diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml new file mode 100644 index 0000000..ced847c --- /dev/null +++ b/.github/actions/setup/action.yml @@ -0,0 +1,15 @@ +name: Setup +description: 'Installs node, driver dependencies, and builds source' + +runs: + using: composite + steps: + - uses: actions/setup-node@v4 + with: + node-version: 'lts/*' + cache: 'npm' + registry-url: 'https://registry.npmjs.org' + - run: npm install -g npm@latest + shell: bash + - run: npm clean-install + shell: bash diff --git a/.github/actions/sign_and_upload_package/action.yml b/.github/actions/sign_and_upload_package/action.yml new file mode 100644 index 0000000..1aad6cd --- /dev/null +++ b/.github/actions/sign_and_upload_package/action.yml @@ -0,0 +1,52 @@ +name: Sign and Upload Package +description: 'Signs native modules with garasign' + +inputs: + aws_role_arn: + description: 'AWS role input for drivers-github-tools/gpg-sign@v2' + required: true + aws_region_name: + description: 'AWS region name input for drivers-github-tools/gpg-sign@v2' + required: true + aws_secret_id: + description: 'AWS secret id input for drivers-github-tools/gpg-sign@v2' + required: true + npm_package_name: + description: 'The name for the npm package this repository represents' + required: true + +runs: + using: composite + steps: + - uses: actions/download-artifact@v4 + - name: Display structure of downloaded files + shell: bash + run: ls -R + + - name: Set up drivers-github-tools + uses: mongodb-labs/drivers-github-tools/setup@v2 + with: + aws_region_name: ${{ inputs.aws_region_name }} + aws_role_arn: ${{ inputs.aws_role_arn }} + aws_secret_id: ${{ inputs.aws_secret_id }} + + - name: Create detached signature + uses: mongodb-labs/drivers-github-tools/gpg-sign@v2 + with: + filenames: '*.tar.gz' + # env: + # RELEASE_ASSETS: ${{ steps.get_vars.outputs.package_file }}.temp.sig + + - name: Display structure of downloaded files + shell: bash + run: ls -R + + # - name: Name release asset correctly + # run: mv ${{ steps.get_vars.outputs.package_file }}.temp.sig ${{ steps.get_vars.outputs.package_file }}.sig + # shell: bash + + # - name: "Upload release artifacts" + # run: gh release upload v${{ steps.get_vars.outputs.package_version }} ${{ steps.get_vars.outputs.package_file }}.sig --clobber + # shell: bash + # env: + # GH_TOKEN: ${{ github.token }} \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1270be7..037af6b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -61,21 +61,39 @@ jobs: retention-days: 1 compression-level: 0 - collect: - needs: [host_builds, container_builds] - runs-on: ubunutu-latest - steps: - - uses: actions/download-artifact@v4 + # collect: + # needs: [host_builds, container_builds] + # runs-on: ubunutu-latest + # steps: + # - uses: actions/download-artifact@v4 - - name: Display structure of downloaded files - run: ls -R + # - name: Display structure of downloaded files + # run: ls -R - - id: upload - name: Upload all prebuilds - uses: actions/upload-artifact@v4 - with: - name: all-build - path: '*.tar.gz' - if-no-files-found: 'error' - retention-days: 1 - compression-level: 0 + # - id: upload + # name: Upload all prebuilds + # uses: actions/upload-artifact@v4 + # with: + # name: all-build + # path: '*.tar.gz' + # if-no-files-found: 'error' + # retention-days: 1 + # compression-level: 0 + + sign_and_upload: + needs: [host_builds, container_builds] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + # - name: actions/setup + # uses: ./.github/actions/setup + - name: actions/sign_and_upload_package + uses: ./.github/actions/sign_and_upload_package + with: + aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} + aws_region_name: 'us-east-1' + aws_secret_id: ${{ secrets.AWS_SECRET_ID }} + npm_package_name: 'mongodb' + # - run: npm publish --provenance + # env: + # NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} \ No newline at end of file