-
Notifications
You must be signed in to change notification settings - Fork 378
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' of https://github.com/srvrco/getssl
# Conflicts: # getssl - fix for -preferred-chain differed Signed-off-by: Timothe Litt <[email protected]>
- Loading branch information
Showing
150 changed files
with
4,881 additions
and
1,077 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,127 @@ | ||
| # ========================== | ||
| # Can test locally using act (https://github.com/nektos/act) | ||
| # ========================== | ||
| # ./bin/act -s GITHUB_TOKEN=<fine-grained-token> --directory runner --workflows "../.github/workflows/" -e ../payloads.json --no-skip-checkout -j deploy | ||
| # | ||
| # where payloads.json is: | ||
| # { | ||
| # "inputs": { | ||
| # "tags": "2.47" | ||
| # } | ||
| # } | ||
| # | ||
| # ========================== | ||
| # Can debug remotely on github actions instance by uncommenting the 'tmate' section below | ||
| # ========================== | ||
|
|
||
|
|
||
| name: Deploy getssl | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| tags: | ||
| description: 'Tag to deploy, e.g. 2.47' | ||
| required: true | ||
| type: string | ||
|
|
||
| jobs: | ||
| deploy: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: prepare | ||
| # Keep the outputs persistent outside the docker container to use for the other steps | ||
| run: | | ||
| mkdir -p ${{ github.workspace }}/bin | ||
| mkdir -p ${{ github.workspace }}/debbuild/BUILD | ||
| mkdir -p ${{ github.workspace }}/debbuild/DEBS/all | ||
| mkdir -p ${{ github.workspace }}/debbuild/SDEBS | ||
| mkdir -p ${{ github.workspace }}/debbuild/SOURCES | ||
| mkdir -p ${{ github.workspace }}/debbuild/SPECS | ||
| mkdir -p ${{ github.workspace }}/rpmbuild/SOURCES | ||
| mkdir -p ${{ github.workspace }}/rpmbuild/RPMS/noarch | ||
| mkdir -p ${{ github.workspace }}/rpmbuild/RPMS/SRPMS | ||
| - name: Checkout | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| path: source | ||
|
|
||
| - name: Get version number | ||
| id: get_version | ||
| run: | | ||
| echo "VERSION=$(bash ${{ github.workspace }}/source/getssl --version)" >> $GITHUB_OUTPUT | ||
| - name: Get release | ||
| id: get_release | ||
| run: | | ||
| echo "RELEASE=$(grep Release source/getssl.spec | awk '{ print $2 }')" >> $GITHUB_OUTPUT | ||
| - name: Check version matches tag | ||
| run: | | ||
| if [ "${{ steps.get_version.outputs.VERSION }}" != "getssl V${{ github.event.inputs.tags }}" ]; then | ||
| echo "Version number in getssl (${{ steps.get_version.outputs.VERSION }}) does not match tag (getssl V${{ github.event.inputs.tags }})" | ||
| exit 1 | ||
| fi | ||
| - name: build .deb package | ||
| id: build_deb | ||
| run: | | ||
| sudo apt-get update -qq | ||
| sudo apt-get install --no-install-recommends -qq -y build-essential devscripts debhelper pax liblocale-gettext-perl wget | ||
| wget https://github.com/debbuild/debbuild/releases/download/22.02.1/debbuild_22.02.1-0ubuntu20.04_all.deb | ||
| sudo dpkg --install debbuild_22.02.1-0ubuntu20.04_all.deb | ||
| # Line 1959 has an extra ")" bracket | ||
| sudo chmod +w /usr/bin/debbuild | ||
| sudo patch /usr/bin/debbuild < ${GITHUB_WORKSPACE}/source/debbuild.patch | ||
| tar --absolute-names -czf ${GITHUB_WORKSPACE}/getssl-${{ github.event.inputs.tags }}.tar.gz ${GITHUB_WORKSPACE}/source/* --transform "s,${GITHUB_WORKSPACE}/source,getssl-${{ github.event.inputs.tags }}," | ||
| tar --absolute-names -cf ${GITHUB_WORKSPACE}/debbuild/SDEBS/getssl-${{ github.event.inputs.tags }}.sdeb ${GITHUB_WORKSPACE}/getssl-${{ github.event.inputs.tags }}.tar.gz --transform "s,${GITHUB_WORKSPACE},SOURCES," | ||
