Skip to content
Build and Create Pre-Release

Build and publish asvec #99

Sign in to view logs

Build and publish asvec

Build and publish asvec #99

Workflow file for this run

.github/workflows/create-prerelease.yml at a082870
name: Build and Create Pre-Release
on:
workflow_dispatch:
inputs:
version:
description: 'If this is a release what version is this for? If this is a pre-release what version are you developing toward?'
required: true
type: string
preRelease:
description: 'Create Pre-release? -SNAPSHOT-{COMMIT} will be appended to the version above.'
required: false
type: boolean
deletePrevBuild:
description: 'Cleanup existing pre-releases?'
required: false
type: boolean
jobs:
build-and-release:
runs-on: macos-13
steps:
- name: "Git checkout"
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: "Install Homebrew"
run: /bin/bash -c "NONINTERACTIVE=1 $(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
- name: "Install Dependencies"
run: |
/usr/local/bin/brew install --overwrite [email protected] || echo "I1.1"
/usr/local/bin/brew link --overwrite [email protected] || echo "I1.2"
/usr/local/bin/brew install --overwrite dpkg zip make wget jq rpm || echo "I2"
/usr/local/bin/brew link --overwrite [email protected] || echo "I1.3"
/usr/local/bin/brew install [email protected] || echo "I1.4"
/usr/local/bin/brew install [email protected] || echo "I1.5"
for i in dpkg zip make wget jq rpm python3.11; do command -v $i || exit 1; done
echo "Dependencies checked"
- name: Get go version from go.mod
run: |
echo "GO_VERSION=$(grep '^go ' go.mod | cut -d " " -f 2)" >> $GITHUB_ENV
- uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: "Install Packages.pkg for making macos PKG files"
run: |
wget http://s.sudre.free.fr/Software/files/Packages.dmg
hdiutil attach -mountpoint /Volumes/Packages Packages.dmg
cd /Volumes/Packages
sudo installer -pkg Install\ Packages.pkg -target /
- name: Tag Before Building
if: inputs.version != ''
env:
TAG: ${{ inputs.version }}
SNAPSHOT: ${{ inputs.preRelease }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
echo "Tagging the repository with ${TAG}"
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions"
if [ "${SNAPSHOT}" = "true" ]; then
COMMIT=$(git rev-parse --short HEAD)
TAG="${TAG}-SNAPSHOT-${COMMIT}"
fi
# Ensure the tag does not already exist
if ! gh release view "${TAG}" > /dev/null 2>&1; then
git tag -a "${TAG}" -m "Release ${TAG}"
git push origin "${TAG}"
echo "Tag ${TAG} created and pushed successfully."
else
echo "Tag ${TAG} already exists."
fi
- name: "Compile"
env:
ADDCOMMIT: ${{ inputs.preRelease }}
run: |
buildcmd="build-prerelease"
[ "${ADDCOMMIT}" = "false" ] && buildcmd="build-official"
export PATH=$PATH:/usr/local/bin:/usr/local/go/bin
cd ~/work/asvec/asvec && make cleanall && make ${buildcmd}
- name: "Create linux packages"
env:
ADDCOMMIT: ${{ inputs.preRelease }}
run: |
buildcmd="build-prerelease"
[ "${ADDCOMMIT}" = "false" ] && buildcmd="build-official"
export PATH=$PATH:/usr/local/bin:/usr/local/go/bin
cd ~/work/asvec/asvec && make pkg-linux
- name: "Create windows zips"
env:
ADDCOMMIT: ${{ inputs.preRelease }}
run: |
buildcmd="build-prerelease"
[ "${ADDCOMMIT}" = "false" ] && buildcmd="build-official"
export PATH=$PATH:/usr/local/bin:/usr/local/go/bin
cd ~/work/asvec/asvec && make pkg-windows-zip
- name: "Print asvec version"
run: cd ~/work/asvec/asvec && ./bin/asvec-macos-amd64 --version
- name: "Prepare keychain for signing MacOS"
env:
keypw: ${{ secrets.APPLEUSERPW }}
INSTALLERP12: ${{ secrets.INSTALLERP12 }}
APPLICATIONP12: ${{ secrets.APPLICATIONP12 }}
run: |
set -e
security create-keychain -p mysecretpassword build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p mysecretpassword build.keychain
security set-keychain-settings build.keychain
security unlock-keychain -p mysecretpassword build.keychain
echo "$APPLICATIONP12" | base64 -d > app.p12
echo "$INSTALLERP12" | base64 -d > install.p12
