/icons/windows.svg" style="width: 32px;"/> | x86_64 | [siren-${{ env.VERSION }}-x86_64-windows.zip](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-windows.zip) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-windows.zip.asc) |
| | | | |
| **System** | **Option** | - | **Resource** |
| <img src="https://simpleicons.org/icons/docker.svg" style="width: 32px;"/> | Docker | [${{ env.VERSION }}](https://hub.docker.com/r/${{ env.IMAGE_NAME }}/tags?page=1&ordering=last_updated&name=${{ env.VERSION }}) | [${{ env.IMAGE_NAME }}](https://hub.docker.com/r/${{ env.IMAGE_NAME }}) |
ENDBODY
)
assets=()
for asset in ./siren-*.zip*; do
assets+=("-a" "$asset/$asset")
done
tag_name="${{ env.VERSION }}"
echo "$body" | hub release create --draft "${assets[@]}" -F "-" "$tag_name"
echo "$body" | gh release create --draft -F "-" "$tag_name"