-
-
Notifications
You must be signed in to change notification settings - Fork 348
182 lines (173 loc) · 6.13 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
name: Create Release Assets
on:
release:
types:
- created
env:
AWS_S3_BUCKET: ksp-ckan
jobs:
sign-assets:
uses: ./.github/workflows/sign.yml
secrets: inherit
upload-nuget:
runs-on: ubuntu-latest
needs:
- sign-assets
steps:
- name: Download signed artifact
uses: actions/download-artifact@v4
with:
name: signed
path: _build/signed
- name: Publish ckan.dll to NuGet
env:
NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
if: env.NUGET_API_KEY
run: |
curl -o nuget.exe -L 'https://dist.nuget.org/win-x86-commandline/v5.6.0/nuget.exe'
mono nuget.exe push _build/signed/*.nupkg ${{ secrets.NUGET_API_KEY }} -Source https://api.nuget.org/v3/index.json -SkipDuplicate
build-dmg:
runs-on: ubuntu-latest
needs:
- sign-assets
steps:
- uses: actions/checkout@v4
- name: Install OSX build dependencies
run: sudo apt-get install -y libplist-utils xorriso
- name: Download repack artifact
uses: actions/download-artifact@v4
with:
name: Release-repack-unsigned
path: _build/repack/
- name: Build dmg
run: ./build osx --configuration=Release --exclusive
- name: Upload OSX release asset
run: gh release upload ${{ github.event.release.tag_name }} _build/osx/CKAN.dmg
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build-deb:
runs-on: ubuntu-latest
needs:
- sign-assets
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- uses: actions/checkout@v4
- name: Download signed artifact
uses: actions/download-artifact@v4
with:
name: signed
path: _build/signed
- name: Put signed ckan.exe into repack path
run: |
mkdir -p _build/repack/Release
cp _build/signed/ckan.exe _build/repack/Release
- name: Set deb version
run: |
VERSION=$(echo "${{ github.event.release.tag_name }}" | tr -d "v")
echo "DEB_VERSION=${VERSION}.$(date +'%g%j')" >> $GITHUB_ENV
- name: Build deb
env:
CODENAME: stable
run: ./build deb --configuration=Release --exclusive
- name: Import GPG key
env:
DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }}
run: |
echo "$DEBIAN_PRIVATE_KEY" | base64 --decode | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
if: ${{ env.DEBIAN_PRIVATE_KEY }}
- name: Sign deb release
env:
CODENAME: stable
DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }}
run: ./build deb-sign --configuration=Release --exclusive
if: ${{ env.DEBIAN_PRIVATE_KEY }}
- name: Push deb to S3
run: aws s3 sync _build/deb/apt-repo-root s3://${AWS_S3_BUCKET}/deb --follow-symlinks
- name: Push stable APT repo to S3
run: aws s3 sync _build/deb/apt-repo-dist s3://${AWS_S3_BUCKET}/deb/dists/stable --follow-symlinks
- name: Upload deb release asset
run: gh release upload ${{ github.event.release.tag_name }} _build/deb/ckan_${DEB_VERSION}_all.deb
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build-rpm:
runs-on: ubuntu-latest
needs:
- sign-assets
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- uses: actions/checkout@v4
- name: Install rpm build dependencies
run: sudo apt-get install -y createrepo-c
- name: Download signed artifact
uses: actions/download-artifact@v4
with:
name: signed
path: _build/signed
- name: Put signed ckan.exe into repack path
run: |
mkdir -p _build/repack/Release
cp _build/signed/ckan.exe _build/repack/Release
- name: Set rpm version
run: |
VERSION=$(echo "${{ github.event.release.tag_name }}" | tr -d v)
echo "RPM_VERSION=${VERSION}.$(date +'%g%j')" >> $GITHUB_ENV
- name: Build rpm
run: ./build rpm --configuration=Release --exclusive
- name: Import GPG key
env:
DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }}
run: |
echo "$DEBIAN_PRIVATE_KEY" | base64 --decode | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
- name: Build stable RPM repo
env:
CODENAME: stable
DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }}
run: ./build rpm-repo --configuration=Release --exclusive
if: ${{ env.DEBIAN_PRIVATE_KEY }}
- name: Push stable RPM repo to S3
run: aws s3 sync _build/rpm/repo s3://${AWS_S3_BUCKET}/rpm/stable --follow-symlinks
- name: Upload RPM release asset
run: gh release upload ${{ github.event.release.tag_name }} _build/rpm/RPMS/noarch/ckan-${RPM_VERSION}-1.noarch.rpm
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
upload-binaries:
runs-on: ubuntu-latest
needs:
- sign-assets
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: actions/checkout@v4
- name: Download signed artifact
uses: actions/download-artifact@v4
with:
name: signed
path: _build/signed
- name: Upload ckan.exe and AutoUpdater.exe release assets
run: gh release upload ${{ github.event.release.tag_name }} _build/signed/ckan.exe _build/signed/AutoUpdater.exe
notify-discord:
needs:
- sign-assets
- build-dmg
- build-deb
- build-rpm
- upload-binaries
- upload-nuget
if: always()
uses: ./.github/workflows/notify.yml
with:
name: ${{ github.workflow }}
success: ${{ !contains(needs.*.result, 'failure') }}
secrets: inherit