security import app.p12 -k build.keychain -P $keypw -A
security import install.p12 -k build.keychain -P $keypw -A
security set-key-partition-list -S apple-tool:,apple: -s -k mysecretpassword build.keychain
- name: "Sign and build MacOS"
env:
xasvec_appleid: ${{ secrets.APPLEUSER }}
xasvec_applepw: ${{ secrets.APPLEAPPPW }}
xasvec_signer: ${{ secrets.APPLESIGNER }}
xasvec_installsigner: ${{ secrets.APPLEINSTALLSIGNER }}
xasvec_teamid: ${{ secrets.APPLETEAMID }}
run: |
set -e
export asvec_appleid="${xasvec_appleid}"
export asvec_applepw="${xasvec_applepw}"
export asvec_signer="${xasvec_signer}"
export asvec_installsigner="${xasvec_installsigner}"
export asvec_teamid="${xasvec_teamid}"
export PATH=$PATH:/usr/local/bin:/usr/local/go/bin && cd ~/work/asvec/asvec && make macos-build-all && make macos-notarize-all
- name: Store Artifact in Env Var
run: |
ARTIFACTS="asvec-linux-amd64-${VER}.deb asvec-linux-amd64-${RPM_VER}.rpm asvec-linux-amd64-${VER}.zip asvec-linux-arm64-${VER}.deb asvec-linux-arm64-${RPM_VER}.rpm asvec-linux-arm64-${VER}.zip asvec-macos-${VER}.pkg asvec-macos-amd64-${VER}.zip asvec-macos-arm64-${VER}.zip asvec-windows-amd64-${VER}.zip asvec-windows-arm64-${VER}.zip"
echo "ARTIFACTS=${ARTIFACTS}" >> $GITHUB_ENV
echo VER=$(cat ../../VERSION.md) >> $GITHUB_ENV
echo RPM_VER=$(echo ${VER} | sed 's/-/_/g') >> $GITHUB_ENV
RPM_ARTIFACTS=$(echo "${ARTIFACTS}" | tr ' ' '\n' | grep '\.rpm$' | tr '\n' ' ')
echo "RPM_ARTIFACTS=${RPM_ARTIFACTS}" >> $GITHUB_ENV
DEB_ARTIFACTS=$(echo "${ARTIFACTS}" | tr ' ' '\n' | grep '\.deb$' | tr '\n' ' ')
echo "DEB_ARTIFACTS=${DEB_ARTIFACTS}" >> $GITHUB_ENV
ZIP_ARTIFACTS=$(echo "${ARTIFACTS}" | tr ' ' '\n' | grep '\.zip$' | tr '\n' ' ')
echo "ZIP_ARTIFACTS=${ZIP_ARTIFACTS}" >> $GITHUB_ENV
PKG_ARTIFACTS=$(echo "${ARTIFACTS}" | tr ' ' '\n' | grep '\.pkg$' | tr '\n' ' ')
echo "PKG_ARTIFACTS=${PKG_ARTIFACTS}" >> $GITHUB_ENV
SHA256_FILES=$(for pkg in ${ARTIFACTS}; do echo "${pkg}.sha256"; done | tr '\n' ' ')
echo "SHA256_FILES=${SHA256_FILES}" >> $GITHUB_ENV
ASC_FILES=$(for pkg in ${ARTIFACTS}; do echo "${pkg}.asc"; done | tr '\n' ' ')
echo "ASC_FILES=${ASC_FILES}" >> $GITHUB_ENV
- name: Create Checksums
run: |
cd ~/work/asvec/asvec/bin/packages
for pkg in ${ARTIFACTS}; do
shasum -a 256 $pkg > ${pkg}.sha256
done
- name: Install GPG
run: sudo apt-get update && sudo apt-get install ca-certificates && sudo apt-get install gnupg -y
- name: setup GPG
uses: aerospike/shared-workflows/devops/setup-gpg@pvinh-gpg-sign-example
with:
gpg-private-key: ${{ secrets.GPG_SECRET_KEY }}
gpg-public-key: ${{ secrets.GPG_PUBLIC_KEY }}
gpg-key-pass: ${{ secrets.GPG_PASS }}
gpg-key-name: "aerospike-inc"
- name: GPG Sign All Files
env:
GPG_TTY: no-tty
GPG_PASSPHRASE: ${{ secrets.GPG_PASS }}
run: |
rpm --addsign ${RPM_ARTIFACTS}
rpm --checksig ${RPM_ARTIFACTS}
depkg-sig --sign builder ${DEB_ARTIFACTS}
depkg-sig --verify ${DEB_ARTIFACTS}
for file in ${ZIP_ARTIFACTS} ${PKG_ARTIFACTS}; do
gpg --detach-sign --no-tty --batch --yes --output "${file}.asc" --passphrase "$GPG_PASSPHRASE" "${file}"
gpg --verify "${file}.asc" "${file}"
done
- name: "Create a new pre-release"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -e
cd ~/work/asvec/asvec/bin/packages
TAG=${VER}
FULLCOMMIT=$(git rev-parse HEAD)
gh release create -R github.com/aerospike/asvec --notes-file ../../RELEASE.md --prerelease --target ${FULLCOMMIT} --title "Asvec - ${TAG}" ${TAG} ${ARTIFACTS} ${SHA256_FILES} ${ASC_FILES}
- name: "Delete previous pre-release"
env:
TAG: ${{ inputs.version }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DELPREV: ${{ inputs.deletePrevBuild }}
run: |
if [ "${DELPREV}" = "true" ]; then
set -e
gh release list -R github.com/aerospike/asvec -L 100 | grep Pre-release | awk -F'\t' '{print $3}' | while read -r line; do
if [ "$line" != "${TAG}" ]; then
if [[ "$line" == "${TAG}-SNAPSHOT-"* ]]; then
echo "Removing $line"
gh release delete "$line" -R github.com/aerospike/asvec --yes --cleanup-tag
fi
fi
done
fi