forgejo/.forgejo/workflows/publish-release.yml

61 lines
2 KiB
YAML
Raw Normal View History

[CI] Forgejo Actions based release process Refs: https://codeberg.org/forgejo/website/pulls/230 (cherry picked from commit 87d56bf6c73d726dae8aafbc7e147969f1899931) [CI] Forgejo Actions based release process (squash) base64 -w0 to avoid wrapping when the doer name is long as it creates a broken config.json (cherry picked from commit 9efdc27e49bdfb3e62401baf27b224385f9f3e5e) [CI] Forgejo Actions based release process (squash) generate .xz files and sources Generate .xz files Check .sha256 Generate the source tarbal (cherry picked from commit 7afec520c4b1032d7e67a05a41e4e2913bcd9312) [CI] Forgejo Actions based release process (squash) release notes (cherry picked from commit d8f4f4807b28297b318d2f555a76d0efef762cf7) [CI] Forgejo Actions based release process (squash) publish and sign release (cherry picked from commit a52778c74785fe57cdee3b64b4c6c8a326471532) (cherry picked from commit cf2ec6274094ac7aebda71d54c64581f528df00a) [CI] Forgejo Actions based release process (squash) version use Actions environment variables in Makefile (#25319) (#25318) uses Actions variable to determine the version. But Forgejo builds happen in a container where they are not available. Do not use them. Also verify the version of the binary is as expected for sanity check. (cherry picked from commit 6decf111a132a869f9e5c6f4d20e368b8f74309f) (cherry picked from commit 206d0b3886b2d56b585bf552e53d952b35f07284) [CI] read STORED_VERSION_FILE if available (cherry picked from commit af74085ebf51c91a51db865a66667fca511838d5) [CI] backward compatible executable compilation Add a new static-executable target to use in Dockerfiles and restore the $(EXECUTABLE) target to what it was before to for backward compatibility. The release process now builds static executables instead of dynamically linked ones which makes them more portable. It changes the requirements at compile time and is not backward compatible. In particular it may break packaging that rely on the target that currently creates a dynamically linked executable. (cherry picked from commit 84d02a174a4398b1f8ee62e08db5483a9859650f) (cherry picked from commit 854be47328cc0283119dfb78f9ba0b8306c85f75) [CI] Forgejo Actions based release process (squash) doc / ca / verbosity - Document workflow - Increase verbosity if VERBOSE=true - Download the Certificate Authority if behind the VPN (cherry picked from commit 168d5d586904835762d213b2b8815b458a38c78f) (cherry picked from commit 8756c9a72a40830441124256b7382f900a1052f8) (cherry picked from commit 2dad7ef20f3bf9ebe2425e2e28b66a4ca21c6786) [CI] Forgejo Actions based release process (squash) add assets sources-tarbal Refs: https://codeberg.org/forgejo/forgejo/issues/1115 (cherry picked from commit 5531d01f1981df665f5b8f642e9241e8ea4f4578) [CI] Forgejo Actions based release process (squash) add assets sources-tarbal bindata.go is a file, not a directory Refs: https://codeberg.org/forgejo/forgejo/issues/1115 (cherry picked from commit bd88a4477817be34ea86ebb2f460b9fe8ab5f1b7) (cherry picked from commit b408085138c578dfaacafbd4b7719ca926456855) [CI] Forgejo Actions based release process (squash) public/assets moved (cherry picked from commit d8c921d5a643ed05f2935348531996fe4d08c654) (cherry picked from commit f29e50b1a09b1a22fc2dbdb77e9a1def1196175b) [CI] Fix release notes link - Use substitution to replace all dots with dashes. - Resolves https://codeberg.org/forgejo/forgejo/issues/1163 (cherry picked from commit 96783728f53a072915cace392aa269adfe9a5c73) (cherry picked from commit c8d8bf8996beb650cd86cafb110e85e1e05917a0) [CI] pin go v1.20 for testing Refs: https://codeberg.org/forgejo/forgejo/issues/1228 (cherry picked from commit fd4b5a013ee0f31453b623d12001a8b810cd7ebc) (cherry picked from commit 00bb15f57f2ae5a11abc8b044ed99dc949e812a7) Conflicts: Dockerfile Dockerfile.rootless see https://codeberg.org/forgejo/forgejo/pulls/1303 (cherry picked from commit 6e2be54a6d95412ce770d4bab1a39c77591f44dc) (cherry picked from commit 346c418b4a8c0e1f8c9aace44b00373a4bf76732) (cherry picked from commit 49061f8422cb6aa9ddc14edb507f50477624eb7a) (cherry picked from commit 8229d59b7e1ba61959de6ecd95d9dd49bc2436dc) (cherry picked from commit 70d45d919309d8127551c8ad44538a730b795638) [CI] Forgejo Actions based release process (squash) need node 18 (cherry picked from commit 722b1f45902ecca3179a92700a2f5c1080422a04) (cherry picked from commit a91d786169fb4694aed4af68792437a0a67de3fa) [CI] Forgejo Actions based release process (squash) fix indentation (cherry picked from commit fbdf9d6abb88fd5def3d0ced488a4dd72655d433) (cherry picked from commit 2deff90a13397339796ac5a94d63b0d8cd9760a9) (cherry picked from commit 5710a27fda58093f0db1605585e730c314b933f5) [CI] Forgejo Actions based release process (squash) FQIN for docker Refs: https://codeberg.org/forgejo/forgejo/issues/1600 (cherry picked from commit f63d38deb6a9933ce996a61a099f4b79e9171581) [CI] Forgejo Actions based release process (squash) use forgejo-curl.sh (cherry picked from commit c0c3ef506fa500cb9626034c5e00913b3c31e08c) (cherry picked from commit 933ca7ec5dcab55c8593dee4a6cd13281502c41e) Conflicts: Dockerfile Dockerfile.rootless https://codeberg.org/forgejo/forgejo/pulls/1691 (cherry picked from commit 1068e48805de9d7464b41f32e1c5567d3747239a) [CI] Forgejo Actions based release process (squash) size optimization (cherry picked from commit 3c653ff7428dbf898a5131b5c817ce3b13ec0591) (cherry picked from commit 398567fc0cf9edd0be49541339800af985e8b1b6) (cherry picked from commit e585db9a970e7a84eaff06758a094a297ae6fc48)
2023-06-14 11:32:20 +00:00
# SPDX-License-Identifier: MIT
#
# See also https://forgejo.org/docs/next/developer/RELEASE/#release-process
#
# https://codeberg.org/forgejo-experimental/forgejo
#
# Copies a release from codeberg.org/forgejo-integration to codeberg.org/forgejo-experimental
#
# ROLE: forgejo-experimental
# FORGEJO: https://codeberg.org
# FROM_OWNER: forgejo-integration
# TO_OWNER: forgejo-experimental
# DOER: forgejo-experimental-ci
# TOKEN: <generated from codeberg.org/forgejo-experimental-ci>
#
# https://forgejo.octopuce.forgejo.org/forgejo/forgejo
#
# Copies & sign a release from codeberg.org/forgejo-integration to codeberg.org/forgejo
#
# ROLE: forgejo-release
# FORGEJO: https://codeberg.org
# FROM_OWNER: forgejo-integration
# TO_OWNER: forgejo
# DOER: release-team
# TOKEN: <generated from codeberg.org/release-team>
# GPG_PRIVATE_KEY: <XYZ>
# GPG_PASSPHRASE: <ABC>
#
name: Pubish release
on:
push:
tags: 'v*'
jobs:
publish:
runs-on: self-hosted
if: secrets.DOER != '' && secrets.FORGEJO != '' && secrets.TO_OWNER != '' && secrets.FROM_OWNER != '' && secrets.TOKEN != ''
steps:
- name: install the certificate authority
if: secrets.ROLE == 'forgejo-release'
run: |
apt-get install -qq -y wget
wget --no-check-certificate -O /usr/local/share/ca-certificates/enough.crt https://forgejo.octopuce.forgejo.org/forgejo/enough/raw/branch/main/certs/2023-05-13/ca.crt
update-ca-certificates --fresh
- uses: actions/checkout@v3
- name: copy & sign binaries and container images from one owner to another
uses: ./.forgejo/actions/publish-release
with:
forgejo: ${{ secrets.FORGEJO }}
from-owner: ${{ secrets.FROM_OWNER }}
to-owner: ${{ secrets.TO_OWNER }}
ref-name: ${{ github.ref_name }}
doer: ${{ secrets.DOER }}
token: ${{ secrets.TOKEN }}
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
verbose: ${{ secrets.VERBOSE }}