Skip to content

Merge pull request #476 from Unpackerr/dn2_zst #467

Merge pull request #476 from Unpackerr/dn2_zst

Merge pull request #476 from Unpackerr/dn2_zst #467

Workflow file for this run

name: build-and-release
on:
push:
branches:
- unstable
tags:
- v*
pull_request:
branches:
- main
permissions:
contents: read
jobs:
macapp-test:
# description: "Builds and signs a macOS app then packages it in a notarized DMG."
if: startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/unstable'
name: Make macOS DMG
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
with:
# we need the whole thing so we can count commits.
fetch-depth: '0'
- uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: go-generate
run: go generate ./...
- name: make-signdmg
env:
APPLE_SIGNING_KEY: ${{ secrets.APPLE_SIGNING_KEY }}
AC_USERNAME: ${{ secrets.AC_USERNAME }}
AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
AC_PROVIDER: ${{ secrets.AC_PROVIDER }}
id: release
run: |
brew install Bearer/tap/gon
make signdmg
- name: upload artifacts
uses: actions/upload-artifact@v4
with:
name: dmg-release
path: release
release-test:
# description: "Builds all the application client binaries and packages for a release."
if: startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/unstable' || github.ref == 'refs/heads/main'
outputs:
version: ${{ steps.release.outputs.version }}
name: Make Release Assets
runs-on: ubuntu-latest
env:
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
steps:
- uses: actions/checkout@v4
with:
# we need the whole thing so we can count commits.
fetch-depth: '0'
- uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: make-release
id: release
run: |
sudo apt install -y rpm fakeroot zip debsigs gnupg jq libarchive-tools
sudo gem install --no-document fpm
echo "${GPG_SIGNING_KEY}" | gpg --import -
make release
source settings.sh ; echo "version=${VERSION}-${ITERATION}" >> $GITHUB_OUTPUT
- name: upload artifacts
uses: actions/upload-artifact@v4
with:
name: release
path: release
deploy-unstable-unstable:
# description: "Uploads pre-built binaries to unstable.golift.io."
if: startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/unstable'
strategy:
matrix:
files: [release, dmg-release]
needs:
- release-test
- macapp-test
name: Deploy Unstable.app
runs-on: ubuntu-latest
steps:
- name: "Download files: ${{ matrix.files }}"
uses: actions/download-artifact@v4
with:
name: ${{ matrix.files }}
- name: Upload files to unstable.golift.io
run: >-
for file in *.{zip,dmg,gz}; do
[ -f "$file" ] || continue;
echo "Uploading: ${file}";
curl -sSH "X-API-KEY: ${{ secrets.UNSTABLE_UPLOAD_KEY }}" "https://unstable.golift.io/upload.php?folder=unpackerr" -F "file=@${file}";
versionfile="${{needs.release-test.outputs.version}};filename=${file}.txt;type=text/plain";
curl -sSH "X-API-KEY: ${{ secrets.UNSTABLE_UPLOAD_KEY }}" "https://unstable.golift.io/upload.php?folder=unpackerr" -F "file=${versionfile}";
done
deploy-unstable-packagecloud:
# description: "Uploads pre-built RPM and DEB packages to packagecloud.io/golift"
if: github.ref == 'refs/heads/unstable'
needs: release-test
name: Deploy Unstable PackageCloud
runs-on: ubuntu-latest
steps:
- name: Download release files
uses: actions/download-artifact@v4
with:
name: release
- uses: golift/upload-packagecloud@v1
with:
userrepo: golift/unstable
apitoken: ${{ secrets.PACKAGECLOUD_TOKEN }}
packages: .
rpmdists: el/6
debdists: ubuntu/focal
deploy-packagecloud:
# description: "Uploads pre-built RPM and DEB packages to packagecloud.io/golift"
if: startsWith(github.ref, 'refs/tags/v')
needs: release-test
name: Deploy Release PackageCloud
runs-on: ubuntu-latest
steps:
- name: Download release files
uses: actions/download-artifact@v4
with:
name: release
- uses: golift/upload-packagecloud@v1
with:
userrepo: golift/pkgs
apitoken: ${{ secrets.PACKAGECLOUD_TOKEN }}
packages: .
rpmdists: el/6
debdists: ubuntu/focal
deploy-github-release:
# description: uploads all the built release assets to the GitHub Release.
if: startsWith(github.ref, 'refs/tags/v')
permissions:
contents: write
needs: [release-test, macapp-test]
strategy:
matrix:
files: [release, dmg-release]
name: Deploy GitHub Release
runs-on: ubuntu-latest
steps:
- name: Download ${{ matrix.files }} Files
uses: actions/download-artifact@v4
with:
name: ${{ matrix.files }}
- name: Publish ${{ matrix.files }} artifacts to github
uses: softprops/action-gh-release@v2
with:
files: |
*.rpm
*.deb
*.txz
*.zip
*.dmg
*.gz
*.txt
*.zst
archlinux-aur:
# description: creates and uploads and aur file to the golift/aur repo for arch linux.
needs: deploy-github-release
name: Deploy ArchLinux AUR
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: '0'
- name: Deploy Arch AUR
run: bash init/archlinux/aur-deploy.sh
env:
DEPLOY_KEY: ${{ secrets.AUR_DEPLOY_KEY }}
docker-ghcr-build-push:
if: startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/unstable'
name: Deploy GHCR Container
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: 'arm64'
# Workaround: https://github.com/docker/build-push-action/issues/461
- name: Setup Docker buildx
uses: docker/setup-buildx-action@v3
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ghcr.io
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
type=semver,pattern=v{{version}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=ref,enable=true,event=branch
- name: Set docker build-args
run: >-
git fetch --force --tags;
source ./settings.sh;
for item in DATE COMMIT VERSION ITERATION BRANCH LICENSE DESC VENDOR MAINT SOURCE_URL; do
eval echo "settings.sh build-arg: ${item}=\$${item}";
eval echo "${item}=\$${item}" >> $GITHUB_ENV;
done
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v6
with:
platforms: |-
linux/amd64
linux/arm64
context: .
file: init/docker/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
BUILD_DATE=${{ env.DATE }}
COMMIT=${{ env.COMMIT }}
VERSION=${{ env.VERSION }}
ITERATION=${{ env.ITERATION }}
BRANCH=${{ env.BRANCH }}
LICENSE=${{ env.LICENSE }}
DESC=${{ env.DESC }}
VENDOR=${{ env.VENDOR }}
AUTHOR=${{ env.MAINT }}
SOURCE_URL=${{ env.SOURCE_URL }}