| tar --append -f ${GITHUB_WORKSPACE}/debbuild/SDEBS/getssl-${{ github.event.inputs.tags }}.sdeb -C ${GITHUB_WORKSPACE}/source getssl.crontab getssl.logrotate --transform 's,^,SOURCES/,' | ||
| tar --append -f ${GITHUB_WORKSPACE}/debbuild/SDEBS/getssl-${{ github.event.inputs.tags }}.sdeb -C ${GITHUB_WORKSPACE}/source getssl.spec --transform 's,^,SPECS/,' | ||
| ln -s ${GITHUB_WORKSPACE}/debbuild ${HOME}/debbuild | ||
| /usr/bin/debbuild -vv --install ${GITHUB_WORKSPACE}/debbuild/SDEBS/getssl-${{ github.event.inputs.tags }}.sdeb | ||
| /usr/bin/debbuild -vv -ba ${GITHUB_WORKSPACE}/debbuild/SPECS/getssl.spec | ||
| echo "getssl_deb=${GITHUB_WORKSPACE}/debbuild/DEBS/all/getssl_${{ github.event.inputs.tags }}-${{ steps.get_release.outputs.RELEASE }}_all.deb" >> $GITHUB_OUTPUT | ||
| # *** Uncomment this to debug remotely *** | ||
| # - name: Setup tmate session | ||
| # if: ${{ failure() }} | ||
| # uses: mxschmitt/action-tmate@v3 | ||
|
|
||
| - name: build .rpm package | ||
| id: build_rpm | ||
| if: ${{ success() }} | ||
| uses: addnab/docker-run-action@v3 | ||
| with: | ||
| image: rockylinux:8 | ||
| options: -v ${{ github.workspace }}:/root -e GITHUB_REF=${{ github.ref }} | ||
| run: | | ||
| yum install -y rpm-build make | ||
| tar -czf /root/rpmbuild/SOURCES/getssl-${{ github.event.inputs.tags }}.tar.gz /root/source/* --transform "s/root\/source\//getssl-${{ github.event.inputs.tags }}\//" | ||
| cp /root/source/getssl.crontab /root/rpmbuild/SOURCES | ||
| cp /root/source/getssl.logrotate /root/rpmbuild/SOURCES | ||
| rpmbuild -ba /root/source/getssl.spec | ||
| - name: output .rpm packages | ||
| id: output_rpm | ||
| if: ${{ success() }} | ||
| run: | | ||
| echo "getssl_rpm=${GITHUB_WORKSPACE}/rpmbuild/RPMS/noarch/getssl-${{ github.event.inputs.tags }}-${{ steps.get_release.outputs.RELEASE }}.noarch.rpm" >> $GITHUB_OUTPUT | ||
| echo "getssl_srpm=${GITHUB_WORKSPACE}/rpmbuild/SRPMS/getssl-${{ github.event.inputs.tags }}-${{ steps.get_release.outputs.RELEASE }}.src.rpm" >> $GITHUB_OUTPUT | ||
| - name: create_release | ||
| id: create_release | ||
| if: ${{ success() }} | ||
| uses: ncipollo/release-action@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| tag: ${{ github.event.inputs.tags }} | ||
| name: Draft Release ${{ github.event.inputs.tags }} | ||
| generateReleaseNotes: true | ||
| draft: true | ||
| prerelease: false | ||
| artifacts: | | ||
| ${{ steps.build_deb.outputs.getssl_deb }} | ||
| ${{ steps.output_rpm.outputs.getssl_rpm }} | ||
| ${{ steps.output_rpm.outputs.getssl_srpm }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| name: Run tests against Staging server using acmedns | ||
| on: | ||
| push: | ||
| paths-ignore: | ||
| - '.github/workflows/*' | ||
| branches: | ||
| - master | ||
| pull_request: | ||
| paths-ignore: | ||
| - '.github/workflows/*' | ||
| branches: | ||
| - master | ||
| workflow_dispatch: | ||
|
|
||
|
|
||
| env: | ||
| DYNU_API_KEY: ${{ secrets.DYNU_API_KEY == '' && '65cXefd35XbYf36546eg5dYcZT6X52Y2' || secrets.DYNU_API_KEY }} | ||
|
|
||
| jobs: | ||
| test-ubuntu-acmedns: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - name: Build the docker-compose stack | ||
| run: docker-compose up -d --build | ||
| - name: Run test suite on Ubuntu against Staging using acmedns | ||
| run: test/run-test.sh ubuntu-acmedns |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -7,3 +7,6 @@ | |
| *.tar.gz | ||
| *.orig | ||
| JSON.sh | ||
| .vscode/settings.json | ||
| push.json | ||
| bin/ | ||
Oops, something went wrong.