[CI] Forgejo Actions based release process (squash) generate .xz files and sources

Generate .xz files
Check .sha256
Generate the source tarbal
This commit is contained in:
Earl Warren 2023-06-16 07:44:19 +02:00
parent ff74da1cb6
commit 7afec520c4
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
4 changed files with 57 additions and 19 deletions

View file

@ -44,6 +44,10 @@ runs:
- run: echo "${{ github.action_path }}" >> $GITHUB_PATH - run: echo "${{ github.action_path }}" >> $GITHUB_PATH
shell: bash shell: bash
- name: Install dependencies
run: |
apt-get install -y -qq xz-utils
- name: set -x if verbose is required - name: set -x if verbose is required
id: verbose id: verbose
run: | run: |
@ -124,12 +128,15 @@ runs:
run: | run: |
${{ steps.verbose.outputs.shell }} ${{ steps.verbose.outputs.shell }}
mkdir -p release mkdir -p release
cd release
for platform in $(echo ${{ inputs.platforms }} | tr ',' ' '); do for platform in $(echo ${{ inputs.platforms }} | tr ',' ' '); do
arch=$(echo $platform | sed -e 's|linux/||g' -e 's|arm/v6|arm-6|g') arch=$(echo $platform | sed -e 's|linux/||g' -e 's|arm/v6|arm-6|g')
docker create --platform $platform --name forgejo-$arch ${{ steps.registry.outputs.host-port }}/${{ inputs.owner }}/${{ inputs.repository }}:${{ steps.build.outputs.tag }}${{ inputs.suffix }} docker create --platform $platform --name forgejo-$arch ${{ steps.registry.outputs.host-port }}/${{ inputs.owner }}/${{ inputs.repository }}:${{ steps.build.outputs.tag }}${{ inputs.suffix }}
binary="${{ inputs.binary-name }}-${{ steps.build.outputs.tag }}" binary="${{ inputs.binary-name }}-${{ steps.build.outputs.tag }}-linux"
docker cp forgejo-$arch:${{ inputs.binary-path }} release/$binary-$arch docker cp forgejo-$arch:${{ inputs.binary-path }} $binary-$arch
shasum -a 256 < release/$binary-$arch | cut -f1 -d ' ' > release/$binary-$arch.sha256 xz --keep -9 $binary-$arch
shasum -a 256 $binary-$arch > $binary-$arch.sha256
shasum -a 256 $binary-$arch.xz > $binary-$arch.xz.sha256
docker rm forgejo-$arch docker rm forgejo-$arch
done done

View file

@ -28,6 +28,7 @@ jobs:
run: | run: |
set -x set -x
version=1.2.3
cat > /etc/docker/daemon.json <<EOF cat > /etc/docker/daemon.json <<EOF
{ {
"insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"] "insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"]
@ -35,6 +36,8 @@ jobs:
EOF EOF
systemctl restart docker systemctl restart docker
apt-get install -qq -y xz-utils
dir=$(mktemp -d) dir=$(mktemp -d)
trap "rm -fr $dir" EXIT trap "rm -fr $dir" EXIT
@ -50,9 +53,11 @@ jobs:
cat > $dir/Dockerfile <<EOF cat > $dir/Dockerfile <<EOF
FROM docker.io/library/alpine:3.18 FROM docker.io/library/alpine:3.18
RUN mkdir -p /app/gitea RUN mkdir -p /app/gitea
RUN ( echo '#!/bin/sh' ; echo 'echo forgejo v1.2.3' ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea RUN ( echo '#!/bin/sh' ; echo "echo forgejo v$version" ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea
EOF EOF
cp $dir/Dockerfile $dir/Dockerfile.rootless cp $dir/Dockerfile $dir/Dockerfile.rootless
sources=forgejo-src-$version.tar.gz
( echo 'sources-tarbal:' ; echo -e '\tmkdir -p dist/release ; cd dist/release ; sources=forgejo-src-$(VERSION).tar.gz ; echo sources > $$sources ; shasum -a 256 $$sources > $$sources.sha256' ) > $dir/Makefile
forgejo-test-helper.sh push $dir $url root forgejo |& tee $dir/pushed forgejo-test-helper.sh push $dir $url root forgejo |& tee $dir/pushed
eval $(grep '^sha=' < $dir/pushed) eval $(grep '^sha=' < $dir/pushed)
@ -60,13 +65,13 @@ jobs:
# #
# Push a tag to trigger the release workflow and wait for it to complete # Push a tag to trigger the release workflow and wait for it to complete
# #
forgejo-test-helper.sh api POST $url repos/root/forgejo/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v1.2.3", "target": "'$sha'"}' forgejo-test-helper.sh api POST $url repos/root/forgejo/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}'
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
# #
# uncomment to see the logs even when everything is reported to be working ok # uncomment to see the logs even when everything is reported to be working ok
# #
cat $FORGEJO_RUNNER_LOGS #cat $FORGEJO_RUNNER_LOGS
# #
# Minimal sanity checks. e2e test is for the setup-forgejo # Minimal sanity checks. e2e test is for the setup-forgejo
@ -75,12 +80,23 @@ jobs:
# build, only the sanity of the naming of the binaries. # build, only the sanity of the naming of the binaries.
# #
for arch in amd64 arm64 arm-6 ; do for arch in amd64 arm64 arm-6 ; do
curl -L -sS $url/root/forgejo/releases/download/v1.2.3/forgejo-1.2.3-$arch > forgejo binary=forgejo-$version-linux-$arch
chmod +x forgejo for suffix in '' '.xz' ; do
./forgejo --version | grep 1.2.3 curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix
curl -L -sS $url/root/forgejo/releases/download/v1.2.3/forgejo-1.2.3-$arch.sha256 > forgejo.one if test "$suffix" = .xz ; then
shasum -a 256 < forgejo | cut -f1 -d ' ' > forgejo.two unxz --keep $binary$suffix
diff forgejo.one forgejo.two fi
chmod +x $binary
./$binary --version | grep $version
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256
shasum -a 256 --check $binary$suffix.sha256
rm $binary$suffix
done
done done
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:1.2.3
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:1.2.3-rootless curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256
shasum -a 256 --check $sources.sha256
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless

View file

@ -12,9 +12,9 @@ jobs:
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- id: verbose - name: Increase the verbosity when there are no secrets
id: verbose
run: | run: |
# if there are no secrets, be verbose
if test -z "${{ secrets.TOKEN }}"; then if test -z "${{ secrets.TOKEN }}"; then
value=true value=true
else else
@ -22,17 +22,17 @@ jobs:
fi fi
echo "value=$value" >> "$GITHUB_OUTPUT" echo "value=$value" >> "$GITHUB_OUTPUT"
- id: repository - name: Sanitize the name of the repository
id: repository
run: | run: |
set -x # comment out set -x # comment out
repository="${{ github.repository }}" repository="${{ github.repository }}"
echo "value=${repository##*/}" >> "$GITHUB_OUTPUT" echo "value=${repository##*/}" >> "$GITHUB_OUTPUT"
- name: when in a test environment, create a token - name: When in a test environment, create a token
id: token id: token
if: ${{ secrets.TOKEN == '' }} if: ${{ secrets.TOKEN == '' }}
run: | run: |
set -x # comment out
apt-get -qq install -y jq apt-get -qq install -y jq
url="${{ env.GITHUB_SERVER_URL }}" url="${{ env.GITHUB_SERVER_URL }}"
hostport=${url##http*://} hostport=${url##http*://}
@ -43,6 +43,19 @@ jobs:
token=$(curl -sS -X POST -H 'Content-Type: application/json' --data-raw '{"name": "release", "scopes": ["all"]}' $api | jq --raw-output .sha1) token=$(curl -sS -X POST -H 'Content-Type: application/json' --data-raw '{"name": "release", "scopes": ["all"]}' $api | jq --raw-output .sha1)
echo "value=${token}" >> "$GITHUB_OUTPUT" echo "value=${token}" >> "$GITHUB_OUTPUT"
- uses: https://code.forgejo.org/actions/setup-go@v4
with:
go-version: ">=1.20"
check-latest: true
- name: build sources
run: |
apt-get -qq install -y make
tag="${{ github.ref_name }}"
make VERSION=${tag##*v} sources-tarbal
mv dist/release release
find release | grep tar.gz # sanity check to fail fast
- name: build container & release (when TOKEN secret is not set) - name: build container & release (when TOKEN secret is not set)
if: ${{ secrets.TOKEN == '' }} if: ${{ secrets.TOKEN == '' }}
uses: ./.forgejo/actions/build-release uses: ./.forgejo/actions/build-release

View file

@ -821,6 +821,8 @@ $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
.PHONY: release .PHONY: release
release: frontend generate release-linux release-copy release-compress vendor release-sources release-check release: frontend generate release-linux release-copy release-compress vendor release-sources release-check
sources-tarbal: vendor release-sources release-check
$(DIST_DIRS): $(DIST_DIRS):
mkdir -p $(DIST_DIRS) mkdir -p $(DIST_DIRS)