From 0b7256f978bfe21a68ea56517a6cb30c69018c6c Mon Sep 17 00:00:00 2001 From: antondlr Date: Mon, 24 Jun 2024 10:53:45 +0200 Subject: [PATCH] Fix workflows (#240) --- .github/workflows/docker.yml | 36 +-------- .github/workflows/release.yml | 143 ++-------------------------------- 2 files changed, 9 insertions(+), 170 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index b600fe2e..76eaab3f 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -41,32 +41,6 @@ jobs: outputs: VERSION: ${{ env.VERSION }} VERSION_SUFFIX: ${{ env.VERSION_SUFFIX }} - build-html: - name: build html - runs-on: ubuntu-22.04 - needs: [extract-version] - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - name: Use node 18 - uses: actions/setup-node@v4 - with: - node-version: 18 - cache: 'yarn' - - name: Install dependencies - env: - NODE_ENV: development - run: | - yarn - - name: Build Siren - env: - NODE_ENV: production - run: yarn build - - name: Upload artifact - uses: actions/upload-artifact@v3 - with: - name: html - path: build/ build-docker-single-arch: name: build-docker-${{ matrix.binary }} @@ -75,7 +49,7 @@ jobs: matrix: binary: [aarch64, x86_64] - needs: [extract-version, build-html] + needs: [extract-version] env: # We need to enable experimental docker features in order to use `docker buildx` DOCKER_CLI_EXPERIMENTAL: enabled @@ -93,18 +67,12 @@ jobs: - name: Map x86_64 to amd64 short arch if: startsWith(matrix.binary, 'x86_64') run: echo "SHORT_ARCH=amd64" >> $GITHUB_ENV; - - name: Download artifacts - uses: actions/download-artifact@v3 - with: - name: html - path: html/ - name: Build Dockerfile and push run: | docker buildx build \ --platform=linux/${SHORT_ARCH} \ - --file ./Dockerfile.release . \ + --file ./Dockerfile . \ --tag ${IMAGE_NAME}:${VERSION}-${SHORT_ARCH}${VERSION_SUFFIX} \ - --provenance=false \ --push build-docker-multiarch: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 278fc87a..a131f22f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,7 +7,9 @@ on: env: REPO_NAME: ${{ github.repository_owner }}/siren - IMAGE_NAME: sigmaprime/siren + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/siren jobs: extract-version: @@ -22,118 +24,10 @@ jobs: id: extract_version outputs: VERSION: ${{ steps.extract_version.outputs.VERSION }} - build: - name: Build Release - strategy: - matrix: - arch: [ - aarch64-unknown-linux-gnu, - x86_64-unknown-linux-gnu, - # Requires apple signature secrets - # x86_64-apple-darwin, - x86_64-windows, - ] - include: - - arch: aarch64-unknown-linux-gnu - platform: ubuntu-latest - - arch: x86_64-unknown-linux-gnu - platform: ubuntu-latest - # Requires apple signature secrets - #- arch: x86_64-apple-darwin - # platform: macos-latest - - arch: x86_64-windows - platform: windows-2019 - - runs-on: ${{ matrix.platform }} - needs: extract-version - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - name: Use node 18 - uses: actions/setup-node@v4 - with: - node-version: 18 - - name: Configure Yarn Timeout - run: yarn config set network-timeout 300000 - - # ============================== - # Windows & Mac dependencies - # ============================== - - # ============================== - # Builds - # ============================== - - name: Build Siren - run: make release - - - name: Move unsigned packages (*nix) - if: startsWith(matrix.arch, 'x86_64-windows') != true - run: | - mv out/make/zip/*/*/*.zip ./siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip - - - name: Move unsigned packages (windows) - if: startsWith(matrix.arch, 'x86_64-windows') - run: | - move out/make/zip/*/*/*.zip ./siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip - - # ======================================================================= - # Upload artifacts - # This is required to share artifacts between different jobs - # ======================================================================= - - - name: Upload artifact - uses: actions/upload-artifact@v3 - with: - name: siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip - path: ./siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip - - sign: - name: Sign Release - runs-on: ubuntu-latest - needs: [extract-version, build] - strategy: - matrix: - arch: [ - aarch64-unknown-linux-gnu, - x86_64-unknown-linux-gnu, - # Requires apple signature secrets - # x86_64-apple-darwin, - x86_64-windows, - ] - steps: - - name: Download artifact - uses: actions/download-artifact@v3 - with: - name: siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip - - - name: Move artifacts - run: | - mkdir artifacts - #find siren-*/ -type f -name "*.zip" -exec mv {} artifacts/ \; - mv siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip artifacts/ - ls -hal artifacts - - name: Configure GPG and create artifacts - env: - GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }} - GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} - run: | - export GPG_TTY=$(tty) - echo "$GPG_SIGNING_KEY" | gpg --batch --import - #for file in $(ls artifacts); do - # echo "$GPG_PASSPHRASE" | gpg --passphrase-fd 0 --pinentry-mode loopback --batch -ab artifacts/$file ; - #done - echo "$GPG_PASSPHRASE" | gpg --passphrase-fd 0 --pinentry-mode loopback --batch -ab artifacts/siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip - ls -hal artifacts - - - name: Upload signature (${{ matrix.arch }}) - uses: actions/upload-artifact@v3 - with: - name: siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip.asc - path: ./siren-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.zip.asc draft-release: name: Draft Release - needs: [build, extract-version] + needs: [extract-version] runs-on: ubuntu-latest env: VERSION: ${{ needs.extract-version.outputs.VERSION }} @@ -144,13 +38,6 @@ jobs: with: fetch-depth: 0 - # ============================== - # Download artifacts - # ============================== - - - name: Download artifacts - uses: actions/download-artifact@v3 - # ============================== # Create release draft # ============================== @@ -195,26 +82,10 @@ jobs: ${{ steps.changelog.outputs.CHANGELOG }} - ## Binaries - - [See pre-built binaries documentation.](https://lighthouse-book.sigmaprime.io/installation-binaries.html) - - The binaries are signed with Sigma Prime's PGP key: `15E66D941F697E28F49381F426416DC3F30674B0` + ## Docker Hub + https://hub.docker.com/r/${{ env.DOCKER_USERNAME }}/siren/tags?name=${{ env.VERSION }} - | System | Architecture | Binary | PGP Signature | - |:---:|:---:|:---:|:---| - | | x86_64 | [siren-${{ env.VERSION }}-x86_64-apple-darwin.zip](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-apple-darwin.zip) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-apple-darwin.zip.asc) | - | | x86_64 | [siren-${{ env.VERSION }}-x86_64-unknown-linux-gnu.zip](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-unknown-linux-gnu.zip) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-unknown-linux-gnu.zip.asc) | - | | aarch64 | [siren-${{ env.VERSION }}-aarch64-unknown-linux-gnu.zip](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-aarch64-unknown-linux-gnu.zip) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-aarch64-unknown-linux-gnu.zip.asc) | - | | x86_64 | [siren-${{ env.VERSION }}-x86_64-windows.zip](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-windows.zip) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/siren-${{ env.VERSION }}-x86_64-windows.zip.asc) | - | | | | | - | **System** | **Option** | - | **Resource** | - | | Docker | [${{ env.VERSION }}](https://hub.docker.com/r/${{ env.IMAGE_NAME }}/tags?page=1&ordering=last_updated&name=${{ env.VERSION }}) | [${{ env.IMAGE_NAME }}](https://hub.docker.com/r/${{ env.IMAGE_NAME }}) | ENDBODY ) - assets=() - for asset in ./siren-*.zip*; do - assets+=("-a" "$asset/$asset") - done tag_name="${{ env.VERSION }}" - echo "$body" | hub release create --draft "${assets[@]}" -F "-" "$tag_name" + echo "$body" | gh release create --draft -F "-" "$tag_name"